Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(725)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 10905036: Pepper Flash Mac: Fix crash when playing video on MB retina (Closed)

Created:
8 years, 3 months ago by sail
Modified:
8 years, 3 months ago
CC:
chromium-reviews, joi+watch-content_chromium.org, darin-cc_chromium.org, jam
Visibility:
Public.

Description

Pepper Flash Mac: Fix crash when playing video on MB retina When playing video on Mac Book retina devices Chrome would crash. The problem was that we were using the page scale factor when drawing bitmaps from the plugin. Thus when drawing the bitmap we would dereference memory past the end of the bitmap buffer and crash. To fix this we now pass the plugin's scale factor instead of the page's scale factor. BUG=141541 TEST=Note, this crash only happens if accelerated compositing is disabled. This is most common on MB retina devices running 10.7 since the device is on the GPU black list. To test this I ran Chrome on a Mac Book retina on 10.8 with --disable-accelerated-compositing. I verified that without this patch Chrome crashes and with this patch the video plays fine. Also tested that everything works correctly on an external monitor with a 1x scale factor. Also, to reproduce this crash you also need this patch: https://chromiumcodereview.appspot.com/10879050 That patch got reverted due to this crash. Once the fix is checked in I'll reland that patch. Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=154593

Patch Set 1 #

Patch Set 2 : remove change to pepper_platform_image_2d_impl #

Patch Set 3 : add test #

Total comments: 2

Patch Set 4 : disable test on windows #

Unified diffs Side-by-side diffs Delta from patch set Stats (+56 lines, -21 lines) Patch
M content/browser/renderer_host/backing_store_mac.mm View 1 chunk +5 lines, -1 line 0 comments Download
M content/browser/renderer_host/render_widget_host_impl.cc View 1 chunk +2 lines, -2 lines 0 comments Download
M content/browser/renderer_host/render_widget_host_unittest.cc View 1 2 3 3 chunks +16 lines, -1 line 0 comments Download
M content/renderer/pepper/pepper_plugin_delegate_impl.h View 1 chunk +2 lines, -1 line 0 comments Download
M content/renderer/pepper/pepper_plugin_delegate_impl.cc View 1 chunk +3 lines, -2 lines 0 comments Download
M content/renderer/render_view_impl.h View 1 chunk +2 lines, -1 line 0 comments Download
M content/renderer/render_view_impl.cc View 1 chunk +3 lines, -2 lines 0 comments Download
M content/renderer/render_widget.h View 1 chunk +2 lines, -1 line 0 comments Download
M content/renderer/render_widget.cc View 4 chunks +9 lines, -3 lines 0 comments Download
M content/renderer/render_widget_fullscreen_pepper.h View 1 chunk +2 lines, -1 line 0 comments Download
M content/renderer/render_widget_fullscreen_pepper.cc View 1 chunk +5 lines, -4 lines 0 comments Download
M webkit/plugins/ppapi/ppapi_plugin_instance.h View 1 chunk +2 lines, -1 line 0 comments Download
M webkit/plugins/ppapi/ppapi_plugin_instance.cc View 2 chunks +3 lines, -1 line 0 comments Download

Messages

Total messages: 12 (0 generated)
sail
8 years, 3 months ago (2012-08-31 04:25:20 UTC) #1
Nico
test?
8 years, 3 months ago (2012-08-31 04:40:23 UTC) #2
sail
On 2012/08/31 04:40:23, Nico wrote: > test? Added a test to verify that invalid shared ...
8 years, 3 months ago (2012-08-31 18:20:17 UTC) #3
Nico
Thanks. I think this lgtm, but the question below makes me doubt I understand the ...
8 years, 3 months ago (2012-08-31 19:46:06 UTC) #4
sail
https://chromiumcodereview.appspot.com/10905036/diff/1026/content/browser/renderer_host/render_widget_host_impl.cc File content/browser/renderer_host/render_widget_host_impl.cc (right): https://chromiumcodereview.appspot.com/10905036/diff/1026/content/browser/renderer_host/render_widget_host_impl.cc#newcode1406 content/browser/renderer_host/render_widget_host_impl.cc:1406: if (dib->size() < size) { On 2012/08/31 19:46:07, Nico ...
8 years, 3 months ago (2012-08-31 19:53:52 UTC) #5
Nico
cool, lgtm
8 years, 3 months ago (2012-08-31 19:54:25 UTC) #6
sail
jamesr: contents/renderer/* OWNERS review brettw: webkit/plugins/ppapi/* OWNERS review
8 years, 3 months ago (2012-08-31 20:00:58 UTC) #7
jamesr
content/renderer/ and webkit/ lgtm
8 years, 3 months ago (2012-08-31 20:22:56 UTC) #8
brettw
webkit/ LGTM
8 years, 3 months ago (2012-08-31 21:04:45 UTC) #9
Scott Hess - ex-Googler
lgtm - thanks for figuring this all out!
8 years, 3 months ago (2012-08-31 21:49:50 UTC) #10
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/sail@chromium.org/10905036/6004
8 years, 3 months ago (2012-09-01 01:20:16 UTC) #11
commit-bot: I haz the power
8 years, 3 months ago (2012-09-01 03:37:22 UTC) #12 
Change committed as 154593

Powered by Google App Engine
This is Rietveld 408576698