Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(483)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 23891003: cc: Be robust against invalid RenderPassDrawQuads. (Closed)

Created:
7 years, 3 months ago by danakj
Modified:
7 years, 3 months ago
Reviewers:
piman
CC:
chromium-reviews, cc-bugs_chromium.org, jbauman
Visibility:
Public.

Description

cc: Be robust against invalid RenderPassDrawQuads. When the LayerTreeHostImpl drops RenderPasses from its output, it does not also drop the RenderPassDrawQuads that point to them. The direct renderers ignore these quads, so this has never been a problem. However the DelegatedRendererLayerImpl was not able to deal with this correctly and would crash. More problematic is that a compromised renderer could send invalid RenderPassDrawQuads, which the DelegatedRendererLayerImpl must be able to handle gracefully. So, for both cases, we here make the DelegatedRendererLayerImpl ignore invalid RenderPassDrawQuads, and just drop the from its own output. Tests: DelegatedRendererLayerImplTest.InvalidRenderPassDrawQuad R=piman BUG=283630 Committed: https://src.chromium.org/viewvc/chrome?view=rev&revision=221493

Patch Set 1 #

Total comments: 4

Patch Set 2 : missing-render-pass: nits #

Unified diffs Side-by-side diffs Delta from patch set Stats (+93 lines, -19 lines) Patch
M cc/layers/delegated_renderer_layer_impl.h View 1 1 chunk +5 lines, -2 lines 0 comments Download
M cc/layers/delegated_renderer_layer_impl.cc View 1 3 chunks +34 lines, -16 lines 0 comments Download
M cc/layers/delegated_renderer_layer_impl_unittest.cc View 1 1 chunk +53 lines, -0 lines 0 comments Download
M cc/test/render_pass_test_utils.h View 1 chunk +1 line, -1 line 0 comments Download

Messages

Total messages: 5 (0 generated)
danakj
7 years, 3 months ago (2013-09-04 15:48:55 UTC) #1
piman
LGTM, nice! https://codereview.chromium.org/23891003/diff/1/cc/layers/delegated_renderer_layer_impl.cc File cc/layers/delegated_renderer_layer_impl.cc (right): https://codereview.chromium.org/23891003/diff/1/cc/layers/delegated_renderer_layer_impl.cc#newcode244 cc/layers/delegated_renderer_layer_impl.cc:244: // frame and can be converted. nit: ...
7 years, 3 months ago (2013-09-04 19:03:11 UTC) #2
commit-bot: I haz the power
CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/danakj@chromium.org/23891003/12001
7 years, 3 months ago (2013-09-05 16:46:52 UTC) #3
danakj
https://codereview.chromium.org/23891003/diff/1/cc/layers/delegated_renderer_layer_impl.cc File cc/layers/delegated_renderer_layer_impl.cc (right): https://codereview.chromium.org/23891003/diff/1/cc/layers/delegated_renderer_layer_impl.cc#newcode244 cc/layers/delegated_renderer_layer_impl.cc:244: // frame and can be converted. On 2013/09/04 19:03:12, ...
7 years, 3 months ago (2013-09-05 16:46:55 UTC) #4
commit-bot: I haz the power
7 years, 3 months ago (2013-09-05 19:29:53 UTC) #5
Message was sent while issue was closed. 
Change committed as 221493

Powered by Google App Engine
This is Rietveld 408576698