Modified: trunk/Source/WebCore/ChangeLog (218080 => 218081)
--- trunk/Source/WebCore/ChangeLog 2017-06-12 00:47:18 UTC (rev 218080)
+++ trunk/Source/WebCore/ChangeLog 2017-06-12 01:57:30 UTC (rev 218081)
@@ -1,3 +1,14 @@
+2017-06-11 Dan Bernstein <[email protected]>
+
+ [Mac] Unaligned pointers in static CMBufferCallbacks structs defined in WebCoreDecompressionSession.mm
+ https://bugs.webkit.org/show_bug.cgi?id=173245
+
+ Reviewed by Sam Weinig.
+
+ * platform/graphics/cocoa/WebCoreDecompressionSession.mm:
+ (WebCore::WebCoreDecompressionSession::enqueueSample): Prepend 4 bytes of padding to the
+ structs so that the pointers are properly aligned.
+
2017-06-11 Tim Horton <[email protected]>
REGRESSION (r217870): Null deref under PageOverlayController::uninstallPageOverlay using find in page
Modified: trunk/Source/WebCore/platform/graphics/cocoa/WebCoreDecompressionSession.mm (218080 => 218081)
--- trunk/Source/WebCore/platform/graphics/cocoa/WebCoreDecompressionSession.mm 2017-06-12 00:47:18 UTC (rev 218080)
+++ trunk/Source/WebCore/platform/graphics/cocoa/WebCoreDecompressionSession.mm 2017-06-12 01:57:30 UTC (rev 218081)
@@ -123,9 +123,18 @@
if (!m_decompressionQueue)
m_decompressionQueue = adoptOSObject(dispatch_queue_create("SourceBufferPrivateAVFObjC Decompression Queue", DISPATCH_QUEUE_SERIAL));
+ // CMBufferCallbacks contains 64-bit pointers that aren't 8-byte aligned. To suppress the linker
+ // warning about this, we prepend 4 bytes of padding when building for macOS.
+#if PLATFORM(MAC)
+ const size_t padSize = 4;
+#else
+ const size_t padSize = 0;
+#endif
+
if (!m_producerQueue) {
CMBufferQueueRef outQueue { nullptr };
- CMBufferCallbacks callbacks {
+#pragma pack(push, 4)
+ struct { uint8_t pad[padSize]; CMBufferCallbacks callbacks; } callbacks { { }, {
0,
nullptr,
&getDecodeTime,
@@ -135,8 +144,9 @@
&compareBuffers,
nullptr,
nullptr,
- };
- CMBufferQueueCreate(kCFAllocatorDefault, kMaximumCapacity, &callbacks, &outQueue);
+ } };
+#pragma pack(pop)
+ CMBufferQueueCreate(kCFAllocatorDefault, kMaximumCapacity, &callbacks.callbacks, &outQueue);
m_producerQueue = adoptCF(outQueue);
CMBufferQueueInstallTriggerWithIntegerThreshold(m_producerQueue.get(), maybeBecomeReadyForMoreMediaDataCallback, this, kCMBufferQueueTrigger_WhenBufferCountBecomesLessThan, kLowWaterMark, &m_didBecomeReadyTrigger);
@@ -144,7 +154,8 @@
if (!m_consumerQueue) {
CMBufferQueueRef outQueue { nullptr };
- CMBufferCallbacks callbacks {
+#pragma pack(push, 4)
+ struct { uint8_t pad[padSize]; CMBufferCallbacks callbacks; } callbacks { { }, {
0,
nullptr,
&getDecodeTime,
@@ -154,8 +165,9 @@
&compareBuffers,
nullptr,
nullptr,
- };
- CMBufferQueueCreate(kCFAllocatorDefault, kMaximumCapacity, &callbacks, &outQueue);
+ } };
+#pragma pack(pop)
+ CMBufferQueueCreate(kCFAllocatorDefault, kMaximumCapacity, &callbacks.callbacks, &outQueue);
m_consumerQueue = adoptCF(outQueue);
}
