Skip to site navigation (Press enter)

[webkit-changes] [280929] branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE

alancoon Wed, 11 Aug 2021 13:36:19 -0700

Title: [280929] branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE

Revision: 280929
Author: [email protected]
Date: 2021-08-11 13:35:31 -0700 (Wed, 11 Aug 2021)

Log Message

Cherry-pick r280926. rdar://problem/81810533


    Avoid infinite recursion when command buffer creation fails
    https://bugs.webkit.org/show_bug.cgi?id=228978
    <rdar://79224824>

    Reviewed by Kenneth Russell.

    In cases where the MTLCommandBuffer is not a valid metal object,
    we can end up in an infinite recursive loop during draw call setup. Refactor setupDraw to take no more than two attempts through the setup function.

    Testing: Ran WebGL tests, use case samples. Set up synthetic
    repro forcing bail out path, saw WebGL content fail to render
    instead of a web process crash.

    * src/libANGLE/renderer/metal/ContextMtl.h:
    * src/libANGLE/renderer/metal/ContextMtl.mm:
    (rx::ContextMtl::setupDraw):
    (rx::ContextMtl::setupDrawImpl):

    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@280926 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Modified Paths

branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/ChangeLog
branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/src/libANGLE/renderer/metal/ContextMtl.h
branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/src/libANGLE/renderer/metal/ContextMtl.mm

Diff

Modified: branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/ChangeLog (280928 => 280929)


--- branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/ChangeLog	2021-08-11 20:32:32 UTC (rev 280928)
+++ branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/ChangeLog	2021-08-11 20:35:31 UTC (rev 280929)
@@ -1,3 +1,48 @@
+2021-08-11  Russell Epstein  <[email protected]>
+
+        Cherry-pick r280926. rdar://problem/81810533
+
+    Avoid infinite recursion when command buffer creation fails
+    https://bugs.webkit.org/show_bug.cgi?id=228978
+    <rdar://79224824>
+    
+    Reviewed by Kenneth Russell.
+    
+    In cases where the MTLCommandBuffer is not a valid metal object,
+    we can end up in an infinite recursive loop during draw call setup. Refactor setupDraw to take no more than two attempts through the setup function.
+    
+    Testing: Ran WebGL tests, use case samples. Set up synthetic
+    repro forcing bail out path, saw WebGL content fail to render
+    instead of a web process crash.
+    
+    * src/libANGLE/renderer/metal/ContextMtl.h:
+    * src/libANGLE/renderer/metal/ContextMtl.mm:
+    (rx::ContextMtl::setupDraw):
+    (rx::ContextMtl::setupDrawImpl):
+    
+    
+    git-svn-id: https://svn.webkit.org/repository/webkit/trunk@280926 268f45cc-cd09-0410-ab3c-d52691b4dbfc
+
+    2021-08-11  Kyle Piddington  <[email protected]>
+
+            Avoid infinite recursion when command buffer creation fails
+            https://bugs.webkit.org/show_bug.cgi?id=228978
+            <rdar://79224824>
+
+            Reviewed by Kenneth Russell.
+
+            In cases where the MTLCommandBuffer is not a valid metal object,
+            we can end up in an infinite recursive loop during draw call setup. Refactor setupDraw to take no more than two attempts through the setup function.
+
+            Testing: Ran WebGL tests, use case samples. Set up synthetic
+            repro forcing bail out path, saw WebGL content fail to render
+            instead of a web process crash.
+
+            * src/libANGLE/renderer/metal/ContextMtl.h:
+            * src/libANGLE/renderer/metal/ContextMtl.mm:
+            (rx::ContextMtl::setupDraw):
+            (rx::ContextMtl::setupDrawImpl):
+
 2021-07-23  Dean Jackson  <[email protected]>
 
         3.5 MB system-wide footprint impact due to thread-locals in libANGLE

Modified: branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/src/libANGLE/renderer/metal/ContextMtl.h (280928 => 280929)


--- branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/src/libANGLE/renderer/metal/ContextMtl.h	2021-08-11 20:32:32 UTC (rev 280928)
+++ branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/src/libANGLE/renderer/metal/ContextMtl.h	2021-08-11 20:35:31 UTC (rev 280929)
@@ -381,6 +381,14 @@
                             gl::DrawElementsType indexTypeOrNone,
                             const void *indices,
                             bool transformFeedbackDraw);
+    angle::Result setupDrawImpl(const gl::Context *context,
+                            gl::PrimitiveMode mode,
+                            GLint firstVertex,
+                            GLsizei vertexOrIndexCount,
+                            GLsizei instanceCount,
+                            gl::DrawElementsType indexTypeOrNone,
+                            const void *indices,
+                            bool transformFeedbackDraw);
 
     angle::Result drawTriFanArrays(const gl::Context *context,
                                    GLint first,

Modified: branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/src/libANGLE/renderer/metal/ContextMtl.mm (280928 => 280929)


--- branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/src/libANGLE/renderer/metal/ContextMtl.mm	2021-08-11 20:32:32 UTC (rev 280928)
+++ branches/safari-612.1.27.0-branch/Source/ThirdParty/ANGLE/src/libANGLE/renderer/metal/ContextMtl.mm	2021-08-11 20:35:31 UTC (rev 280929)
@@ -2120,6 +2120,30 @@
                                     const void *indices,
                                     bool transformFeedbackDraw)
 {
+    ANGLE_TRY(setupDrawImpl(context, mode, firstVertex, vertexOrIndexCount, instances, indexTypeOrNone, indices, transformFeedbackDraw));
+    // Setting up the draw required us to call a command buffer flush, re-run setupDraw with state invaliated to restart the command buffer from the current draw with previously set state
+    if (!mCmdBuffer.valid())
+    {
+        invalidateState(context);
+        ANGLE_TRY(setupDrawImpl(context, mode, firstVertex, vertexOrIndexCount, instances, indexTypeOrNone, indices, transformFeedbackDraw));
+    }
+    // If the command buffer still isn't valid after a second attempt, we have a problem and should stop the draw call to avoid infinite recursion.
+    if(!mCmdBuffer.valid())
+    {
+        return angle::Result::Stop;
+    }
+    return angle::Result::Continue;
+    
+}
+angle::Result ContextMtl::setupDrawImpl(const gl::Context *context,
+                                    gl::PrimitiveMode mode,
+                                    GLint firstVertex,
+                                    GLsizei vertexOrIndexCount,
+                                    GLsizei instances,
+                                    gl::DrawElementsType indexTypeOrNone,
+                                    const void *indices,
+                                    bool transformFeedbackDraw)
+{
     ASSERT(mProgram);
 
     // Update transform feedback offsets on every draw call.
@@ -2249,12 +2273,7 @@
                                   changedPipeline, textureChanged,
                                   uniformBuffersDirty, transformFeedbackDraw));
 
-    // Setting up the draw required us to call a command buffer flush, re-run setupDraw with state invaliated to restart the command buffer from the current draw with previously set state
-    if (!mCmdBuffer.valid())
-    {
-        invalidateState(context);
-        ANGLE_TRY(setupDraw(context, mode, firstVertex, vertexOrIndexCount, instances, indexTypeOrNone, indices, transformFeedbackDraw));
-    }
+  
     mDirtyBits.reset();
     return angle::Result::Continue;
 }

_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes