Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / angle / 901b379f0cb6368658874f40e244b01d6bfc4039^! / . / src / libANGLE / ResourceManager.h
commit901b379f0cb6368658874f40e244b01d6bfc4039[log] [tgz]
authorJamie Madill <jmadill@chromium.org>Thu May 26 09:20:40 2016 -0400
committerCommit Bot <commit-bot@chromium.org>Thu May 26 16:14:37 2016 +0000
tree504d6e9be7daf50ed0731415332949c9d0fe034e
parent9e54b5af89883d3add301b00f11c57c1efda579c [diff] [blame]
Fix use-after-free when deleting share contexts.

The pattern of gen context, share context, free context, then allocate
a shared GL object in the second context would cause a use-after-free
of the ContextImpl as a GLFactory. Fix this by passing the factory
as a parameter to the resource manager allocation methods instead of
storing the factory pointer. This allows the same ResourceManager to
work with separate Context implementations, which will work with
non-virtual contexts.

BUG=612931

Change-Id: Ifceeb893bebd072f318963d935ff9d17181f5305
Reviewed-on: https://chromium-review.googlesource.com/347463
Reviewed-by: Geoff Lang <geofflang@chromium.org>
Commit-Queue: Jamie Madill <jmadill@chromium.org>
Reviewed-by: Corentin Wallez <cwallez@chromium.org>

diff --git a/src/libANGLE/ResourceManager.h b/src/libANGLE/ResourceManager.h
index baac331..9001315 100644
--- a/src/libANGLE/ResourceManager.h
+++ b/src/libANGLE/ResourceManager.h

@@ -34,19 +34,21 @@
 class ResourceManager : angle::NonCopyable
 {
   public:
-    explicit ResourceManager(rx::GLImplFactory *factory);
+    ResourceManager();
     ~ResourceManager();
 
     void addRef();
     void release();
 
     GLuint createBuffer();
-    GLuint createShader(const gl::Limitations &rendererLimitations, GLenum type);
-    GLuint createProgram();
+    GLuint createShader(rx::GLImplFactory *factory,
+                        const gl::Limitations &rendererLimitations,
+                        GLenum type);
+    GLuint createProgram(rx::GLImplFactory *factory);
     GLuint createTexture();
     GLuint createRenderbuffer();
     GLuint createSampler();
-    GLuint createFenceSync();
+    GLuint createFenceSync(rx::GLImplFactory *factory);
 
     void deleteBuffer(GLuint buffer);
     void deleteShader(GLuint shader);
@@ -66,17 +68,17 @@
 
     void setRenderbuffer(GLuint handle, Renderbuffer *renderbuffer);
 
-    Buffer *checkBufferAllocation(GLuint handle);
-    Texture *checkTextureAllocation(GLuint handle, GLenum type);
-    Renderbuffer *checkRenderbufferAllocation(GLuint handle);
-    Sampler *checkSamplerAllocation(GLuint samplerHandle);
+    Buffer *checkBufferAllocation(rx::GLImplFactory *factory, GLuint handle);
+    Texture *checkTextureAllocation(rx::GLImplFactory *factory, GLuint handle, GLenum type);
+    Renderbuffer *checkRenderbufferAllocation(rx::GLImplFactory *factory, GLuint handle);
+    Sampler *checkSamplerAllocation(rx::GLImplFactory *factory, GLuint samplerHandle);
 
     bool isSampler(GLuint sampler);
 
   private:
     void createTextureInternal(GLuint handle);
 
-    rx::GLImplFactory *mFactory;
+    ;
     std::size_t mRefCount;
 
     ResourceMap<Buffer> mBufferMap;