Avoid infinite prepare loop if bad scale provided

bug:5362098

Note: we shouldn't be getting bad scales, now that the scale corruption issue
has been reverted. Added logging for these to wrap transfer queue as well to
detect fp corruption regression.

Change-Id: I5e6d2afc1d483452140fab5390395c9581db86ca

diff --git a/Source/WebCore/platform/graphics/android/GLWebViewState.cpp b/Source/WebCore/platform/graphics/android/GLWebViewState.cpp
index 55419f4..9911cb3 100644 (file)
--- a/Source/WebCore/platform/graphics/android/GLWebViewState.cpp
+++ b/Source/WebCore/platform/graphics/android/GLWebViewState.cpp
@@ -68,6 +68,10 @@
 #define RING_COLOR_G 0xb5
 #define RING_COLOR_B 0xe5
 
+// log warnings if scale goes outside this range
+#define MIN_SCALE_WARNING 0.1
+#define MAX_SCALE_WARNING 10
+
 namespace WebCore {
 
 using namespace android;
@@ -559,11 +563,17 @@ bool GLWebViewState::drawGL(IntRect& rect, SkRect& viewport, IntRect* invalRect,
     if (baseForComposited && baseForComposited->countChildren() >= 1)
         compositedRoot = static_cast<LayerAndroid*>(baseForComposited->getChild(0));
 
+    if (scale < MIN_SCALE_WARNING || scale > MAX_SCALE_WARNING)
+        XLOGC("WARNING, scale seems corrupted before update: %e", scale);
+
     // Here before we draw, update the BaseTile which has updated content.
     // Inside this function, just do GPU blits from the transfer queue into
     // the BaseTiles' texture.
     TilesManager::instance()->transferQueue()->updateDirtyBaseTiles();
 
+    if (scale < MIN_SCALE_WARNING || scale > MAX_SCALE_WARNING)
+        XLOGC("WARNING, scale seems corrupted after update: %e", scale);
+
     // gather the textures we can use
     TilesManager::instance()->gatherLayerTextures();
 

diff --git a/Source/WebCore/platform/graphics/android/TiledPage.cpp b/Source/WebCore/platform/graphics/android/TiledPage.cpp
index 2b8ebcc..0c7a2a8 100644 (file)
--- a/Source/WebCore/platform/graphics/android/TiledPage.cpp
+++ b/Source/WebCore/platform/graphics/android/TiledPage.cpp
@@ -274,7 +274,10 @@ void TiledPage::prepare(bool goingDown, bool goingLeft, const SkIRect& tileBound
     m_expandedTileBounds.fRight = lastTileX;
     m_expandedTileBounds.fBottom = lastTileY;
 
-    if (nbTilesHeight * nbTilesWidth > TilesManager::getMaxTextureAllocation() + 1) {
+    // check against corrupted scale values giving bad height/width (use float to avoid overflow)
+    float numTiles = static_cast<float>(nbTilesHeight) * static_cast<float>(nbTilesWidth);
+    if (numTiles > TilesManager::getMaxTextureAllocation() || nbTilesHeight < 1 || nbTilesWidth < 1)
+    {
         XLOGC("ERROR: We don't have enough tiles for this page!"
               " nbTilesHeight %d nbTilesWidth %d", nbTilesHeight, nbTilesWidth);
         return;