Commit abbbe97092559c6a2e33acff52a9918fae479f37
2023-03-24T08:10:40
[GL backend] Get texture bindings size from frontend caps EGLContext currently sets the texture bindings size to be GL_MAX_COMBINED_TEXTURE_IMAGE_UNITS. StateManagerGL later copies these bindings into its own textures array [1]. However, the latter texture array is clamped to a size of max 96 [2], and thus this copy can overflow (see crash in crbug.com/1418842). This CL changes the texture bindings size to be set from the frontend caps rather than the native caps. The former have the same clamping as for StateManagerGL's textures. [1] https://source.chromium.org/chromium/chromium/src/+/main:third_party/angle/src/libANGLE/renderer/gl/StateManagerGL.cpp;drc=c85c710dec58dfdcf2f35af647a0a5155639edd5;l=3274 [2] https://source.chromium.org/chromium/chromium/src/+/main:third_party/angle/src/libANGLE/angletypes.h;drc=4a77b0f5237515960673b9bd1bc5a229f0eeaa95;l=952 [3] https://source.chromium.org/chromium/chromium/src/+/main:third_party/angle/src/libANGLE/Context.cpp;l=4050-4059;drc=b4bc946c63b2b95e1f05dec4e84adcadd10499c6 Bug: chromium:1418842 Change-Id: I66c10b640f70d9dc6c7d41925f12ffb7a3ba78e0 Reviewed-on: https://chromium-review.googlesource.com/c/angle/angle/+/4369699 Commit-Queue: Geoff Lang <geofflang@chromium.org> Reviewed-by: Geoff Lang <geofflang@chromium.org>