android video false negative fails to check single security origin |
||
Issue descriptionandroid_nexus5_perf_bisect falsely fails blink_perf.canvas upload-video-to-sub-texture.html with DOM security error https://codereview.chromium.org/1644353002/#ps240001 """ FATAL: test fails due to GPU issue. SecurityError: Failed to execute 'texSubImage2D' on 'WebGLRenderingContext': The video element contains cross-origin data, and may not be loaded. """ In the perf test, document url: http://127.0.0.1:44287/Canvas/upload-video-to-sub-texture.html video url: http://127.0.0.1:44287/Canvas/resources/bear-1280x720.mp4 As doc and video url are same, WebMediaPlayerAndroid::hasSingleSecurityOrigin() should pass, but it fails in reality. Current Android version of android_nexus5_perf_bisect is 4.4.2 (KOT49H) according to https://codereview.chromium.org/1644353002/#msg122
,
Mar 4 2016
You might see if running with --enable-unified-media-pipeline (or flipping the same thing in chrome://flags) fixes this. It should since we'll do origin checks through chrome's network stack instead.
,
Mar 4 2016
as for comment1: that should be the device Chrome is running on
,
Mar 5 2016
(As has been pointed out on the CL itself) https://codereview.chromium.org/408873004 Description said: """ For systems below K, the security impact is much less serious than the issue it caused. As a result, we are reenabling video for webgl for systems <=K. """ Then afaict, that condition does the exact opposite of the description says. It turned *off* security checks for newer L and up, and did not change K and below.
,
Mar 8 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/7d700edf761d46092b24d53ee228ce0df6e7b054 commit 7d700edf761d46092b24d53ee228ce0df6e7b054 Author: dongseong.hwang <dongseong.hwang@intel.com> Date: Tue Mar 08 00:04:34 2016 Enable blink_perf.canvas on Android Perf bots As the blocking issue was fixed, re-enable it. BUG= 496707 , 592017 CQ_EXTRA_TRYBOTS=tryserver.chromium.perf:linux_perf_bisect;tryserver.chromium.perf:mac_10_10_perf_bisect;tryserver.chromium.perf:win_perf_bisect;tryserver.chromium.perf:android_nexus5_perf_bisect CQ_INCLUDE_TRYBOTS=tryserver.chromium.win:win_optional_gpu_tests_rel Review URL: https://codereview.chromium.org/1644353002 Cr-Commit-Position: refs/heads/master@{#379686} [modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/content/renderer/media/android/webmediaplayer_android.cc [modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/draw-dynamic-webgl-to-hw-accelerated-canvas-2d.html [modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/draw-static-webgl-to-hw-accelerated-canvas-2d.html [modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/draw-video-to-hw-accelerated-canvas-2d.html [rename] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/resources/bear-1280x720.mp4 [modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/resources/canvas_runner.js [modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/upload-canvas-2d-to-texture.html [modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/upload-video-to-sub-texture.html [modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/upload-video-to-texture.html [modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/Canvas/upload-webgl-to-texture.html [modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/third_party/WebKit/PerformanceTests/resources/runner.js [modify] https://crrev.com/7d700edf761d46092b24d53ee228ce0df6e7b054/tools/perf/benchmarks/blink_perf.py
,
Jan 25 2017
|
||
►
Sign in to add a comment |
||
Comment 1 by kbr@chromium.org
, Mar 4 2016This code in WebMediaPlayerAndroid::hasSingleSecurityOrigin() which was recently added to handle a problem with redirects seems suspicious: return base::android::BuildInfo::GetInstance()->sdk_int() >= kSDKVersionToSupportSecurityOriginCheck; Is that fetching the information of the device we're running on, or the version of the SDK Chrome was built against?