Changeset 249947 in webkit


Ignore:
Timestamp:
Sep 17, 2019 1:05:30 AM (5 years ago)
Author:
Carlos Garcia Campos
Message:

[GTK] Crash closing web view while hardware acceleration is enabled
https://bugs.webkit.org/show_bug.cgi?id=200856

Reviewed by Michael Catanzaro.

The crash happens when destroying the WaylandCompositor::Surface because the web view GL context is used to
release the texture, but the GL context is no longer valid after web view
unrealize. AcceleratedBackingStoreWayland should handle the web view unrealize to destroy the GL context. It
will be created on demand again after the web view is realized.

  • UIProcess/API/gtk/WebKitWebViewBase.cpp:

(webkitWebViewBaseRealize): Notify AcceleratedBackingStore.
(webkitWebViewBaseUnrealize): Ditto.

  • UIProcess/gtk/AcceleratedBackingStore.h:

(WebKit::AcceleratedBackingStore::realize): Added.
(WebKit::AcceleratedBackingStore::unrealize): Added.

  • UIProcess/gtk/AcceleratedBackingStoreWayland.cpp:

(WebKit::AcceleratedBackingStoreWayland::realize): In case of using WaylandCompositor, call
WaylandCompositor::bindWebPage() to bind the WebPageProxy to the Wayland surface.
(WebKit::AcceleratedBackingStoreWayland::unrealize): Destroy GL resources and the GL context.
(WebKit::AcceleratedBackingStoreWayland::tryEnsureGLContext): Do not try to create the GL context if the web
view is not realized.
(WebKit::AcceleratedBackingStoreWayland::displayBuffer): Remove the code to initialize the texture.
(WebKit::AcceleratedBackingStoreWayland::paint): And add it here.

  • UIProcess/gtk/AcceleratedBackingStoreWayland.h:
  • UIProcess/gtk/WaylandCompositor.cpp:

(WebKit::WaylandCompositor::Surface::setWebPage): Return early if given page is the current one already.
(WebKit::WaylandCompositor::bindWebPage): Set the surface WebPageProxy.
(WebKit::WaylandCompositor::unbindWebPage): Unset the surface WebPageProxy.

  • UIProcess/gtk/WaylandCompositor.h:
  • WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:

(WebKit::DrawingAreaCoordinatedGraphics::enterAcceleratedCompositingMode): When restoring a previous layer tree
host, always call resumeRendering() to balance the suspendRendering() called in exitAcceleratedCompositingMode().

Location:
trunk/Source/WebKit
Files:
8 edited

Legend:

Unmodified
Added
Removed
  • trunk/Source/WebKit/ChangeLog

    r249942 r249947  
     12019-09-17  Carlos Garcia Campos  <cgarcia@igalia.com>
     2
     3        [GTK] Crash closing web view while hardware acceleration is enabled
     4        https://bugs.webkit.org/show_bug.cgi?id=200856
     5
     6        Reviewed by Michael Catanzaro.
     7
     8        The crash happens when destroying the WaylandCompositor::Surface because the web view GL context is used to
     9        release the texture, but the GL context is no longer valid after web view
     10        unrealize. AcceleratedBackingStoreWayland should handle the web view unrealize to destroy the GL context. It
     11        will be created on demand again after the web view is realized.
     12
     13        * UIProcess/API/gtk/WebKitWebViewBase.cpp:
     14        (webkitWebViewBaseRealize): Notify AcceleratedBackingStore.
     15        (webkitWebViewBaseUnrealize): Ditto.
     16        * UIProcess/gtk/AcceleratedBackingStore.h:
     17        (WebKit::AcceleratedBackingStore::realize): Added.
     18        (WebKit::AcceleratedBackingStore::unrealize): Added.
     19        * UIProcess/gtk/AcceleratedBackingStoreWayland.cpp:
     20        (WebKit::AcceleratedBackingStoreWayland::realize): In case of using WaylandCompositor, call
     21        WaylandCompositor::bindWebPage() to bind the WebPageProxy to the Wayland surface.
     22        (WebKit::AcceleratedBackingStoreWayland::unrealize): Destroy GL resources and the GL context.
     23        (WebKit::AcceleratedBackingStoreWayland::tryEnsureGLContext): Do not try to create the GL context if the web
     24        view is not realized.
     25        (WebKit::AcceleratedBackingStoreWayland::displayBuffer): Remove the code to initialize the texture.
     26        (WebKit::AcceleratedBackingStoreWayland::paint): And add it here.
     27        * UIProcess/gtk/AcceleratedBackingStoreWayland.h:
     28        * UIProcess/gtk/WaylandCompositor.cpp:
     29        (WebKit::WaylandCompositor::Surface::setWebPage): Return early if given page is the current one already.
     30        (WebKit::WaylandCompositor::bindWebPage): Set the surface WebPageProxy.
     31        (WebKit::WaylandCompositor::unbindWebPage): Unset the surface WebPageProxy.
     32        * UIProcess/gtk/WaylandCompositor.h:
     33        * WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp:
     34        (WebKit::DrawingAreaCoordinatedGraphics::enterAcceleratedCompositingMode): When restoring a previous layer tree
     35        host, always call resumeRendering() to balance the suspendRendering() called in exitAcceleratedCompositingMode().
     36
    1372019-09-16  Ryan Haddad  <ryanhaddad@apple.com>
    238
  • trunk/Source/WebKit/UIProcess/API/gtk/WebKitWebViewBase.cpp

    r248846 r249947  
    423423
    424424    gtk_im_context_set_client_window(priv->inputMethodFilter.context(), window);
     425
     426    if (priv->acceleratedBackingStore)
     427        priv->acceleratedBackingStore->realize();
    425428}
    426429
     
    429432    WebKitWebViewBase* webView = WEBKIT_WEB_VIEW_BASE(widget);
    430433    gtk_im_context_set_client_window(webView->priv->inputMethodFilter.context(), nullptr);
     434
     435    if (webView->priv->acceleratedBackingStore)
     436        webView->priv->acceleratedBackingStore->unrealize();
    431437
    432438    GTK_WIDGET_CLASS(webkit_web_view_base_parent_class)->unrealize(widget);
  • trunk/Source/WebKit/UIProcess/gtk/AcceleratedBackingStore.h

    r247563 r249947  
    4848    virtual void update(const LayerTreeContext&) { }
    4949    virtual bool paint(cairo_t*, const WebCore::IntRect&) = 0;
     50    virtual void realize() { };
     51    virtual void unrealize() { };
    5052    virtual bool makeContextCurrent() { return false; }
    5153    virtual int renderHostFileDescriptor() { return -1; }
  • trunk/Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreWayland.cpp

    r248846 r249947  
    149149}
    150150
     151void AcceleratedBackingStoreWayland::realize()
     152{
     153#if !USE(WPE_RENDERER)
     154    WaylandCompositor::singleton().bindWebPage(m_webPage);
     155#endif
     156}
     157
     158void AcceleratedBackingStoreWayland::unrealize()
     159{
     160    if (!m_glContextInitialized)
     161        return;
     162
     163#if USE(WPE_RENDERER)
     164    if (m_viewTexture) {
     165        if (makeContextCurrent())
     166            glDeleteTextures(1, &m_viewTexture);
     167        m_viewTexture = 0;
     168    }
     169#else
     170    WaylandCompositor::singleton().unbindWebPage(m_webPage);
     171#endif
     172
     173    if (m_gdkGLContext && m_gdkGLContext.get() == gdk_gl_context_get_current())
     174        gdk_gl_context_clear_current();
     175
     176    m_glContextInitialized = false;
     177}
     178
    151179void AcceleratedBackingStoreWayland::tryEnsureGLContext()
    152180{
    153     if (m_glContextInitialized)
     181    if (m_glContextInitialized || !gtk_widget_get_realized(m_webPage.viewWidget()))
    154182        return;
    155183
     
    209237    }
    210238
     239    if (m_pendingImage)
     240        wpe_view_backend_exportable_fdo_egl_dispatch_release_exported_image(m_exportable, m_pendingImage);
     241    m_pendingImage = image;
     242
     243    m_webPage.setViewNeedsDisplay(IntRect(IntPoint::zero(), m_webPage.viewSize()));
     244}
     245#endif
     246
     247bool AcceleratedBackingStoreWayland::paint(cairo_t* cr, const IntRect& clipRect)
     248{
     249    GLuint texture;
     250    IntSize textureSize;
     251
     252#if USE(WPE_RENDERER)
     253    if (!makeContextCurrent())
     254        return true;
     255
     256    if (m_pendingImage) {
     257        wpe_view_backend_exportable_fdo_dispatch_frame_complete(m_exportable);
     258
     259        if (m_committedImage)
     260            wpe_view_backend_exportable_fdo_egl_dispatch_release_exported_image(m_exportable, m_committedImage);
     261        m_committedImage = m_pendingImage;
     262        m_pendingImage = nullptr;
     263    }
     264
     265    if (!m_committedImage)
     266        return true;
     267
    211268    if (!m_viewTexture) {
    212         if (!makeContextCurrent())
    213             return;
    214 
    215269        glGenTextures(1, &m_viewTexture);
    216270        glBindTexture(GL_TEXTURE_2D, m_viewTexture);
     
    220274        glTexParameteri(GL_TEXTURE_2D, GL_TEXTURE_MAG_FILTER, GL_NEAREST);
    221275    }
    222 
    223     if (m_pendingImage)
    224         wpe_view_backend_exportable_fdo_egl_dispatch_release_exported_image(m_exportable, m_pendingImage);
    225     m_pendingImage = image;
    226 
    227     m_webPage.setViewNeedsDisplay(IntRect(IntPoint::zero(), m_webPage.viewSize()));
    228 }
    229 #endif
    230 
    231 bool AcceleratedBackingStoreWayland::paint(cairo_t* cr, const IntRect& clipRect)
    232 {
    233     GLuint texture;
    234     IntSize textureSize;
    235 
    236 #if USE(WPE_RENDERER)
    237     if (!makeContextCurrent())
    238         return false;
    239 
    240     if (m_pendingImage) {
    241         wpe_view_backend_exportable_fdo_dispatch_frame_complete(m_exportable);
    242 
    243         if (m_committedImage)
    244             wpe_view_backend_exportable_fdo_egl_dispatch_release_exported_image(m_exportable, m_committedImage);
    245         m_committedImage = m_pendingImage;
    246         m_pendingImage = nullptr;
    247     }
    248 
    249     if (!m_committedImage)
    250         return true;
    251 
    252276    glBindTexture(GL_TEXTURE_2D, m_viewTexture);
    253277    glImageTargetTexture2D(GL_TEXTURE_2D, wpe_fdo_egl_exported_image_get_egl_image(m_committedImage));
  • trunk/Source/WebKit/UIProcess/gtk/AcceleratedBackingStoreWayland.h

    r247563 r249947  
    6666
    6767    bool paint(cairo_t*, const WebCore::IntRect&) override;
     68    void realize() override;
     69    void unrealize() override;
    6870    bool makeContextCurrent() override;
    6971#if USE(WPE_RENDERER)
  • trunk/Source/WebKit/UIProcess/gtk/WaylandCompositor.cpp

    r249323 r249947  
    168168void WaylandCompositor::Surface::setWebPage(WebPageProxy* webPage)
    169169{
     170    if (m_webPage == webPage)
     171        return;
     172
    170173    if (m_webPage) {
    171174        flushPendingFrameCallbacks();
     
    564567}
    565568
     569void WaylandCompositor::bindWebPage(WebPageProxy& webPage)
     570{
     571    if (WeakPtr<Surface> surface = m_pageMap.get(&webPage))
     572        surface->setWebPage(&webPage);
     573}
     574
     575void WaylandCompositor::unbindWebPage(WebPageProxy& webPage)
     576{
     577    if (WeakPtr<Surface> surface = m_pageMap.get(&webPage))
     578        surface->setWebPage(nullptr);
     579}
     580
    566581void WaylandCompositor::registerWebPage(WebPageProxy& webPage)
    567582{
  • trunk/Source/WebKit/UIProcess/gtk/WaylandCompositor.h

    r245807 r249947  
    105105
    106106    void bindSurfaceToWebPage(Surface*, WebCore::PageIdentifier);
     107    void bindWebPage(WebPageProxy&);
     108    void unbindWebPage(WebPageProxy&);
    107109    void registerWebPage(WebPageProxy&);
    108110    void unregisterWebPage(WebPageProxy&);
  • trunk/Source/WebKit/WebProcess/WebPage/CoordinatedGraphics/DrawingAreaCoordinatedGraphics.cpp

    r249435 r249947  
    552552        m_layerTreeHost = WTFMove(m_previousLayerTreeHost);
    553553        m_layerTreeHost->setIsDiscardable(false);
    554         if (!m_isPaintingSuspended)
    555             m_layerTreeHost->resumeRendering();
     554        m_layerTreeHost->resumeRendering();
    556555        if (!m_layerTreeStateIsFrozen)
    557556            m_layerTreeHost->setLayerFlushSchedulingEnabled(true);
Note: See TracChangeset for help on using the changeset viewer.