| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/android/in_process/context_provider_in_process.h" | 5 #include "content/browser/android/in_process/context_provider_in_process.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/callback_helpers.h" | 8 #include "base/callback_helpers.h" |
| 9 #include "base/strings/stringprintf.h" | 9 #include "base/strings/stringprintf.h" |
| 10 #include "cc/output/managed_memory_policy.h" | 10 #include "cc/output/managed_memory_policy.h" |
| 11 #include "content/common/gpu/client/grcontext_for_webgraphicscontext3d.h" | 11 #include "content/common/gpu/client/grcontext_for_webgraphicscontext3d.h" |
| 12 #include "gpu/blink/webgraphicscontext3d_in_process_command_buffer_impl.h" | 12 #include "gpu/blink/webgraphicscontext3d_in_process_command_buffer_impl.h" |
| 13 #include "gpu/command_buffer/client/gles2_implementation.h" | 13 #include "gpu/command_buffer/client/gles2_implementation.h" |
| 14 #include "third_party/skia/include/gpu/GrContext.h" | 14 #include "third_party/skia/include/gpu/GrContext.h" |
| 15 | 15 |
| 16 using gpu_blink::WebGraphicsContext3DInProcessCommandBufferImpl; | 16 using gpu_blink::WebGraphicsContext3DInProcessCommandBufferImpl; |
| 17 | 17 |
| 18 namespace content { | 18 namespace content { |
| 19 | 19 |
| 20 class ContextProviderInProcess::LostContextCallbackProxy | 20 class ContextProviderInProcess::LostContextCallbackProxy |
| 21 : public blink::WebGraphicsContext3D::WebGraphicsContextLostCallback { | 21 : public blink::WebGraphicsContext3D::WebGraphicsContextLostCallback { |
| 22 public: | 22 public: |
| 23 explicit LostContextCallbackProxy(ContextProviderInProcess* provider) | 23 explicit LostContextCallbackProxy(ContextProviderInProcess* provider) |
| 24 : provider_(provider) { | 24 : provider_(provider) { |
| 25 provider_->context3d_->setContextLostCallback(this); | 25 provider_->WebContext3DImpl()->setContextLostCallback(this); |
| 26 } | 26 } |
| 27 | 27 |
| 28 virtual ~LostContextCallbackProxy() { | 28 virtual ~LostContextCallbackProxy() { |
| 29 provider_->context3d_->setContextLostCallback(NULL); | 29 provider_->WebContext3DImpl()->setContextLostCallback(NULL); |
| 30 } | 30 } |
| 31 | 31 |
| 32 virtual void onContextLost() { | 32 virtual void onContextLost() { |
| 33 provider_->OnLostContext(); | 33 provider_->OnLostContext(); |
| 34 } | 34 } |
| 35 | 35 |
| 36 private: | 36 private: |
| 37 ContextProviderInProcess* provider_; | 37 ContextProviderInProcess* provider_; |
| 38 }; | 38 }; |
| 39 | 39 |
| 40 // static | 40 // static |
| 41 scoped_refptr<ContextProviderInProcess> ContextProviderInProcess::Create( | 41 scoped_refptr<ContextProviderInProcess> ContextProviderInProcess::Create( |
| 42 scoped_ptr<WebGraphicsContext3DInProcessCommandBufferImpl> context3d, | 42 scoped_ptr<WebGraphicsContext3DInProcessCommandBufferImpl> context3d, |
| 43 const std::string& debug_name) { | 43 const std::string& debug_name) { |
| 44 if (!context3d) | 44 if (!context3d) |
| 45 return NULL; | 45 return NULL; |
| 46 return new ContextProviderInProcess(context3d.Pass(), debug_name); | 46 return new ContextProviderInProcess(context3d.Pass(), debug_name); |
| 47 } | 47 } |
| 48 | 48 |
| 49 ContextProviderInProcess::ContextProviderInProcess( | 49 ContextProviderInProcess::ContextProviderInProcess( |
| 50 scoped_ptr<WebGraphicsContext3DInProcessCommandBufferImpl> context3d, | 50 scoped_ptr<WebGraphicsContext3DInProcessCommandBufferImpl> context3d, |
| 51 const std::string& debug_name) | 51 const std::string& debug_name) |
| 52 : context3d_(context3d.Pass()), | 52 : debug_name_(debug_name) { |
| 53 debug_name_(debug_name) { | |
| 54 DCHECK(main_thread_checker_.CalledOnValidThread()); | 53 DCHECK(main_thread_checker_.CalledOnValidThread()); |
| 55 DCHECK(context3d_); | 54 DCHECK(context3d); |
| 55 gr_interface_ = skia::AdoptRef(new GrGLInterfaceForWebGraphicsContext3D( |
| 56 context3d.Pass())); |
| 57 DCHECK(gr_interface_->WebContext3D()); |
| 56 context_thread_checker_.DetachFromThread(); | 58 context_thread_checker_.DetachFromThread(); |
| 57 } | 59 } |
| 58 | 60 |
| 59 ContextProviderInProcess::~ContextProviderInProcess() { | 61 ContextProviderInProcess::~ContextProviderInProcess() { |
| 60 DCHECK(main_thread_checker_.CalledOnValidThread() || | 62 DCHECK(main_thread_checker_.CalledOnValidThread() || |
| 61 context_thread_checker_.CalledOnValidThread()); | 63 context_thread_checker_.CalledOnValidThread()); |
| 62 } | 64 } |
| 63 | 65 |
| 64 blink::WebGraphicsContext3D* ContextProviderInProcess::WebContext3D() { | 66 blink::WebGraphicsContext3D* ContextProviderInProcess::WebContext3D() { |
| 65 DCHECK(lost_context_callback_proxy_); // Is bound to thread. | 67 DCHECK(lost_context_callback_proxy_); // Is bound to thread. |
| 66 DCHECK(context_thread_checker_.CalledOnValidThread()); | 68 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 67 | 69 |
| 68 return context3d_.get(); | 70 return WebContext3DImpl(); |
| 71 } |
| 72 |
| 73 gpu_blink::WebGraphicsContext3DInProcessCommandBufferImpl* |
| 74 ContextProviderInProcess::WebContext3DImpl() { |
| 75 DCHECK(gr_interface_->WebContext3D()); |
| 76 |
| 77 return |
| 78 static_cast<gpu_blink::WebGraphicsContext3DInProcessCommandBufferImpl*>( |
| 79 gr_interface_->WebContext3D()); |
| 69 } | 80 } |
| 70 | 81 |
| 71 bool ContextProviderInProcess::BindToCurrentThread() { | 82 bool ContextProviderInProcess::BindToCurrentThread() { |
| 72 DCHECK(context3d_); | 83 DCHECK(WebContext3DImpl()); |
| 73 | 84 |
| 74 // This is called on the thread the context will be used. | 85 // This is called on the thread the context will be used. |
| 75 DCHECK(context_thread_checker_.CalledOnValidThread()); | 86 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 76 | 87 |
| 77 if (lost_context_callback_proxy_) | 88 if (lost_context_callback_proxy_) |
| 78 return true; | 89 return true; |
| 79 | 90 |
| 80 if (!context3d_->InitializeOnCurrentThread()) | 91 if (!WebContext3DImpl()->InitializeOnCurrentThread()) |
| 81 return false; | 92 return false; |
| 82 | 93 |
| 94 gr_interface_->BindToCurrentThread(); |
| 83 InitializeCapabilities(); | 95 InitializeCapabilities(); |
| 84 | 96 |
| 85 const std::string unique_context_name = | 97 const std::string unique_context_name = |
| 86 base::StringPrintf("%s-%p", debug_name_.c_str(), context3d_.get()); | 98 base::StringPrintf("%s-%p", debug_name_.c_str(), WebContext3DImpl()); |
| 87 context3d_->traceBeginCHROMIUM("gpu_toplevel", | 99 WebContext3DImpl()->traceBeginCHROMIUM("gpu_toplevel", |
| 88 unique_context_name.c_str()); | 100 unique_context_name.c_str()); |
| 89 | 101 |
| 90 lost_context_callback_proxy_.reset(new LostContextCallbackProxy(this)); | 102 lost_context_callback_proxy_.reset(new LostContextCallbackProxy(this)); |
| 91 return true; | 103 return true; |
| 92 } | 104 } |
| 93 | 105 |
| 94 void ContextProviderInProcess::DetachFromThread() { | 106 void ContextProviderInProcess::DetachFromThread() { |
| 95 context_thread_checker_.DetachFromThread(); | 107 context_thread_checker_.DetachFromThread(); |
| 96 } | 108 } |
| 97 | 109 |
| 98 void ContextProviderInProcess::InitializeCapabilities() { | 110 void ContextProviderInProcess::InitializeCapabilities() { |
| 99 capabilities_.gpu = context3d_->GetImplementation()->capabilities(); | 111 capabilities_.gpu = WebContext3DImpl()->GetImplementation()->capabilities(); |
| 100 | 112 |
| 101 size_t mapped_memory_limit = context3d_->GetMappedMemoryLimit(); | 113 size_t mapped_memory_limit = WebContext3DImpl()->GetMappedMemoryLimit(); |
| 102 capabilities_.max_transfer_buffer_usage_bytes = | 114 capabilities_.max_transfer_buffer_usage_bytes = |
| 103 mapped_memory_limit == | 115 mapped_memory_limit == |
| 104 WebGraphicsContext3DInProcessCommandBufferImpl::kNoLimit | 116 WebGraphicsContext3DInProcessCommandBufferImpl::kNoLimit |
| 105 ? std::numeric_limits<size_t>::max() | 117 ? std::numeric_limits<size_t>::max() |
| 106 : mapped_memory_limit; | 118 : mapped_memory_limit; |
| 107 } | 119 } |
| 108 | 120 |
| 109 cc::ContextProvider::Capabilities | 121 cc::ContextProvider::Capabilities |
| 110 ContextProviderInProcess::ContextCapabilities() { | 122 ContextProviderInProcess::ContextCapabilities() { |
| 111 DCHECK(lost_context_callback_proxy_); // Is bound to thread. | 123 DCHECK(lost_context_callback_proxy_); // Is bound to thread. |
| 112 DCHECK(context_thread_checker_.CalledOnValidThread()); | 124 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 113 return capabilities_; | 125 return capabilities_; |
| 114 } | 126 } |
| 115 | 127 |
| 116 ::gpu::gles2::GLES2Interface* ContextProviderInProcess::ContextGL() { | 128 ::gpu::gles2::GLES2Interface* ContextProviderInProcess::ContextGL() { |
| 117 DCHECK(context3d_); | 129 DCHECK(WebContext3DImpl()); |
| 118 DCHECK(lost_context_callback_proxy_); // Is bound to thread. | 130 DCHECK(lost_context_callback_proxy_); // Is bound to thread. |
| 119 DCHECK(context_thread_checker_.CalledOnValidThread()); | 131 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 120 | 132 |
| 121 return context3d_->GetGLInterface(); | 133 return WebContext3DImpl()->GetGLInterface(); |
| 122 } | 134 } |
| 123 | 135 |
| 124 ::gpu::ContextSupport* ContextProviderInProcess::ContextSupport() { | 136 ::gpu::ContextSupport* ContextProviderInProcess::ContextSupport() { |
| 125 DCHECK(context3d_); | 137 DCHECK(WebContext3DImpl()); |
| 126 if (!lost_context_callback_proxy_) | 138 if (!lost_context_callback_proxy_) |
| 127 return NULL; // Not bound to anything. | 139 return NULL; // Not bound to anything. |
| 128 | 140 |
| 129 DCHECK(context_thread_checker_.CalledOnValidThread()); | 141 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 130 | 142 |
| 131 return context3d_->GetContextSupport(); | 143 return WebContext3DImpl()->GetContextSupport(); |
| 132 } | 144 } |
| 133 | 145 |
| 134 class GrContext* ContextProviderInProcess::GrContext() { | 146 class GrContext* ContextProviderInProcess::GrContext() { |
| 135 DCHECK(lost_context_callback_proxy_); // Is bound to thread. | 147 DCHECK(lost_context_callback_proxy_); // Is bound to thread. |
| 136 DCHECK(context_thread_checker_.CalledOnValidThread()); | 148 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 137 | 149 |
| 138 if (gr_context_) | 150 if (gr_context_) |
| 139 return gr_context_->get(); | 151 return gr_context_->get(); |
| 140 | 152 |
| 141 gr_context_.reset(new GrContextForWebGraphicsContext3D(context3d_.get())); | 153 gr_context_.reset(new GrContextForWebGraphicsContext3D(gr_interface_)); |
| 142 return gr_context_->get(); | 154 return gr_context_->get(); |
| 143 } | 155 } |
| 144 | 156 |
| 145 void ContextProviderInProcess::InvalidateGrContext(uint32_t state) { | 157 void ContextProviderInProcess::InvalidateGrContext(uint32_t state) { |
| 146 DCHECK(lost_context_callback_proxy_); // Is bound to thread. | 158 DCHECK(lost_context_callback_proxy_); // Is bound to thread. |
| 147 DCHECK(context_thread_checker_.CalledOnValidThread()); | 159 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 148 | 160 |
| 149 if (gr_context_) | 161 if (gr_context_) |
| 150 return gr_context_->get()->resetContext(state); | 162 return gr_context_->get()->resetContext(state); |
| 151 } | 163 } |
| 152 | 164 |
| 153 void ContextProviderInProcess::SetupLock() { | 165 void ContextProviderInProcess::SetupLock() { |
| 154 context3d_->SetLock(&context_lock_); | 166 WebContext3DImpl()->SetLock(&context_lock_); |
| 155 } | 167 } |
| 156 | 168 |
| 157 base::Lock* ContextProviderInProcess::GetLock() { | 169 base::Lock* ContextProviderInProcess::GetLock() { |
| 158 return &context_lock_; | 170 return &context_lock_; |
| 159 } | 171 } |
| 160 | 172 |
| 161 void ContextProviderInProcess::DeleteCachedResources() { | 173 void ContextProviderInProcess::DeleteCachedResources() { |
| 162 DCHECK(context_thread_checker_.CalledOnValidThread()); | 174 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 163 | 175 |
| 164 if (gr_context_) | 176 if (gr_context_) |
| (...skipping 10 matching lines...) Expand all Loading... |
| 175 | 187 |
| 176 void ContextProviderInProcess::SetLostContextCallback( | 188 void ContextProviderInProcess::SetLostContextCallback( |
| 177 const LostContextCallback& lost_context_callback) { | 189 const LostContextCallback& lost_context_callback) { |
| 178 DCHECK(context_thread_checker_.CalledOnValidThread()); | 190 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 179 DCHECK(lost_context_callback_.is_null() || | 191 DCHECK(lost_context_callback_.is_null() || |
| 180 lost_context_callback.is_null()); | 192 lost_context_callback.is_null()); |
| 181 lost_context_callback_ = lost_context_callback; | 193 lost_context_callback_ = lost_context_callback; |
| 182 } | 194 } |
| 183 | 195 |
| 184 } // namespace content | 196 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1414683003:
Fix gpu command buffer use after free by GrContext (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master