| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "content/browser/android/in_process/context_provider_in_process.h" | 5 #include "content/browser/android/in_process/context_provider_in_process.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/callback_helpers.h" | 8 #include "base/callback_helpers.h" |
| 9 #include "base/strings/stringprintf.h" | 9 #include "base/strings/stringprintf.h" |
| 10 #include "cc/output/managed_memory_policy.h" | 10 #include "cc/output/managed_memory_policy.h" |
| 11 #include "content/common/gpu/client/grcontext_for_webgraphicscontext3d.h" | 11 #include "content/common/gpu/client/grcontext_for_webgraphicscontext3d.h" |
| 12 #include "gpu/blink/webgraphicscontext3d_in_process_command_buffer_impl.h" | 12 #include "gpu/blink/webgraphicscontext3d_in_process_command_buffer_impl.h" |
| 13 #include "gpu/command_buffer/client/gles2_implementation.h" | 13 #include "gpu/command_buffer/client/gles2_implementation.h" |
| 14 #include "third_party/skia/include/gpu/GrContext.h" | 14 #include "third_party/skia/include/gpu/GrContext.h" |
| 15 | 15 |
| 16 using gpu_blink::WebGraphicsContext3DInProcessCommandBufferImpl; | 16 using gpu_blink::WebGraphicsContext3DInProcessCommandBufferImpl; |
| 17 | 17 |
| 18 namespace content { | 18 namespace content { |
| 19 | 19 |
| 20 class ContextProviderInProcess::LostContextCallbackProxy | 20 class ContextProviderInProcess::LostContextCallbackProxy |
| 21 : public blink::WebGraphicsContext3D::WebGraphicsContextLostCallback { | 21 : public blink::WebGraphicsContext3D::WebGraphicsContextLostCallback { |
| 22 public: | 22 public: |
| 23 explicit LostContextCallbackProxy(ContextProviderInProcess* provider) | 23 explicit LostContextCallbackProxy(ContextProviderInProcess* provider) |
| 24 : provider_(provider) { | 24 : provider_(provider) { |
| 25 provider_->context3d_->setContextLostCallback(this); | 25 provider_->WebContext3DImpl()->setContextLostCallback(this); |
| 26 } | 26 } |
| 27 | 27 |
| 28 virtual ~LostContextCallbackProxy() { | 28 virtual ~LostContextCallbackProxy() { |
| 29 provider_->context3d_->setContextLostCallback(NULL); | 29 provider_->WebContext3DImpl()->setContextLostCallback(NULL); |
| 30 } | 30 } |
| 31 | 31 |
| 32 virtual void onContextLost() { | 32 virtual void onContextLost() { |
| 33 provider_->OnLostContext(); | 33 provider_->OnLostContext(); |
| 34 } | 34 } |
| 35 | 35 |
| 36 private: | 36 private: |
| 37 ContextProviderInProcess* provider_; | 37 ContextProviderInProcess* provider_; |
| 38 }; | 38 }; |
| 39 | 39 |
| 40 // static | 40 // static |
| 41 scoped_refptr<ContextProviderInProcess> ContextProviderInProcess::Create( | 41 scoped_refptr<ContextProviderInProcess> ContextProviderInProcess::Create( |
| 42 scoped_ptr<WebGraphicsContext3DInProcessCommandBufferImpl> context3d, | 42 scoped_ptr<WebGraphicsContext3DInProcessCommandBufferImpl> context3d, |
| 43 const std::string& debug_name) { | 43 const std::string& debug_name) { |
| 44 if (!context3d) | 44 if (!context3d) |
| 45 return NULL; | 45 return NULL; |
| 46 return new ContextProviderInProcess(context3d.Pass(), debug_name); | 46 return new ContextProviderInProcess(context3d.Pass(), debug_name); |
| 47 } | 47 } |
| 48 | 48 |
| 49 ContextProviderInProcess::ContextProviderInProcess( | 49 ContextProviderInProcess::ContextProviderInProcess( |
| 50 scoped_ptr<WebGraphicsContext3DInProcessCommandBufferImpl> context3d, | 50 scoped_ptr<WebGraphicsContext3DInProcessCommandBufferImpl> context3d, |
| 51 const std::string& debug_name) | 51 const std::string& debug_name) |
| 52 : context3d_(context3d.Pass()), | 52 : debug_name_(debug_name) { |
| 53 debug_name_(debug_name) { | |
| 54 DCHECK(main_thread_checker_.CalledOnValidThread()); | 53 DCHECK(main_thread_checker_.CalledOnValidThread()); |
| 55 DCHECK(context3d_); | 54 DCHECK(context3d); |
| 55 gr_interface_ = skia::AdoptRef(new GrGLInterfaceForWebGraphicsContext3D( |
| 56 context3d.Pass())); |
| 57 DCHECK(gr_interface_->WebContext3D()); |
| 56 context_thread_checker_.DetachFromThread(); | 58 context_thread_checker_.DetachFromThread(); |
| 57 } | 59 } |
| 58 | 60 |
| 59 ContextProviderInProcess::~ContextProviderInProcess() { | 61 ContextProviderInProcess::~ContextProviderInProcess() { |
| 60 DCHECK(main_thread_checker_.CalledOnValidThread() || | 62 DCHECK(main_thread_checker_.CalledOnValidThread() || |
| 61 context_thread_checker_.CalledOnValidThread()); | 63 context_thread_checker_.CalledOnValidThread()); |
| 62 } | 64 } |
| 63 | 65 |
| 64 blink::WebGraphicsContext3D* ContextProviderInProcess::WebContext3D() { | 66 blink::WebGraphicsContext3D* ContextProviderInProcess::WebContext3D() { |
| 65 DCHECK(lost_context_callback_proxy_); // Is bound to thread. | 67 DCHECK(lost_context_callback_proxy_); // Is bound to thread. |
| 66 DCHECK(context_thread_checker_.CalledOnValidThread()); | 68 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 69 DCHECK(gr_interface_->WebContext3D()); |
| 67 | 70 |
| 68 return context3d_.get(); | 71 return gr_interface_->WebContext3D(); |
| 72 } |
| 73 |
| 74 gpu_blink::WebGraphicsContext3DInProcessCommandBufferImpl* |
| 75 ContextProviderInProcess::WebContext3DImpl() { |
| 76 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 77 DCHECK(gr_interface_->WebContext3D()); |
| 78 |
| 79 return |
| 80 static_cast<gpu_blink::WebGraphicsContext3DInProcessCommandBufferImpl*>( |
| 81 gr_interface_->WebContext3D()); |
| 69 } | 82 } |
| 70 | 83 |
| 71 bool ContextProviderInProcess::BindToCurrentThread() { | 84 bool ContextProviderInProcess::BindToCurrentThread() { |
| 72 DCHECK(context3d_); | 85 DCHECK(WebContext3DImpl()); |
| 73 | 86 |
| 74 // This is called on the thread the context will be used. | 87 // This is called on the thread the context will be used. |
| 75 DCHECK(context_thread_checker_.CalledOnValidThread()); | 88 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 76 | 89 |
| 77 if (lost_context_callback_proxy_) | 90 if (lost_context_callback_proxy_) |
| 78 return true; | 91 return true; |
| 79 | 92 |
| 80 if (!context3d_->InitializeOnCurrentThread()) | 93 if (!WebContext3DImpl()->InitializeOnCurrentThread()) |
| 81 return false; | 94 return false; |
| 82 | 95 |
| 83 InitializeCapabilities(); | 96 InitializeCapabilities(); |
| 84 | 97 |
| 85 const std::string unique_context_name = | 98 const std::string unique_context_name = |
| 86 base::StringPrintf("%s-%p", debug_name_.c_str(), context3d_.get()); | 99 base::StringPrintf("%s-%p", debug_name_.c_str(), WebContext3DImpl()); |
| 87 context3d_->traceBeginCHROMIUM("gpu_toplevel", | 100 WebContext3DImpl()->traceBeginCHROMIUM("gpu_toplevel", |
| 88 unique_context_name.c_str()); | 101 unique_context_name.c_str()); |
| 89 | 102 |
| 90 lost_context_callback_proxy_.reset(new LostContextCallbackProxy(this)); | 103 lost_context_callback_proxy_.reset(new LostContextCallbackProxy(this)); |
| 91 return true; | 104 return true; |
| 92 } | 105 } |
| 93 | 106 |
| 94 void ContextProviderInProcess::DetachFromThread() { | 107 void ContextProviderInProcess::DetachFromThread() { |
| 95 context_thread_checker_.DetachFromThread(); | 108 context_thread_checker_.DetachFromThread(); |
| 96 } | 109 } |
| 97 | 110 |
| 98 void ContextProviderInProcess::InitializeCapabilities() { | 111 void ContextProviderInProcess::InitializeCapabilities() { |
| 99 capabilities_.gpu = context3d_->GetImplementation()->capabilities(); | 112 capabilities_.gpu = WebContext3DImpl()->GetImplementation()->capabilities(); |
| 100 | 113 |
| 101 size_t mapped_memory_limit = context3d_->GetMappedMemoryLimit(); | 114 size_t mapped_memory_limit = WebContext3DImpl()->GetMappedMemoryLimit(); |
| 102 capabilities_.max_transfer_buffer_usage_bytes = | 115 capabilities_.max_transfer_buffer_usage_bytes = |
| 103 mapped_memory_limit == | 116 mapped_memory_limit == |
| 104 WebGraphicsContext3DInProcessCommandBufferImpl::kNoLimit | 117 WebGraphicsContext3DInProcessCommandBufferImpl::kNoLimit |
| 105 ? std::numeric_limits<size_t>::max() | 118 ? std::numeric_limits<size_t>::max() |
| 106 : mapped_memory_limit; | 119 : mapped_memory_limit; |
| 107 } | 120 } |
| 108 | 121 |
| 109 cc::ContextProvider::Capabilities | 122 cc::ContextProvider::Capabilities |
| 110 ContextProviderInProcess::ContextCapabilities() { | 123 ContextProviderInProcess::ContextCapabilities() { |
| 111 DCHECK(lost_context_callback_proxy_); // Is bound to thread. | 124 DCHECK(lost_context_callback_proxy_); // Is bound to thread. |
| 112 DCHECK(context_thread_checker_.CalledOnValidThread()); | 125 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 113 return capabilities_; | 126 return capabilities_; |
| 114 } | 127 } |
| 115 | 128 |
| 116 ::gpu::gles2::GLES2Interface* ContextProviderInProcess::ContextGL() { | 129 ::gpu::gles2::GLES2Interface* ContextProviderInProcess::ContextGL() { |
| 117 DCHECK(context3d_); | 130 DCHECK(WebContext3DImpl()); |
| 118 DCHECK(lost_context_callback_proxy_); // Is bound to thread. | 131 DCHECK(lost_context_callback_proxy_); // Is bound to thread. |
| 119 DCHECK(context_thread_checker_.CalledOnValidThread()); | 132 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 120 | 133 |
| 121 return context3d_->GetGLInterface(); | 134 return WebContext3DImpl()->GetGLInterface(); |
| 122 } | 135 } |
| 123 | 136 |
| 124 ::gpu::ContextSupport* ContextProviderInProcess::ContextSupport() { | 137 ::gpu::ContextSupport* ContextProviderInProcess::ContextSupport() { |
| 125 DCHECK(context3d_); | 138 DCHECK(WebContext3DImpl()); |
| 126 if (!lost_context_callback_proxy_) | 139 if (!lost_context_callback_proxy_) |
| 127 return NULL; // Not bound to anything. | 140 return NULL; // Not bound to anything. |
| 128 | 141 |
| 129 DCHECK(context_thread_checker_.CalledOnValidThread()); | 142 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 130 | 143 |
| 131 return context3d_->GetContextSupport(); | 144 return WebContext3DImpl()->GetContextSupport(); |
| 132 } | 145 } |
| 133 | 146 |
| 134 class GrContext* ContextProviderInProcess::GrContext() { | 147 class GrContext* ContextProviderInProcess::GrContext() { |
| 135 DCHECK(lost_context_callback_proxy_); // Is bound to thread. | 148 DCHECK(lost_context_callback_proxy_); // Is bound to thread. |
| 136 DCHECK(context_thread_checker_.CalledOnValidThread()); | 149 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 137 | 150 |
| 138 if (gr_context_) | 151 if (gr_context_) |
| 139 return gr_context_->get(); | 152 return gr_context_->get(); |
| 140 | 153 |
| 141 gr_context_.reset(new GrContextForWebGraphicsContext3D(context3d_.get())); | 154 gr_context_.reset(new GrContextForWebGraphicsContext3D( |
| 155 WebContext3DImpl().get())); |
| 142 return gr_context_->get(); | 156 return gr_context_->get(); |
| 143 } | 157 } |
| 144 | 158 |
| 145 void ContextProviderInProcess::InvalidateGrContext(uint32_t state) { | 159 void ContextProviderInProcess::InvalidateGrContext(uint32_t state) { |
| 146 DCHECK(lost_context_callback_proxy_); // Is bound to thread. | 160 DCHECK(lost_context_callback_proxy_); // Is bound to thread. |
| 147 DCHECK(context_thread_checker_.CalledOnValidThread()); | 161 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 148 | 162 |
| 149 if (gr_context_) | 163 if (gr_context_) |
| 150 return gr_context_->get()->resetContext(state); | 164 return gr_context_->get()->resetContext(state); |
| 151 } | 165 } |
| 152 | 166 |
| 153 void ContextProviderInProcess::SetupLock() { | 167 void ContextProviderInProcess::SetupLock() { |
| 154 context3d_->SetLock(&context_lock_); | 168 WebContext3DImpl()->SetLock(&context_lock_); |
| 155 } | 169 } |
| 156 | 170 |
| 157 base::Lock* ContextProviderInProcess::GetLock() { | 171 base::Lock* ContextProviderInProcess::GetLock() { |
| 158 return &context_lock_; | 172 return &context_lock_; |
| 159 } | 173 } |
| 160 | 174 |
| 161 void ContextProviderInProcess::DeleteCachedResources() { | 175 void ContextProviderInProcess::DeleteCachedResources() { |
| 162 DCHECK(context_thread_checker_.CalledOnValidThread()); | 176 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 163 | 177 |
| 164 if (gr_context_) | 178 if (gr_context_) |
| (...skipping 10 matching lines...) Expand all Loading... |
| 175 | 189 |
| 176 void ContextProviderInProcess::SetLostContextCallback( | 190 void ContextProviderInProcess::SetLostContextCallback( |
| 177 const LostContextCallback& lost_context_callback) { | 191 const LostContextCallback& lost_context_callback) { |
| 178 DCHECK(context_thread_checker_.CalledOnValidThread()); | 192 DCHECK(context_thread_checker_.CalledOnValidThread()); |
| 179 DCHECK(lost_context_callback_.is_null() || | 193 DCHECK(lost_context_callback_.is_null() || |
| 180 lost_context_callback.is_null()); | 194 lost_context_callback.is_null()); |
| 181 lost_context_callback_ = lost_context_callback; | 195 lost_context_callback_ = lost_context_callback; |
| 182 } | 196 } |
| 183 | 197 |
| 184 } // namespace content | 198 } // namespace content |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1414683003:
Fix gpu command buffer use after free by GrContext (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master