[webkit-changes] [280639] trunk/Source/WebKit

[said]

Title: [280639] trunk/Source/WebKit

Revision

280639

Author

s...@apple.com

Date

2021-08-04 10:43:14 -0700 (Wed, 04 Aug 2021)

Log Message

[GPU Process] REGRESSION: iCloud Photos Web app may crash WebProcess once the GPUProcess is relaunched
https://bugs.webkit.org/show_bug.cgi?id=228665

Reviewed by Simon Fraser.

When the GPUProcess is relaunched, ensure NativeImage is detached from
the RemoteResourceCacheProxy once it is removed from its m_nativeImages.

Otherwise the NativeImage later will ask RemoteResourceCacheProxy to
release its corresponding NativeImage from RemoteResourceCache even
though it was destroyed when the GPUProcess was relaunched.

* WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp:
(WebKit::RemoteResourceCacheProxy::~RemoteResourceCacheProxy):
(WebKit::RemoteResourceCacheProxy::clearNativeImageMap):
(WebKit::RemoteResourceCacheProxy::remoteResourceCacheWasDestroyed):
* WebProcess/GPU/graphics/RemoteResourceCacheProxy.h:

Modified Paths

• trunk/Source/WebKit/ChangeLog
• trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp
• trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteResourceCacheProxy.h

Diff

Modified: trunk/Source/WebKit/ChangeLog (280638 => 280639)

--- trunk/Source/WebKit/ChangeLog	2021-08-04 17:39:50 UTC (rev 280638)
+++ trunk/Source/WebKit/ChangeLog	2021-08-04 17:43:14 UTC (rev 280639)
@@ -1,3 +1,23 @@
+2021-08-04  Said Abou-Hallawa  <s...@apple.com>
+
+        [GPU Process] REGRESSION: iCloud Photos Web app may crash WebProcess once the GPUProcess is relaunched
+        https://bugs.webkit.org/show_bug.cgi?id=228665
+
+        Reviewed by Simon Fraser.
+
+        When the GPUProcess is relaunched, ensure NativeImage is detached from
+        the RemoteResourceCacheProxy once it is removed from its m_nativeImages.
+
+        Otherwise the NativeImage later will ask RemoteResourceCacheProxy to 
+        release its corresponding NativeImage from RemoteResourceCache even
+        though it was destroyed when the GPUProcess was relaunched.
+
+        * WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp:
+        (WebKit::RemoteResourceCacheProxy::~RemoteResourceCacheProxy):
+        (WebKit::RemoteResourceCacheProxy::clearNativeImageMap):
+        (WebKit::RemoteResourceCacheProxy::remoteResourceCacheWasDestroyed):
+        * WebProcess/GPU/graphics/RemoteResourceCacheProxy.h:
+
 2021-08-03  Jean-Yves Avenard  <j...@apple.com>
 
         REGRESSION (r280568): ASSERTION FAILED: videoFullscreenManager->client() == &_videoFullscreenManagerProxyClient

Modified: trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp (280638 => 280639)

--- trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp	2021-08-04 17:39:50 UTC (rev 280638)
+++ trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteResourceCacheProxy.cpp	2021-08-04 17:43:14 UTC (rev 280639)
@@ -41,8 +41,7 @@
 
 RemoteResourceCacheProxy::~RemoteResourceCacheProxy()
 {
-    for (auto& nativeImageState : m_nativeImages.values())
-        nativeImageState.image->removeObserver(*this);
+    clearNativeImageMap();
 }
 
 void RemoteResourceCacheProxy::cacheImageBuffer(WebCore::ImageBuffer& imageBuffer)
@@ -153,6 +152,13 @@
     m_remoteRenderingBackendProxy.releaseRemoteResource(renderingResourceIdentifier, useCount);
 }
 
+void RemoteResourceCacheProxy::clearNativeImageMap()
+{
+    for (auto& nativeImageState : m_nativeImages.values())
+        nativeImageState.image->removeObserver(*this);
+    m_nativeImages.clear();
+}
+
 void RemoteResourceCacheProxy::prepareForNextRenderingUpdate()
 {
     m_numberOfFontsUsedInCurrentRenderingUpdate = 0;
@@ -204,7 +210,7 @@
         item.useCount = 0;
         item.imageBuffer->clearBackend();
     }
-    m_nativeImages.clear();
+    clearNativeImageMap();
     clearFontMap();
 }
 

Modified: trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteResourceCacheProxy.h (280638 => 280639)

--- trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteResourceCacheProxy.h	2021-08-04 17:39:50 UTC (rev 280638)
+++ trunk/Source/WebKit/WebProcess/GPU/graphics/RemoteResourceCacheProxy.h	2021-08-04 17:43:14 UTC (rev 280639)
@@ -79,6 +79,8 @@
     using FontHashMap = HashMap<WebCore::RenderingResourceIdentifier, FontState>;
     
     void releaseNativeImage(WebCore::RenderingResourceIdentifier) override;
+    void clearNativeImageMap();
+
     void finalizeRenderingUpdateForFonts();
     void prepareForNextRenderingUpdate();
     void clearFontMap();

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes