[Webkit-unassigned] [Bug 236484] New: [GPU Process] RemoteImageBufferProxy should not sink itself to an Image or a NativeImage though its backend

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Feb 10 22:31:12 PST 2022 

https://bugs.webkit.org/show_bug.cgi?id=236484

            Bug ID: 236484
           Summary: [GPU Process] RemoteImageBufferProxy should not sink
                    itself to an Image or a NativeImage though its backend
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Layout and Rendering
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: sabouhallawa at apple.com
                CC: bfulgham at webkit.org, simon.fraser at apple.com,
                    zalan at apple.com

After r289518, this bug has surfaced because now the intermediate ImageBuffers have to match the underlying ImageBuffer of the GraphicsContext. This means we create RemoteImageBufferProxy and we exercise the rendering through GPUProcess more often.

The current implementation of sinkIntoNativeImage() and sinkIntoImage() has to go through the backend which is not right for RemoteImageBufferProxy. Accessing the IOSurface backend should only happen in GPUProcess. Otherwise we will hit this release assert:

 Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 WebKit                0x1d54e99a4     WTFCrashWithInfo(int, char const*, char const*, int)    
1 WebKit                0x1d5b3940a     WebKit::ImageBufferRemoteIOSurfaceBackend::copyImage(WebCore::BackingStoreCopy, WebCore::PreserveResolution) const      
2 WebCore               0x1d78e195e     WebCore::GradientImage::drawPattern(WebCore::GraphicsContext&, WebCore::FloatRect const&, WebCore::FloatRect const&, WebCore::AffineTransform const&, WebCore::FloatPoint const&, WebCore::FloatSize const&, WebCore::ImagePaintingOptions const&)      
3 WebCore               0x1d78f533a     WebCore::Image::drawTiled(WebCore::GraphicsContext&, WebCore::FloatRect const&, WebCore::FloatPoint const&, WebCore::FloatSize const&, WebCore::FloatSize const&, WebCore::ImagePaintingOptions const&)         
4 WebCore               0x1d7b2a192     WebCore::RenderBoxModelObject::paintFillLayerExtended(WebCore::PaintInfo const&, WebCore::Color const&, WebCore::FillLayer const&, WebCore::LayoutRect const&, WebCore::BackgroundBleedAvoidance, WebCore::InlineIterator::InlineBoxIterator const&, WebCore::LayoutRect const&, WebCore::CompositeOperator, WebCore::RenderElement*, WebCore::BaseBackgroundColorUsage)        
5 WebCore               0x1d7b1f72e     WebCore::RenderBox::paintFillLayers(WebCore::PaintInfo const&, WebCore::Color const&, WebCore::FillLayer const&, WebCore::LayoutRect const&, WebCore::BackgroundBleedAvoidance, WebCore::CompositeOperator, WebCore::RenderElement*)    
6 WebCore               0x1d7b23bc6     WebCore::RenderBox::paintBackground(WebCore::PaintInfo const&, WebCore::LayoutRect const&, WebCore::BackgroundBleedAvoidance)   
7 WebCore               0x1d7b204c2     WebCore::RenderBox::paintBoxDecorations(WebCore::PaintInfo&, WebCore::LayoutPoint const&)       
8 WebCore               0x1d7af0616     WebCore::RenderBlock::paintObject(WebCore::PaintInfo&, WebCore::LayoutPoint const&)     
9 WebCore               0x1d7aef806     WebCore::RenderBlock::paint(WebCore::PaintInfo&, WebCore::LayoutPoint const&)   
10 WebCore              0x1d7ba6aee     WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)       
11 WebCore              0x1d7ba706e     WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)       
12 WebCore              0x1d7ba706e     WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)       
13 WebCore              0x1d7ba706e     WebCore::RenderLayer::paintLayerContents(WebCore::GraphicsContext&, WebCore::RenderLayer::LayerPaintingInfo const&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>)       
14 WebCore              0x1d7bc48d2     WebCore::RenderLayerBacking::paintIntoLayer(WebCore::GraphicsLayer const*, WebCore::GraphicsContext&, WebCore::IntRect const&, WTF::OptionSet<WebCore::PaintBehavior>, WebCore::EventRegionContext*)::$_26::operator()(WebCore::RenderLayer&, WTF::OptionSet<WebCore::RenderLayer::PaintLayerFlag>) const       
15 WebCore              0x1d7bc459e     WebCore::RenderLayerBacking::paintIntoLayer(WebCore::GraphicsLayer const*, WebCore::GraphicsContext&, WebCore::IntRect const&, WTF::OptionSet<WebCore::PaintBehavior>, WebCore::EventRegionContext*)    
16 WebCore              0x1d7bc4e9e     WebCore::RenderLayerBacking::paintContents(WebCore::GraphicsLayer const*, WebCore::GraphicsContext&, WebCore::FloatRect const&, unsigned int)   
17 WebCore              0x1d794f77a     WebCore::GraphicsLayerCA::platformCALayerPaintContents(WebCore::PlatformCALayer*, WebCore::GraphicsContext&, WebCore::FloatRect const&, unsigned int)   
18 WebCore              0x1d6a19626     WebCore::PlatformCALayer::drawLayerContents(WebCore::GraphicsContext&, WebCore::PlatformCALayer*, WTF::Vector<WebCore::FloatRect, 5ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&, unsigned int)     
19 WebCore              0x1d7964426     WebCore::TileGrid::platformCALayerPaintContents(WebCore::PlatformCALayer*, WebCore::GraphicsContext&, WebCore::FloatRect const&, unsigned int)  
20 WebKit               0x1d566f67a     WebKit::RemoteLayerBackingStore::display()      
21 WebKit               0x1d5bfc312     WebKit::PlatformCALayerRemote::recursiveBuildTransaction(WebKit::RemoteLayerTreeContext&, WebKit::RemoteLayerTreeTransaction&)  
22 WebKit               0x1d5bfc406     WebKit::PlatformCALayerRemote::recursiveBuildTransaction(WebKit::RemoteLayerTreeContext&, WebKit::RemoteLayerTreeTransaction&)  
23 WebKit               0x1d5bfc406     WebKit::PlatformCALayerRemote::recursiveBuildTransaction(WebKit::RemoteLayerTreeContext&, WebKit::RemoteLayerTreeTransaction&)  
24 WebKit               0x1d5bfc406     WebKit::PlatformCALayerRemote::recursiveBuildTransaction(WebKit::RemoteLayerTreeContext&, WebKit::RemoteLayerTreeTransaction&)  
25 WebKit               0x1d5bfc406     WebKit::PlatformCALayerRemote::recursiveBuildTransaction(WebKit::RemoteLayerTreeContext&, WebKit::RemoteLayerTreeTransaction&)  
26 WebKit               0x1d59652fa     WebKit::RemoteLayerTreeContext::buildTransaction(WebKit::RemoteLayerTreeTransaction&, WebCore::PlatformCALayer&)        
27 WebKit               0x1d5594fae     WebKit::RemoteLayerTreeDrawingArea::updateRendering()   
28 WebCore              0x1d786b28e     WTF::Detail::CallableWrapper<WebCore::ThreadTimers::setSharedTimer(WebCore::SharedTimer*)::$_0, void>::call()   
29 WebCore              0x1d78904ae     WebCore::timerFired(__CFRunLoopTimer*, void*)   
30 CoreFoundation       0x1c695e54c     __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__ + 28  /Library/Caches/com.apple.xbs/Sources/CoreFoundation/CoreFoundation/RunLoop.subproj/CFRunLoop.c:1805
31 CoreFoundation       0x1c68e6fcc     __CFRunLoopDoTimer + 1012       /Library/Caches/com.apple.xbs/Sources/CoreFoundation/CoreFoundation/RunLoop.subproj/CFRunLoop.c:2413
32 CoreFoundation       0x1c68e1bbc     __CFRunLoopDoTimers + 300       /Library/Caches/com.apple.xbs/Sources/CoreFoundation/CoreFoundation/RunLoop.subproj/CFRunLoop.c:2573
33 CoreFoundation       0x1c68c11c4     __CFRunLoopRun + 1856   /Library/Caches/com.apple.xbs/Sources/CoreFoundation/CoreFoundation/RunLoop.subproj/CFRunLoop.c:3109
34 CoreFoundation       0x1c68d4278     CFRunLoopRunSpecific + 568      /Library/Caches/com.apple.xbs/Sources/CoreFoundation/CoreFoundation/RunLoop.subproj/CFRunLoop.c:3261
35 Foundation           0x1c7f26a1c     -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 232       /Library/Caches/com.apple.xbs/Sources/Foundation/Foundation/Soil.subproj/NSRunLoop.m:373
36 Foundation           0x1c7f271e0     -[NSRunLoop(NSRunLoop) run] + 88        /Library/Caches/com.apple.xbs/Sources/Foundation/Foundation/Soil.subproj/NSRunLoop.m:398
37 libxpc.dylib         0x235aedcbc     _xpc_objc_main + 508    /Library/Caches/com.apple.xbs/Sources/libxpc/src/main.m:246
38 libxpc.dylib         0x235aefe5c     xpc_main + 152  /Library/Caches/com.apple.xbs/Sources/libxpc/src/init.c:1192
39 WebKit               0x1d566de5e     WebKit::XPCServiceMain(int, char const**)       
40 WebKit               0x1d5d5c7f6     WKXPCServiceMain        
41 dyld                 0x24b0fa694     start + 556     /Library/Caches/com.apple.xbs/Sources/dyld/dyld/dyldMain.cpp:1003

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20220211/e1d95cf6/attachment-0001.htm>

More information about the webkit-unassigned mailing list