Paths

Table of Contentst

Fix T82000: Viewport animation render chrashes when collapsing viewport
Needs ReviewPublic
Actions

Authored by Janusch Patas (patjan) on Oct 24 2020, 1:48 PM.

Details

Reviewers

Group Reviewers

User Interface
EEVEE & Viewport

Maniphest Tasks

T82000: Viewport animation render crashes when collapsing the viewport.

Summary

When another viewport is merged in the one that has started the rendering process, the region data gets freed which leads finally to a crash. This is a classical use-after-free bug which is caused by another thread. The patch suggests to make copies of the relevant data in case the rendering viewport gets collapsed by the user.

Diff Detail

Repository

rB Blender

Branch

Fix-T820000 (branched from master)

Build Status

Buildable 10899
Build 10899: arc lint + arc unit

Event Timeline

Janusch Patas (patjan) requested review of this revision.Oct 24 2020, 1:48 PM

Janusch Patas (patjan) created this revision.

Harbormaster completed remote builds in B10899: Diff 30325.Oct 24 2020, 1:48 PM

Janusch Patas (patjan) mentioned this in T82000: Viewport animation render crashes when collapsing the viewport..Oct 24 2020, 1:50 PM

Janusch Patas (patjan) edited the summary of this revision. (Show Details)Oct 24 2020, 1:55 PM

Janusch Patas (patjan) added projects: EEVEE & Viewport, Good First Issue, User Interface.

I am not sure if this is the best possible solution. I mean it's also kind of a design decision what should happen after another viewport is merged in the one, that triggered the animation rendering? Maybe my solution is okay?

Janusch Patas (patjan) edited the summary of this revision. (Show Details)Oct 24 2020, 1:59 PM

Janusch Patas (patjan) added reviewers: User Interface, Good First Issue, EEVEE & Viewport.

Jeroen Bakker (jbakker) removed a reviewer: Good First Issue.Oct 26 2020, 9:38 AM

Jeroen Bakker (jbakker) removed a project: Good First Issue.

I think the better solution is to copy the relevant v3d and rv3d data rather than keep a pointer to it.

The fix is also not correct, region itself can be freed.

Thx Brecht, I will resubmit a revision tonight.

Revision of Bugfix

Created copies of ARegion and View3D, because this memory is getting freed if viewport is collapsed.

Harbormaster completed remote builds in B10928: Diff 30393.Oct 27 2020, 11:00 AM

Julian Eisel (Severin) requested changes to this revision.Oct 27 2020, 1:23 PM

Julian Eisel (Severin) added a subscriber: Julian Eisel (Severin).

Julian Eisel (Severin) added inline comments.

source/blender/editors/render/render_opengl.c
815	There should be a deep copy so that all data owned by `View3D` is copied too. E.g. if the viewport is closed now and `View3D.shading.prop` of the render data is accessed, there would still be undefined behavior because the properties were owned by the viewport and were freed. So `oglrender->prevsa->type->duplicate()` should be called here (better add a new `BKE_spacedata_copy()` for that, see `BKE_spacedata_copylist()`). That will lead to a call to `view3d_duplicate()`. An issue is that `view3d_duplicate()` may override the shading type, which is not nice. You could just set the value from the copied viewport again after the duplication (not nice either, but acceptable imho).

This revision now requires changes to proceed.Oct 27 2020, 1:23 PM

Revision of bugfix
BKE_spacedata_copy included.

Julian, I have tried to incorporate your review to the best of my current knowledge. I hope that I was able to improve the patch.
Merci,
Janusch

Harbormaster completed remote builds in B11087: Diff 30680.Nov 3 2020, 11:33 PM

Julian Eisel (Severin) added inline comments.Dec 14 2020, 4:29 PM

source/blender/blenkernel/intern/screen.c
535–541 ↗	(On Diff #30680)	Why is this needed? `view3d_duplicate()` already copies the properties, so I wouldn't expect this here.

Janusch Patas (patjan) added inline comments.Dec 14 2020, 10:28 PM

source/blender/blenkernel/intern/screen.c
535–541 ↗	(On Diff #30680)	Do you mean line 539? v3dn->shading.prop = IDP_CopyProperty(v3do->shading.prop); I added this code fragment because of your review as you have commented: "An issue is that view3d_duplicate() may override the shading type, which is not nice. You could just set the value from the copied viewport again after the duplication (not nice either, but acceptable imho)." Maybe I have an misunderstanding? But this is the problem you have linked to down below. This overwriting Problem seems to be still an issue.

Correction of overriding shading prop. 
wm has to be checked for NULL pointer.

Harbormaster completed remote builds in B11958: Diff 32402.Jan 3 2021, 10:01 PM

Janusch Patas (patjan) marked an inline comment as done.Jan 3 2021, 10:05 PM

Janusch Patas (patjan) added inline comments.

source/blender/blenkernel/intern/image.c
5366 ↗	(On Diff #32402)	This has to be checked. When viewport is collapsed, it works fine. However, when this here is not checked and the rendering animation is still running, it will crash blender as soon as a new or existing file is loaded. That's why it is checked for NULL.
source/blender/blenkernel/intern/screen.c
535–541 ↗	(On Diff #30680)	Ehm yah, that was kinda stupid from me. It is corrected now.

Janusch Patas (patjan) retitled this revision from Bugfix for T82000 Viewport animation render chrashes when collapsing viewport to Fix T82000: Viewport animation render chrashes when collapsing viewport.Jan 8 2021, 10:22 PM

Janusch Patas (patjan) edited the summary of this revision. (Show Details)

Robert Guetzkow (rjg) added a task: T82000: Viewport animation render crashes when collapsing the viewport..Mar 13 2021, 3:05 PM

Revision Contents
Changeset List

Path

Size

source/

blender/

editors/

render/

render_opengl.c

7 lines

Diff 30325

View Options

source/blender/editors/render/render_opengl.c

Fix T82000: Viewport animation render chrashes when collapsing viewportNeeds ReviewPublicActions