[webkit-changes] [WebKit/WebKit] 69d459: [iOS] Long-running MSE video leads to jetsam crash...

Fri Apr 28 17:54:54 PDT 2023

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 69d4593edf21fe717d6f5355a5279bb1669bbf30
      https://github.com/WebKit/WebKit/commit/69d4593edf21fe717d6f5355a5279bb1669bbf30
  Author: Jer Noble <jer.noble at apple.com>
  Date:   2023-04-28 (Fri, 28 Apr 2023)

  Changed paths:
    M Source/WebCore/Modules/mediasource/SourceBuffer.cpp
    M Source/WebCore/page/Settings.yaml
    M Source/WebCore/page/SettingsBase.cpp
    M Source/WebCore/page/SettingsBase.h
    M Source/WebCore/page/cocoa/SettingsBaseCocoa.mm
    M Source/WebCore/platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm

  Log Message:
  -----------
  [iOS] Long-running MSE video leads to jetsam crash in WebKit.GPU process
https://bugs.webkit.org/show_bug.cgi?id=256113
rdar://108108015

Reviewed by Eric Carlson.

The GPU process has a jetsam limit of 300Mb. If this threshold is crossed (and isn't immediately
corrected), the system will kill the GPU process and reclaim the memory. Media data sent to the
GPU process for parsing by the WebContent process is sent via a shared memory handle, and that
memory is attributed to the WebContent sender, so media data itself doesn't cause an increase in
the GPU process's jetsam footprint. However, parsing media data will result in the creation of many
individual media samples, and the data structures to contain those samples. Over the course of a 50
minute video, this per-sample overhead could account for hundreds of megabytes of malloc'd memory.

Tackle this problem in two separate ways:

1) Account for the overhead of individual samples by accounting for that overhead in
MediaSampleAVFObjC::sizeInBytes()

This would mean that, e.g., 50k parsed samples which have a ~60Mb overhead would count against the
maximumSourceBufferSize limit before either WebKit or the web site would have to purge existing samples
before appending more data.

Unfortunately this is not enough, alone, to fix the possibility of jetsam'ing the foreground GPU process,
as a highly efficient, low resolution video stream could have a media data cost that is less than half
the cost of the sample overhead itself, and even when accounting for the per-sample overhead, enough data
could be appended to the SourceBuffer to cause the GPU process to be jetsam'd.

2) Reduce the maximumSourceBufferSize on iOS.

WebKit has an unusually generous maximum SampleBuffer size among other browsers. Chrome's is 150M,
Firefox's is 100M, and WebKit's is 304M. We can safely reduce the maximum size we allow to be appended
to 100M on iOS.

Between these two changes, it should be very difficult (but not impossible if the GPU process has allocated
memory for other reasons) to reach the 300Mb jetsam limit just by appending to SourceBuffers alone.

* Source/WebCore/Modules/mediasource/SourceBuffer.cpp:
(WebCore::SourceBuffer::sourceBufferPrivateAppendComplete):
* Source/WebCore/page/Settings.yaml:
* Source/WebCore/page/SettingsBase.cpp:
(WebCore::SettingsBase::defaultMaximumSourceBufferSize):
* Source/WebCore/page/SettingsBase.h:
* Source/WebCore/page/cocoa/SettingsBaseCocoa.mm:
(WebCore::SettingsBase::platformDefaultMediaSourceEnabled):
(WebCore::SettingsBase::defaultMaximumSourceBufferSize):
* Source/WebCore/platform/graphics/avfoundation/objc/MediaSampleAVFObjC.mm:
(WebCore::MediaSampleAVFObjC::sizeInBytes const):

Canonical link: https://commits.webkit.org/263525@main