[Webkit-unassigned] [Bug 227791] New: [GPU Process] RemoteRenderingBackend has to explicitly releases its WorkQueue once it stops listening for IPC

Wed Jul 7 23:18:44 PDT 2021

https://bugs.webkit.org/show_bug.cgi?id=227791

            Bug ID: 227791
           Summary: [GPU Process] RemoteRenderingBackend has to explicitly
                    releases its WorkQueue once it stops listening for IPC
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: Canvas
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: sabouhallawa at apple.com
                CC: dino at apple.com

Although RemoteRenderingBackend::stopListeningForIPC() removes its m_workQueue from the connection WorkQueueMessageReceiver HashMap, m_workQueue can still process accumulated received messages. Removing WorkQueueMessageReceiver will call the destructor ~WorkQueueMessageReceiver but the m_queue of the deleted object can still be running. The reason is the lambda of the WorkQueue::dispatch() in WorkQueueMessageReceiverQueue::enqueueMessage() captures the receiver which is RemoteRenderingBackend as a Ref pointer. Because RemoteRenderingBackend holds the last reference to WorkQueue, m_workQueue can run even after RemoteRenderingBackend::stopListeningForIPC() is called.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20210708/396417e7/attachment.htm>