[Webkit-unassigned] [Bug 232580] New: [GPU Process] Rendering backend may stop processing IPC stream messages after a sync message timeout

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Nov 1 14:13:42 PDT 2021 

https://bugs.webkit.org/show_bug.cgi?id=232580

            Bug ID: 232580
           Summary: [GPU Process] Rendering backend may stop processing
                    IPC stream messages after a sync message timeout
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit2
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: wenson_hsieh at apple.com
                CC: kkinnunen at apple.com

It's possible for RemoteRenderingBackend's IPC stream to stop processing altogether after the web process times out when sending a synchronous stream message to the GPU Process.

To reproduce, (1) modify a sync message to RRB such that it intentionally times out (here, I made it so that we only time out every other call).

diff --git a/Source/WebKit/GPUProcess/graphics/RemoteRenderingBackend.cpp b/Source/WebKit/GPUProcess/graphics/RemoteRenderingBackend.cpp
index b664d8e37640..c4980ea4df71 100644
--- a/Source/WebKit/GPUProcess/graphics/RemoteRenderingBackend.cpp
+++ b/Source/WebKit/GPUProcess/graphics/RemoteRenderingBackend.cpp
@@ -284,6 +284,9 @@ void RemoteRenderingBackend::getDataForImageBufferWithQualifiedIdentifier(const
     Vector<uint8_t> data;
     if (auto imageBuffer = m_remoteResourceCache.cachedImageBuffer(renderingResourceIdentifier))
         data = imageBuffer->toData(mimeType, quality);
+    static bool shouldSleep = false;
+    if (shouldSleep) sleep(1.5_s);
+    shouldSleep = !shouldSleep;
     completionHandler(WTFMove(data));
 }

(2) Then go to https://whsieh.github.io/examples/canvas-to-blob and click the "Change color" button twice.

The GPU Process should hang the first time, but then recover and (correctly) change color the second time. Instead, it currently hangs after the first click, and then stops processing incoming stream messages entirely.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20211101/557a9d55/attachment.htm>

More information about the webkit-unassigned mailing list