[webkit-changes] [WebKit/WebKit] 0de813: GPU process leaks RemoteRenderingBackend due to re...

Tue, 14 Apr 2026 04:32:56 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 0de81382cce8cbc2f85c06a21cb277a0d17666d4
      
https://github.com/WebKit/WebKit/commit/0de81382cce8cbc2f85c06a21cb277a0d17666d4
  Author: David Kilzer <[email protected]>
  Date:   2026-04-14 (Tue, 14 Apr 2026)

  Changed paths:
    A LayoutTests/ipc/display-list-recorder-leak-expected.txt
    A LayoutTests/ipc/display-list-recorder-leak.html
    M Source/WebKit/GPUProcess/graphics/RemoteRenderingBackend.cpp

  Log Message:
  -----------
  GPU process leaks RemoteRenderingBackend due to retain cycle with 
RemoteDisplayListRecorder and RemoteSnapshotRecorder maps
<https://bugs.webkit.org/show_bug.cgi?id=312228>
<rdar://174706941>

Reviewed by Matt Woodrow.

Clear `m_remoteDisplayListRecorders` and `m_remoteSnapshotRecorders`
in `workQueueUninitialize()` to break a retain cycle that leaks the
`RemoteRenderingBackend` and all its unsunk recorders.

Each `RemoteDisplayListRecorder` and `RemoteSnapshotRecorder` holds
a `Ref<RemoteRenderingBackend>` via the `RemoteGraphicsContext` base
class.  When `workQueueUninitialize()` runs during backend teardown,
the existing code clears `m_remoteImageBuffers` and
`m_remoteImageBufferSets` (breaking their cycles) but not the
recorder maps.  The surviving `Ref` back-references keep the
backend's reference count above zero, so the backend, its
`StreamServerConnection`, `StreamConnectionWorkQueue`, and all
remaining recorders are never freed.

The `m_remoteDisplayListRecorders` map was introduced in Bug 297727
(299747@main) and `m_remoteSnapshotRecorders` in Bug 282664
(300358@main); neither added the corresponding `clear()` call.

Add layout test that creates unsunk display list recorders via the
IPC Testing API and explicitly releases the rendering backend.  Run
with `--leaks` to verify the retain cycle is broken; without the
fix, the `leaks` tool reports a `ROOT CYCLE` through
`RemoteRenderingBackend` and `RemoteDisplayListRecorder`.

* LayoutTests/ipc/display-list-recorder-leak-expected.txt: Add.
* LayoutTests/ipc/display-list-recorder-leak.html: Add.
* Source/WebKit/GPUProcess/graphics/RemoteRenderingBackend.cpp:
(WebKit::RemoteRenderingBackend::workQueueUninitialize):

Canonical link: https://commits.webkit.org/311189@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications

Reply via email to