Changeset 242551 in webkit

Timestamp:

Mar 6, 2019 9:38:37 AM (5 years ago)

Author:

Wenson Hsieh

Message:

[iOS] Frequent 1 second IPC deadlocks when showing a paste callout
​https://bugs.webkit.org/show_bug.cgi?id=195354
<rdar://problem/48624675>

Reviewed by Tim Horton.

Source/WebKit:

When triggering programmatic paste, we frequently hit deadlocks due to sync IPC going from the UI process to the
web process and vice versa. What happens in this scenario is that prior to triggering programmatic paste, the
page may try to move focus to a different element (e.g. a hidden editable area) before calling execCommand.
This causes us to send an ElementDidFocus message to the UI process, followed by RequestDOMPasteAccess.

However, upon receiving ElementDidFocus, we reload input views and (in the process) UIKit requests the
autocorrection context, which we implement in WebKit using a sync message to the web process due to
<rdar://problem/16207002> and its blocking bug <rdar://problem/48383001>. This means we'll end up in a state
where both the UI process and web process are blocked on each other waiting for a sync IPC response, and the UI
process is hung for a second until the IPC message times out.

Ideally, we should fix this by addressing <rdar://problem/16207002>. However, this requires potentially large
changes in UIKit (<rdar://problem/48383001>); for the time being, work around this deadlock by refactoring
synchronous autocorrection context requests such that they can be resolved by an out-of-band IPC response
(HandleAutocorrectionContext). Then prior to requesting DOM paste access, preemptively send a
HandleAutocorrectionContext message to the UI process to unblock any pending synchronous autocorrection context
requests.

• UIProcess/PageClient.h:
• UIProcess/WebPageProxy.h:
• UIProcess/WebPageProxy.messages.in:
• UIProcess/ios/PageClientImplIOS.h:
• UIProcess/ios/PageClientImplIOS.mm:

(WebKit::PageClientImpl::handleAutocorrectionContext):

• UIProcess/ios/WKContentViewInteraction.h:

Make it possible for WKContentView to remember its current pending autocorrection context completion handler.
This is invoked and cleared out in -_invokePendingAutocorrectionContextHandler:.

• UIProcess/ios/WKContentViewInteraction.mm:

(-[WKContentView _invokePendingAutocorrectionContextHandler:]):
(-[WKContentView requestAutocorrectionContextWithCompletionHandler:]):
(-[WKContentView _handleAutocorrectionContext:]):

Handle an autocorrection context response. This is invoked when the web process either handles an autocorrection
context message, or when it preemptively sends an autocorrection context before requesting DOM paste access.

(+[WKAutocorrectionContext emptyAutocorrectionContext]):

Add a helper to create an empty autocorrection context.

• UIProcess/ios/WebPageProxyIOS.mm:

(WebKit::WebPageProxy::requestAutocorrectionContext):
(WebKit::WebPageProxy::handleAutocorrectionContext):
(WebKit::WebPageProxy::autocorrectionContextSync): Deleted.

Removed this sync version, since we now only have requestAutocorrectionContext.

• WebProcess/WebPage/WebPage.cpp:

(WebKit::WebPage::requestDOMPasteAccess):

Send WebPageProxy::HandleAutocorrectionContext, and add a FIXME referencing <rdar://problem/16207002>.

• WebProcess/WebPage/WebPage.h:
• WebProcess/WebPage/WebPage.messages.in:

Split AutocorrectionContextSync into RequestAutocorrectionContext and HandleAutocorrectionContext; additionally,
remove the existing RequestAutocorrectionContext message.

• WebProcess/WebPage/ios/WebPageIOS.mm:

(WebKit::WebPage::requestAutocorrectionContext):
(WebKit::WebPage::autocorrectionContextSync): Deleted.

LayoutTests:

Most of these tests currently encounter and rely on the 1 second IPC timeout to finish. To test this fix, force
ignoreSynchronousMessagingTimeouts=true to make them fail if the processes encounter a deadlock.

• editing/pasteboard/ios/dom-paste-confirmation.html:
• editing/pasteboard/ios/dom-paste-consecutive-confirmations.html:
• editing/pasteboard/ios/dom-paste-rejection.html:
• editing/pasteboard/ios/dom-paste-requires-user-gesture.html:
• editing/pasteboard/ios/dom-paste-same-origin.html:

Location:

trunk

Files:

• LayoutTests/ChangeLog (modified) (1 diff)
• LayoutTests/editing/pasteboard/ios/dom-paste-confirmation.html (modified) (1 diff)
• LayoutTests/editing/pasteboard/ios/dom-paste-consecutive-confirmations.html (modified) (1 diff)
• LayoutTests/editing/pasteboard/ios/dom-paste-rejection.html (modified) (1 diff)
• LayoutTests/editing/pasteboard/ios/dom-paste-requires-user-gesture.html (modified) (1 diff)
• LayoutTests/editing/pasteboard/ios/dom-paste-same-origin.html (modified) (1 diff)
• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/UIProcess/PageClient.h (modified) (2 diffs)
• Source/WebKit/UIProcess/WebPageProxy.h (modified) (1 diff)
• Source/WebKit/UIProcess/WebPageProxy.messages.in (modified) (1 diff)
• Source/WebKit/UIProcess/ios/PageClientImplIOS.h (modified) (1 diff)
• Source/WebKit/UIProcess/ios/PageClientImplIOS.mm (modified) (1 diff)
• Source/WebKit/UIProcess/ios/WKContentViewInteraction.h (modified) (3 diffs)
• Source/WebKit/UIProcess/ios/WKContentViewInteraction.mm (modified) (5 diffs)
• Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm (modified) (1 diff)
• Source/WebKit/WebProcess/WebPage/WebPage.cpp (modified) (2 diffs)
• Source/WebKit/WebProcess/WebPage/WebPage.h (modified) (1 diff)
• Source/WebKit/WebProcess/WebPage/WebPage.messages.in (modified) (1 diff)
• Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm (modified) (1 diff)

trunk/LayoutTests/ChangeLog

@@ +1 @@
+2019-03-06  Wenson Hsieh  <wenson_hsieh@apple.com>
+
+        [iOS] Frequent 1 second IPC deadlocks when showing a paste callout
+        https://bugs.webkit.org/show_bug.cgi?id=195354
+        <rdar://problem/48624675>
+
+        Reviewed by Tim Horton.
+
+        Most of these tests currently encounter and rely on the 1 second IPC timeout to finish. To test this fix, force
+        `ignoreSynchronousMessagingTimeouts=true` to make them fail if the processes encounter a deadlock.
+
+        * editing/pasteboard/ios/dom-paste-confirmation.html:
+        * editing/pasteboard/ios/dom-paste-consecutive-confirmations.html:
+        * editing/pasteboard/ios/dom-paste-rejection.html:
+        * editing/pasteboard/ios/dom-paste-requires-user-gesture.html:
+        * editing/pasteboard/ios/dom-paste-same-origin.html:
+
 2019-03-06  Javier Fernandez  <jfernandez@igalia.com>
 

trunk/LayoutTests/editing/pasteboard/ios/dom-paste-confirmation.html

@@ -1 @@
-<!DOCTYPE html> <!-- webkit-test-runner [ domPasteAllowed=false useFlexibleViewport=true ] -->
+<!DOCTYPE html> <!-- webkit-test-runner [ domPasteAllowed=false useFlexibleViewport=true ignoreSynchronousMessagingTimeouts=true ] -->
 <html>
 <meta name="viewport" content="width=device-width, initial-scale=1">

trunk/LayoutTests/editing/pasteboard/ios/dom-paste-consecutive-confirmations.html

@@ -1 @@
-<!DOCTYPE html> <!-- webkit-test-runner [ domPasteAllowed=false useFlexibleViewport=true ] -->
+<!DOCTYPE html> <!-- webkit-test-runner [ domPasteAllowed=false useFlexibleViewport=true ignoreSynchronousMessagingTimeouts=true ] -->
 <html>
 <meta name="viewport" content="width=device-width, initial-scale=1">

trunk/LayoutTests/editing/pasteboard/ios/dom-paste-rejection.html

@@ -1 @@
-<!DOCTYPE html> <!-- webkit-test-runner [ domPasteAllowed=false useFlexibleViewport=true ] -->
+<!DOCTYPE html> <!-- webkit-test-runner [ domPasteAllowed=false useFlexibleViewport=true ignoreSynchronousMessagingTimeouts=true ] -->
 <html>
 <meta name="viewport" content="width=device-width, initial-scale=1">

trunk/LayoutTests/editing/pasteboard/ios/dom-paste-requires-user-gesture.html

@@ -1 @@
-<!DOCTYPE html> <!-- webkit-test-runner [ domPasteAllowed=false useFlexibleViewport=true ] -->
+<!DOCTYPE html> <!-- webkit-test-runner [ domPasteAllowed=false useFlexibleViewport=true ignoreSynchronousMessagingTimeouts=true ] -->
 <html>
 <meta name="viewport" content="width=device-width, initial-scale=1">

trunk/LayoutTests/editing/pasteboard/ios/dom-paste-same-origin.html

@@ -1 @@
-<!DOCTYPE html> <!-- webkit-test-runner [ domPasteAllowed=false useFlexibleViewport=true ] -->
+<!DOCTYPE html> <!-- webkit-test-runner [ domPasteAllowed=false useFlexibleViewport=true ignoreSynchronousMessagingTimeouts=true ] -->
 <html>
 <meta name="viewport" content="width=device-width, initial-scale=1">

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2019-03-06  Wenson Hsieh  <wenson_hsieh@apple.com>
+
+        [iOS] Frequent 1 second IPC deadlocks when showing a paste callout
+        https://bugs.webkit.org/show_bug.cgi?id=195354
+        <rdar://problem/48624675>
+
+        Reviewed by Tim Horton.
+
+        When triggering programmatic paste, we frequently hit deadlocks due to sync IPC going from the UI process to the
+        web process and vice versa. What happens in this scenario is that prior to triggering programmatic paste, the
+        page may try to move focus to a different element (e.g. a hidden editable area) before calling `execCommand`.
+        This causes us to send an ElementDidFocus message to the UI process, followed by RequestDOMPasteAccess.
+
+        However, upon receiving ElementDidFocus, we reload input views and (in the process) UIKit requests the
+        autocorrection context, which we implement in WebKit using a sync message to the web process due to
+        <rdar://problem/16207002> and its blocking bug <rdar://problem/48383001>. This means we'll end up in a state
+        where both the UI process and web process are blocked on each other waiting for a sync IPC response, and the UI
+        process is hung for a second until the IPC message times out.
+
+        Ideally, we should fix this by addressing <rdar://problem/16207002>. However, this requires potentially large
+        changes in UIKit (<rdar://problem/48383001>); for the time being, work around this deadlock by refactoring
+        synchronous autocorrection context requests such that they can be resolved by an out-of-band IPC response
+        (HandleAutocorrectionContext). Then prior to requesting DOM paste access, preemptively send a
+        HandleAutocorrectionContext message to the UI process to unblock any pending synchronous autocorrection context
+        requests.
+
+        * UIProcess/PageClient.h:
+        * UIProcess/WebPageProxy.h:
+        * UIProcess/WebPageProxy.messages.in:
+        * UIProcess/ios/PageClientImplIOS.h:
+        * UIProcess/ios/PageClientImplIOS.mm:
+        (WebKit::PageClientImpl::handleAutocorrectionContext):
+        * UIProcess/ios/WKContentViewInteraction.h:
+
+        Make it possible for WKContentView to remember its current pending autocorrection context completion handler.
+        This is invoked and cleared out in `-_invokePendingAutocorrectionContextHandler:`.
+
+        * UIProcess/ios/WKContentViewInteraction.mm:
+        (-[WKContentView _invokePendingAutocorrectionContextHandler:]):
+        (-[WKContentView requestAutocorrectionContextWithCompletionHandler:]):
+        (-[WKContentView _handleAutocorrectionContext:]):
+
+        Handle an autocorrection context response. This is invoked when the web process either handles an autocorrection
+        context message, or when it preemptively sends an autocorrection context before requesting DOM paste access.
+
+        (+[WKAutocorrectionContext emptyAutocorrectionContext]):
+
+        Add a helper to create an empty autocorrection context.
+
+        * UIProcess/ios/WebPageProxyIOS.mm:
+        (WebKit::WebPageProxy::requestAutocorrectionContext):
+        (WebKit::WebPageProxy::handleAutocorrectionContext):
+        (WebKit::WebPageProxy::autocorrectionContextSync): Deleted.
+
+        Removed this sync version, since we now only have requestAutocorrectionContext.
+
+        * WebProcess/WebPage/WebPage.cpp:
+        (WebKit::WebPage::requestDOMPasteAccess):
+
+        Send WebPageProxy::HandleAutocorrectionContext, and add a FIXME referencing <rdar://problem/16207002>.
+
+        * WebProcess/WebPage/WebPage.h:
+        * WebProcess/WebPage/WebPage.messages.in:
+
+        Split AutocorrectionContextSync into RequestAutocorrectionContext and HandleAutocorrectionContext; additionally,
+        remove the existing RequestAutocorrectionContext message.
+
+        * WebProcess/WebPage/ios/WebPageIOS.mm:
+        (WebKit::WebPage::requestAutocorrectionContext):
+        (WebKit::WebPage::autocorrectionContextSync): Deleted.
+
 2019-03-06  Rob Buis  <rbuis@igalia.com>
 

trunk/Source/WebKit/UIProcess/PageClient.h

@@ -131 +131 @@
 struct FocusedElementInformation;
 struct InteractionInformationAtPosition;
+struct WebAutocorrectionContext;
 struct WebHitTestResultData;
 
@@ -395 +396 @@
     virtual void enableInspectorNodeSearch() = 0;
     virtual void disableInspectorNodeSearch() = 0;
+
+    virtual void handleAutocorrectionContext(const WebAutocorrectionContext&) = 0;
 #endif
 

trunk/Source/WebKit/UIProcess/WebPageProxy.h

@@ -651 +651 @@
     void applyAutocorrection(const String& correction, const String& originalText, WTF::Function<void (const String&, CallbackBase::Error)>&&);
     bool applyAutocorrection(const String& correction, const String& originalText);
-    void requestAutocorrectionContext(Function<void(const WebAutocorrectionContext&, CallbackBase::Error)>&&);
-    WebAutocorrectionContext autocorrectionContextSync();
+    void requestAutocorrectionContext();
+    void handleAutocorrectionContext(const WebAutocorrectionContext&);
     void requestDictationContext(WTF::Function<void (const String&, const String&, const String&, CallbackBase::Error)>&&);
     void replaceDictatedText(const String& oldText, const String& newText);

trunk/Source/WebKit/UIProcess/WebPageProxy.messages.in

@@ -418 +418 @@
 
     UpdateStringForFind(String findString)
+    HandleAutocorrectionContext(struct WebKit::WebAutocorrectionContext context)
 #endif
 

trunk/Source/WebKit/UIProcess/ios/PageClientImplIOS.h

@@ -237 +237 @@
 #endif
 
+    void handleAutocorrectionContext(const WebAutocorrectionContext&) final;
+
     void didFinishProcessingAllPendingMouseEvents() final { }
 

trunk/Source/WebKit/UIProcess/ios/PageClientImplIOS.mm

@@ -858 +858 @@
 #endif
 
+void PageClientImpl::handleAutocorrectionContext(const WebAutocorrectionContext& context)
+{
+    [m_contentView _handleAutocorrectionContext:context];
+}
+
 } // namespace WebKit
 

trunk/Source/WebKit/UIProcess/ios/WKContentViewInteraction.h

@@ -86 +86 @@
 class WebOpenPanelResultListenerProxy;
 class WebPageProxy;
+struct WebAutocorrectionContext;
 }
 
@@ -319 +320 @@
     BOOL _hasSetUpInteractions;
     CompletionHandler<void(WebCore::DOMPasteAccessResponse)> _domPasteRequestHandler;
+    BlockPtr<void(UIWKAutocorrectionContext *)> _pendingAutocorrectionContextHandler;
 
 #if ENABLE(DATA_INTERACTION)
@@ -466 +468 @@
 #endif
 
+- (void)_handleAutocorrectionContext:(const WebKit::WebAutocorrectionContext&)context;
+
 @end
 

trunk/Source/WebKit/UIProcess/ios/WKContentViewInteraction.mm

@@ -277 +277 @@
 
 @interface WKAutocorrectionContext : UIWKAutocorrectionContext
++ (WKAutocorrectionContext *)emptyAutocorrectionContext;
 + (WKAutocorrectionContext *)autocorrectionContextWithContext:(const WebKit::WebAutocorrectionContext&)context;
 @end
@@ -3580 +3581 @@
 }
 
+- (void)_invokePendingAutocorrectionContextHandler:(WKAutocorrectionContext *)context
+{
+    if (auto handler = WTFMove(_pendingAutocorrectionContextHandler))
+        handler(context);
+}
+
 - (void)requestAutocorrectionContextWithCompletionHandler:(void (^)(UIWKAutocorrectionContext *autocorrectionContext))completionHandler
 {
@@ -3589 +3596 @@
 #if USE(UIKIT_KEYBOARD_ADDITIONS)
     if ([self _disableAutomaticKeyboardUI]) {
-        completionHandler([WKAutocorrectionContext autocorrectionContextWithContext:(WebKit::WebAutocorrectionContext { })]);
+        completionHandler(WKAutocorrectionContext.emptyAutocorrectionContext);
         return;
     }
@@ -3597 +3604 @@
     const bool useSyncRequest = true;
 
+    [self _invokePendingAutocorrectionContextHandler:WKAutocorrectionContext.emptyAutocorrectionContext];
+
+    _pendingAutocorrectionContextHandler = completionHandler;
+    _page->requestAutocorrectionContext();
+
     if (useSyncRequest) {
-        completionHandler([WKAutocorrectionContext autocorrectionContextWithContext:_page->autocorrectionContextSync()]);
-        return;
-    }
-
-    _page->requestAutocorrectionContext([protectedSelf = retainPtr(self), completion = makeBlockPtr(completionHandler)] (auto& context, auto) {
-        completion([WKAutocorrectionContext autocorrectionContextWithContext:context]);
-    });
+        _page->process().connection()->waitForAndDispatchImmediately<Messages::WebPageProxy::HandleAutocorrectionContext>(_page->pageID(), 1_s, IPC::WaitForOption::InterruptWaitingIfSyncMessageArrives);
+        [self _invokePendingAutocorrectionContextHandler:WKAutocorrectionContext.emptyAutocorrectionContext];
+        return;
+    }
+}
+
+- (void)_handleAutocorrectionContext:(const WebKit::WebAutocorrectionContext&)context
+{
+    [self _invokePendingAutocorrectionContextHandler:[WKAutocorrectionContext autocorrectionContextWithContext:context]];
 }
 
@@ -7411 +7425 @@
 @implementation WKAutocorrectionContext
 
++ (WKAutocorrectionContext *)emptyAutocorrectionContext
+{
+    return [self autocorrectionContextWithContext:WebKit::WebAutocorrectionContext { }];
+}
+
 + (WKAutocorrectionContext *)autocorrectionContextWithContext:(const WebKit::WebAutocorrectionContext&)webContext
 {

trunk/Source/WebKit/UIProcess/ios/WebPageProxyIOS.mm

@@ -564 +564 @@
 }
 
-void WebPageProxy::requestAutocorrectionContext(Function<void(const WebAutocorrectionContext&, CallbackBase::Error)>&& callback)
-{
-    if (!isValid()) {
-        callback({ }, CallbackBase::Error::OwnerWasInvalidated);
-        return;
-    }
-
-    auto callbackID = m_callbacks.put(WTFMove(callback), m_process->throttler().backgroundActivityToken());
-    m_process->send(Messages::WebPage::RequestAutocorrectionContext(callbackID), m_pageID);
-}
-
-WebAutocorrectionContext WebPageProxy::autocorrectionContextSync()
-{
-    WebAutocorrectionContext context;
-    m_process->sendSync(Messages::WebPage::AutocorrectionContextSync(), Messages::WebPage::AutocorrectionContextSync::Reply(context), m_pageID);
-    return context;
+void WebPageProxy::requestAutocorrectionContext()
+{
+    m_process->send(Messages::WebPage::RequestAutocorrectionContext(), m_pageID);
+}
+
+void WebPageProxy::handleAutocorrectionContext(const WebAutocorrectionContext& context)
+{
+    pageClient().handleAutocorrectionContext(context);
 }
 

trunk/Source/WebKit/WebProcess/WebPage/WebPage.cpp

@@ -269 +269 @@
 #include "InteractionInformationRequest.h"
 #include "RemoteLayerTreeDrawingArea.h"
+#include "WebAutocorrectionContext.h"
 #include <CoreGraphics/CoreGraphics.h>
 #include <WebCore/Icon.h>
@@ -6374 +6375 @@
 {
     auto response = WebCore::DOMPasteAccessResponse::DeniedForGesture;
+#if PLATFORM(IOS_FAMILY)
+    // FIXME: Computing and sending an autocorrection context is a workaround for the fact that autocorrection context
+    // requests on iOS are currently synchronous in the web process. This allows us to immediately fulfill pending
+    // autocorrection context requests in the UI process on iOS before handling the DOM paste request. This workaround
+    // should be removed once <rdar://problem/16207002> is resolved.
+    send(Messages::WebPageProxy::HandleAutocorrectionContext(autocorrectionContext()));
+#endif
     sendSyncWithDelayedReply(Messages::WebPageProxy::RequestDOMPasteAccess(rectForElementAtInteractionLocation(), originIdentifier), Messages::WebPageProxy::RequestDOMPasteAccess::Reply(response));
     return response;

trunk/Source/WebKit/WebProcess/WebPage/WebPage.h

@@ -642 +642 @@
     void applyAutocorrection(const String& correction, const String& originalText, CallbackID);
     void syncApplyAutocorrection(const String& correction, const String& originalText, CompletionHandler<void(bool)>&&);
-    void requestAutocorrectionContext(CallbackID);
-    void autocorrectionContextSync(CompletionHandler<void(WebAutocorrectionContext&&)>&&);
+    void requestAutocorrectionContext();
     void getPositionInformation(const InteractionInformationRequest&, CompletionHandler<void(InteractionInformationAtPosition&&)>&&);
     void requestPositionInformation(const InteractionInformationRequest&);

trunk/Source/WebKit/WebProcess/WebPage/WebPage.messages.in

@@ -79 +79 @@
     ApplyAutocorrection(String correction, String originalText, WebKit::CallbackID callbackID)
     SyncApplyAutocorrection(String correction, String originalText) -> (bool autocorrectionApplied) Delayed
-    RequestAutocorrectionContext(WebKit::CallbackID callbackID)
-    AutocorrectionContextSync() -> (struct WebKit::WebAutocorrectionContext context) Delayed
+    RequestAutocorrectionContext()
     RequestEvasionRectsAboveSelection() -> (Vector<WebCore::FloatRect> rects) Async
     GetPositionInformation(struct WebKit::InteractionInformationRequest request) -> (struct WebKit::InteractionInformationAtPosition information) Delayed

trunk/Source/WebKit/WebProcess/WebPage/ios/WebPageIOS.mm

@@ -2158 +2158 @@
 }
 
-void WebPage::requestAutocorrectionContext(CallbackID callbackID)
-{
-    send(Messages::WebPageProxy::AutocorrectionContextCallback(autocorrectionContext(), callbackID));
-}
-
-void WebPage::autocorrectionContextSync(CompletionHandler<void(WebAutocorrectionContext&&)>&& completionHandler)
-{
-    completionHandler(autocorrectionContext());
+void WebPage::requestAutocorrectionContext()
+{
+    send(Messages::WebPageProxy::HandleAutocorrectionContext(autocorrectionContext()));
 }