275331 2024-06-10 13:56:10 -0700 [CG] An Image with video source may allocate too much memory for caching all the video frames 2024-07-08 08:53:31 -0700 1 1 1 Unclassified WebKit Images WebKit Nightly Build Unspecified Unspecified REOPENED InRadar P2 Normal --- 276319 1 sabouhallawa sabouhallawa commit-queue sabouhallawa webkit-bug-importer oldest_to_newest 2040671 0 sabouhallawa 2024-06-10 13:56:10 -0700 If a video has at least hundreds of frames and the size of each frame is large, one image like this <img src="video.mp4"> may allocate multiple of gigabytes. ImageDecoderAVFObjC::createFrameImageAtIndex() decodes a frame of the video and returns a CGImage for this frame. But it caches the returned CGImage also to avoid decoding it multiple times. Unfortunately this is not how decoding the animated image works. BitmapImageSource manages the cache of the decoded frames and under memory pressure BitmapImageSource::destroyDecodedData() releases all frames which it does not need to render the current frame. BitmapImageSource::destroyDecodedData() calls also ImageDecoderAVFObjC::clearFrameBufferCache() to let it release any cached data. But the caches in BitmapImageSource and ImageDecoderAVFObjC can get of sync because BitmapImageSource does not communicate what frames it actually released. So ImageDecoderAVFObjC may end up holding many CGImages BitmapImageSource does not know anything about. ImageDecoderAVFObjC should not cache any decoded frame. ImageDecoderAVFObjC::clearFrameBufferCache() should be just an empty function. 2040672 1 sabouhallawa 2024-06-10 13:56:44 -0700 rdar://126993116 2040674 2 sabouhallawa 2024-06-10 14:11:49 -0700 Pull request: https://github.com/WebKit/WebKit/pull/29688 2040872 3 ews-feeder 2024-06-11 15:14:38 -0700 Committed 279926@main (22ed0bf86c1f): <https://commits.webkit.org/279926@main> Reviewed commits have been landed. Closing PR #29688 and removing active labels. 2045090 4 commit-queue 2024-07-08 08:53:31 -0700 Re-opened since this is blocked by bug 276319