Bug 228096

<rdar://80596391>

Created attachment 433843 [details]
Patch

Comment on attachment 433843 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=433843&action=review

> Source/WebCore/Modules/fetch/FetchBodyConsumer.cpp:358
> +        data.append(m_buffer->data(), m_buffer->size());

This could also call forEachSegment to have fewer copies.

Comment on attachment 433843 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=433843&action=review

>> Source/WebCore/Modules/fetch/FetchBodyConsumer.cpp:358
>> +        data.append(m_buffer->data(), m_buffer->size());
> 
> This could also call forEachSegment to have fewer copies.

Good idea. Will update.

Created attachment 433878 [details]
Patch

Committed r280085 (239810@main): <https://commits.webkit.org/239810@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 433878 [details].

Comment on attachment 433878 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=433878&action=review

> Source/WebCore/Modules/fetch/FetchBodyConsumer.cpp:362
> +    if (buffer->hasOneRef())
> +        data = buffer->takeData(); // Avoid copying the data in the case where the buffer isn't shared.
> +    else {
> +        buffer->forEachSegment([&data](auto& span) {
> +            data.append(span);
> +        });
> +    }

If this pattern comes up again, perhaps we should consider a function with this logic? A safer "takeData" that will only do so when it’s singly owned, and would instead copy the data into a vector when it’s shared. The trick would be how to abstract the two different approaches, but I think it might be relevant. Here’s one possible implementation:

    Vector<uint8_t> extractData(Ref<SharedBuffer>&& buffer)
    {
        return buffer->hasOneRef() ? buffer->takeData() : buffer->copyData();
    }

And, since the forEachSegment/append optimization is important, we would move that optimization into SharedBuffer::copyData, unless there are some contexts where the current implementation of SharedBuffer::copyData is superior for some reason.

(In reply to Darin Adler from comment #7)
> Comment on attachment 433878 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=433878&action=review
> 
> > Source/WebCore/Modules/fetch/FetchBodyConsumer.cpp:362
> > +    if (buffer->hasOneRef())
> > +        data = buffer->takeData(); // Avoid copying the data in the case where the buffer isn't shared.
> > +    else {
> > +        buffer->forEachSegment([&data](auto& span) {
> > +            data.append(span);
> > +        });
> > +    }
> 
> If this pattern comes up again, perhaps we should consider a function with
> this logic? A safer "takeData" that will only do so when it’s singly owned,
> and would instead copy the data into a vector when it’s shared. The trick
> would be how to abstract the two different approaches, but I think it might
> be relevant. Here’s one possible implementation:
> 
>     Vector<uint8_t> extractData(Ref<SharedBuffer>&& buffer)
>     {
>         return buffer->hasOneRef() ? buffer->takeData() : buffer->copyData();
>     }
> 
> And, since the forEachSegment/append optimization is important, we would
> move that optimization into SharedBuffer::copyData, unless there are some
> contexts where the current implementation of SharedBuffer::copyData is
> superior for some reason.

Yes, I think this is a good idea.
Now that I have experienced this bug, I actually think takeData() is too dangerous and we should just replace it with the safer alternative that copies when refCount is > 1.