Bug 54420 - SharedBuffer::buffer() misses purgeable data, sometimes breaking re-decodes on macs.
Summary: SharedBuffer::buffer() misses purgeable data, sometimes breaking re-decodes o...
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Page Loading (show other bugs)
Version: 528+ (Nightly build)
Hardware: PC OS X 10.5
: P2 Normal
Assignee: Nobody
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2011-02-14 16:02 PST by Gavin Peters
Modified: 2011-02-15 14:34 PST (History)
7 users (show)

See Also:


Attachments
Patch (4.67 KB, patch)
2011-02-14 16:35 PST, Gavin Peters
no flags Details | Formatted Diff | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Gavin Peters 2011-02-14 16:02:26 PST
On the mac platform, when we build with ENABLE(PURGEABLE_MEMORY), the call SharedBuffer::buffer() can return an empty vector when the SharedBuffer contains no data, but has purgeable memory associated with it.  Some image decoders (JPEGImageDecoder & WEBPImageDecoder) rely on buffer() to get their data, and as a result are actually broken after the original image data has migrated to purgeable memory.  This migration occurs on Images in CachedImage::destroyDecodedData(), which makes JPEG and WEBP images unreconstructable by the JPEGImageDecoder after we've destroyed the decoded data, a very undesirable result, as subsequent decode attempts get a 0,0 image.
Comment 1 Gavin Peters 2011-02-14 16:35:40 PST
Created attachment 82382 [details]
Patch
Comment 2 Peter Kasting 2011-02-14 16:38:27 PST
Comment on attachment 82382 [details]
Patch

Image parts LGTM
Comment 3 Gavin Peters 2011-02-14 16:40:38 PST
Comment on attachment 82382 [details]
Patch

This patch fixes the issue by removing consumers of SharedBuffer::buffer() and using the safer SharedBuffer::data().

pkasting pointed out (in irc) that there may be further simplification to be had by making all decoders use the same interface.  I believe that!  However this bug was causing chrome to stop displaying images on many sites, and so I made this minimal fix right away.

I'm open to ideas on testing, and also to follow up with more rationalization of how we handle SharedBuffer.

See: http://code.google.com/p/chromium/issues/detail?id=68622 for the chrome bug that brought me here.
Comment 4 Antti Koivisto 2011-02-15 01:26:27 PST
Comment on attachment 82382 [details]
Patch

r=me
Comment 5 WebKit Commit Bot 2011-02-15 05:07:33 PST
The commit-queue encountered the following flaky tests while processing attachment 82382 [details]:

http/tests/websocket/tests/multiple-connections.html bug 53825 (author: abarth@webkit.org)
The commit-queue is continuing to process your patch.
Comment 6 WebKit Commit Bot 2011-02-15 05:09:27 PST
Comment on attachment 82382 [details]
Patch

Clearing flags on attachment: 82382

Committed r78548: <http://trac.webkit.org/changeset/78548>
Comment 7 WebKit Commit Bot 2011-02-15 05:09:32 PST
All reviewed patches have been landed.  Closing bug.
Comment 8 Gavin Peters 2011-02-15 05:51:08 PST
Renaming this bug (a bit late!) at ap's suggestion.
Comment 9 Simon Fraser (smfr) 2011-02-15 14:34:38 PST
Shame the changelog didn't say anything about the changes.