Skip to content
Permalink
Browse files
fast/images/animated-gif-paint-after-animation.html flaky crash
https://bugs.webkit.org/show_bug.cgi?id=178510

Patch by Fujii Hironori <Hironori.Fujii@sony.com> on 2017-10-25
Reviewed by Said Abou-Hallawa.

ScalableImageDecoder was accessed from the main thread and the
image decoding thread without a mutex.

No new tests because there is no behavior change.

* platform/image-decoders/ScalableImageDecoder.h: Add m_mutex. Lock the mutex in setData.
* platform/image-decoders/ScalableImageDecoder.cpp:
(WebCore::ScalableImageDecoder::frameIsCompleteAtIndex const): Lock the mutex.
(WebCore::ScalableImageDecoder::frameHasAlphaAtIndex const): Ditto.
(WebCore::ScalableImageDecoder::frameBytesAtIndex const): Ditto.
(WebCore::ScalableImageDecoder::frameDurationAtIndex const): Ditto.
(WebCore::ScalableImageDecoder::createFrameImageAtIndex): Ditto.

Canonical link: https://commits.webkit.org/194964@main
git-svn-id: https://svn.webkit.org/repository/webkit/trunk@223968 268f45cc-cd09-0410-ab3c-d52691b4dbfc
  • Loading branch information
fujii authored and webkit-commit-queue committed Oct 25, 2017
1 parent 9f00c58 commit 1dc559ba2b3219c42a06f414608886e0bcf9993b
Showing 3 changed files with 28 additions and 0 deletions.
@@ -1,3 +1,23 @@
2017-10-25 Fujii Hironori <Hironori.Fujii@sony.com>

fast/images/animated-gif-paint-after-animation.html flaky crash
https://bugs.webkit.org/show_bug.cgi?id=178510

Reviewed by Said Abou-Hallawa.

ScalableImageDecoder was accessed from the main thread and the
image decoding thread without a mutex.

No new tests because there is no behavior change.

* platform/image-decoders/ScalableImageDecoder.h: Add m_mutex. Lock the mutex in setData.
* platform/image-decoders/ScalableImageDecoder.cpp:
(WebCore::ScalableImageDecoder::frameIsCompleteAtIndex const): Lock the mutex.
(WebCore::ScalableImageDecoder::frameHasAlphaAtIndex const): Ditto.
(WebCore::ScalableImageDecoder::frameBytesAtIndex const): Ditto.
(WebCore::ScalableImageDecoder::frameDurationAtIndex const): Ditto.
(WebCore::ScalableImageDecoder::createFrameImageAtIndex): Ditto.

2017-10-25 Chris Dumez <cdumez@apple.com>

Add support for unregistering a service worker
@@ -172,6 +172,7 @@ template <MatchType type> int getScaledValue(const Vector<int>& scaledValues, in

bool ScalableImageDecoder::frameIsCompleteAtIndex(size_t index) const
{
LockHolder lockHolder(m_mutex);
// FIXME(176089): asking whether enough data has been appended for a decode
// operation to succeed should not require decoding the entire frame.
// This function should be implementable in a way that allows const.
@@ -181,6 +182,7 @@ bool ScalableImageDecoder::frameIsCompleteAtIndex(size_t index) const

bool ScalableImageDecoder::frameHasAlphaAtIndex(size_t index) const
{
LockHolder lockHolder(m_mutex);
if (m_frameBufferCache.size() <= index)
return true;
if (m_frameBufferCache[index].isComplete())
@@ -190,6 +192,7 @@ bool ScalableImageDecoder::frameHasAlphaAtIndex(size_t index) const

unsigned ScalableImageDecoder::frameBytesAtIndex(size_t index, SubsamplingLevel) const
{
LockHolder lockHolder(m_mutex);
if (m_frameBufferCache.size() <= index)
return 0;
// FIXME: Use the dimension of the requested frame.
@@ -198,6 +201,7 @@ unsigned ScalableImageDecoder::frameBytesAtIndex(size_t index, SubsamplingLevel)

Seconds ScalableImageDecoder::frameDurationAtIndex(size_t index) const
{
LockHolder lockHolder(m_mutex);
// FIXME(176089): asking for the duration of a sub-image should not require decoding
// the entire frame. This function should be implementable in a way that
// allows const.
@@ -216,6 +220,7 @@ Seconds ScalableImageDecoder::frameDurationAtIndex(size_t index) const

NativeImagePtr ScalableImageDecoder::createFrameImageAtIndex(size_t index, SubsamplingLevel, const DecodingOptions&)
{
LockHolder lockHolder(m_mutex);
// Zero-height images can cause problems for some ports. If we have an empty image dimension, just bail.
if (size().isEmpty())
return nullptr;
@@ -33,6 +33,7 @@
#include "IntRect.h"
#include "SharedBuffer.h"
#include <wtf/Assertions.h>
#include <wtf/Lock.h>
#include <wtf/RefPtr.h>
#include <wtf/Vector.h>
#include <wtf/text/WTFString.h>
@@ -72,6 +73,7 @@ class ScalableImageDecoder : public ImageDecoder {

void setData(SharedBuffer& data, bool allDataReceived) override
{
LockHolder lockHolder(m_mutex);
if (m_encodedDataStatus == EncodedDataStatus::Error)
return;

@@ -205,6 +207,7 @@ class ScalableImageDecoder : public ImageDecoder {

RefPtr<SharedBuffer> m_data; // The encoded data.
Vector<ImageFrame, 1> m_frameBufferCache;
mutable Lock m_mutex;
bool m_scaled { false };
Vector<int> m_scaledColumns;
Vector<int> m_scaledRows;

0 comments on commit 1dc559b

Please sign in to comment.