[Webkit-unassigned] [Bug 68978] message-event-constructor.html crashes and fails
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Sun Oct 2 23:19:19 PDT 2011
https://bugs.webkit.org/show_bug.cgi?id=68978
--- Comment #3 from Kentaro Hara <haraken at chromium.org> 2011-10-02 23:19:19 PST ---
(From update of attachment 108982)
View in context: https://bugs.webkit.org/attachment.cgi?id=108982&action=review
>> Source/WebCore/dom/MessageEvent.h:128
>> RefPtr<SerializedScriptValue> m_dataAsSerializedScriptValue;
>
> Do we need this even after introducing m_dataAsScriptValue?
Yes. We need to keep the following factory method, which stores MessageEvent.data into m_dataAsSerializedScriptValue.
static PassRefPtr<MessageEvent> create(PassOwnPtr<MessagePortArray> ports, PassRefPtr<SerializedScriptValue> data\
, const String& origin = "", const String& lastEventId = "", PassRefPtr<DOMWindow> source = 0);
This API can be called from the context that has SerializedScriptValue but cannot convert it into ScriptValue since the context does not have ExecState. For example, WebCore/workers/WorkerMessagingProxy.cpp and WebKit/chromium/src/WebWorkerImpl.cpp are using this API. In this case, we convert the SerializedScriptValue into ScriptValue when MessageEvent.data is called (At this point, we have ExecState).
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list