[Webkit-unassigned] [Bug 68978] message-event-constructor.html crashes and fails

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Sun Oct 2 23:19:19 PDT 2011


--- Comment #3 from Kentaro Hara <haraken at chromium.org>  2011-10-02 23:19:19 PST ---
(From update of attachment 108982)
View in context: https://bugs.webkit.org/attachment.cgi?id=108982&action=review

>> Source/WebCore/dom/MessageEvent.h:128
>>      RefPtr<SerializedScriptValue> m_dataAsSerializedScriptValue;
> Do we need this even after introducing m_dataAsScriptValue?

Yes. We need to keep the following factory method, which stores MessageEvent.data into m_dataAsSerializedScriptValue.

static PassRefPtr<MessageEvent> create(PassOwnPtr<MessagePortArray> ports, PassRefPtr<SerializedScriptValue> data\
, const String& origin = "", const String& lastEventId = "", PassRefPtr<DOMWindow> source = 0);

This API can be called from the context that has SerializedScriptValue but cannot convert it into ScriptValue since the context does not have ExecState. For example, WebCore/workers/WorkerMessagingProxy.cpp and WebKit/chromium/src/WebWorkerImpl.cpp are using this API. In this case, we convert the SerializedScriptValue into ScriptValue when MessageEvent.data is called (At this point, we have ExecState).

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list