[Webkit-unassigned] [Bug 82090] CloneDeserializer::readArrayBufferView() could try reading ArrayBuffer even when ArrayBuffer wasn't there
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Mar 26 07:10:46 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=82090
Yong Li <yong.li.webkit at gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #5 from Yong Li <yong.li.webkit at gmail.com> 2012-03-26 07:10:46 PST ---
(In reply to comment #4)
> (In reply to comment #3)
> > (In reply to comment #2)
> > > (In reply to comment #1)
> > > > got a fix, will try to create a test
> > >
> > > What is the test that fails for you?
> > > LayoutTests/fast/canvas/webgl/array-message-passing.html is the key test that tests this functionality and it passes.
> >
> > Sorry my first conclusion is wrong. It appears like ArrayBufferView just because the ArrayBuffer isn't there, and it hits the other ArrayBufferView.
> >
> > The reason that the ArrayBuffer isn't there is due to this:
> >
> > if (!startObjectInternal(obj)) // handle duplicates
> > 636: return true;
> > write(ArrayBufferTag);
> >
> > When the deserializer reads the ArrayBufferView, it doesn't expect missing array buffer.
>
> Could you give an example of JavaScript code that fails?
I'll look deeper into it. For now let me close it. If there is a real issue, I'll reopen this bug
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list