[Webkit-unassigned] [Bug 86510] New: [BlobBuilder] BlobBuilder not holding references to appended Blobs?

Tue May 15 12:44:52 PDT 2012

https://bugs.webkit.org/show_bug.cgi?id=86510

           Summary: [BlobBuilder] BlobBuilder not holding references to
                    appended Blobs?
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebCore Misc.
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: ericu at chromium.org
                CC: michaeln at google.com, jianli at chromium.org,
                    kinuko at chromium.org

Created an attachment (id=142031)
 --> (https://bugs.webkit.org/attachment.cgi?id=142031&action=review)
Repro case

See https://code.google.com/p/chromium/issues/detail?id=128222 for more info, but I'll attach the test file here too just in case.  I looks to me like when we call BlobBuilder's append(blob), we don't store a reference to the blob anywhere, so it can get garbage-collected before we try to access its data.  So far as I know this only affects chromium currently, but the bug's probably all in webcore.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.