SharedArrayBuffer plus WebGL should not equal CRASH
authorfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 23 Jan 2017 23:13:41 +0000 (23:13 +0000)
committerfpizlo@apple.com <fpizlo@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Mon, 23 Jan 2017 23:13:41 +0000 (23:13 +0000)
commit3aee683a0b0cf7aab24756757515b7854225242b
tree9b653912272137465f80895fd49427594bd8f5e6
parent537b01e185b024fc066f7c1320c5ee8601857f89
SharedArrayBuffer plus WebGL should not equal CRASH
https://bugs.webkit.org/show_bug.cgi?id=167329

Reviewed by Saam Barati.

Source/JavaScriptCore:

DOM unwrapping methods should return null rather than crashing. The code expects an
unshared buffer, so we should return null when it's shared. The caller can then decide
if they like null or not.

* runtime/JSArrayBufferViewInlines.h:
(JSC::JSArrayBufferView::toWrapped):

LayoutTests:

This test used to crash and now it doesn't. It throws some exception.

* js/shared-array-buffer-webgl-expected.txt: Added.
* js/shared-array-buffer-webgl.html: Added.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@211065 268f45cc-cd09-0410-ab3c-d52691b4dbfc
LayoutTests/ChangeLog
LayoutTests/js/shared-array-buffer-webgl-expected.txt [new file with mode: 0644]
LayoutTests/js/shared-array-buffer-webgl.html [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/runtime/JSArrayBufferViewInlines.h