Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: a9510aedf5179f92aa036b67aea7f5f9e8b0a24f
https://github.com/WebKit/WebKit/commit/a9510aedf5179f92aa036b67aea7f5f9e8b0a24f
Author: Yusuke Suzuki <[email protected]>
Date: 2022-11-24 (Thu, 24 Nov 2022)
Changed paths:
A LayoutTests/js/dom/resizable-array-buffer-serialization-expected.txt
A LayoutTests/js/dom/resizable-array-buffer-serialization.html
A LayoutTests/js/dom/resizable-array-buffer-view-serialization-expected.txt
A
LayoutTests/js/dom/resizable-array-buffer-view-serialization-out-of-bounds-expected.txt
A
LayoutTests/js/dom/resizable-array-buffer-view-serialization-out-of-bounds-explicit-length-expected.txt
A
LayoutTests/js/dom/resizable-array-buffer-view-serialization-out-of-bounds-explicit-length.html
A
LayoutTests/js/dom/resizable-array-buffer-view-serialization-out-of-bounds.html
A LayoutTests/js/dom/resizable-array-buffer-view-serialization.html
A
LayoutTests/workers/sab/growable-shared-array-buffer-serialization-expected.txt
A LayoutTests/workers/sab/growable-shared-array-buffer-serialization.html
A
LayoutTests/workers/sab/growable-shared-array-buffer-view-serialization-expected.txt
A
LayoutTests/workers/sab/growable-shared-array-buffer-view-serialization-explicit-length-expected.txt
A
LayoutTests/workers/sab/growable-shared-array-buffer-view-serialization-explicit-length.html
A
LayoutTests/workers/sab/growable-shared-array-buffer-view-serialization.html
A LayoutTests/workers/sab/postMessage-clones-growable-expected.txt
A LayoutTests/workers/sab/postMessage-clones-growable.html
M Source/JavaScriptCore/runtime/ArrayBufferView.cpp
M Source/JavaScriptCore/runtime/ArrayBufferView.h
M Source/JavaScriptCore/runtime/DataView.cpp
M Source/JavaScriptCore/runtime/DataView.h
M Source/JavaScriptCore/runtime/GenericTypedArrayView.h
M Source/JavaScriptCore/runtime/GenericTypedArrayViewInlines.h
M Source/JavaScriptCore/runtime/JSArrayBufferView.cpp
M Source/JavaScriptCore/runtime/JSDataView.cpp
M Source/JavaScriptCore/runtime/JSGenericTypedArrayViewInlines.h
M Source/WebCore/bindings/js/SerializedScriptValue.cpp
M Source/WebCore/bindings/js/StructuredClone.cpp
Log Message:
-----------
Serialize and deserialize resizable ArrayBuffer
https://bugs.webkit.org/show_bug.cgi?id=248209
rdar://102601423
Reviewed by Ross Kirsling.
This patch adds serializing and deserializing of resizable ArrayBuffer and
TypedArrays.
We add ResizableArrayBufferTag and add a feature serializing resizable
ArrayBuffer.
But for growable SharedArrayBuffer, nothing is necessary since information is
carried via
SharedArrayBufferContents already. For TypedArrays, we use UINT64_MAX
byteLength marker
as a auto-length case. This works since byteLength cannot be UINT64_MAX since
it exceeds
MAX_ARRAY_BUFFER_SIZE. The other things in TypedArrays are not changed much
since these
TypedArrays should be resizable / growable ones when the subsequent backing
serialized
ArrayBuffer is resizable.
We also add wrappedAs methods since normal tryCreate has more additional checks
for construction.
But these checks can fail if the serialized TypedArrays are having ArrayBuffers
which is resized
to be smaller after the construction. But this is OK since it just makes
TypedArrays OOB. wrappedAs
methods do not have this check.
* Source/JavaScriptCore/runtime/ArrayBufferView.h:
(JSC::ArrayBufferView::byteOffsetRaw const):
(JSC::ArrayBufferView::byteOffset const):
(JSC::ArrayBufferView::byteLengthRaw const):
(JSC::ArrayBufferView::byteLength const):
* Source/WebCore/bindings/js/SerializedScriptValue.cpp:
(WebCore::CloneSerializer::dumpArrayBufferView):
(WebCore::CloneSerializer::dumpIfTerminal):
(WebCore::CloneDeserializer::readResizableNonSharedArrayBuffer):
(WebCore::CloneDeserializer::readArrayBufferViewImpl):
(WebCore::CloneDeserializer::readTerminal):
Canonical link: https://commits.webkit.org/256998@main
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes
