Passing null to the texSubImage2D variant taking ArrayBufferData causes a crash in both Safari and Chromium. At one point the intent of the code was to generate an INVALID_VALUE OpenGL error, but at some point this regressed. It also isn't tested by the WebGL conformance tests. The exact behavior is still being discussed on the public_webgl mailing list but minimally the code should be patched immediately to avoid crashing.
I'll patch it to generate INVALID_ERROR for now.
Created attachment 131374 [details] Patch
Oops, Mo, sorry, I didn't see you had taken this. Feel free to use or ignore the attached patch.
The patch looks good. Assigning to kbr.
Comment on attachment 131374 [details] Patch Thanks.
Comment on attachment 131374 [details] Patch Clearing flags on attachment: 131374 Committed r110485: <http://trac.webkit.org/changeset/110485>
All reviewed patches have been landed. Closing bug.