[Webkit-unassigned] [Bug 142191] New: Exception stack unwinding in JSC hangs while the Timeline Profiler is enabled

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Mon Mar 2 15:20:06 PST 2015 

https://bugs.webkit.org/show_bug.cgi?id=142191

            Bug ID: 142191
           Summary: Exception stack unwinding in JSC hangs while the
                    Timeline Profiler is enabled
    Classification: Unclassified
           Product: WebKit
           Version: 528+ (Nightly build)
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: JavaScriptCore
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mark.lam at apple.com

Imagine a scenario where the Inspector is paused / suspended at a breakpoint or while the user is stepping through code.  The user then tries to evaluate an expression in the console, and that evaluation results in an exception being thrown.  Currently, if the Timeline Profiler is enabled while this exception is being thrown, the WebProcess will hang while trying to handle that exception.

The issue is that the Timeline Profiler's ProfileGenerator::didExecute() will return early and decline to process ProfileNodes if the Inspector is paused.  This is proper because it does not want to count work done for injected scripts (e.g. from the console) towards the timeline profile of the webpage being run.  However, this is in conflict with ProfileGenerator::exceptionUnwind()'s expectation that didExecute() will process ProfileNodes in order to do the stack unwinding for the exception handling.  As a result, ProfileGenerator::exceptionUnwind() hangs.

ProfileGenerator::exceptionUnwind() is in error.  While the Inspector is paused, there will not be any ProfileNodes that it needs to "unwind".  Hence, the fix is simply to return early also in ProfileGenerator::exceptionUnwind() if the Inspector is paused.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20150302/175d40cf/attachment-0002.html>

More information about the webkit-unassigned mailing list