[Webkit-unassigned] [Bug 150745] New: WebInspector crashed while viewing Timeline when refreshing cnn.com while it was already loading
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Fri Oct 30 18:26:30 PDT 2015
https://bugs.webkit.org/show_bug.cgi?id=150745
Bug ID: 150745
Summary: WebInspector crashed while viewing Timeline when
refreshing cnn.com while it was already loading
Classification: Unclassified
Product: WebKit
Version: WebKit Nightly Build
Hardware: All
OS: All
Status: NEW
Severity: Normal
Priority: P2
Component: JavaScriptCore
Assignee: webkit-unassigned at lists.webkit.org
Reporter: msaboff at apple.com
* STEPS TO REPRODUCE
1. Inspect cnn.com
2. Show Timeline tab
3. Reload
4. Repeat
We get a crash like this:
frame #0: 0x000000010c25767e JavaScriptCore`::WTFCrash() + 62 at Assertions.cpp:321
frame #1: 0x000000010bd50e8a JavaScriptCore`JSC::DFG::reifyInlinedCallFrames(jit=<unavailable>, exit=<unavailable>) + 1546 at DFGOSRExitCompilerCommon.cpp:193
frame #2: 0x000000010bd4ee0b JavaScriptCore`JSC::DFG::OSRExitCompiler::compileExit(this=0x00007fff5b42b410, exit=0x0000000143288380, operands=<unavailable>, recovery=<unavailable>) + 4667 at DFGOSRExitCompiler64.cpp:387
frame #3: 0x000000010bd4cc95 JavaScriptCore`::compileOSRExit(exec=<unavailable>) + 1493 at DFGOSRExitCompiler.cpp:162
frame #4: 0x000036bd736098a1 prepareToShow#DyZ1GU [DFG](Cell[Object ID: 18687]: 0x14000ea80, True)
frame #5: 0x000036bd7406e4df _showEntry#Dp5saP [Baseline](Cell[Object ID: 15664]: 0x1435c9900, Cell[Object ID: 18687]: 0x14000ea80, True)
frame #6: 0x000036bd741638d2 showBackForwardEntryForIndex#ETQFoG [Baseline](Cell[Object ID: 15664]: 0x1435c9900, 0)
frame #7: 0x000036bd73f00045 showContentView#BhrqjJ [Baseline](Cell[Object ID: 15664]: 0x1435c9900, Cell[Object ID: 18505]: 0x1435c97c0)
...
Looks like we don't have correct location information for an OSR exit.
We are OSR exiting from prepareToShow#DyZ1GU->_restoreFromCookie#AsCLr2->cookie#C5Hkj7->value#ApQL0d.
More information about the webkit-unassigned
mailing list