[Webkit-unassigned] [Bug 204459] New: Crash in com.apple.WebKit.WebContent at WebKit: WebKit::StorageAreaMap::loadValuesIfNeeded

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Thu Nov 21 10:28:34 PST 2019 

https://bugs.webkit.org/show_bug.cgi?id=204459

            Bug ID: 204459
           Summary: Crash in com.apple.WebKit.WebContent at WebKit:
                    WebKit::StorageAreaMap::loadValuesIfNeeded
           Product: WebKit
           Version: WebKit Nightly Build
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: New Bugs
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: sihui_liu at apple.com

0   WebKit                              0x00000001abdaa0bc WebKit::StorageAreaMap::loadValuesIfNeeded() + 276 (Optional.h:529)
1   WebKit                              0x00000001abda9ff0 WebKit::StorageAreaMap::loadValuesIfNeeded() + 72 (StorageAreaMap.cpp:168)
2   WebKit                              0x00000001abda97cc WebKit::StorageAreaImpl::item(WTF::String const&) + 48 (StorageAreaMap.cpp:88)
3   WebCore                             0x00000001ac64df8c WebCore::JSStorage::getOwnPropertySlot(JSC::JSObject*, JSC::JSGlobalObject*, JSC::PropertyName, JSC::PropertySlot&) + 112 (JSStorage.cpp:167)
4   JavaScriptCore                      0x00000001b424b300 llint_slow_path_get_by_id + 3988 (JSObjectInlines.h:160)
5   JavaScriptCore                      0x00000001b3bfa254 llint_entry + 41460
6   JavaScriptCore                      0x00000001b3c0e2d8 llint_entry + 123512
7   JavaScriptCore                      0x00000001b3c0e2d8 llint_entry + 123512
8   JavaScriptCore                      0x00000001b3c0e2d8 llint_entry + 123512
9   JavaScriptCore                      0x00000001b3c0e2d8 llint_entry + 123512
10  JavaScriptCore                      0x00000001b3befe18 vmEntryToJavaScript + 248
11  JavaScriptCore                      0x00000001b418ac5c JSC::Interpreter::executeCall(JSC::JSGlobalObject*, JSC::JSObject*, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 428 (JITCodeInlines.h:38)
12  JavaScriptCore                      0x00000001b43779b0 JSC::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallType, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&, WTF::NakedPtr<JSC::Exception>&) + 184 (CallData.cpp:59)
13  WebCore                             0x00000001acba754c WebCore::JSEventListener::handleEvent(WebCore::ScriptExecutionContext&, WebCore::Event&) + 1280 (JSExecState.h:73)

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20191121/7da5bdd8/attachment-0001.htm>

More information about the webkit-unassigned mailing list