Bug 129227

Summary: REGRESSION (r164507): Crash beneath JSGlobalObjectInspectorController::reportAPIException at facebook.com, twitter.com, youtube.com
Product: WebKit Reporter: mitz
Component: Web InspectorAssignee: mitz
Status: RESOLVED FIXED    
Severity: Normal CC: commit-queue, ddkilzer, graouts, joepeck, mkwst, phiw2, timothy, webkit-bug-importer
Priority: P1 Keywords: InRadar, Regression
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
URL: http://twitter.com
Attachments:
Description Flags
Revert r164507 eric.carlson: review+

Description mitz 2014-02-22 21:04:32 PST 
<rdar://problem/16142324>

Navigating to the URL causes the Web Content process to crash with a backtrace like this:

0   com.apple.JavaScriptCore      	0x00000001064d75ce WTFCrash + 62
1   com.apple.JavaScriptCore      	0x0000000106195fae JSC::ErrorHandlingScope::ErrorHandlingScope(JSC::VM&) + 62
2   com.apple.JavaScriptCore      	0x000000010639d5c6 Inspector::JSGlobalObjectInspectorController::reportAPIException(JSC::ExecState*, JSC::JSValue) + 70
3   com.apple.JavaScriptCore      	0x000000010636eb6b JSValueToObject + 331
4   com.apple.Safari.framework    	0x00007fff9264aa21 controlObject(objc_object*, double, NSString*) + 207

This was caused by <http://trac.webkit.org/r164507>, the fix for bug 128776.
Comment 1 mitz 2014-02-22 21:07:09 PST 
Created attachment 224992 [details]
Revert r164507
Comment 2 mitz 2014-02-22 21:39:03 PST 
Committed <http://trac.webkit.org/r164554>.
Comment 3 Philippe Wittenbergh 2014-02-22 21:59:34 PST 
Is bug 129221 the same issue ?
Comment 4 mitz 2014-02-22 22:10:52 PST 
(In reply to comment #3)
> Is bug 129221 the same issue ?

Yes. Sorry I didn’t see that one!
Comment 5 Philippe Wittenbergh 2014-02-22 22:18:58 PST 
*** Bug 129221 has been marked as a duplicate of this bug. ***
Comment 6 Joseph Pecoraro 2014-02-23 10:53:33 PST 
I see. I kept the ErrorHandlingScope from the original code, but I guess I'm not exactly why it is needed. Thanks for rolling out.
Comment 7 Joseph Pecoraro 2014-02-23 10:54:00 PST 
Correction: I'm not exactly sure* why it is needed.
Comment 8 Joseph Pecoraro 2014-02-27 12:41:17 PST 
The original patch landed again in <http://trac.webkit.org/changeset/164824>. I could not reproduce the problem after the recent JSC fixes for this. I was unable to reproduce the same reportAPIException calls you guys saw, but I did produce a different one and we handled that fine. Please let me know if you are seeing crashes again after r 164824!