| Summary: | performance.now can crash if accessed from a window that has navigated | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Sam Weinig <sam> | ||||
| Component: | New Bugs | Assignee: | Sam Weinig <sam> | ||||
| Status: | RESOLVED FIXED | ||||||
| Severity: | Normal | CC: | ap | ||||
| Priority: | P2 | ||||||
| Version: | 528+ (Nightly build) | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| Attachments: |
|
||||||
|
Description
Sam Weinig
2015-02-11 10:03:20 PST
Created attachment 246395 [details]
Patch
Comment on attachment 246395 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=246395&action=review > LayoutTests/fast/performance/performance-now-crash-on-navigated-window.html:26 > + // Should not crash. > + value = perfFromInitialFrame.now(); > + shouldBe('value', '0'); Please test Firefox, and possibly update the comment for other reasonable outcomes. This way, if someone changes our behavior to match Firefox and accidentally breaks this test, they will have an easier time figuring out if that's OK. Committed r179936: <http://trac.webkit.org/changeset/179936> Committed r179937: <http://trac.webkit.org/changeset/179937> The new regression test just crashed on a GuardMalloc bot: Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x000000010824024a WebCore::Performance::now() const + 10 1 com.apple.WebCore 0x000000010802b58e WebCore::jsPerformancePrototypeFunctionNow(JSC::ExecState*) + 126 2 ??? 0x0000000112f73028 0 + 4613156904 3 com.apple.JavaScriptCore 0x0000000106e8e248 llint_entry + 22290 4 com.apple.JavaScriptCore 0x0000000106e8e248 llint_entry + 22290 False alarm, that's because the test was landed before the fix :) |