Bug 149473

Summary:	EBay listing pages "A problem repeatedly occurred with..."
Product:	WebKit	Reporter:	Julian Kussman <hobbbz>
Component:	JavaScriptCore	Assignee:	Nobody <webkit-unassigned>
Status:	RESOLVED DUPLICATE
Severity:	Critical	CC:	bfulgham, fpizlo, ggaren, kling, webkit-bug-importer
Priority:	P1	Keywords:	InRadar
Version:	WebKit Nightly Build
Hardware:	Mac
OS:	OS X 10.10

Julian Kussman

Reported 2015-09-22 13:53:51 PDT

When loading any individual listing page on Ebay I receive "A problem repeatedly occurred with [URL]" Such as: http://www.ebay.com/itm/Black-Adjustable-Height-Keyboard-Piano-X-Stand-Electric-Organ-Metal-Braced-Rack-/271937271598?hash=item3f50b9772e I am on Nightly Version 8.0.8 (10600.8.9, r190010)

Attachments
Add attachment proposed patch, testcase, etc.

Alexey Proskuryakov

Comment 1 2015-09-22 21:54:51 PDT

I can reproduce. Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.JavaScriptCore 0x000000010ede2b3e WTFCrash + 62 1 com.apple.JavaScriptCore 0x000000010ed2d963 JSC::AccessCase::generate(JSC::AccessGenerationState&) + 2483 2 com.apple.JavaScriptCore 0x000000010ed31080 JSC::PolymorphicAccess::regenerate(JSC::VM&, JSC::CodeBlock*, JSC::StructureStubInfo&, JSC::Identifier const&, WTF::Vector<std::__1::unique_ptr<JSC::AccessCase, std::__1::default_delete<JSC::AccessCase> >, 2ul, WTF::CrashOnOverflow, 16ul>&) + 1792 3 com.apple.JavaScriptCore 0x000000010ed308c9 JSC::PolymorphicAccess::regenerateWithCases(JSC::VM&, JSC::CodeBlock*, JSC::StructureStubInfo&, JSC::Identifier const&, WTF::Vector<std::__1::unique_ptr<JSC::AccessCase, std::__1::default_delete<JSC::AccessCase> >, 0ul, WTF::CrashOnOverflow, 16ul>) + 985 4 com.apple.JavaScriptCore 0x000000010ed31d59 JSC::PolymorphicAccess::regenerateWithCase(JSC::VM&, JSC::CodeBlock*, JSC::StructureStubInfo&, JSC::Identifier const&, std::__1::unique_ptr<JSC::AccessCase, std::__1::default_delete<JSC::AccessCase> >) + 137 5 com.apple.JavaScriptCore 0x000000010ed84429 JSC::StructureStubInfo::addAccessCase(JSC::VM&, JSC::CodeBlock*, JSC::Identifier const&, std::__1::unique_ptr<JSC::AccessCase, std::__1::default_delete<JSC::AccessCase> >) + 89 6 com.apple.JavaScriptCore 0x000000010ed4b4f0 JSC::repatchGetByID(JSC::ExecState*, JSC::JSValue, JSC::Identifier const&, JSC::PropertySlot const&, JSC::StructureStubInfo&) + 624

Radar WebKit Bug Importer

Comment 2 2015-09-22 21:55:03 PDT

<rdar://problem/22814629>

Brent Fulgham

Comment 3 2022-02-12 19:59:05 PST

*** This bug has been marked as a duplicate of bug 149514 ***

Note You need to log in before you can comment on or make changes to this bug.