Breakpoints before 'super' crash the page
Reported by
i...@scirra.com,
May 23 2016
|
|||||||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36 Steps to reproduce the problem: 1. Open new tab 2. Open devtools 3. Load test file What is the expected behavior? Code execution should stop allowing you to inspect arguments of constructor call etc What went wrong? Page will crash and devtools will disconnect (100% replicable) Did this work before? N/A Chrome version: 50.0.2661.102 Channel: stable OS Version: 10.0 Flash Version: Shockwave Flash 21.0 r0 Issue is also replicable by placing a breakpoint on normal logic before the super call, or by placing the break point on the super call. Imagine this is to do with devtools trying to access 'this' before it's construction. Page loads correctly if devtools is closed.
,
May 24 2016
Thanks for your report. I'm not able to reproduce it. Try to run crash.html in ToT and 50.0.2661.102 on Linux and Windows. Could you provide more details? Do you use some experimental DevTools features?
,
May 24 2016
,
May 25 2016
Okay I've had a search around my settings. I did have "Experimental Web Platform features" enabled, but did a quick test and that seems unrelated. While repeating I noticed I had a variable watch set trying to access 'this.genericProperty', removing/adding this it seemed make the difference
,
May 26 2016
Thanks!
Console code to reproduce:
(function () {
class A { constructor () { this.a = 239; } }
class B extends A {
constructor () {
// console.log(this.a); // throw Reference Error
debugger; // evaluate this.a here for crash
super();
console.log(this.a);
}
}
return new B();
})();
,
May 26 2016
,
May 30 2016
This also needs to be merged to M51 and M52, right?
,
May 31 2016
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/54245bd6b28dc0f1b50bf196e9453bbe948612df commit 54245bd6b28dc0f1b50bf196e9453bbe948612df Author: kozyatinskiy <kozyatinskiy@chromium.org> Date: Tue May 31 22:04:53 2016 Debugger: fix crash in DebugEvaluate If scripts is paused in class constructor before super() call then any attempt to evaluate something like this.* on top frame will produce crash. BUG= chromium:614019 R=yangguo@chromium.org Review-Url: https://codereview.chromium.org/2013223003 Cr-Commit-Position: refs/heads/master@{#36625} [modify] https://crrev.com/54245bd6b28dc0f1b50bf196e9453bbe948612df/src/debug/debug-evaluate.cc [add] https://crrev.com/54245bd6b28dc0f1b50bf196e9453bbe948612df/test/mjsunit/es6/debug-evaluate-receiver-before-super.js
,
May 31 2016
Yes, we'd like to merge it since it produces a crash while debugging classes.
,
Jun 9 2016
@hablich, please take a look. I need merge approval for M51 and M52.
,
Jun 9 2016
,
Jun 9 2016
Please merge your CL in to M52 branch asap so that it gets picked up for Beta promotion scheduled for next week.
,
Jun 10 2016
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/4bf0f334fdca37c55e28cff7281d6b548e7f98cf commit 4bf0f334fdca37c55e28cff7281d6b548e7f98cf Author: kozyatinskiy <kozyatinskiy@chromium.org> Date: Fri Jun 10 01:48:53 2016 Version 5.1.281.64 (cherry-pick) Merged 54245bd6b28dc0f1b50bf196e9453bbe948612df Debugger: fix crash in DebugEvaluate BUG= chromium:614019 LOG=N R=yangguo@chromium.org NOTRY=true NOPRESUBMIT=true Review-Url: https://codereview.chromium.org/2049973003 Cr-Commit-Position: refs/branch-heads/5.1@{#75} Cr-Branched-From: 167dc63b4c9a1d0f0fe1b19af93644ac9a561e83-refs/heads/5.1.281@{#1} Cr-Branched-From: 03953f52bd4a184983a551927c406be6489ef89b-refs/heads/master@{#35282} [modify] https://crrev.com/4bf0f334fdca37c55e28cff7281d6b548e7f98cf/include/v8-version.h [modify] https://crrev.com/4bf0f334fdca37c55e28cff7281d6b548e7f98cf/src/debug/debug-evaluate.cc [add] https://crrev.com/4bf0f334fdca37c55e28cff7281d6b548e7f98cf/test/mjsunit/es6/debug-evaluate-receiver-before-super.js
,
Jun 10 2016
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/e67b53ae33fd2f8fa1777e19b6dec83478bda494 commit e67b53ae33fd2f8fa1777e19b6dec83478bda494 Author: Yang Guo <yangguo@chromium.org> Date: Fri Jun 10 05:41:33 2016 Version 5.2.361.21 (cherry-pick) Merged 54245bd6b28dc0f1b50bf196e9453bbe948612df Debugger: fix crash in DebugEvaluate BUG= chromium:614019 LOG=N TBR=kozyatinskiy@chromium.org Review URL: https://codereview.chromium.org/2051213004 . Cr-Commit-Position: refs/branch-heads/5.2@{#27} Cr-Branched-From: 2cd36d6d0439ddfbe84cd90e112dced85084ec95-refs/heads/5.2.361@{#1} Cr-Branched-From: 3fef34e02388e07d46067c516320f1ff12304c8e-refs/heads/master@{#36332} [modify] https://crrev.com/e67b53ae33fd2f8fa1777e19b6dec83478bda494/include/v8-version.h [modify] https://crrev.com/e67b53ae33fd2f8fa1777e19b6dec83478bda494/src/debug/debug-evaluate.cc [add] https://crrev.com/e67b53ae33fd2f8fa1777e19b6dec83478bda494/test/mjsunit/es6/debug-evaluate-receiver-before-super.js
,
Jun 10 2016
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/e67b53ae33fd2f8fa1777e19b6dec83478bda494 commit e67b53ae33fd2f8fa1777e19b6dec83478bda494 Author: Yang Guo <yangguo@chromium.org> Date: Fri Jun 10 05:41:33 2016 Version 5.2.361.21 (cherry-pick) Merged 54245bd6b28dc0f1b50bf196e9453bbe948612df Debugger: fix crash in DebugEvaluate BUG= chromium:614019 LOG=N TBR=kozyatinskiy@chromium.org Review URL: https://codereview.chromium.org/2051213004 . Cr-Commit-Position: refs/branch-heads/5.2@{#27} Cr-Branched-From: 2cd36d6d0439ddfbe84cd90e112dced85084ec95-refs/heads/5.2.361@{#1} Cr-Branched-From: 3fef34e02388e07d46067c516320f1ff12304c8e-refs/heads/master@{#36332} [modify] https://crrev.com/e67b53ae33fd2f8fa1777e19b6dec83478bda494/include/v8-version.h [modify] https://crrev.com/e67b53ae33fd2f8fa1777e19b6dec83478bda494/src/debug/debug-evaluate.cc [add] https://crrev.com/e67b53ae33fd2f8fa1777e19b6dec83478bda494/test/mjsunit/es6/debug-evaluate-receiver-before-super.js
,
Jun 10 2016
,
Jun 10 2016
,
Aug 15 2016
May also need to be floated on Node.js 6.x (for V8 5.0), but let us wait for closure on https://github.com/nodejs/node/pull/8054.
,
Sep 1 2016
Node 6 has upgraded to V8 5.1, so a backport/float for 5.0 is no longer needed.
,
Sep 28 2016
|
|||||||||||||||
►
Sign in to add a comment |
|||||||||||||||
Comment 1 by eostroukhov@chromium.org
, May 23 2016Status: Assigned (was: Unconfirmed)