The "__defineGetter__" of Array make F12 can't wrok
Reported by
soulchen...@gmail.com,
Sep 7 2016
|
|||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Steps to reproduce the problem: 1. open F12 tools 2. run step by step to "Array.prototype.__defineGetter__" 3. The F12 tools will be stop. What is the expected behavior? In 48.0.2564.97 ,it will be crash because it has a null pointer in blink::toJSONValue.Is it a security problem? What went wrong? The JS code "Array.prototype.__defineGetter__". Did this work before? No Chrome version: 52.0.2743.116 Channel: stable OS Version: 6.1 (Windows 7, Windows Server 2008 R2) Flash Version: Shockwave Flash 22.0 r0
,
Sep 12 2016
I can't reproduce but this seems suspicious anyhow. Worth look The best I could get is that the i didn't get an alert, it just passively hung until i refreshed (and then it hit me with the alert) (hopefully) Repro Steps: * use stable * open https://output.jsbin.com/fuwezu/1/quiet * open devtools * async checkbox on, paused on exceptions on, paused on caught on. * reload page * step in * step in --- hangs --- einbinder, wanna take a look? (on ToT, i had no hanging problem.) rnimmagadda can you confirm if you can repro in tot/canary ?
,
Sep 12 2016
I don't get the crash, I get it hanging and then an alert if I reload again. Windows 10 Chrome 53
,
Sep 12 2016
@paulirish: Re-test the same on MAC (10.11.6) for Chrome Latest Canary Version - 55.0.2857.0 and observed the same result. Screen-recording is attached.
,
Sep 12 2016
Could you describe in details what when wrong on your screen cast? It looks good for me.
,
Sep 13 2016
@kozyatinskiy: I'm observing the same output in the console for Chrome Latest Stable Version - 53.0.2785.101 & Chrome Version - 30.0.1549.0 for Windows 7, MAC (10.11.6) & Ubuntu Trusty (14.04) OS. Based on this I have marked it as Untriaged. Thank you.
,
Sep 30 2016
I could reproduce it with steps from #2. In beta and ToT it works fine.
There is one problem with our injected_script_source.js. If you run code:
for (var i = 0; i < 1000; ++i)
Array.prototype.__defineSetter__(i + "",() => {throw new Error()});
DevTools will work incorrectly for many many things in console. We'll fix this during migration injected_script_source.js into native code.
I think that we can mark this as Fixed.
,
Oct 31
Bulk closing low-priority issues with no activity. Please re-file and refer to the closed issue if it's essential to fix. |
|||
►
Sign in to add a comment |
|||
Comment 1 by rnimmagadda@chromium.org
, Sep 7 2016Labels: M-53 OS-Linux OS-Mac
Status: Untriaged (was: Unconfirmed)