DevTools: persistence: saving a mapped file with an error crashes the tab |
||||||||
Issue descriptionChrome Version: 57.0.2985.0 OS: all What steps will reproduce the problem? (1) Setup DevTools with the persistence experiment (2) Open a mapped file, type "function():", save, and refresh the page (3) In the same mapped file, there should be a red underline (4) Make some other edits in the file (but don't remove the "function():") and try to save What is the expected result? Changes should save What happens instead? Tab crashes
,
Jan 25 2017
Issue 684533 has been merged into this issue.
,
Jan 26 2017
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/a81fbe802a605a4f098b2df00e9d60eabeac5168 commit a81fbe802a605a4f098b2df00e9d60eabeac5168 Author: luoe <luoe@chromium.org> Date: Thu Jan 26 01:29:01 2017 Fix uncaught exception bug from liveEditScriptSource BUG= chromium:683335 CQ_INCLUDE_TRYBOTS=master.tryserver.blink:linux_trusty_blink_rel Review-Url: https://codereview.chromium.org/2651153004 Cr-Commit-Position: refs/heads/master@{#42672} [modify] https://crrev.com/a81fbe802a605a4f098b2df00e9d60eabeac5168/src/inspector/v8-debugger.cc [modify] https://crrev.com/a81fbe802a605a4f098b2df00e9d60eabeac5168/src/inspector/v8-debugger.h [add] https://crrev.com/a81fbe802a605a4f098b2df00e9d60eabeac5168/test/inspector/debugger/set-script-source-exception-expected.txt [add] https://crrev.com/a81fbe802a605a4f098b2df00e9d60eabeac5168/test/inspector/debugger/set-script-source-exception.js
,
Jan 26 2017
Users experienced this crash on the following builds: Linux Dev 57.0.2987.8 - 1.47 CPM, 1 reports, 1 clients (signature v8_inspector::V8Debugger::setScriptSource) If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates. - Go/Fracas
,
Feb 1 2017
,
Feb 1 2017
,
Feb 1 2017
,
Feb 1 2017
,
Feb 2 2017
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/f9481b4996c6ffe96e41834c633ed656835a6d80 commit f9481b4996c6ffe96e41834c633ed656835a6d80 Author: Alexey Kozyatinskiy <kozyatinskiy@chromium.org> Date: Thu Feb 02 22:46:12 2017 Merged: Fix uncaught exception bug from liveEditScriptSource Revision: a81fbe802a605a4f098b2df00e9d60eabeac5168 BUG= chromium:683335 LOG=N NOTRY=true NOPRESUBMIT=true NOTREECHECKS=true R=ulan@chromium.org Review-Url: https://codereview.chromium.org/2669933003 . Cr-Commit-Position: refs/branch-heads/5.7@{#86} Cr-Branched-From: 975e9a320b6eaf9f12280c35df98e013beb8f041-refs/heads/5.7.492@{#1} Cr-Branched-From: 8d76f0e3465a84bbf0bceab114900fbe75844e1f-refs/heads/master@{#42426} [modify] https://crrev.com/f9481b4996c6ffe96e41834c633ed656835a6d80/src/inspector/v8-debugger.cc [modify] https://crrev.com/f9481b4996c6ffe96e41834c633ed656835a6d80/src/inspector/v8-debugger.h [add] https://crrev.com/f9481b4996c6ffe96e41834c633ed656835a6d80/test/inspector/debugger/set-script-source-exception-expected.txt [add] https://crrev.com/f9481b4996c6ffe96e41834c633ed656835a6d80/test/inspector/debugger/set-script-source-exception.js
,
Feb 6 2017
This issue has been approved for a merge. Please merge the fix to any appropriate branches as soon as possible! If all merges have been completed, please remove any remaining Merge-Approved labels from this issue. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Feb 6 2017
,
Feb 19 2017
Hey, I have this similar issue where tab crashes when visiting pretty much any github.com webpage (main, projects). The errors seems to be caused by a call to v8::V8::ToLocalEmpty() which will always cause a crash due to the 'false' arg value to ApiCheck. From the code: void V8::ToLocalEmpty() { Utils::ApiCheck(false, "v8::ToLocalChecked", "Empty MaybeLocal."); } static inline bool ApiCheck(bool condition, const char* location, const char* message) { if (!condition) Utils::ReportApiFailure(location, message); return condition; } Anyway, reproduced by: 0. make sure scripts are allowed (eg. javascript works) - eg. run with: chromium --user-data-dir=/tmp (this ensure no extensions&settings are preventing javascript from running) 1. open new tab 2. enter url: https://github.com 3. tab crashed with Aw, Snap Observed console stacktrace: Received signal 4 ILL_ILLOPN 55a3b0c00342 #0 0x55a3aee703c7 base::debug::StackTrace::StackTrace() #1 0x55a3aee6ff3f base::debug::(anonymous namespace)::StackDumpSignalHandler() #2 0x7f97d033e080 <unknown> #3 0x55a3b0c00342 blink::reportFatalErrorInMainThread() #4 0x55a3ae04767e v8::V8::ToLocalEmpty() #5 0x55a3b231d30f blink::ReadableStreamOperations::createCountQueuingStrategy() #6 0x55a3b1827f24 blink::BodyStreamBuffer::BodyStreamBuffer() #7 0x55a3b18359ef blink::Request::createRequestWithRequestOrString() #8 0x55a3b1835e2b blink::Request::create() #9 0x55a3b1831b5a blink::(anonymous namespace)::GlobalFetchImpl<>::fetch() #10 0x55a3b1831773 blink::GlobalFetch::fetch() #11 0x55a3b165453d blink::V8WindowPartial::fetchMethodCallback() #12 0x55a3ae04393d v8::internal::FunctionCallbackArguments::Call() #13 0x55a3ae0c0aeb v8::internal::(anonymous namespace)::HandleApiCallHelper<>() #14 0x55a3ae0c009f v8::internal::Builtin_Impl_HandleApiCall() #15 0x3a02011043a2 <unknown> r8: 0000000000242340 r9: 000000000063ade0 r10: 0000000000000000 r11: 0000000000000018 r12: 00001b59c81452b0 r13: 0000242ce0081bc8 r14: 00007ffd5e769370 r15: 0000000000000000 di: 0000207e8a7c2da0 si: 000034626bb80070 bp: 00007ffd5e769808 bx: 0000207e8a797020 dx: 0000000000000000 ax: 000000000000002f cx: 0000207e8a4836e0 sp: 00007ffd5e7692e0 ip: 000055a3b0c00342 efl: 0000000000010213 cgf: 002b000000000033 erf: 0000000000000000 trp: 0000000000000006 msk: 0000000000000000 cr2: 0000000000000000 [end of stack trace] Calling _exit(1). Core file will not be generated. More info: Chromium 58.0.3018.0 (Developer Build) (64-bit) Revision 379c7d17948f3e93b4f907be27b8dbf4cf3429e2-refs/heads/master@{#451515} OS Linux JavaScript V8 5.8.244 Flash User Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3018.0 Safari/537.36 Command Line /usr/lib/chromium/chromium --disk-cache-dir=/tmp/chromiumcache --disable-sync-preferences --disable-plugins --cipher-suite-blacklist=0x0001,0x0002,0x0004,0x0005,0x0017,0x0018,0xc002,0xc007,0xc00c,0xc011,0xc016,0xff80,0xff81,0xff82,0xff83 --disable-component-extensions-with-background-pages --disable-background-networking --disable-internal-flash --disable-bundled-ppapi-flash --disable-default-apps --ssl-version-min=tls1 --disallow-autofill-sync-credential --disable-device-discovery-notifications --no-pings --disable-media-source --disable-ntp-other-sessions-menu --disable-prefixed-encrypted-media --disable-touch-adjustment --disable-views-rect-based-targeting --disable-webgl --disable-account-consistency --enable-async-dns --enable-deferred-image-decoding --enable-download-resumption --enable-drop-sync-credential --disable-material-design-ntp --disable-new-avatar-menu --disable-new-profile-management --enable-offline-auto-reload-visible-only --disable-offline-auto-reload --enable-offline-load-stale-cache --enable-one-copy --enable-panels --disable-password-generation --enable-permissions-bubbles --disable-extensions-on-chrome-urls --disable-pinch-virtual-viewport --disable-pinch --enable-quic --disable-save-password-bubble --enable-session-crashed-bubble --disable-settings-window --use-simple-cache-backend=off --disable-smooth-scrolling --disable-sync-app-list --disable-sync-synced-notifications --enable-tcp-fastopen --disable-touch-editing --enable-web-based-signin --disable-zero-copy --enable-harfbuzz-rendertext --enable-impl-side-painting --enable-lcd-text --num-raster-threads=4 --disable-origin-chip --disable-overlay-scrollbar --remember-cert-error-decisions=-1 --enable-search-button-in-omnibox-always --disable-spelling-auto-correct --tab-capture-downscale-quality=fast --tab-capture-upscale-quality=fast --touch-events=disabled --wallet-service-use-sandbox=0 --enable-gpu-vsync --show-component-extension-options --disable-gpu-rasterization --disable-hyperlink-auditing --enable-vertical-tabs --disable-audio-support-for-desktop-share --disable-gpu --flag-switches-begin --show-saved-copy=primary --touch-events=disabled --flag-switches-end Executable Path /usr/lib/chromium/chromium Profile Path /home/z/.config/chromium/Default Variations 98ee9f3e-98ee9f3e 16e0dd70-3f4a17df 6c18ba9d-f5103057 241fff6c-ca7d8d80 1e528f0f-15305a2 2a33b90e-3f4a17df ba3f87da-92cc81ec 5ca89f9-3f4a17df f3499283-2f3631ce 349d561b-3f4a17df 6eb432aa-3f4a17df 5274eb09-3f4a17df 57f575bb-3f4a17df b791c1b8-3f4a17df 9773d3bd-3f4a17df b22b3d54-b22b3d54 9ef7d150-3f4a17df 2e109477-4f8eb0c8 99144bc3-3f4a17df 64cbdfc2-3f4a17df 5139837c-3f4a17df 7f8176d9-3f4a17df b7786474-d93a0620 23a898eb-e0e2610f 7382e39a-3f4a17df 868bda90-3f4a17df 4ea303a6-3f4a17df ce152c12-3f4a17df 3a007b7-3f4a17df 64224f74-5087fa4a 64005e71-fb487281 ad6d27cc-3e870323 69bf80fa-3f4a17df c5073fab-3f4a17df ef25c1eb-3f4a17df 7fc902e8-3f4a17df d747916f-d747916f 477f6800-72c07fe0 fe05be5f-4ad60575 828a5926-d8f52f32 Should I create a new issue? Seems to be the same issue to be honest: in comment #1, crash is due to call to function v8::V8::ToLocalEmpty(), same as me. Note: workaround is to use uMatrix to disable the 2 github scripts - then no more tab crash!
,
Feb 20 2017
I made a new issue https://bugs.chromium.org/p/chromium/issues/detail?id=694090 because it's a different calling function. Sorry for the noise! |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by lushnikov@chromium.org
, Jan 24 2017Labels: -Pri-2 Pri-1
Owner: kozyatinskiy@chromium.org