New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 702290 link

Starred by 1 user
Status: Fixed
Owner:
a...@chromium.org
Closed: Mar 2017
Cc:
simon.m....@gmail.com
dgozman@chromium.org
samu...@chromium.org
mac-bugs-priority@chromium.org
EstimatedDays: ----
NextAction: ----
OS: Mac
Pri: 1
Type: Bug



Sign in to add a comment

Chrome_Mac: Crash Report - -[JavaScriptAppModalDialogHelper cancelAlert]

Project Member Reported by a...@chromium.org, Mar 16 2017 
Product name: Chrome_Mac
Magic Signature: -[JavaScriptAppModalDialogHelper cancelAlert]

Current link:
https://crash.corp.google.com/browse?q=ReportID%3D'841beaed80000000'%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D'-%5BJavaScriptAppModalDialogHelper%20cancelAlert%5D'&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D#3


Search properties:
reportid: 841beaed80000000

Metadata :
Product Name: Chrome_Mac
Product Version: 57.0.2987.98
Report ID: 841beaed80000000
Report Time: Thu, 16 Mar 2017 11:48:03 GMT
Uptime: 2000 ms
Cumulative Uptime: 0 ms
User Email: 
OS Name: Mac OS X
OS Version: 10.12.3 16D32
CPU Architecture: amd64
CPU Info: family 6 model 94 stepping 3

Comment 1 by a...@chromium.org, Mar 16 2017 

	0x00007fff76a6ebfe	(AppKit + 0x003a5bfe )	-[NSApplication _crashOnException:]
0x00007fff76a6eb2f	(AppKit + 0x003a5b2f )	-[NSApplication reportException:]
0x00007fff76b44b22	(AppKit + 0x0047bb22 )	uncaughtErrorProc
0x00007fff78ce7d59	(CoreFoundation + 0x00190d59 )	__handleUncaughtException
0x00007fff8d854f14	(libobjc.A.dylib + 0x00016f14 )	_objc_terminate()
0x00007fff8cd47d68	(libc++abi.dylib + 0x00023d68 )	std::__terminate(void (*)())
0x00007fff8cd477dd	(libc++abi.dylib + 0x000237dd )	__cxa_throw
0x00007fff8d852dd5	(libobjc.A.dylib + 0x00014dd5 )	objc_exception_throw
0x00007fff78cd4dae	(CoreFoundation + 0x0017ddae )	-[__NSSingleObjectArrayI objectAtIndex:]
0x000000010f8ff80f	(Google Chrome Framework -javascript_app_modal_dialog_cocoa.mm:170 )	-[JavaScriptAppModalDialogHelper cancelAlert]
0x000000010f46bf71	(Google Chrome Framework -javascript_dialog_manager.cc:265 )	app_modal::JavaScriptDialogManager::HandleJavaScriptDialog(content::WebContents*, bool, std::__1::basic_string<unsigned short, base::string16_char_traits, std::__1::allocator<unsigned short> > const*)
0x000000010c605f92	(Google Chrome Framework -page_handler.cc:357 )	content::protocol::PageHandler::HandleJavaScriptDialog(bool, content::protocol::Maybe<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >)
0x000000010c606074	(Google Chrome Framework -page_handler.cc )	non-virtual thunk to content::protocol::PageHandler::HandleJavaScriptDialog(bool, content::protocol::Maybe<std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > >)
0x000000010c4eeb85	(Google Chrome Framework -page.cc:1425 )	content::protocol::Page::DispatcherImpl::handleJavaScriptDialog(int, std::__1::unique_ptr<content::protocol::DictionaryValue, std::__1::default_delete<content::protocol::DictionaryValue> >, content::protocol::ErrorSupport*)
0x000000010c4ec83f	(Google Chrome Framework -page.cc:1142 )	content::protocol::Page::DispatcherImpl::dispatch(int, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, std::__1::unique_ptr<content::protocol::DictionaryValue, std::__1::default_delete<content::protocol::DictionaryValue> >)
0x000000010c4f4a7f	(Google Chrome Framework -protocol.cc:827 )	content::protocol::UberDispatcher::dispatch(std::__1::unique_ptr<content::protocol::Value, std::__1::default_delete<content::protocol::Value> >, int*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >*)
0x000000010c5f6d4b	(Google Chrome Framework -devtools_session.cc:71 )	content::DevToolsSession::Dispatch(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, int*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> >*)
0x000000010c619e52	(Google Chrome Framework -render_frame_devtools_agent_host.cc:546 )	content::RenderFrameDevToolsAgentHost::DispatchProtocolMessage(content::DevToolsSession*, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)
0x000000010c5f0fdb	(Google Chrome Framework -devtools_http_handler.cc:308 )	content::DevToolsHttpHandler::OnWebSocketMessage(int, std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&)
0x000000010d2070e0	(Google Chrome Framework -callback.h:68 )

Comment 2 by samu...@chromium.org, Mar 16 2017

Cc: simon.m....@gmail.com

Comment 3 by samu...@chromium.org, Mar 16 2017 

Possibly related to this is  issue chromedriver:1500 , where we see a failure (but not a crash) to dismiss a dialog that we know exists.

Comment 4 by a...@chromium.org, Mar 16 2017

Labels: -Restrict-View-Google

Comment 5 by a...@chromium.org, Mar 16 2017

Status: Started (was: Untriaged)
The crash:

DevTools gets a message. It rattles around and gets dispatched to PageHandler::HandleJavaScriptDialog. PageHandler::HandleJavaScriptDialog calls HandleJavaScriptDialog on the page's dialog manager, which is JavaScriptDialogManager.

JavaScriptDialogManager::HandleJavaScriptDialog checks to see if there's an active dialog. There is, so it calls CancelAppModalDialog on it.

Chrome crashes because CancelAppModalDialog tries to cancel the dialog by clicking the "cancel" button, but the dialog doesn't have one (-[__NSSingleObjectArrayI objectAtIndex:]: index 1 beyond bounds [0 .. 0]).

So technically speaking, yeah, you shouldn't be trying to cancel a dialog that has no cancel button. In reality, what we're doing is dumb and should be fixed.

Will fix.

Comment 6 by a...@chromium.org, Mar 16 2017 

Re comment 3, my opinion is that  issue chromedriver:1500  is a dup of  issue chromedriver:1467 , and this is just a dumb crash. /shrug

Comment 7 by samu...@chromium.org, Mar 16 2017 

I don't think it's a dupe.

 Issue chromedriver:1467  was a case where ChromeDriver was calling Runtime.evaluate while an alert was up, which is a problem because the renderer is non-responsive while modal dialogs are displayed, so ChromeDriver would hang there waiting and eventually time out.

In  issue chromedriver:1500 , we (sometimes - it's flaky) get a "Could not handle JavaScript dialog" error when calling Page.handleJavaScriptDialog even after we've just seen a Page.javascriptDialogOpening event. There's no timeout, and users see a different error message.
Project Member

Comment 8 by bugdroid1@chromium.org, Mar 16 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0e43eca719311f3a873d5c8bc644a77465450e21

commit 0e43eca719311f3a873d5c8bc644a77465450e21
Author: avi <avi@chromium.org>
Date: Thu Mar 16 21:16:20 2017

For a "cancel" of an alert dialog via HandleJavaScriptDialog, click the only button, "OK".

This keeps us from crashing.

BUG= 702290 

Review-Url: https://codereview.chromium.org/2754143003
Cr-Commit-Position: refs/heads/master@{#457556}

[modify] https://crrev.com/0e43eca719311f3a873d5c8bc644a77465450e21/components/app_modal/javascript_dialog_manager.cc

Comment 9 by a...@chromium.org, Mar 17 2017

Status: Fixed (was: Started)
This crash is fixed. If you can confirm that it's gone when you use ChromeDriver, I can merge.

Sign in to add a comment