CHECK(column_number >= 0) hit in debug::Location::Location
Reported by
jm.acun...@gmail.com,
Mar 28 2017
|
|||||||||||
Issue descriptionUserAgent: Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.110 Safari/537.36 Steps to reproduce the problem: 1- I access the web address https://drive.google.com/ 2- Right click on element button New -> To Inspect 3- Edit as HTML 4- add onclick="debugger" 5- click the button 6- crash What is the expected behavior? What went wrong? Crash Crashed report ID: Lock ID 7a65e651-3e33-4b1c-be52-5fde797e3932 How much crashed? Just one tab Is it a problem with a plugin? N/A Did this work before? N/A Chrome version: 57.0.2987.110 Channel: stable OS Version: 6.3 Flash Version: Shockwave Flash 25.0 r0
,
Mar 28 2017
It's because we generate negative offset when run function for event listeners. I'll take a look.
,
Mar 31 2017
Users experienced this crash on the following builds: Mac Canary 59.0.3056.0 - 0.34 CPM, 2 reports, 2 clients (signature v8::debug::Location::Location) If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates. - Go/Fracas
,
Apr 4 2017
,
Apr 4 2017
Issue 705960 has been merged into this issue.
,
Apr 4 2017
Issue 705966 has been merged into this issue.
,
Apr 23 2017
Users experienced this crash on the following builds: Mac Canary 60.0.3078.0 - 1.01 CPM, 2 reports, 1 clients (signature v8::debug::Location::Location) If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates. - Go/Fracas
,
May 29 2017
Users experienced this crash on the following builds: Mac Canary 61.0.3114.0 - 1.24 CPM, 2 reports, 1 clients (signature v8::debug::Location::Location) If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates. - Go/Fracas
,
May 30 2017
,
May 31 2017
The following revision refers to this bug: https://chromium.googlesource.com/v8/v8.git/+/6a65e6deef998ef94a3c8ab5eb50b9378dcf9038 commit 6a65e6deef998ef94a3c8ab5eb50b9378dcf9038 Author: Alexey Kozyatinskiy <kozyatinskiy@chromium.org> Date: Wed May 31 14:02:03 2017 [inspector] don't create negative location for isBlackboxed check V8 provides ScriptCompiler::CompileFunctionInContext method which takes expression and compile it as anonymous function like (function() .. expression ..). To produce correct locations for stmts inside of this expression V8 compile this function with negative offset. Instead of stmt position blackboxing use function start position which is negative in described case. Bug: chromium:705963 Change-Id: I86b113198fb59e77b3bbf523c8cd943e22f8a6ca Reviewed-on: https://chromium-review.googlesource.com/519384 Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org> Reviewed-by: Jakob Gruber <jgruber@chromium.org> Cr-Commit-Position: refs/heads/master@{#45637} [modify] https://crrev.com/6a65e6deef998ef94a3c8ab5eb50b9378dcf9038/src/debug/debug.cc [add] https://crrev.com/6a65e6deef998ef94a3c8ab5eb50b9378dcf9038/test/inspector/debugger/script-with-negative-offset-expected.txt [add] https://crrev.com/6a65e6deef998ef94a3c8ab5eb50b9378dcf9038/test/inspector/debugger/script-with-negative-offset.js
,
Jun 2 2017
,
Jun 12 2017
The change by itself is trivial and fixes a crash. I think we should merge it to beta. Please take a look.
,
Jun 12 2017
Issue 732213 has been merged into this issue.
,
Jun 12 2017
,
Jun 12 2017
This bug requires manual review: M60 has already been promoted to the beta branch, so this requires manual review Please contact the milestone owner if you have questions. Owners: amineer@(Android), cmasso@(iOS), josafat@(ChromeOS), bustamante@(Desktop) For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jun 16 2017
Approving merge for M60.
,
Jun 19 2017
,
Jun 20 2017
This issue has been approved for a merge. Please merge the fix to any appropriate branches as soon as possible! If all merges have been completed, please remove any remaining Merge-Approved labels from this issue. Thanks for your time! To disable nags, add the Disable-Nags label. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot
,
Jun 20 2017
|
|||||||||||
►
Sign in to add a comment |
|||||||||||
Comment 1 by jochen@chromium.org
, Mar 28 2017Components: Platform>DevTools>JavaScript
Labels: OS-All
Owner: kozyatinskiy@chromium.org
Status: Assigned (was: Unconfirmed)
Summary: CHECK(column_number >= 0) hit in debug::Location::Location (was: Crash debugging at https://drive.google.com/ in Google Chrome Versión 59.0.3053.3 (Build oficial) canary (64 bits))