v8::internal::SourcePositionTableIterator::SourcePositionTableIterator |
||||
Issue descriptionv8::internal::SourcePositionTableIterator::SourcePositionTableIterator https://crash.corp.google.com/browse?q=product.name%3D%27Chrome_Linux%27%20AND%20product.version%3D%2762.0.3198.0%27%20AND%20custom_data.ChromeCrashProto.channel%3D%27dev%27%20AND%20custom_data.ChromeCrashProto.ptype%3D%27renderer%27%20AND%20custom_data.ChromeCrashProto.magic_signature_1.name%3D%27v8%3A%3Ainternal%3A%3ASourcePositionTableIterator%3A%3ASourcePositionTableIterator%27&ignore_case=false&enable_rewrite=true&omit_field_name=&omit_field_value=&omit_field_opt=%3D&unnest=#samplereports Stack Quality67%Show frame trust levels 0x0000559201bf121e (chrome -source-position-table.cc:187 ) v8::internal::SourcePositionTableIterator::SourcePositionTableIterator(v8::internal::ByteArray*) 0x00005592018ce25f (chrome -debug.cc:135 ) v8::internal::BreakIterator::BreakIterator(v8::internal::Handle<v8::internal::DebugInfo>) 0x00005592018d098d (chrome -debug.cc:648 ) v8::internal::Debug::ClearBreakPoints(v8::internal::Handle<v8::internal::DebugInfo>) 0x00005592018cebd3 (chrome -debug.cc:1026 ) v8::internal::Debug::Break(v8::internal::JavaScriptFrame*) 0x0000559201b42844 (chrome -runtime-debug.cc:38 ) v8::internal::Runtime_DebugBreakOnBytecode(int, v8::internal::Object**, v8::internal::Isolate*) 0x0000151a31504efc 0x0000151a3156236b 0x0000151a3160b87f 0x0000151a3160b87f 0x0000151a3160b87f 0x0000151a3160a018 0x0000151a31504100 0x0000559201917411 (chrome -execution.cc:145 ) v8::internal::(anonymous namespace)::Invoke(v8::internal::Isolate*, bool, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*, v8::internal::Handle<v8::internal::Object>, v8::internal::Execution::MessageHandling) 0x0000559201917148 (chrome -execution.cc:181 ) v8::internal::Execution::Call(v8::internal::Isolate*, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*) 0x00005592016a2b13 (chrome -api.cc:2087 ) v8::Script::Run(v8::Local<v8::Context>) 0x00005592045cd3e3 (chrome -V8ScriptRunner.cpp:578 ) blink::V8ScriptRunner::RunCompiledScript(v8::Isolate*, v8::Local<v8::Script>, blink::ExecutionContext*) 0x00005592046405b3 (chrome -ScriptController.cpp:137 ) blink::ScriptController::ExecuteScriptAndReturnValue(v8::Local<v8::Context>, blink::ScriptSourceCode const&, blink::AccessControlStatus) 0x0000559204640eed (chrome -ScriptController.cpp:315 ) blink::ScriptController::EvaluateScriptInMainWorld(blink::ScriptSourceCode const&, blink::AccessControlStatus, blink::ScriptController::ExecuteScriptPolicy) 0x0000559204641017 (chrome -ScriptController.cpp:285 ) blink::ScriptController::ExecuteScriptInMainWorld(blink::ScriptSourceCode const&, blink::AccessControlStatus) 0x0000559204c49be9 (chrome -ScriptLoader.cpp:869 ) blink::ScriptLoader::DoExecuteScript(blink::Script const*) 0x0000559204c49837 (chrome -ScriptLoader.cpp:935 ) blink::ScriptLoader::ExecuteScriptBlock(blink::PendingScript*, blink::KURL const&) 0x0000559204c49c45 (chrome -ScriptLoader.cpp:888 ) blink::ScriptLoader::Execute() 0x0000559204ad8b76 (chrome -ScriptRunner.cpp:222 ) blink::ScriptRunner::ExecuteAsyncTask() 0x0000559204ad7ee4 (chrome -ScriptRunner.cpp:234 ) blink::ScriptRunner::ExecuteTask() 0x00005592021567aa (chrome -callback.h:91 ) base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) 0x0000559201d68656 (chrome -task_queue_manager.cc:532 ) blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue(blink::scheduler::internal::WorkQueue*, bool, blink::scheduler::LazyNow, base::TimeTicks*) 0x0000559201d666c8 (chrome -task_queue_manager.cc:330 ) blink::scheduler::TaskQueueManager::DoWork(bool) 0x00005592021567aa (chrome -callback.h:91 ) base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) 0x000055920216ef6f (chrome -message_loop.cc:406 ) base::MessageLoop::RunTask(base::PendingTask*) 0x000055920216f66b (chrome -message_loop.cc:417 ) base::MessageLoop::DoWork() 0x0000559202170c64 (chrome -message_pump_default.cc:33 ) base::MessagePumpDefault::Run(base::MessagePump::Delegate*) 0x000055920219005f (chrome -run_loop.cc:123 ) base::RunLoop::Run() 0x000055920588186d (chrome -renderer_main.cc:220 ) content::RendererMain(content::MainFunctionParams const&) 0x0000559201e4c447 (chrome -content_main_runner.cc:354 ) content::RunZygote(content::MainFunctionParams const&, content::ContentMainDelegate*) 0x0000559201e4d7ac (chrome -content_main_runner.cc:709 ) content::ContentMainRunnerImpl::Run() 0x0000559201e5606a (chrome -main.cc:469 ) service_manager::Main(service_manager::MainParams const&) 0x0000559201e4c121 (chrome -content_main.cc:19 ) content::ContentMain(content::ContentMainParams const&) 0x00005592009d6004 (chrome -chrome_main.cc:122 ) ChromeMain 0x00007fa10826082f (libc-2.23.so + 0x0002082f ) 0x00005592009d5f4f (chrome + 0x017c5f4f ) 0x00005592008d0fff (chrome + 0x016c0fff ) 0x00007fa10e80b7ca (ld-2.23.so + 0x000107ca ) 0x00005592008d0fff (chrome + 0x016c0fff ) 0x00005592008d1028 (chrome + 0x016c1028 ) _start 0x00007ffc2f5dbfb7
,
Sep 6 2017
It seems like this crash is only happening for a single developer on her/his own webpage (which is not available), and only in a single version of chrome canary. Yang, can you take a quick look? Do you agree?
,
Sep 6 2017
Let's... keep an eye on this :)
,
Sep 21 2017
Users experienced this crash on the following builds: Mac Beta 62.0.3202.29 - 0.36 CPM, 1 reports, 1 clients (signature v8::internal::SourcePositionTableIterator::SourcePositionTableIterator) If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates. - Go/Fracas
,
Oct 20 2017
,
Mar 5 2018
This is still seen, very occasionally, and also on Windows: https://crash.corp.google.com/browse?q=product.name%3D%27Chrome%27%20AND%20expanded_custom_data.ChromeCrashProto.ptype%3D%27renderer%27%20AND%20expanded_custom_data.ChromeCrashProto.magic_signature_1.name%3D%27v8%3A%3Ainternal%3A%3ASourcePositionTableIterator%3A%3ASourcePositionTableIterator%27#productversion:1000,-magicsignature:50,-magicsignature2:50,-stablesignature:50,-magicsignaturesorted:50 Not sure if there's anything more to be done, but assigning back to Yang fora checkup.
,
Mar 6 2018
Some observations:
- Most crashes are on Win32.
- Aside from some weird stack traces, the stacks look valid (i.e. these call sites exist)
- The disassembly and register content at these crashes look very unrelated to each other. Some make no sense at all, like this:
0x5c729c53 (+0xa) : 5f pop edi
0x5c729c54 (+0xb) : 5b pop ebx
0x5c729c55 (+0xc) : 5d pop ebp
0x5c729c56 (+0xd) : c2 04 00 ret 0x4
=> 0x5c729c59 (+0x10) : 0f 0b ud2
0x5c729c5b (+0x12) : cc int3
0x5c729c5c (+0x13) : cc int3
0x5c729c5d (+0x14) : cc int3
0x5c729c5e (+0x15) : cc int3
0x5c729c5f (+0x16) : cc int3
|
||||
►
Sign in to add a comment |
||||
Comment 1 by hablich@chromium.org
, Sep 1 2017Owner: ahaas@chromium.org