New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 791772 link

Starred by 0 users
Status: Duplicate
Owner:
petermarshall@chromium.org
Closed: Dec 2017
Cc:
susanjuniab@chromium.org
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Mac
Pri: 1
Type: Bug-Regression



Sign in to add a comment

Crash on invoking console.log with a long string

Reported by woxxom@gmail.com, Dec 4 2017 
UserAgent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3202.94 Safari/537.36

Steps to reproduce the problem:
1. open the attached test.html

What is the expected behavior?
"SUCCESS" is shown in the page

What went wrong?
The tab crashes

Crashed report ID: 

How much crashed? Just one tab

Is it a problem with a plugin? No 

Did this work before? Yes 61

Chrome version: 62.0.3202.94  Channel: n/a
OS Version: 6.1 (Windows 7, Windows Server 2008 R2)
Flash Version: Shockwave Flash 27.0 r0

Bisect info: 489256 (good) - 489264 (bad)
https://chromium.googlesource.com/chromium/src/+log/4d13c388..9bd6882a?pretty=fuller

The obvious CL is V8 e8c9649e2570c7e278e70a6584738a3c3f828b2b = https://crrev.com/c/570047 by petermarshall@chromium.org
"[builtins] Increase the maximum string length on 64-bit platforms."
Committed to Chromium in r489257 "Update V8 to version 6.2.20"
Landed in 62.0.3167.0

Apparently, the suspected commit simply exposed bugs in other parts of the browser - like the console API or whatever it's connected to.
test.html
85 bytes View Download

Comment 1 by woxxom@gmail.com, Dec 4 2017 

TE@, the bug is reproduced in 64-bit Chrome.

Comment 2 by susanjuniab@chromium.org, Dec 5 2017

Cc: susanjuniab@chromium.org
Labels: -Pri-2 hasbisect-per-revision M-65 Needs-Triage-M62 OS-Linux OS-Mac Pri-1
Owner: petermarshall@chromium.org
Status: Assigned (was: Unconfirmed)
woxxom@ Thanks for the issue.

Able to reproduce this issue on Windows 7, Mac OS 10.12.6 and Ubuntu 14.04 using the latest Canary 65.0.3285.0 and Stable 62.0.3202.94 with the steps mentioned in the original comment.

Bisect Information:
=====================
Good build: 62.0.3166.0 (Revision-489161)
Bad Build : 62.0.3167.0 (Revision-489499)

By executing the per-revision bisect script, below is the change log URL.

Change Log URL: 
===============
https://chromium.googlesource.com/chromium/src/+log/4d13c388da25c88cd81d46eb2909e246a7b55d55..4b706241c6a6e225b6031fff4137e51fc2b078c3

From the above change log the possible CL suspect is:
Reviewed-on: https://chromium-review.googlesource.com/570047

petermarshall@ Could you please check whether this issue is caused with respect to your change, if not please help us in assigning it to the right owner.


Thanks...

Comment 3 by petermarshall@chromium.org, Dec 7 2017

Status: Started (was: Assigned)

Comment 4 by petermarshall@chromium.org, Dec 7 2017

Mergedinto: 772468
Status: Duplicate (was: Started)
Looks like this is the exact same issue - There is a size limit for IPCs on the blink side. Raising the max string size just exposed the issue.

Sign in to add a comment