New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 797573 link

Starred by 1 user
Status: Fixed
Owner:
kozy@chromium.org
Closed: Jan 2018
Cc:
junov@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: ----
Pri: 2
Type: Bug

Blocked on:
issue 676131
issue 792838


Sign in to add a comment

OffscreenCanvas's commit loop triggers DevTools crash

Project Member Reported by kainino@chromium.org, Dec 25 2017 
Reproducible on:
 Chrome 65.0.3298.3 / Arch Linux
 Chrome 65.0.3303.0 / macOS 10.12.6

(0) Start Chrome with --enable-experimental-canvas-features (or enable it from chrome://flags).
(1) Open the repro case.
(2) Open DevTools - it should immediately hit a breakpoint (via `debugger;`).
(3) Inspect the value of any JS variable (by hovering with the mouse).
(4) Observe renderer process crash.

Repro (also attached):
https://rawgit.com/kainino0x/1d8cee669637a5601b176c23c16547dd/raw/4a5e297d3bb9f98a13d6ddd983057c8df7837a64/offscreencanvas-devtools-crash.html

Two sample crash IDs:
https://crash.corp.google.com/ccc007eac9c076f2 - Linux
https://crash.corp.google.com/34e0b8154a42992f - macOS
Potentially related to issue 792838, based on similar stack trace.

Seems related to  issue 676131  since I couldn't reproduce if I didn't use the OffscreenCanvas Promise-based animation callback.
offscreencanvas-devtools-crash.html
636 bytes View Download

Comment 1 by alph@chromium.org, Dec 26 2017

Owner: kozy@chromium.org
Status: Assigned (was: Untriaged)

Comment 2 by kainino@chromium.org, Dec 27 2017

Labels: -Pri-3 Pri-2
FYI, I saw a very similar crash later while debugging a fetch()-related promise in a Worker as well. I didn't look up the crash so I don't know it was the same one, but it manifested in the same way. So this problem probably isn't OffscreenCanvas-specific.

Tentatively bumping to P2 since I think it doesn't require --enable-experimental-canvas-features to trigger.
Project Member

Comment 3 by bugdroid1@chromium.org, Jan 2 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/ea7499df6ddbe09bc3c141866d42bebe15605599

commit ea7499df6ddbe09bc3c141866d42bebe15605599
Author: Alexey Kozyatinskiy <kozyatinskiy@chromium.org>
Date: Tue Jan 02 16:43:53 2018

[debugger] do not try to find saved context before DebugEvaluate::Local

Current implementation produces crashes since sometimes saved context
is empty. It looks like we do not need to restore saved context since
we do not set debug context as current, at least all tests are passed.

R=yangguo@chromium.org

Bug:  chromium:797573 ,chromium:792838
Change-Id: I1271640f6a18cbaaecfa1e99ed9ac28e0dbbb1da
Reviewed-on: https://chromium-review.googlesource.com/844979
Reviewed-by: Yang Guo <yangguo@chromium.org>
Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50327}
[modify] https://crrev.com/ea7499df6ddbe09bc3c141866d42bebe15605599/src/debug/debug-evaluate.cc

Comment 4 by kozy@chromium.org, Jan 2 2018

Status: Fixed (was: Assigned)
Project Member

Comment 5 by bugdroid1@chromium.org, Jan 2 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/2a8e1e4a9470bc3a92c58fde069901497a3f3fed

commit 2a8e1e4a9470bc3a92c58fde069901497a3f3fed
Author: Bill Budge <bbudge@chromium.org>
Date: Tue Jan 02 20:57:32 2018

Revert "[debugger] do not try to find saved context before DebugEvaluate::Local"

This reverts commit ea7499df6ddbe09bc3c141866d42bebe15605599.

Reason for revert: Speculative, but this CL seems correlated with a bunch of timeouts on Linux:

https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/19540

Original change's description:
> [debugger] do not try to find saved context before DebugEvaluate::Local
> 
> Current implementation produces crashes since sometimes saved context
> is empty. It looks like we do not need to restore saved context since
> we do not set debug context as current, at least all tests are passed.
> 
> R=​yangguo@chromium.org
> 
> Bug:  chromium:797573 ,chromium:792838
> Change-Id: I1271640f6a18cbaaecfa1e99ed9ac28e0dbbb1da
> Reviewed-on: https://chromium-review.googlesource.com/844979
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50327}

TBR=yangguo@chromium.org,kozyatinskiy@chromium.org

Change-Id: I543201698c96c9762c481c1f6012cc13cb712842
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:797573 , chromium:792838
Reviewed-on: https://chromium-review.googlesource.com/846205
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50331}
[modify] https://crrev.com/2a8e1e4a9470bc3a92c58fde069901497a3f3fed/src/debug/debug-evaluate.cc
Project Member

Comment 6 by bugdroid1@chromium.org, Jan 2 2018 

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/781fa72608f8bbcc3ed06bc80e51db0451b5bbfb

commit 781fa72608f8bbcc3ed06bc80e51db0451b5bbfb
Author: Bill Budge <bbudge@chromium.org>
Date: Tue Jan 02 23:38:12 2018

Revert "Revert "[debugger] do not try to find saved context before DebugEvaluate::Local""

This reverts commit 2a8e1e4a9470bc3a92c58fde069901497a3f3fed.

Reason for revert: Time outs were caused by infra issues.

Original change's description:
> Revert "[debugger] do not try to find saved context before DebugEvaluate::Local"
> 
> This reverts commit ea7499df6ddbe09bc3c141866d42bebe15605599.
> 
> Reason for revert: Speculative, but this CL seems correlated with a bunch of timeouts on Linux:
> 
> https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20nosnap/builds/19540
> 
> Original change's description:
> > [debugger] do not try to find saved context before DebugEvaluate::Local
> > 
> > Current implementation produces crashes since sometimes saved context
> > is empty. It looks like we do not need to restore saved context since
> > we do not set debug context as current, at least all tests are passed.
> > 
> > R=​yangguo@chromium.org
> > 
> > Bug:  chromium:797573 ,chromium:792838
> > Change-Id: I1271640f6a18cbaaecfa1e99ed9ac28e0dbbb1da
> > Reviewed-on: https://chromium-review.googlesource.com/844979
> > Reviewed-by: Yang Guo <yangguo@chromium.org>
> > Commit-Queue: Aleksey Kozyatinskiy <kozyatinskiy@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#50327}
> 
> TBR=yangguo@chromium.org,kozyatinskiy@chromium.org
> 
> Change-Id: I543201698c96c9762c481c1f6012cc13cb712842
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Bug:  chromium:797573 , chromium:792838
> Reviewed-on: https://chromium-review.googlesource.com/846205
> Reviewed-by: Bill Budge <bbudge@chromium.org>
> Commit-Queue: Bill Budge <bbudge@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#50331}

TBR=bbudge@chromium.org,yangguo@chromium.org,kozyatinskiy@chromium.org

Change-Id: I44e916c796b935c372ce418a3fad44aa25d6f863
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:797573 , chromium:792838
Reviewed-on: https://chromium-review.googlesource.com/848132
Reviewed-by: Bill Budge <bbudge@chromium.org>
Commit-Queue: Bill Budge <bbudge@chromium.org>
Cr-Commit-Position: refs/heads/master@{#50332}
[modify] https://crrev.com/781fa72608f8bbcc3ed06bc80e51db0451b5bbfb/src/debug/debug-evaluate.cc

Sign in to add a comment