Chrome Version: master at commit 6be942365613e726a07925f91cf0811ef4a3a576
OS: Linux
What steps will reproduce the problem?
(1) Use the debug build of Chrome.
(2) In devtools:
~~~
location.href = "http://example.com";
a = document.createElement('a');
a.href = "about:blank";
document.body.appendchild(a);
a.click();
~~~
Note that I didn't tried to minimize the reproduction steps or debug it.
StackTrace:
#
# Fatal error in ../../v8/src/inspector/v8-console.cc, line 886
# Debug check failed: success.
#
#
#
#FailureMessage Object: 0x7ffdbe887710#0 0x7f806b922c8d base::debug::StackTrace::StackTrace()
#1 0x7f806b613d3a base::debug::StackTrace::StackTrace()
#2 0x7f804e1a38d7 gin::(anonymous namespace)::PrintStackTrace()
#3 0x7f8033b7a1e8 V8_Fatal()
#4 0x7f8033b79f55 v8::base::(anonymous namespace)::DefaultDcheckHandler()
#5 0x7f804db5d9a7 v8_inspector::V8Console::CommandLineAPIScope::~CommandLineAPIScope()
#6 0x7f804db4b219 v8_inspector::InjectedScript::Scope::initialize()
#7 0x7f804db7db1f v8_inspector::V8RuntimeAgentImpl::evaluate()
#8 0x7f804db3f716 v8_inspector::protocol::Runtime::DispatcherImpl::evaluate()
#9 0x7f804db3d879 v8_inspector::protocol::Runtime::DispatcherImpl::dispatch()
#10 0x7f804db1f4e7 v8_inspector::protocol::UberDispatcher::dispatch()
#11 0x7f804db78e83 v8_inspector::V8InspectorSessionImpl::dispatchProtocolMessage()
#12 0x7f804ada29ee blink::DevToolsSession::DispatchProtocolCommand()
#13 0x7f8046d95ed4 blink::mojom::blink::DevToolsSessionStubDispatch::Accept()
#14 0x7f804ada5f63 blink::mojom::blink::DevToolsSessionStub<>::Accept()
#15 0x7f806bb76e7d mojo::InterfaceEndpointClient::HandleValidatedMessage()
#16 0x7f806bb758a1 mojo::InterfaceEndpointClient::HandleIncomingMessageThunk::Accept()
#17 0x7f806bb73d52 mojo::FilterChain::Accept()
#18 0x7f806bb79ab5 mojo::InterfaceEndpointClient::HandleIncomingMessage()
It reaches the DCHECK here:
┌──┬────────────────────────────────────────────────────────────────────────────────┐
│1 │V8Console::CommandLineAPIScope::~CommandLineAPIScope() { │
│2 │ v8::MicrotasksScope microtasksScope(m_context->GetIsolate(), │
│3 │ v8::MicrotasksScope::kDoNotRunMicrotasks);│
│4 │ m_cleanup = true; │
│5 │ v8::Local<v8::Array> names = m_installedMethods->AsArray(); │
│6 │ for (uint32_t i = 0; i < names->Length(); ++i) { │
│7 │ v8::Local<v8::Value> name; │
│8 │ if (!names->Get(m_context, i).ToLocal(&name) || !name->IsName()) continue; │
│9 │ if (name->IsString()) { │
│10│ v8::Local<v8::Value> descriptor; │
│11│ bool success = m_global │
│12│ ->GetOwnPropertyDescriptor( │
│13│ m_context, v8::Local<v8::String>::Cast(name)) │
│14│ .ToLocal(&descriptor); │
│15│> DCHECK(success); │
│16│ USE(success); │
│17│ } │
│18│ } │
│19│} │
└──┴────────────────────────────────────────────────────────────────────────────────┘
+CC dgozman@ FYI
Comment 1 by dgozman@chromium.org
, Dec 12Status: Assigned (was: Untriaged)