Status: New
Owner: ----
New issue 3569 by [email protected]: v8 Crash attempting to build
string too long error.
https://code.google.com/p/v8/issues/detail?id=3569
In chrome://tracing we make an XMLHttpRequest to get the tracing data to
load. This request will load up all of the trace JSON data and send it back
to tracing. We have a trace file which, appears, to be too long for V8 (the
trace file is 421M). This triggers the (length > String::kMaxLength) check
in src/factory.cc:485.
When v8 attempts to create the error message, it crashes with the below
message:
v8::internal::Context::native_context (this=<optimized out>)
at ../../v8/src/contexts.cc:48
48 if (global_object()->IsGlobalObject()) {
(gdb) bt
#0 v8::internal::Context::native_context (this=<optimized out>)
at ../../v8/src/contexts.cc:48
#1 0x00007ffff5d5944c in v8::internal::Factory::NewJSArray
(this=<optimized out>, elements_kind=<optimized out>, pretenure=<optimized
out>)
at ../../v8/src/factory.cc:1615
#2 0x00007ffff5d54a91 in NewJSArrayWithElements (this=<optimized out>,
elements_kind=v8::internal::FAST_HOLEY_ELEMENTS,
pretenure=v8::internal::NOT_TENURED, elements=..., length=<optimized
out>) at ../../v8/src/factory.cc:1640
#3 NewJSArrayWithElements
(elements_kind=v8::internal::FAST_HOLEY_ELEMENTS,
pretenure=v8::internal::NOT_TENURED, this=<optimized out>, elements=...)
at ../../v8/src/factory.h:421
#4 v8::internal::Factory::NewError (this=<optimized out>, maker=<optimized
out>, message=<optimized out>, args=...) at ../../v8/src/factory.cc:1117
#5 0x00007ffff5d4cc02 in NewRangeError (this=<optimized out>,
message=<optimized out>, args=...) at ../../v8/src/factory.cc:1072
#6 NewInvalidStringLengthError (this=<optimized out>)
at ../../v8/src/factory.h:525
#7 v8::internal::Factory::NewConsString (this=<optimized out>, left=...,
right=...) at ../../v8/src/factory.cc:489
#8 0x00007ffff5be8a2f in v8::String::Concat (left=..., right=...)
at ../../v8/src/api.cc:5556
#9 0x00007fffedb24238 in blink::ScriptString::concatenateWith
(this=0x3ce98a788388, string=...)
at ../../third_party/WebKit/Source/bindings/core/v8/ScriptString.cpp:72
#10 0x00007fffef1776f2 in blink::XMLHttpRequest::didReceiveData
(this=0x3ce98a788010,
data=0x7fffb31b8000 ' ' <repeats 110 times>, "-12.0, \n", ' ' <repeats
82 times>..., len=32768)
at ../../third_party/WebKit/Source/core/xml/XMLHttpRequest.cpp:1445
#11 0x00007fffef177aa5 in non-virtual thunk to
blink::XMLHttpRequest::didReceiveData(char const*, int) ()
at ../../third_party/WebKit/Source/core/xml/XMLHttpRequest.cpp:1467
#12 0x00007fffef085f5f in
blink::DocumentThreadableLoader::handleReceivedData (this=0x3ce98a6f4f10,
data=0x7fffb31b8000 ' ' <repeats 110 times>, "-12.0, \n", ' ' <repeats
82 times>..., dataLength=32768)
at ../../third_party/WebKit/Source/core/loader/DocumentThreadableLoader.cpp:410
#13 0x00007fffef085e8d in blink::DocumentThreadableLoader::dataReceived
(this=0x3ce98a6f4f10, resource=0x3ce98abf5c10,
data=0x7fffb31b8000 ' ' <repeats 110 times>, "-12.0, \n", ' ' <repeats
82 times>..., dataLength=32768)
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
