Crash on Chromium 63

Question

Crash on Chromium 63

Opened this issue 7 years ago · 4 comments

With the following code:

function f() {
  let n = [];
  while (true) {
    n.push(undefined);
  }
}

f() //:

100% reproducible tab crash ("Aw snap") on Chromium 63.0.3239.132 / Linux 4.14.13.
The evaluation proceeds, and the final marker is evaluated. But just after that, the tab crashes.

This does not seem to stem from an out of memory, at least no noticable increase according to window.performance.memory and the task manager.

Answer 1 · 2019-01-07T14:20:55.000Z

Does not seem to crash with shorter timeout, neither with a simpler function not using an array :

function f() {
  let i = 0;
  while (true) {
    i++;
  }
}

Answer 2 · 2019-01-08T17:25:13.000Z

More data points:

<script>
  let n = []
  while (true) {
    n.push(undefined)
  }
</script>

Crashes the tab (Chromium 71.0.3578.98). So in fact Chromium just crashes when the JS process allocates too much memory, without a clear error message. Firefox at least detects the infinite loop and prompts the user to stop it.

Not much we can do from this side, apart trying to detect the memory growing and stop the worker before the tab crashes. Or fix the Chromium bug!

Answer 3 · 2019-01-09T21:15:43.000Z

A temporary workaround would be using something like https://github.com/jsbin/loop-protect in order to add a timeout to potential infinite loops.

Answer 4 · 2019-01-10T10:08:27.000Z

It might work, but it could also result in unexpected behavior from a user point of view if your loops exit without you knowing it. Besides, we already have a global timeout to terminate the worker. The problem is that the worker crashes the tab before the timeout ends!