ReadableStreamDefaultControllerWrapper uses ToLocalChecked |
|
Issue descriptionReadableStreamDefaultControllerWrapper calls into ReadableStream.js operations and assumes that the calls can't fail. Unfortunately, due to stack overflow and other reasons they can fail. The methods all use ToLocalChecked, and so they will crash on exceptions. The methods need to be modified to take an ExceptionState argument and handle exceptions from JavaScript properly.
,
Jul 6
We have a fair number of crashes due to this in blink::ReadableStreamDefaultControllerWrapper::Close(): https://crash.corp.google.com/browse?q=expanded_custom_data.ChromeCrashProto.magic_signature_1.name%3D%27%5BAssert%5D+v8%3A%3AV8%3A%3AToLocalEmpty%27+AND+EXISTS+%28SELECT+1+FROM+UNNEST%28CrashedStackTrace.StackFrame%29+WHERE+FunctionName%3D%27blink%3A%3AReadableStreamDefaultControllerWrapper%3A%3AClose%28%29%27%29#samplereports There are some in the other methods but they're much less frequent. |
|
►
Sign in to add a comment |
|
Comment 1 by ricea@chromium.org
, Jul 6