Bug 30774

Summary: [V8] Missing null check after string conversion in error reporting
Product: WebKit Reporter: Mads Ager <ager>
Component: WebCore JavaScriptAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: abarth, commit-queue, dglazkov, eric
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: OS X 10.5   
Attachments:
Description Flags
Add null check.
abarth: review-
Add null check and test case. none

Mads Ager
Reported 2009-10-26 06:47:42 PDT
When reporting exceptions, we sometimes perform a string conversion on an exception object. That string conversion can fail if an exception is thrown during conversion. In that case an empty handle is returned. We need to check for that. See comment 1 and 3 of http://crbug.com/24130.
Attachments
Add null check. (1.81 KB, patch)
2009-10-26 06:53 PDT, Mads Ager 		abarth: review-
DetailsFormatted DiffDiff
Add null check and test case. (4.19 KB, patch)
2009-10-27 03:56 PDT, Mads Ager 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Mads Ager
Comment 1 2009-10-26 06:53:03 PDT
Created attachment 41863 [details] Add null check.
Adam Barth
Comment 2 2009-10-26 07:54:46 PDT
Comment on attachment 41863 [details] Add null check. Test?
Mads Ager
Comment 3 2009-10-26 09:24:06 PDT
A test would indeed be great. I haven't been able to reproduce this crash yet, but there are a number of crashes reported where we get into this situation. I'll spent some more time tomorrow attempting to reproduce.
Adam Barth
Comment 4 2009-10-26 09:26:06 PDT
You can't just throw an exception in the toString?
Mads Ager
Comment 5 2009-10-26 09:29:42 PDT
Yeah, that is not the problem. The problem is getting into this case in the code first. I need to be in a situation where the TryCatch has no message *and* the ToString operations throws an exception. The first part is the hard part - most of the time a TryCatch should have a message. I need something like a stack overflow at an unfortunate time to hit this path.
Adam Barth
Comment 6 2009-10-26 09:44:46 PDT
So, I'm supposed to lean on you to write a test, but if you complain enough that it's hard to write the test, then we can go ahead with the patch anyway. In any case, you don't need me to lecture you about testing. :)
Mads Ager
Comment 7 2009-10-27 03:56:37 PDT
Created attachment 41942 [details] Add null check and test case.
Adam Barth
Comment 8 2009-10-27 09:08:24 PDT
Comment on attachment 41942 [details] Add null check and test case. Beautiful patch. Thanks!
WebKit Commit Bot
Comment 9 2009-10-27 09:37:15 PDT
Comment on attachment 41942 [details] Add null check and test case. Rejecting patch 41942 from commit-queue. Failed to run "['/Users/eseidel/Projects/CommitQueue/WebKitTools/Scripts/svn-apply', '--reviewer', 'Adam Barth', '--force']" exit_code: 2 patching file WebCore/ChangeLog Hunk #1 succeeded at 1 with fuzz 3. patching file WebCore/bindings/v8/V8Utilities.cpp patching file LayoutTests/ChangeLog Hunk #1 succeeded at 1 with fuzz 3. patching file LayoutTests/fast/dom/error-to-string-stack-overflow-expected.txt Died at /Users/eseidel/Projects/CommitQueue/WebKitTools/Scripts/svn-apply line 438, <> line 109.
Eric Seidel (no email)
Comment 10 2009-10-27 09:44:29 PDT
Investigating the strange failure...
Eric Seidel (no email)
Comment 11 2009-10-27 09:46:21 PDT
} elsif (isGit()) { system "git", "add", $path or die; } I'm just not sure why it died yet, but I will investigate.
Eric Seidel (no email)
Comment 12 2009-10-27 10:09:25 PDT
My apologies. False rejection. I'm working on a fix to svn-apply right now. bug 30826
Eric Seidel (no email)
Comment 13 2009-10-27 10:38:52 PDT
Comment on attachment 41942 [details] Add null check and test case. svn-apply fixed. Trying again.
WebKit Commit Bot
Comment 14 2009-10-27 11:03:29 PDT
Comment on attachment 41942 [details] Add null check and test case. Clearing flags on attachment: 41942 Committed r50160: <http://trac.webkit.org/changeset/50160>
WebKit Commit Bot
Comment 15 2009-10-27 11:03:34 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.