Bug 53596 - [v8] Properly process exceptions thrown while converting objects to string in HTMLDocument.write{,ln} methods
Summary: [v8] Properly process exceptions thrown while converting objects to string in...
Status: RESOLVED INVALID
Alias: None
Product: WebKit
Classification: Unclassified
Component: WebCore Misc. (show other bugs)
Version: 528+ (Nightly build)
Hardware: All All
: P2 Normal
Assignee: anton muhin
URL:
Keywords:
Depends on: 53601
Blocks:
  Show dependency treegraph
 
Reported: 2011-02-02 08:05 PST by anton muhin
Modified: 2013-09-01 10:35 PDT (History)
5 users (show)

See Also:

Attachments
Patch (5.50 KB, patch)
2011-02-02 09:21 PST, anton muhin 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description anton muhin 2011-02-02 08:05:57 PST 
[v8] Properly process exceptions thrown while converting objects to string in HTMLDocument.write{,ln} methods
Comment 1 anton muhin 2011-02-02 08:40:36 PST 
This is a fix for 1st crash in http://code.google.com/p/chromium/issues/detail?id=71544

I am going to eventually nuke all unsafe uses of v8ValueToWebCoreString, but it require several patches )I think).

I am going to make PSA asking v8 bindings hacking people do not use v8ValueToWebCoreString and friends.
Comment 2 anton muhin 2011-02-02 09:21:23 PST 
Created attachment 80920 [details]
Patch
Comment 3 anton muhin 2011-02-02 09:22:14 PST 
Comment on attachment 80920 [details]
Patch

Pending on https://bugs.webkit.org/show_bug.cgi?id=53601
Comment 4 David Levin 2011-02-02 09:57:56 PST 
(In reply to comment #1)
> This is a fix for 1st crash in http://code.google.com/p/chromium/issues/detail?id=71544
> 
> I am going to eventually nuke all unsafe uses of v8ValueToWebCoreString, but it require several patches )I think).
> 
> I am going to make PSA asking v8 bindings hacking people do not use v8ValueToWebCoreString and friends.

fwiw, you could write a check in the style checker to catch this automatically (source at Tools/Scripts/webkitpy/style/checkers/cpp.py).
Comment 5 anton muhin 2011-02-02 09:59:36 PST 
(In reply to comment #4)
> (In reply to comment #1)
> > This is a fix for 1st crash in http://code.google.com/p/chromium/issues/detail?id=71544
> > 
> > I am going to eventually nuke all unsafe uses of v8ValueToWebCoreString, but it require several patches )I think).
> > 
> > I am going to make PSA asking v8 bindings hacking people do not use v8ValueToWebCoreString and friends.
> 
> fwiw, you could write a check in the style checker to catch this automatically (source at Tools/Scripts/webkitpy/style/checkers/cpp.py).

Very nice idea, David, thanks a lot.  I'll do it if we decide to deprecate this behaviour.
Comment 6 Alexey Proskuryakov 2011-02-03 11:09:26 PST 
Is this problem unique to v8, or does it also affect JSC?
Comment 7 Adam Barth 2011-02-03 11:16:52 PST 
(In reply to comment #6)
> Is this problem unique to v8, or does it also affect JSC?

Presumably if the tests pass in JSC, it's not a problem in JSC.
Comment 8 anton muhin 2011-02-03 11:18:32 PST 
This patch solves the issue with HTMLDocument::write and writeln not exiting quickly when first argument throwing an exception is met.  So it's a solution for Chromium for https://bugs.webkit.org/show_bug.cgi?id=53601.

And no, tests do not pass under Safari, again, see https://bugs.webkit.org/show_bug.cgi?id=53601

(In reply to comment #6)
> Is this problem unique to v8, or does it also affect JSC?
Comment 9 Alexey Proskuryakov 2011-02-03 12:16:42 PST 
I believe that we normally want bug to bug compatibility for such things, when possible.
Comment 10 anton muhin 2011-02-04 03:13:08 PST 
(In reply to comment #9)
> I believe that we normally want bug to bug compatibility for such things, when possible.

That's precisely why I removed r? and marked this bug as blocked by https://bugs.webkit.org/show_bug.cgi?id=53601 :)
Comment 11 Anders Carlsson 2013-09-01 10:35:03 PDT 
V8 is gone.