Description
Version
v22.11.0
Platform
Darwin 23.6.0 Darwin Kernel Version 23.6.0
I also tested it on Linux machine.
Subsystem
No response
What steps will reproduce the bug?
Hi,
I want to report a node bug. It can reproduced by running the following PoC, node.js gives a FATAL error.
const {spawn} = require('child_process');
Object.defineProperty(Array.prototype, "0", {
set(){
console.log(123);
}
});
spawn("ls");Please note that this bug differs from the reported here.
AH.
How often does it reproduce? Is there a required condition?
By just running the given code, node runtime gives node crash.
What is the expected behavior? Why is that the expected behavior?
Not a crash, by looking at the stack trace, it is connected to v8::ToLocalChecked Empty MaybeLocal.
What do you see instead?
FATAL ERROR: v8::ToLocalChecked Empty MaybeLocal
FATAL ERROR: v8::ToLocalChecked Empty MaybeLocal
----- Native stack trace -----
1: 0x10bdd2277 node::OnFatalError(char const*, char const*)
2: 0x10c025171 v8::Utils::ReportApiFailure(char const*, char const*)
3: 0x10bef84cc node::(anonymous namespace)::ProcessWrap::Spawn(v8::FunctionCallbackInfov8::Value const&)
4: 0x10cb21a62 Builtins_CallApiCallbackGeneric [~/node/v22.11.0/bin/node]
----- JavaScript stack trace -----
1: ChildProcess.spawn (node:internal/child_process:395:28)
2: spawn (node:child_process:759:9)
3: ${PATH_TO_POC}
4: node:internal/modules/cjs/loader:1546:14
5: node:internal/modules/cjs/loader:1689:10
6: node:internal/modules/cjs/loader:1318:32
7: node:internal/modules/cjs/loader:1128:12
8: traceSync (node:diagnostics_channel:315:14)
9: wrapModuleLoad (node:internal/modules/cjs/loader:218:24)
10: executeUserEntryPoint (node:internal/modules/run_main:170:5)
Additional information
No response