promises: more robust stringification

[TimothyGu]

Fixes: #13771

Checklist

• make -j4 test (UNIX), or vcbuild test (Windows) passes
• tests and/or benchmarks are included
• commit message follows commit guidelines

Affected core subsystem(s)

promises

[bnoordhuis]

Swallowing exceptions seems like an - wait for it - exceptionally bad idea to me. The test case in #13771 works the way I would expect it to.

[jasnell]

I'm not too keen on this either. I'd almost prefer to go in the other direction and just make it:

const warning = new Error('Unhandled promise rejection ' +
                          `(rejection id: ${uid}): ${reason}`);

[TimothyGu]

@bnoordhuis While I would generally agree with that sentiment, this case is a special one, since the thrown error is uncatchable.

@jasnell That would mean reverting #11640.

[bnoordhuis]

All the more reason to let it bubble up. If .toString() throws an exception, something is probably deeply wrong with the application. Moving on as if nothing happened is just bad.

The more I think about it, the more I'm -1.

[benjamingr]

I don't think we should test this part, the below is good.

[benjamingr]

All the more reason to let it bubble up. If .toString() throws an exception, something is probably deeply wrong with the application. Moving on as if nothing happened is just bad.

The issue isn't that toString threw an exception - is that Node using your code to give you a warning invoked toString which threw an error.

If no node side promise hooks were involved - the code wouldn't throw and the server wouldn't crash. Here, adding instrumentation can crash the server which is not a great idea.

[benjamingr]

I would prefer to have something like <toString() threw exception ${ex}> with an error instance that preserves both the original and new error.

That said, what we should do is align with browser behavior (I don't think this is good enough reason to diverge) - did anyone check what chrome's hooks do?

[TimothyGu]

@benjamingr

I would prefer to have something like <toString() threw exception ${ex}>

Here, you are coercing ex to a string again… and so you see the challenge.

did anyone check what chrome's hooks do?

Chrome's Dev Tools offers to inspect the object and doesn't invoke any methods to serialize it.

[addaleax]

LGTM, I’m good with this change for the reasons @benjamingr mentioned

[benjamingr]

Here, you are coercing ex to a string again… and so you see the challenge.

@TimothyGu I'm sorry if it wasn't clear from my comment, but I'm +1 on these changes and the pull request.

It is unreasonable to swallow exceptions when the user causes them but it is unacceptable to crash the process for something the user didn't do for our internal tooling

[bnoordhuis]

Making my -1 explicit so it's not overlooked.

Swallowing arbitrary exceptions is tantamount to process.on('uncaughtException', () => {}), it leaves the process in an undefined state.

It's bad enough when users do it. It has no place in core.

[addaleax]

@nodejs/ctc

[mcollina]

I am -0 on this matter, as swallowing the exception does not give me the reason for that exception and that stacktrace. So it would total to 2 exceptions that should have crashed my process and didn't.

However this does make the situation somewhat better, but I'd prefer to have node 9 enforcing that deprecation, which would lead to this code being removed anyway.

In case anyone is interested, I wrote this: https://github.com/mcollina/make-promises-safe

[mcollina]

can you please include the message of that error?

[addaleax]

@mcollina Keep in mind that err can be any JS value, and practically any operation we do with it can lead to yet another exception.

[mcollina]

I'm ok for crashing badly in that case. It's always better to crash in those situations.

[joyeecheung]

If even the error thrown can not be stringified safely then IMO it's reasonable to crash with what we've got. Not including the error message makes it more confusing than what it is now if you have no idea whose toString() is throwing...

[Fishrock123]

What can a promise be rejected with that can't either be stringified in some way or util/inspect-ed?

I suppose if toString() throws we could either inspect the object or just <Object>.prototype.toString()?

[addaleax]

@Fishrock123 A promise can be rejected with any JS value, and inspecting that is not foolproof.

Also, since we have [Symbol.toStringTag], Object.prototype.toString() may throw as well.

[thefourtheye]

This message, as it is, will not be clear to the users. Maybe something like, "stringifying promise rejection reason failed" would be better?

[addaleax]

@thefourtheye The final error message already contains the information that it’s about promise rejection reasons, so that would be duplicating a lot. Also, I think V8 reports the same literal string in similar scenarios.

[benjamingr]

I want to point out that this is not swallowing an error, this is Node's instrumentation causing an error and then swallowing that internal error.

If we didn't have the promise hooks in place the error would not occur in the first place. It just happens to be an error. If no exception was thrown would that help with your objection @bnoordhuis ? (We can check explicitly for what error is)

• Check if it's an object.
• If it's not - String it and return.
• Check if it is an Error object.
• If it is, assume it has a stack and print it and its stack.
• If it's not, go over the keys and print the keys (does util.inspect do that?). This is what chrome does.

However, I think that's way more complicated than checking if it threw an exception and catching that - it's an exception we're throwing and we're catching and I'm having a really hard time coming with a realistic case where I'd prefer to crash the user's server for something they didn't do.

[mcollina]

However, I think that's way more complicated than checking if it threw an exception and catching that - it's an exception we're throwing and we're catching and I'm having a really hard time coming with a realistic case where I'd prefer to crash the user's server for something they didn't do.

We are not throwing that exception, a user custom toString() method is. IMHO we should not call toString() at all. util.inspect might be a good idea.

I would note that we are already swallowing an error and not crashing. It's the full point of 'unhandledRejection' and this deprecation. It's always better to crash vs swallowing/not handling an exception, as swallowing can make file descriptors and other native resources leak.

[TimothyGu]

util.inspect might be a good idea.

Unfortunately util.inspect may crash also because it calls property getters that may throw. Heck, even Object.prototype.toString might throw if the Symbol.toStringTag property is implemented as a getter. Unlike Dev Tools, we are simply not in a position to print anything about the object without worrying about side effects. In this light, toString is the best we can do other than not trying to do anything about the object more than printing rejection value: object, which would be a great shame as most of promise rejection values are just plain Error objects.

[mcollina]

I like the proposal @benjamingr did in #13784 (comment). It's complex, but I can see that topic coming up more and more often.

[bnoordhuis]

If no exception was thrown would that help with your objection

If you mean inspecting the value in a way that no user code is invoked, making it impossible for exceptions to occur - yes, that's a good approach.

[bnoordhuis]

I'm removing the ctc-review label, please add it back if you think that is a mistake.

[addaleax]

@bnoordhuis @nodejs/ctc I do think we should come to a conclusion on this, and I do think this is the right thing to do, so I’m adding it to the CTC agenda.

[hashseed]

git blame says it was last touched in 2015, and if memory serves me correctly we had that long before that.

[MylesBorins]

@TimothyGu this will need to be manually backported if we are going to land on v6.x. Please lmk if you want to do this, as an alternative we can decide not to land

[bnoordhuis]

does anyone know which version of v8 v8::Value::ToDetailString()was introduced in?

I think it's been in V8 since its first public release. I know for a fact it was in node.js v0.0.1!

[TimothyGu]

This should definitely go into v6.x. But, I'll have limited time and availability over the break so it would be great if someone else could take care of this.

[TimothyGu]

Backported to v6.x in #17833.