toLocaleDateString() crashes embedded V8 with SIGTRAP

[maciej-trebacz]

Calling locale-aware date formatting inside secure-exec crashes the embedded V8 runtime process instead of returning a normal JS exception.

Repro:

const runtime = new NodeRuntime({
  systemDriver: createNodeDriver({
    permissions: allowAll,
    processConfig: {
      cwd: "/root",
      env: {
        TZ: "UTC",
      },
    },
  }),
  runtimeDriverFactory: {
    createRuntimeDriver: (runtimeOptions) =>
      new NodeExecutionDriver(runtimeOptions),
  },
  memoryLimit: memoryLimitMb,
  cpuTimeLimitMs: 10_000,
  timingMitigation: "freeze",
});

const crashingResult = await runtime.run(`
  const d = new Date(1775666102.269619 * 1000);
  export default d.toLocaleDateString("en-GB", {
    month: "short",
    day: "numeric",
    hour: "2-digit",
    minute: "2-digit",
    timeZone: "Europe/Warsaw",
  });`, 
"/root/locale-date-crash.mjs");

Plain Date usage works. The crash starts when locale-aware formatting is invoked.

Actual result

V8 runtime process killed by signal SIGTRAP

Child stderr includes a fatal OOM in ICU/V8:

Fatal process out of memory: DateTimePatternGeneratorCache::CreateGenerator

Versions

• secure-exec: 0.2.1
• @secure-exec/v8: 0.2.1
• Reproduced on macOS arm64

Notes

• This does not appear to be caused by input size.

[maciej-trebacz]

Follow-up after digging into this locally:

• This reproduces even when bypassing NodeExecutionDriver entirely and calling @secure-exec/v8 directly with bridgeCode: "", so it does not look like a bug in the JS bridge.
• The native runtime ends up using the stripped ICU blob from rusty_v8 (third_party/icu/flutter_desktop/icudtl.dat). native/v8-runtime/build.rs falls back to that when third_party/icu/common/icudtl.dat is missing.
• The published v8 crate excludes third_party/icu/common/icudtl.dat / icudtb.dat from the crate package to stay under crates.io's size limit, so in practice that fallback is what gets used.
• The Flutter desktop ICU dataset filters out locale / zone / currency / region data (locales_tree, zone_tree, etc.), which matches the behavior here: Intl.DateTimeFormat.supportedLocalesOf([...]) returns [], Number#toLocaleString() throws TypeError: Internal error. Icu error., and DateTimeFormat eventually aborts in DateTimePatternGeneratorCache::CreateGenerator.
• Replacing that stripped blob with the full common/icudtl.dat from the exact ICU revision pinned by v8/DEPS made the problem disappear locally: supportedLocalesOf, number formatting, and the original toLocaleDateString() repro all started working.

So the underlying issue seems to be:

1. secure-exec accepts an ICU fallback that is too stripped down for exposing full JS Intl.
2. V8 reacts badly to that missing data in the date/time path and aborts instead of surfacing a normal JS exception.

The lowest-level fix looks like requiring a full common/icudtl.dat here (or an explicit path to one) instead of silently accepting flutter_desktop / chromecast_video, plus a small native smoke test around Intl.DateTimeFormat / NumberFormat so this does not regress.