Fix out-of-memory crashes related to ArrayBuffer allocation

third_party/WebKit/Source/core/fileapi/FileReaderSync.cpp

Index: third_party/WebKit/Source/core/fileapi/FileReaderSync.cpp
diff --git a/third_party/WebKit/Source/core/fileapi/FileReaderSync.cpp b/third_party/WebKit/Source/core/fileapi/FileReaderSync.cpp
index b2b8004c030b0422539343b98879f1aa38003944..def482d719656a40f7f486b6cef08e0a80429f00 100644
--- a/third_party/WebKit/Source/core/fileapi/FileReaderSync.cpp
+++ b/third_party/WebKit/Source/core/fileapi/FileReaderSync.cpp
@@ -55,7 +55,14 @@ PassRefPtr<DOMArrayBuffer> FileReaderSync::readAsArrayBuffer(ExecutionContext* e
     FileReaderLoader loader(FileReaderLoader::ReadAsArrayBuffer, nullptr);
     startLoading(executionContext, loader, *blob, exceptionState);
 
-    return loader.arrayBufferResult();
+    RefPtr<DOMArrayBuffer> result = loader.arrayBufferResultOrNull();
+    // FIXME(crbug.com/536816): Instead of crashing on OOM here, we should
+    // probably throw a RangeError exception which is what the ECMAScript
+    // spec says to do when allocation fails. However, the File API spec
+    // would need to be modified to state that execption thrown by referenced
+    // procedures are re-thrown.
+    RELEASE_ASSERT(result); // This is essentially an OOM crash
+    return result.release();
 }
 
 String FileReaderSync::readAsBinaryString(ExecutionContext* executionContext, Blob* blob, ExceptionState& exceptionState)