Hi!
While working on upgrading php-v8 extension from 6.5.144 to 6.6.275 I find
a strange issue: when promise in non-pending stage get resolved/rejected,
application fails with segfault. While it's an edge case, it still possible
in userland and luckily it was covered by php-v8 unit tests.
As v8 API says that calling resolve/reject on a promise in non-pending
state should have no effect, I find this segfault a bit strange. Could it
be some regression or so?
Here's minimal example to reproduce the issue: hello_world.cpp
#include <v8.h>
#include <libplatform/libplatform.h>
#include <stdlib.h>
#include <string.h>
using namespace v8;
int main(int argc, char* argv[]) {
// Initialize V8.
//v8::V8::InitializeICU();
std::unique_ptr<v8::Platform> platform = v8::platform::NewDefaultPlatform
();
v8::V8::InitializePlatform(platform.get());
V8::Initialize();
v8::Isolate::CreateParams create_params;
create_params.array_buffer_allocator = v8::ArrayBuffer::Allocator::
NewDefaultAllocator();
// Create a new Isolate and make it the current one.
Isolate* isolate = v8::Isolate::New(create_params);
v8::Persistent<v8::String> test;
{
Isolate::Scope isolate_scope(isolate);
// Create a stack-allocated handle scope.
HandleScope handle_scope(isolate);
// Create a new context.
Local<Context> context = Context::New(isolate);
// Enter the context for compiling and running the hello world script.
Context::Scope context_scope(context);
Local<String> local_value = String::NewFromUtf8(isolate, "test");
v8::MaybeLocal<v8::Promise::Resolver> maybe_local_resolver = v8::Promise
::Resolver::New(context);
v8::Local<v8::Promise::Resolver> local_resolver = maybe_local_resolver.
ToLocalChecked();
local_resolver->Resolve(context, local_value);
local_resolver->Resolve(context, local_value);
}
// Dispose the isolate and tear down V8.
isolate->Dispose();
V8::Dispose();
V8::ShutdownPlatform();
return 0;
}
Build on macOS with
ROOT=/usr/local/opt/v8@6.6
LIB_DIR=$ROOT/lib/
SRC_DIR=$ROOT
INCLUDE_DIR=$ROOT/include
g++ hello_world.cpp -o hello_world \
-Wno-unused-result \
-g \
-O2 \
-std=c++14 \
-I$SRC_DIR \
-I$INCLUDE_DIR \
-L$LIB_DIR \
-lv8_libbase \
-lv8_libplatform \
-lv8 \
-lpthread
install_name_tool -add_rpath $LIB_DIR hello_world
And fails with
$ ./hello_world
Received signal 11 SEGV_MAPERR 00000000000a
==== C stack trace ===============================
[0x000106d8ff14]
[0x7fff6ca6bf5a]
[0x0001072d0984]
[0x000106de95e8]
[0x000106d79bb2]
[0x7fff6c7ea115]
[0x000000000001]
[end of stack trace]
Segmentation fault: 11
Same issue on linux - https://travis-ci.org/pinepain/php-v8/jobs/344550482
(scroll to the bottom).
I would really appreciate any help here as I'm not quite sure whether it's
an issue on my side or some regression/bug in v8.
Regards,
Bogdan
--
--
v8-users mailing list
v8-users@googlegroups.com
http://groups.google.com/group/v8-users
---
You received this message because you are subscribed to the Google Groups
"v8-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to v8-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
