Have you tried debugging it? Does a Debug build perhaps run into some
DCHECK failure with an insightful error message?
Generally speaking, it's not surprising that things are created lazily
(e.g. the scope info is created as part of lazy compilation); but the
implementation of SharedFunctionInfo::scope_info looks like it should
*always* give you a valid ScopeInfo (possibly the canonical empty
ScopeInfo); if it doesn't do that, then it would be interesting to
understand why.
On Tue, May 20, 2025 at 10:59 PM Sam Cao <sjtucao...@gmail.com> wrote:
> Hello,
>
> I'd like to report a weird crash issue from V8 v13.5 to v13.7.
>
> - Compile and run the following code in V8, then get an instance of
> v8::internal::JSFunction.
>
> (() => {
> let a = 1;
> let b = 3;
> return () => a + b + 1;
> })();
>
> - Get v8::internal::SharedFunctionInfo from
> v8::internal::JSFunction::shared().
> - Get v8::internal::ScopeInfo from v8::internal:: SharedFunctionInfo
> ::scope_info(v8::kAcquireLoad).
> - Call v8::internal::ScopeInfo::scope_type() and V8 crashes.
>
> It seems v8::internal::ScopeInfo is not fully initialized and the memory
> is corrupted in this case. Most of the API crash as well. E.g. IsEmpty(),
> Flags(), etc. If I run that function, the memory corruption will be fixed
> and there will be no more crashes.
> My test env is: Windows 10 64bit + Visual Studio 2022 v17.13.6 + V8
> v13.5-v13.7.
>
> Best regards,
> Sam
>
>
--
--
v8-users mailing list
v8-users@googlegroups.com
http://groups.google.com/group/v8-users
---
You received this message because you are subscribed to the Google Groups
"v8-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to v8-users+unsubscr...@googlegroups.com.
To view this discussion visit
https://groups.google.com/d/msgid/v8-users/CAKSzg3S-hGGJ%3DqBfk1ovtTsyycb_aGXaEGwjGAX_apoXPp9EOQ%40mail.gmail.com.
