-
Notifications
You must be signed in to change notification settings - Fork 30k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
n-api: test for finalizer calls JS from first round phantom callback #25927
Comments
I guess in V8 we should add a |
@mlippautz do you believe its an issue in the test or in the N-API implementation itself? |
@mhdawson It is, yes |
I interpret this to mean that we should honour the engine's constraints and throw an exception from the N-API implementation whenever we're about to call back into V8 knowing that we're coming from a weak callback and knowing that the call would result in JS execution. I think we can capture this with |
@hashseed does this restriction apply also to things like |
@gabrielschulhof What we do elsewhere in core (e.g. async hooks) is to delay running callbacks that may invoke JS with a I’d first try either that, or use @mlippautz’ suggestion of using |
I am not fluent in n-api but it looks like The problem is that the other parameters passed can be used to invoke JS. Prohibit parameters likely limits usability so documentation should probably mention that no V8 API may be called on them and they should only be passed along. (That's how V8 went about this problem.) As already mentioned, solutions are posting another task to the platform using node or using |
Yes. It's not so much JS execution that's bad, but all access to the heap that assumes consistent heap state. During GC, that may not be the case. |
@mlippautz you're right in that there is no indication that it is unsafe to call into V8. It's also true that other engines may not have this restriction. Therefore I think we should try to provide the feature whereby we invoke the weak callback in such a way that it is safe to call into the engine from there. |
Calling into the engine from a weak callback is unsafe, however, the engine offers a way to attach a second-pass weak callback which gets called when it is safe to call into JavaScript. This moves the point at which the N-API finalize callback gets called to this latter point. Fixes: nodejs#25927
Calling into the engine from a weak callback is unsafe, however, the engine offers a way to attach a second-pass weak callback which gets called when it is safe to call into JavaScript. This moves the point at which the N-API finalize callback gets called to this latter point. Fixes: #25927 PR-URL: #25992 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Calling into the engine from a weak callback is unsafe, however, the engine offers a way to attach a second-pass weak callback which gets called when it is safe to call into JavaScript. This moves the point at which the N-API finalize callback gets called to this latter point. Fixes: nodejs#25927 PR-URL: nodejs#25992 Backport-PR-URL: nodejs#26058 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Calling into the engine from a weak callback is unsafe, however, the engine offers a way to attach a second-pass weak callback which gets called when it is safe to call into JavaScript. This moves the point at which the N-API finalize callback gets called to this latter point. Fixes: nodejs#25927 PR-URL: nodejs#25992 Backport-PR-URL: nodejs#26060 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Calling into the engine from a weak callback is unsafe, however, the engine offers a way to attach a second-pass weak callback which gets called when it is safe to call into JavaScript. This moves the point at which the N-API finalize callback gets called to this latter point. Fixes: #25927 PR-URL: #25992 Backport-PR-URL: #26058 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Calling into the engine from a weak callback is unsafe, however, the engine offers a way to attach a second-pass weak callback which gets called when it is safe to call into JavaScript. This moves the point at which the N-API finalize callback gets called to this latter point. Fixes: #25927 PR-URL: #25992 Backport-PR-URL: #26060 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
V8's API does not allow calling directly back into V8 from weak callbacks, see: `
node/deps/v8/include/v8.h
Line 540 in 938e118
Instead, a second pass callback should be set using the WeakCallbackInfo API.
Affected are tests using this testing API:
node/test/js-native-api/test_general/test_general.c
Line 234 in 938e118
This should fire a DCHECK for allowed allocations as soon as the JS callback executed non-trivial JS.
It also breaks the assumption that V8 can call out to the callback during the GC when not all pointers (of other v8::Persistent handles) have not been updated.
@hashseed
The text was updated successfully, but these errors were encountered: