SharedFunctionInfo::IsUserJavaScript() coredump on native function

[Sam Cao]

Hi There,

I'm working on embedding V8 (v9.0.257) in a C++ project and found SharedFunctionInfo::IsUserJavaScript() coredump on native function.

Symptom

Get a native function (e.g. Array.push) as x, then call x.shared().IsUserJavaScript(), a coredump will occur on v9.0.257.

I did the same on v8.4, it returned false.

Possible Root Cause

In v9.0.257: SharedFunctionInfo::IsUserJavaScript() => SharedFunctionInfo::script() => script_or_debug_info(kAcquireLoad), but in v8.4 script_or_debug_info() is called.

I suspect the acquire and release feature introduced in v9.0 is not well taken care of by native function.

Workaround

Currently, my workaround is as following.

auto v8InternalShared = v8InternalFunction.shared();

if (v8InternalShared.native()) {

    // native

}

else if (v8InternalShared.IsApiFunction()) {

    // api

}

else if (v8InternalShared.IsUserJavaScript()) {

    // user

}

My expectation is I don't need to call the first 2 API to prevent coredump, but call IsUserJavaScript() directly.

Summary

I just browsed the master branch and found the related code was identical to v9.0.257. I'm quite new to this group, please forgive me for not being professional here. May I know if someone will check this out?

Thank you,

Sam

[Camillo Bruni]

Hi Sam,

It seems like you're using V8 internal parts that are not exposed in the v8 api.

Do you have a minimal example using the public API that crashes?

cheers,

Camillo

--
--
v8-dev mailing list
v8-...@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to v8-dev+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/ebb76291-b395-4b61-a0de-1b19a39514f4n%40googlegroups.com.

Camillo Bruni |

Software Engineer, V8 |

Google Germany GmbH |

Erika-Mann Str. 33, 80636 München

Registergericht und -nummer: Hamburg, HRB 86891 | Sitz der Gesellschaft: Hamburg | Geschäftsführer: Paul Manicle, Halimah DeLaine Prado

Diese E-Mail ist vertraulich. Falls Ssie diese fälschlicherweise erhalten haben sollten, leiten Sie diese bitte nicht an jemand anderes weiter, löschen Sie alle Kopien und Anhänge davon und lassen Sie mich bitte wissen, dass die E-Mail an die falsche Person gesendet wurde.  This e-mail is confidential. If you received this communication by mistake, please don't forward it to anyone else, please erase all copies and attachments, and please let me know that it has gone to the wrong person.

[Sam Cao]

Hi Camillo,

Thank you for the quick response. I failed to find any public API that could meet my need, so I had to use the internal one.

The requirement I got is: To tell whether a function is a user defined JS function or not.

However, I failed to find any API in v8::Function could tell that. The only possible one is ToString() which usually returns [native code]. But, ToString() can be easily polyfilled to avoid the detection. I had to turn to v8::internal for the solution and found SharedFunctionInfo::IsUserJavaScript() is a reliable source. When I was testing v9.0, this API core dumped and I had to use that workaround. Hope this makes sense.

Thank you,

Sam

You received this message because you are subscribed to a topic in the Google Groups "v8-dev" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/v8-dev/6dwXnt57eTk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to v8-dev+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/CAOeS1i-MEDvA%2BgSDtVea7ufKP1UP70Ci5osEFfuiRX-TYJ_HAg%40mail.gmail.com.

--

-- caocao

[Ben Noordhuis]

On Tue, May 18, 2021 at 3:03 AM Sam Cao <sjtuc...@gmail.com> wrote:
>
> Hi Camillo,

>
> Thank you for the quick response. I failed to find any public API that could meet my need, so I had to use the internal one.
>
> The requirement I got is: To tell whether a function is a user defined JS function or not.
>
> However, I failed to find any API in v8::Function could tell that. The only possible one is ToString() which usually returns [native code]. But, ToString() can be easily polyfilled to avoid the detection. I had to turn to v8::internal for the solution and found SharedFunctionInfo::IsUserJavaScript() is a reliable source. When I was testing v9.0, this API core dumped and I had to use that workaround. Hope this makes sense.
>
> Thank you,
> Sam

There's a v8::Function::FunctionProtoToString() method for exactly
that reason. :-)

A solution I've used in the past is to remember the script ids of user
scripts, then compare v8::Function::ScriptId() against them.

[Sam Cao]

Hi Ben,

Thank you for the info. To me, that seems to be an indirect solution which may require more coding effort. I still think SharedFunctionInfo::IsUserJavaScript() has been a neat solution for quite long, but started to break recently. Also, I wonder if that implies a set of internal API malfunctioning, because when native function acquires a certain resource related to the script, coredump may occur.

Thank you,

Sam

--
--
v8-dev mailing list
v8-...@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to a topic in the Google Groups "v8-dev" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/v8-dev/6dwXnt57eTk/unsubscribe.
To unsubscribe from this group and all its topics, send an email to v8-dev+un...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/CAHQurc_jkQ%2BmvGszeQF81e0LK1Q-EvEnaM_wwe8xHnOeWw0zKg%40mail.gmail.com.

--

-- caocao