Calling js functions in jitless (iOS)
Darin Dimitrov
std::vector<Local<Value>> v8Args = ...
Local<Value> result;
TryCatch tc(isolate);
callback->Call(context, thiz, (int)v8Args.size(), v8Args.data()).ToLocal(&result));
This code works pretty fine but starting from this commit https://chromium.googlesource.com/v8/v8.git/+/738d870db64a97db243e0d5856f92cc45e1c69fd my code started failing consistently with the following error:
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=EXC_I386_GPFLT)
* frame #0: 0x00000001031f1fe0 MyProj`v8::internal::PropertyCallbackArguments::CallNamedSetter(this=0x00007ffeedc03aa0, interceptor=<unavailable>, name=<unavailable>, value=Handle<v8::internal::Object> @ 0x00007ffeedc039e8) at api-arguments-inl.h:231:3 [opt]
frame #1: 0x000000010315e11d MyProj`v8::internal::__RT_impl_Runtime_StorePropertyWithInterceptor(args=Arguments @ 0x00007ffeedc03af0, isolate=0x000000011faf8000) at ic.cc:2760:37 [opt]
frame #2: 0x0000000103cd6f00 MyProj`Builtins_CEntry_Return1_DontSaveFPRegs_ArgvOnStack_NoBuiltinExit + 64
frame #3: 0x0000000103ef0ccf MyProj`Builtins_StaNamedPropertyHandler + 1679
frame #4: 0x0000000103a0be52 MyProj`Builtins_InterpreterEntryTrampoline + 946
frame #5: 0x00000001039fe57a MyProj`Builtins_JSEntryTrampoline + 90
frame #6: 0x00000001039fe57a MyProj`Builtins_JSEntryTrampoline + 90
frame #7: 0x00000001039fe358 MyProj`Builtins_JSEntry + 120
frame #8: 0x0000000103064512 MyProj`v8::internal::(anonymous namespace)::Invoke(v8::internal::Isolate*, v8::internal::(anonymous namespace)::InvokeParams const&) [inlined] v8::internal::GeneratedCode<unsigned long, unsigned long, unsigned long, unsigned long, unsigned long, long, unsigned long**>::Call(this=<unavailable>, args=<unavailable>, args=<unavailable>, args=<unavailable>, args=<unavailable>, args=<unavailable>, args=<unavailable>) at simulator.h:138:12 [opt]
frame #9: 0x0000000103064509 MyProj`v8::internal::(anonymous namespace)::Invoke(isolate=0x000000011faf8000, params=<unavailable>)::InvokeParams const&) at execution.cc:266 [opt]
frame #10: 0x0000000103063e27 MyProj`v8::internal::Execution::Call(isolate=0x000000011faf8000, callable=<unavailable>, receiver=<unavailable>, argc=1, argv=0x0000600001a8cee0) at execution.cc:358:10 [opt]
frame #11: 0x0000000102d3a80d MyProj`v8::Function::Call(this=0x00007fdeee81b840, context=<unavailable>, recv=<unavailable>, argc=1, argv=0x0000600001a8cee0) at api.cc:4840:7 [opt]
And this is the crashing code: https://chromium.googlesource.com/v8/v8.git/+/738d870db64a97db243e0d5856f92cc45e1c69fd/src/api/api-arguments-inl.h#231
The crash is observed after multiple calls to this method and after some GC iterations.
Jakob Kummerow
--
Darin Dimitrov
On Thursday, September 12, 2019 at 5:45:19 PM UTC+3, Jakob Kummerow wrote:
CC author of that commit.Darin, do you have a full repro you can share? That would be useful for debugging.
Darin Dimitrov
NamedPropertyHandlerConfiguration config(propertyGetter, propertySetter);
instanceTemplate->SetHandler(config);
I am not sure how how this affects V8 and what is the relation to 738d870db64a97db243e0d5856f92cc45e1c69fd but once I added null checks, everything works perfectly.
Jakob Gruber
--
--
v8-users mailing list
v8-u...@googlegroups.com
http://groups.google.com/group/v8-users
---
You received this message because you are subscribed to the Google Groups "v8-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to v8-users+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/v8-users/b8576c7a-8eb8-4ac3-8810-6180728303c5%40googlegroups.com.