How to cancel a promise execution
166 views
Skip to first unread message
bambam
Feb 8, 2021, 5:34:45 PM2/8/21
to v8-users
Hello guys... I'm
embedding the V8 into my own application to run some untrusted code
concurrently. Every untrusted code is executed inside a promise and
when any of these codes blocks the system (by doing a while(true){} for
example) I need to stop it. So, I've been trying to find a way of
canceling JS promises but I haven't found anything useful. Does anyone
here know where I could find some related information?
Robin R.
Feb 8, 2021, 6:35:39 PM2/8/21
to v8-u...@googlegroups.com
Hey there,
I think you may want to give v8::V8::TerminateExecution() a shot. It throws an uncatchable exception in your JavaScript code.
I think Cloudflare workers terminated the execution after 30 seconds. However, I'm not sure if all Promises run in the same execution context in your Isolate.
Talking about embedding V8 and running untrusted code, take a look at the security risks, as V8 does not provide perfect sandboxing / security capabilities in an embedded environment (Feel free to correct me if I'm wrong here)
Cheers!
On Mon 8. Feb 2021 at 23:34, bambam <ehtre...@gmail.com> wrote:
Hello guys... I'm embedding the V8 into my own application to run some untrusted code concurrently. Every untrusted code is executed inside a promise and when any of these codes blocks the system (by doing a while(true){} for example) I need to stop it. So, I've been trying to find a way of canceling JS promises but I haven't found anything useful. Does anyone here know where I could find some related information?
--
--
v8-users mailing list
v8-u...@googlegroups.com
http://groups.google.com/group/v8-users
---
You received this message because you are subscribed to the Google Groups "v8-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to v8-users+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/v8-users/fb3a5a6f-3b49-4516-a037-4aa19a2bceb2n%40googlegroups.com.
Robin Röper
Predigerberg 16
86150 Augsburg
Tel.: 0176 21400280
Tel. (work): 0821 79500234
bambam
Feb 9, 2021, 10:21:15 AM2/9/21
to v8-users
Hello Robin,
Thank you for your reply!
Let me give you a more detailed explanation: the untrusted code snippet I run is always inside of an async function, so what I do is running multiples async functions concurrently inside of the same v8::Isolate (every time this async code execution is triggered I start a new async function execution). I thought that calling v8::V8::TerminateExecution would reject all my async functions, even the ones that didn't cause the system to block. In my application, it'd be a problem so I've been trying to find a way of rejecting only the async function that caused the blocking.
All the async functions are currently executed inside of the same v8::Context, do you think that running them in separate Contexts could help me?
I think that Cloudflare has a CPU time monitoring system that allows them to stop a function execution every time it exceeds 10ms (free tier) or 50ms (paid plans) without disturbing other functions that are executed at the same time. I've been wondering how they do that as they seem to execute multiple requests inside the same namespace (as JS global variables persist between different function calls sometimes).
Thank you for your reply!
Let me give you a more detailed explanation: the untrusted code snippet I run is always inside of an async function, so what I do is running multiples async functions concurrently inside of the same v8::Isolate (every time this async code execution is triggered I start a new async function execution). I thought that calling v8::V8::TerminateExecution would reject all my async functions, even the ones that didn't cause the system to block. In my application, it'd be a problem so I've been trying to find a way of rejecting only the async function that caused the blocking.
All the async functions are currently executed inside of the same v8::Context, do you think that running them in separate Contexts could help me?
I think that Cloudflare has a CPU time monitoring system that allows them to stop a function execution every time it exceeds 10ms (free tier) or 50ms (paid plans) without disturbing other functions that are executed at the same time. I've been wondering how they do that as they seem to execute multiple requests inside the same namespace (as JS global variables persist between different function calls sometimes).
About the security issues, I guess you are right, it is needed to improve the system security through some changes. Please, feel free to share your thoughts and experiences about that too.
Cheers
Reply all
Reply to author
Forward
0 new messages