-
Notifications
You must be signed in to change notification settings - Fork 30.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Setting __proto__ on vm context's globalThis causes a crash (regression in v19.9.0) #47798
Comments
Debug trace:
|
@nodejs/vm |
Note that we can't yet test in Node v20 (or v19) due to nodejs/node#47798.
Note that we can't yet test in Node v20 (or v19) due to nodejs/node#47798.
Note that we can't yet test in Node v20 (or v19) due to nodejs/node#47798.
Hey! I ran a git bisect seems like this problem arose in #46615, I confirmed reverting the commit fixes this regression, although it seems that PR solved quite a lot of bugs so probably can blanket revert it, I am trying to understand the code if anyone has any more context on it that would be great! cc @dubzzz Thank You! |
Indeed the PR is solving many regressions introduced with the bump of v8 done at the beginning of node 18. There were multiple attempts to fix it, but it seems we still miss some cases. For the record, I have another PR attempting to fix some remaining issues: #47572. But it will probably not fix the one reported here. Maybe I can check if I see something that could solve the reported issue, we might have something missing in my last attempt of fix. In the meantime, @domenic did you checked if you have the issue on the head of 18 (highly probable) and |
looking at the stack trace I think this caused maybe because we are calling Lines 530 to 533 in 03db049
|
I have not read the stack yet but the null could be a good culprit. I'd rather suspect Lines 539 to 540 in 03db049
|
You are correct, putting checked putting some printf's around 😄, I think this needs some additional check but dont know what that could be |
We should probably add a check for Something like: if (is_declared_on_sandbox &&
ctx->sandbox()
->GetOwnPropertyDescriptor(context, property)
.ToLocal(&desc) &&
!desc.IsNull()
) {
Environment* env = Environment::GetCurrent(context);
Local<Object> desc_obj = desc.As<Object>(); That said, that's strange to receive null from a get property descriptor 🤔 |
Oh ok, I doesnt actually return null, the condition is executed with even with this null check this part probably needs some check Lines 539 to 540 in 03db049
|
Version
v20.0.0
Platform
Microsoft Windows NT 10.0.22621.0 x64
Subsystem
vm
What steps will reproduce the bug?
This will only log "before" in Node v19.9.0 and v20.0.0. It will log both "before" and "after?" in Node v19.8.1.
If you log the exit code after a failed run I get 5.
How often does it reproduce? Is there a required condition?
Every time.
What is the expected behavior? Why is that the expected behavior?
Setting the proto to null should work.
What do you see instead?
A crash
Additional information
This causes jsdom's test suite to crash as this sort of behavior is part of web platform tests.
The text was updated successfully, but these errors were encountered: