Thanks for the report. Fix out for review: https://chromium-
review.googlesource.com/c/v8/v8/+/932968
On Thu, Feb 22, 2018 at 12:17 PM, Bogdan Padalko <zaq178mi...@gmail.com>
wrote:
> Hi!
>
> While working on upgrading php-v8 extension from 6.5.144 to 6.6.275 I
> find a strange issue: when promise in non-pending stage get
> resolved/rejected, application fails with segfault. While it's an edge
> case, it still possible in userland and luckily it was covered by php-v8
> unit tests.
> As v8 API says that calling resolve/reject on a promise in non-pending
> state should have no effect, I find this segfault a bit strange. Could it
> be some regression or so?
>
> Here's minimal example to reproduce the issue: hello_world.cpp
>
> #include <v8.h>
> #include <libplatform/libplatform.h>
>
> #include <stdlib.h>
> #include <string.h>
>
> using namespace v8;
>
> int main(int argc, char* argv[]) {
> // Initialize V8.
> //v8::V8::InitializeICU();
>
> std::unique_ptr<v8::Platform> platform = v8::platform::NewDefaultPlatfo
> rm();
> v8::V8::InitializePlatform(platform.get());
>
> V8::Initialize();
>
> v8::Isolate::CreateParams create_params;
> create_params.array_buffer_allocator = v8::ArrayBuffer::Allocator::Ne
> wDefaultAllocator();
>
> // Create a new Isolate and make it the current one.
> Isolate* isolate = v8::Isolate::New(create_params);
>
> v8::Persistent<v8::String> test;
>
> {
> Isolate::Scope isolate_scope(isolate);
>
> // Create a stack-allocated handle scope.
> HandleScope handle_scope(isolate);
>
> // Create a new context.
> Local<Context> context = Context::New(isolate);
>
> // Enter the context for compiling and running the hello world script.
> Context::Scope context_scope(context);
>
> Local<String> local_value = String::NewFromUtf8(isolate, "test");
>
> v8::MaybeLocal<v8::Promise::Resolver> maybe_local_resolver = v8::
> Promise::Resolver::New(context);
> v8::Local<v8::Promise::Resolver> local_resolver = maybe_local_resolver
> .ToLocalChecked();
>
> local_resolver->Resolve(context, local_value);
> local_resolver->Resolve(context, local_value);
> }
>
> // Dispose the isolate and tear down V8.
> isolate->Dispose();
> V8::Dispose();
> V8::ShutdownPlatform();
>
> return 0;
> }
>
> Build on macOS with
>
> ROOT=/usr/local/opt/v8@6.6
> LIB_DIR=$ROOT/lib/
>
> SRC_DIR=$ROOT
> INCLUDE_DIR=$ROOT/include
>
> g++ hello_world.cpp -o hello_world \
> -Wno-unused-result \
> -g \
> -O2 \
> -std=c++14 \
> -I$SRC_DIR \
> -I$INCLUDE_DIR \
> -L$LIB_DIR \
> -lv8_libbase \
> -lv8_libplatform \
> -lv8 \
> -lpthread
>
> install_name_tool -add_rpath $LIB_DIR hello_world
>
> And fails with
> $ ./hello_world
> Received signal 11 SEGV_MAPERR 00000000000a
>
> ==== C stack trace ===============================
>
> [0x000106d8ff14]
> [0x7fff6ca6bf5a]
> [0x0001072d0984]
> [0x000106de95e8]
> [0x000106d79bb2]
> [0x7fff6c7ea115]
> [0x000000000001]
> [end of stack trace]
> Segmentation fault: 11
>
> Same issue on linux - https://travis-ci.org/pinepain/php-v8/jobs/344550482
> (scroll to the bottom).
>
> I would really appreciate any help here as I'm not quite sure whether it's
> an issue on my side or some regression/bug in v8.
>
> Regards,
> Bogdan
>
> --
> --
> v8-users mailing list
> v8-users@googlegroups.com
> http://groups.google.com/group/v8-users
> ---
> You received this message because you are subscribed to the Google Groups
> "v8-users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to v8-users+unsubscr...@googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
>
--
--
v8-users mailing list
v8-users@googlegroups.com
http://groups.google.com/group/v8-users
---
You received this message because you are subscribed to the Google Groups
"v8-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to v8-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
