Nodejs/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 10:59:27 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity
c1ee70ec16
node/test/addons
History
Anna Henningsen c1ee70ec16
buffer,n-api: release external buffers from BackingStore callback 
Release `Buffer` and `ArrayBuffer` instances that were created through
our addon APIs and have finalizers attached to them only after V8 has
called the deleter callback passed to the `BackingStore`, instead of
relying on our own GC callback(s).

This fixes the following race condition:

1. Addon code allocates pointer P via `malloc`.
2. P is passed into `napi_create_external_buffer` with a finalization
   callback which calls `free(P)`. P is inserted into V8’s global array
   buffer table for tracking.
3. The finalization callback is executed on GC. P is freed and returned
   to the allocator. P is not yet removed from V8’s global array
   buffer table. (!)
4. Addon code attempts to allocate memory once again. The allocator
   returns P, as it is now available.
5. P is passed into `napi_create_external_buffer`. P still has not been
   removed from the v8 global array buffer table.
6. The world ends with `Check failed: result.second`.

Since our API contract is to call the finalizer on the JS thread on
which the `ArrayBuffer` was created, but V8 may call the `BackingStore`
deleter callback on another thread, fixing this requires posting
a task back to the JS thread.

Refs: https://github.com/nodejs/node/issues/32463#issuecomment-625877175
Fixes: https://github.com/nodejs/node/issues/32463

PR-URL: https://github.com/nodejs/node/pull/33321
Reviewed-By: James M Snell <jasnell@gmail.com>
2020-05-16 12:15:07 +02:00
..
async-hello-world src,test: use v8::Global instead of v8::Persistent 2019-12-24 14:31:28 +01:00
async-hooks-id
async-hooks-promise async_hooks: move PromiseHook handler to JS 2020-05-09 07:52:22 +02:00
async-resource
buffer-free-callback test: change buffer offset to accommodate V8 BackingStore 2020-01-05 18:21:15 -08:00
callback-scope src,test: use v8::Global instead of v8::Persistent 2019-12-24 14:31:28 +01:00
dlopen-ping-pong test: export public symbols in addons tests 2020-01-17 18:51:50 -08:00
errno-exception
force-context-aware test: simplify force-context-aware test 2019-09-29 08:42:08 -04:00
heap-profiler
hello-world
hello-world-function-export
load-long-path test: use arrow functions in addons tests 2019-11-30 18:08:59 +01:00
make-callback
make-callback-domain-warning test: use arrow functions in addons tests 2019-11-30 18:08:59 +01:00
make-callback-recurse test: use arrow functions in addons tests 2019-11-30 18:08:59 +01:00
new-target
node-module-version
non-node-context
not-a-binding src: add file name to 'Module did not self-register' error 2019-11-19 16:03:55 +01:00
null-buffer-neuter buffer,n-api: release external buffers from BackingStore callback 2020-05-16 12:15:07 +02:00
openssl-binding test: only detect uname on supported os 2020-04-16 08:58:37 +05:30
openssl-client-cert-engine test: export public symbols in addons tests 2020-01-17 18:51:50 -08:00
openssl-key-engine test: export public symbols in addons tests 2020-01-17 18:51:50 -08:00
parse-encoding
register-signal-handler
repl-domain-abort test: use arrow functions in addons tests 2019-11-30 18:08:59 +01:00
stringbytes-external-exceed-max tools: enable no-else-return lint rule 2020-05-16 06:42:16 +02:00
symlinked-module
uv-handle-leak
worker-addon doc,lib,src,test: make --experimental-report a nop 2020-03-15 13:29:34 -04:00
worker-buffer-callback test: fix out-of-bound reads from invalid sizeof usage 2020-04-30 04:56:11 +02:00
zlib-binding test: only detect uname on supported os 2020-04-16 08:58:37 +05:30
.gitignore
addon.status test: skip some binding tests on IBMi PASE 2020-03-30 10:19:48 +02:00
common.gypi
testcfg.py