Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

vm module regression #53346

Closed
tsctx opened this issue Jun 5, 2024 · 4 comments · Fixed by #53348
Closed

vm module regression #53346

tsctx opened this issue Jun 5, 2024 · 4 comments · Fixed by #53348
Labels
vm Issues and PRs related to the vm subsystem.

Comments

@tsctx
Copy link
Member

tsctx commented Jun 5, 2024

Version

v23.0.0-nightly20240605b26a260ce5

Platform

windows

Subsystem

vm

What steps will reproduce the bug?

// vm.js
"use strict";
const vm = require("node:vm");
var ctx;
const getterObject = {
  get key() {
    return "value";
  },
};
const setterObject = {
  set key(value) {},
};
const plainObject = {
  key: "value",
};
class GetterObject {
  get key() {
    return "value";
  }
}
class SetterObject {
  set key(value) {
    // noop
  }
}

ctx = vm.createContext(new GetterObject()); // <- OK
ctx = vm.createContext(new SetterObject()); // <- OK
ctx = vm.createContext({}); // <- OK
ctx = vm.createContext([]); // <- OK
ctx = vm.createContext(new Array(1)); // <- OK
ctx = vm.createContext([["key", "value"]]); // <- Fail
ctx = vm.createContext(plainObject); // <- Fail
ctx = vm.createContext({ __proto__: plainObject }); // <- Fail
ctx = vm.createContext(getterObject); // <- Fail
ctx = vm.createContext(setterObject); // <- Fail

console.log(vm.runInContext(`this`, ctx));

How often does it reproduce? Is there a required condition?

No response

What is the expected behavior? Why is that the expected behavior?

No response

What do you see instead?

> $ ./node ./vm.js


#
# Fatal error in , line 0
# Check failed: Object::ToUint32(*element, &number).
#
#
#
#FailureMessage Object: 000000B0F2FFB3B0
----- Native stack trace -----

 1: 00007FF67B678B4B node::SetCppgcReference+16011
 2: 00007FF67B56424F node::TriggerNodeReport+73343
 3: 00007FF67C706065 V8_Fatal+197
 4: 00007FF67BE83214 v8::MemorySpan<std::basic_string_view<char,std::char_traits<char> > const >::end+375236   
 5: 00007FF67BE814CE v8::MemorySpan<std::basic_string_view<char,std::char_traits<char> > const >::end+367742   
 6: 00007FF67BE81395 v8::MemorySpan<std::basic_string_view<char,std::char_traits<char> > const >::end+367429   
 7: 00007FF67BE82539 v8::MemorySpan<std::basic_string_view<char,std::char_traits<char> > const >::end+371945   
 8: 00007FF67BE81674 v8::MemorySpan<std::basic_string_view<char,std::char_traits<char> > const >::end+368164   
 9: 00007FF67BE83C88 v8::MemorySpan<std::basic_string_view<char,std::char_traits<char> > const >::end+377912   
10: 00007FF67BE83A57 v8::MemorySpan<std::basic_string_view<char,std::char_traits<char> > const >::end+377351   
11: 00007FF67BD639DE v8::internal::Version::GetString+409934
12: 00007FF67C30B46E v8::PropertyDescriptor::writable+726222
13: 00007FF67C2E4F4D v8::PropertyDescriptor::writable+569261
14: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
15: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
16: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
17: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
18: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
19: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
20: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
21: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
22: 00007FF67C2697D0 v8::PropertyDescriptor::writable+63536
23: 00007FF67C2693CB v8::PropertyDescriptor::writable+62507
24: 00007FF67C110954 v8::Isolate::NumberOfHeapSpaces+2564
25: 00007FF67C1102A3 v8::Isolate::NumberOfHeapSpaces+851
26: 00007FF67C235724 v8::Function::Call+308
27: 00007FF67B469664 uv_loop_size+101860
28: 00007FF67C26DA18 v8::PropertyDescriptor::writable+80504
29: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
30: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
31: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
32: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
33: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
34: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
35: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
36: 00007FF67C26BBD2 v8::PropertyDescriptor::writable+72754
37: 00007FF67C2697D0 v8::PropertyDescriptor::writable+63536
38: 00007FF67C2693CB v8::PropertyDescriptor::writable+62507
39: 00007FF67C110954 v8::Isolate::NumberOfHeapSpaces+2564
40: 00007FF67C1102A3 v8::Isolate::NumberOfHeapSpaces+851
41: 00007FF67C235724 v8::Function::Call+308
42: 00007FF67B6077EA node::OnFatalError+138330
43: 00007FF67B557E76 node::TriggerNodeReport+23206
44: 00007FF67B62A5E2 node::Start+114
45: 00007FF67B62B05A node::Start+2794
46: 00007FF67B6B5E16 node::LoadEnvironment+310
47: 00007FF67B5922C6 DH_get0_priv_key+179190
48: 00007FF67B62B80B node::Start+4763
49: 00007FF67B62A597 node::Start+39
50: 00007FF67B36DD9C AES_cbc_encrypt+152524
51: 00007FF67CD39128 inflateValidate+20696
52: 00007FF8CDD6257D BaseThreadInitThunk+29
53: 00007FF8CE40AA48 RtlUserThreadStart+40

Additional information

I believe #53172 is the cause.

@tsctx
Copy link
Member Author

tsctx commented Jun 5, 2024

Sorry, wrong PR to link

targos added a commit to targos/node that referenced this issue Jun 5, 2024
@targos
Copy link
Member

targos commented Jun 5, 2024

Thanks for the report. I don't have the capacity to investigate and fix this, so I opened a revert PR.

@joyeecheung
Copy link
Member

On a side note the stack trace looks a bit weird and I think this is similar to the incorrect backtrace I saw in #50849 (comment) cc @legendecas

@legendecas
Copy link
Member

legendecas commented Jun 5, 2024

@joyeecheung thanks for the ping. I can reproduce the stack trace with the nightly build on Windows but can not reproduce the stack trace with a local build. I'll take a look at it.

@VoltrexKeyva VoltrexKeyva added the vm Issues and PRs related to the vm subsystem. label Jun 5, 2024
nodejs-github-bot pushed a commit that referenced this issue Jun 6, 2024
This reverts commit d1f18b0.

Closes: #53346
PR-URL: #53348
Fixes: #53346
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]>
EliphazBouye pushed a commit to EliphazBouye/node that referenced this issue Jun 20, 2024
This reverts commit d1f18b0.

Closes: nodejs#53346
PR-URL: nodejs#53348
Fixes: nodejs#53346
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]>
bmeck pushed a commit to bmeck/node that referenced this issue Jun 22, 2024
This reverts commit d1f18b0.

Closes: nodejs#53346
PR-URL: nodejs#53348
Fixes: nodejs#53346
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Vinícius Lourenço Claro Cardoso <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
vm Issues and PRs related to the vm subsystem.
Projects
None yet
Development

Successfully merging a pull request may close this issue.

5 participants