GC Crash With ObjectWrap + Exceptions #599
Assignees
Comments
gabrielschulhof
pushed a commit
to gabrielschulhof/node-addon-api
that referenced
this issue
Nov 13, 2019
Move the `napi_wrap()` step out of the `Napi::ObjectWrap<T>::ObjectWrap()` constructor to ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor should cause a JavaScript exception to be thrown. Fixes: nodejs#599
gabrielschulhof
pushed a commit
to gabrielschulhof/node-addon-api
that referenced
this issue
Nov 14, 2019
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Fixes: nodejs#599
gabrielschulhof
pushed a commit
to gabrielschulhof/node-addon-api
that referenced
this issue
Nov 15, 2019
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Fixes: nodejs#599
gabrielschulhof
pushed a commit
to gabrielschulhof/node-addon-api
that referenced
this issue
Dec 31, 2019
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Two different cases must be taken into consideration: 1. The exception in the constructor was caused by `ObjectWrap<T>::ObjectWrap` when the call to `napi_wrap()` failed. 2. The exception in the constructor was caused by the constructor of the subclass of `ObjectWrap<T>` after `napi_wrap()` was already successful. Fixes: nodejs#599 Co-authored-by: blagoev <[email protected]> PR-URL: nodejs#600
gabrielschulhof
pushed a commit
to gabrielschulhof/node-addon-api
that referenced
this issue
Jan 1, 2020
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Two different cases must be taken into consideration: 1. The exception in the constructor was caused by `ObjectWrap<T>::ObjectWrap` when the call to `napi_wrap()` failed. 2. The exception in the constructor was caused by the constructor of the subclass of `ObjectWrap<T>` after `napi_wrap()` was already successful. Fixes: nodejs#599 Co-authored-by: blagoev <[email protected]> PR-URL: nodejs#600
gabrielschulhof
pushed a commit
to gabrielschulhof/node-addon-api
that referenced
this issue
Jan 1, 2020
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Two different cases must be taken into consideration: 1. The exception in the constructor was caused by `ObjectWrap<T>::ObjectWrap` when the call to `napi_wrap()` failed. 2. The exception in the constructor was caused by the constructor of the subclass of `ObjectWrap<T>` after `napi_wrap()` was already successful. Fixes: nodejs#599 Co-authored-by: blagoev <[email protected]> PR-URL: nodejs#600
gabrielschulhof
pushed a commit
to gabrielschulhof/node-addon-api
that referenced
this issue
Jan 1, 2020
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Two different cases must be taken into consideration: 1. The exception in the constructor was caused by `ObjectWrap<T>::ObjectWrap` when the call to `napi_wrap()` failed. 2. The exception in the constructor was caused by the constructor of the subclass of `ObjectWrap<T>` after `napi_wrap()` was already successful. Fixes: nodejs#599 Co-authored-by: blagoev <[email protected]> PR-URL: nodejs#600
gabrielschulhof
pushed a commit
to gabrielschulhof/node-addon-api
that referenced
this issue
Jan 7, 2020
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Two different cases must be taken into consideration: 1. The exception in the constructor was caused by `ObjectWrap<T>::ObjectWrap` when the call to `napi_wrap()` failed. 2. The exception in the constructor was caused by the constructor of the subclass of `ObjectWrap<T>` after `napi_wrap()` was already successful. Fixes: nodejs#599 Co-authored-by: blagoev <[email protected]> PR-URL: nodejs#600
gabrielschulhof
pushed a commit
to gabrielschulhof/node-addon-api
that referenced
this issue
May 11, 2020
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Two different cases must be taken into consideration: 1. The exception in the constructor was caused by `ObjectWrap<T>::ObjectWrap` when the call to `napi_wrap()` failed. 2. The exception in the constructor was caused by the constructor of the subclass of `ObjectWrap<T>` after `napi_wrap()` was already successful. Fixes: nodejs#599 Co-authored-by: blagoev <[email protected]> PR-URL: nodejs#600 Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
gabrielschulhof
pushed a commit
to gabrielschulhof/node-addon-api
that referenced
this issue
Jun 12, 2020
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Two different cases must be taken into consideration: 1. The exception in the constructor was caused by `ObjectWrap<T>::ObjectWrap` when the call to `napi_wrap()` failed. 2. The exception in the constructor was caused by the constructor of the subclass of `ObjectWrap<T>` after `napi_wrap()` was already successful. Fixes: nodejs#599 Co-authored-by: blagoev <[email protected]> PR-URL: nodejs#600 Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
kevindavies8
added a commit
to kevindavies8/node-addon-api-Develop
that referenced
this issue
Aug 24, 2022
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Two different cases must be taken into consideration: 1. The exception in the constructor was caused by `ObjectWrap<T>::ObjectWrap` when the call to `napi_wrap()` failed. 2. The exception in the constructor was caused by the constructor of the subclass of `ObjectWrap<T>` after `napi_wrap()` was already successful. Fixes: nodejs/node-addon-api#599 Co-authored-by: blagoev <[email protected]> PR-URL: nodejs/node-addon-api#600 Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Marlyfleitas
added a commit
to Marlyfleitas/node-api-addon-Development
that referenced
this issue
Aug 26, 2022
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Two different cases must be taken into consideration: 1. The exception in the constructor was caused by `ObjectWrap<T>::ObjectWrap` when the call to `napi_wrap()` failed. 2. The exception in the constructor was caused by the constructor of the subclass of `ObjectWrap<T>` after `napi_wrap()` was already successful. Fixes: nodejs/node-addon-api#599 Co-authored-by: blagoev <[email protected]> PR-URL: nodejs/node-addon-api#600 Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
wroy7860
added a commit
to wroy7860/addon-api-benchmark-node
that referenced
this issue
Sep 19, 2022
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Two different cases must be taken into consideration: 1. The exception in the constructor was caused by `ObjectWrap<T>::ObjectWrap` when the call to `napi_wrap()` failed. 2. The exception in the constructor was caused by the constructor of the subclass of `ObjectWrap<T>` after `napi_wrap()` was already successful. Fixes: nodejs/node-addon-api#599 Co-authored-by: blagoev <[email protected]> PR-URL: nodejs/node-addon-api#600 Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
johnfrench3
pushed a commit
to johnfrench3/node-addon-api-git
that referenced
this issue
Aug 11, 2023
Ensure that no native instance pointer is associated with the JavaScript object under construction if the native constructor causes a JavaScript exception to be thrown. Two different cases must be taken into consideration: 1. The exception in the constructor was caused by `ObjectWrap<T>::ObjectWrap` when the call to `napi_wrap()` failed. 2. The exception in the constructor was caused by the constructor of the subclass of `ObjectWrap<T>` after `napi_wrap()` was already successful. Fixes: nodejs/node-addon-api#599 Co-authored-by: blagoev <[email protected]> PR-URL: nodejs/node-addon-api#600 Reviewed-By: Chengzhong Wu <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am seeing crashes in the V8 GC when I have ObjectWraps that throw in subclass constructors. Example:
class MyObject : public ObjectWrap<MyObject> { MyObject(const CallbackInfo& info) : ObjectWrap<MyObject>(info) { throw Error::New(info.Env(), "something exceptional happened!"); } }The ObjectWrap constructor will create a napi_ref for the object, associate this pointer and register a finalizer. If the subclass throws, the C++ runtime invalidates the this pointer. However, the pointer is still registered with the napi_ref. When the GC gets to the object, the finalizer tries to delete the invalid this and the system may crash.
The text was updated successfully, but these errors were encountered: