search

denoland / rusty_v8

Rust bindings for the V8 JavaScript engine
https://crates.io/crates/v8
MIT License
3.06k stars 298 forks source link

`v8::String::new_from_onebyte_const` crash on Android aarch64 #1475

Open secext2022 opened 1 month ago

secext2022 commented 1 month ago

Reproduce code (rusty_v8 v0.91.1):

use v8;

const DENO: v8::OneByteConst =
  v8::String::create_external_onebyte_const("Deno".as_bytes());

fn main() {
  println!("main()");

  // init v8
  let platform = v8::new_default_platform(0, false).make_shared();
  v8::V8::initialize_platform(platform);
  v8::V8::initialize();

  // create isolate and scope
  let isolate = &mut v8::Isolate::new(v8::CreateParams::default());
  let handle_scope = &mut v8::HandleScope::new(isolate);
  let context = v8::Context::new(handle_scope);
  let scope = &mut v8::ContextScope::new(handle_scope, context);

  println!("before v8::String::new_from_onebyte_const()");
  let a = v8::String::new_from_onebyte_const(scope, &DENO);

  println!("{:?}", a);
  println!("end of main");
}

compile and run on Android phone (adb shell):

violet:/data/local/tmp/v8 $ ./core_test                                                  
main()
before v8::String::new_from_onebyte_const()
Segmentation fault 
139|violet:/data/local/tmp/v8 $

crash log from adb logcat:

05-12 20:06:28.405 13889 13889 F libc    : Fatal signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x60e09bc050 in tid 13889 (core_test), pid 13889 (core_test)
05-12 20:06:28.330  3444  3444 I chatty  : uid=1000(system) /system/vendor/bin/cnss_diag identical 11 lines
05-12 20:06:28.333  3444  3444 I CNSS    : Failed to send nl message
05-12 20:06:28.438 13899 13899 I crash_dump64: obtaining output fd from tombstoned, type: kDebuggerdTombstone
05-12 20:06:28.440  1113  1113 I /system/bin/tombstoned: received crash request for pid 13889
05-12 20:06:28.441 13899 13899 I crash_dump64: performing dump of process 13889 (target tid = 13889)
05-12 20:06:28.443 13899 13899 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
05-12 20:06:28.444 13899 13899 F DEBUG   : Build fingerprint: 'xiaomi/violet/violet:10/QKQ1.190915.002/V12.5.4.0.QFHCNXM:user/release-keys'
05-12 20:06:28.444 13899 13899 F DEBUG   : Revision: '0'
05-12 20:06:28.444 13899 13899 F DEBUG   : ABI: 'arm64'
05-12 20:06:28.445 13899 13899 F DEBUG   : Timestamp: 2024-05-12 20:06:28+0800
05-12 20:06:28.445 13899 13899 F DEBUG   : pid: 13889, tid: 13889, name: core_test  >>> ./core_test <<<
05-12 20:06:28.445 13899 13899 F DEBUG   : uid: 2000
05-12 20:06:28.445 13899 13899 F DEBUG   : signal 11 (SIGSEGV), code 2 (SEGV_ACCERR), fault addr 0x60e09bc050
05-12 20:06:28.446 13899 13899 F DEBUG   :     x0  00000060e09bc030  x1  00000060e09bc030  x2  0000000000000000  x3  0000000000000020
05-12 20:06:28.446 13899 13899 F DEBUG   :     x4  00000060df3fd182  x5  000000786080a000  x6  ffffffffffffffff  x7  ffffffffffffffff
05-12 20:06:28.446 13899 13899 F DEBUG   :     x8  00000060e09bc050  x9  0000000000000060  x10 0000000000000002  x11 000000000000000a
05-12 20:06:28.446 13899 13899 F DEBUG   :     x12 ffffffffffffffff  x13 00000060df3fd181  x14 000000000000000a  x15 0000000000000000
05-12 20:06:28.446 13899 13899 F DEBUG   :     x16 00000060e09f0290  x17 0000007860e23380  x18 0000007861b1e000  x19 0000007860868000
05-12 20:06:28.446 13899 13899 F DEBUG   :     x20 00000060e09bc030  x21 000000786082f620  x22 00000060df3fcb20  x23 0000000000000000
05-12 20:06:28.446 13899 13899 F DEBUG   :     x24 0000000000000000  x25 0000000000000000  x26 0000000000000000  x27 0000000000000000
05-12 20:06:28.446 13899 13899 F DEBUG   :     x28 0000000000000000  x29 0000007ff26f3170
05-12 20:06:28.446 13899 13899 F DEBUG   :     sp  0000007ff26f3170  lr  00000060df8ce1a0  pc  00000060e09bc050
05-12 20:06:28.460 13899 13899 F DEBUG   : 
05-12 20:06:28.460 13899 13899 F DEBUG   : backtrace:
05-12 20:06:28.460 13899 13899 F DEBUG   :     NOTE: Function names and BuildId information is missing for some frames due
05-12 20:06:28.460 13899 13899 F DEBUG   :     NOTE: to unreadable libraries. For unwinds of apps, only shared libraries
05-12 20:06:28.460 13899 13899 F DEBUG   :     NOTE: found under the lib/ directory are readable.
05-12 20:06:28.460 13899 13899 F DEBUG   :       #00 pc 000000000112a050  /data/local/tmp/v8/core_test (offset 0x51d000)
05-12 20:06:28.484 13899 13899 E crash_dump64: cannot open libmiuindbg.so: No such file or directory

deno_core crash on Android aarch64, so I write this code for the BUG.

https://github.com/denoland/deno_core/issues/738

mmastrac commented 1 month ago

It might be related to the vtable layout for one-byte consts.

aapoalas commented 1 month ago

I shall say: Ouch. Mea culpa.

mmastrac commented 1 month ago

I think we may just need to special case vtable layout for Android as well -- the question would be what that layout is. Perhaps the relative vtable ABI?

aapoalas commented 1 month ago

Yeah; it might be as easy as applying the Windows vtable layout (only one destructor) for Android but of course the issue is testing the change.

I'm thinking of a way to, at test time, verify the vtable layout so as to ensure any issues on different platforms become build time issues instead of runtime ones.

secext2022 commented 1 month ago

There is test, but just skip for Android:

https://github.com/denoland/rusty_v8/blob/4dd87b2dc1c4b5f5b33c142788021d87d3fe5bbb/tests/test_api.rs#L9109

  // one-byte "const" test
  #[cfg(not(target_os = "android"))]