search

pmed / v8pp

Bind C++ functions and classes into V8 JavaScript engine
http://pmed.github.io/v8pp/
Other
898 stars 120 forks source link

v8pp runtime_error crashes Electron DevTools #52

Closed tim-janik closed 7 years ago

tim-janik commented 7 years ago

Constructing an X() object, using the v8pp::class_ example from the README leads to crashes in the DevTools console of an electron window. First, I'm attaching a zip file with a shell script that can be used in a subdirectory of a v8pp checkout to: a) locally install electron and node-gyp b) build addon.node using just v8pp and the 'class X' example c) start electron, create a window with DevTools console and require("addon.node")

At that point entering " x = addon.X(1,false) " in the Console will crash it due to v8pp throwing an uncought exception from convert<...is_wrapped_class...>::from_v8.

I've added a small debugging printout to unwrap_object():

+  printf ("unwrap_object: isolate_=%p context_=%p this=%p proto=%p InternalFieldCount=%d\n",
+    isolate_, *isolate_->GetCurrentContext(), *obj, *obj->GetPrototype(), obj->InternalFieldCount());
   if (obj->InternalFieldCount() == 2)

Which shows multiple lines like this before the console crashes:

unwrap_object: isolate_=0x3b2804280000 context_=0x3b28042c9ae8 this=0x7ffda34670d0 proto=0x3b28042c9ae0 InternalFieldCount=0
unwrap_object: isolate_=0x3b2804280000 context_=0x3b28042c9b08 this=0x3b28042c9af0 proto=0x3b28042c9b00 InternalFieldCount=0
unwrap_object: isolate_=0x3b2804280000 context_=0x3b28042c9b28 this=0x3b28042c9b10 proto=0x3b28042c9b20 InternalFieldCount=0
unwrap_object: isolate_=0x3b2804280000 context_=0x3b28042c9ae8 this=0x7ffda34670d0 proto=0x3b28042c9ae0 InternalFieldCount=0
unwrap_object: isolate_=0x3b2804280000 context_=0x3b28042c9b08 this=0x3b28042c9af0 proto=0x3b28042c9b00 InternalFieldCount=0
unwrap_object: isolate_=0x3b2804280000 context_=0x3b28042c9b28 this=0x3b28042c9b10 proto=0x3b28042c9b20 InternalFieldCount=0

This indicates that the DevTools console is accessing objects withtout internal fields using the v8pp accessors written for wrapped objects (the access apparently happens to auto-display the object property values). A valid access should show InternalFieldCount=2.

I fail to see why that is the case. I can just speculate that the DevTools console does some magic behind the scenes like "cloning" objects by copying all their Handles without internal fields before running the accessors. Knowing the v8 and DevTools internals might be required to get at the root cause here.

In any case, the crashes can be mitigated by turning the C++ exceptions from v8pp into V8 exceptions for failing property accessors.

ecrash.zip

pmed commented 7 years ago

Hi @tim-janik

Thanks for the PR #53, it fixes the DevTools console crashes.

I don't know the DevTools internals too, but it seems reasonable, that the console does some magic with wrapped objects.