-
Notifications
You must be signed in to change notification settings - Fork 30.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
src: Initialize fields accessed by AsyncHooks before AsyncHooks #48566
Conversation
This comment was marked as outdated.
This comment was marked as outdated.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
AFAICT the problematic code path is supposed to be a noop when it's reachable (clear_async_id_stack()
is only called from the constructor when the AsyncHooks
is not deserialized, then its js_execution_async_resources_
is supposed to be empty, so there's actually no need to check env()->can_call_into_js()
at all because we don't need to do anything to the empty handle). Alternative fix:
diff --git a/src/env.cc b/src/env.cc
index a62b8ef48b..56f4344d9e 100644
--- a/src/env.cc
+++ b/src/env.cc
@@ -170,15 +170,13 @@ bool AsyncHooks::pop_async_context(double async_id) {
}
void AsyncHooks::clear_async_id_stack() {
- if (env()->can_call_into_js()) {
+ if (!js_execution_async_resources_.IsEmpty() && env()->can_call_into_js()) {
Isolate* isolate = env()->isolate();
HandleScope handle_scope(isolate);
- if (!js_execution_async_resources_.IsEmpty()) {
- USE(PersistentToLocal::Strong(js_execution_async_resources_)
- ->Set(env()->context(),
- env()->length_string(),
- Integer::NewFromUnsigned(isolate, 0)));
- }
+ USE(PersistentToLocal::Strong(js_execution_async_resources_)
+ ->Set(env()->context(),
+ env()->length_string(),
+ Integer::NewFromUnsigned(isolate, 0)));
}
native_execution_async_resources_.clear();
But I am also fine with the current fix anyway.
Co-authored-by: Joyee Cheung <[email protected]> PR-URL: nodejs#48566
Co-authored-by: Joyee Cheung <[email protected]> PR-URL: nodejs#48566
@joyeecheung Good point! I think I'd still rather keep the reordering of the fields to protect against future refactoring. Seems generally good to have "trivial" fields before fields that may have more interesting logic in constructors. But I also added your change to prevent the unnecessary code on startup and in other situations where the async resource may be empty. |
This comment was marked as outdated.
This comment was marked as outdated.
Landed in 5ff46db |
Co-authored-by: Joyee Cheung <[email protected]> PR-URL: #48566 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Minwoo Jung <[email protected]> Reviewed-By: Gerhard Stöbich <[email protected]>
Co-authored-by: Joyee Cheung <[email protected]> PR-URL: nodejs#48566 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Minwoo Jung <[email protected]> Reviewed-By: Gerhard Stöbich <[email protected]>
Co-authored-by: Joyee Cheung <[email protected]> PR-URL: nodejs#48566 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Minwoo Jung <[email protected]> Reviewed-By: Gerhard Stöbich <[email protected]>
Co-authored-by: Joyee Cheung <[email protected]> PR-URL: #48566 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Minwoo Jung <[email protected]> Reviewed-By: Gerhard Stöbich <[email protected]>
Co-authored-by: Joyee Cheung <[email protected]> PR-URL: #48566 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Minwoo Jung <[email protected]> Reviewed-By: Gerhard Stöbich <[email protected]>
Co-authored-by: Joyee Cheung <[email protected]> PR-URL: #48566 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Santiago Gimeno <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Joyee Cheung <[email protected]> Reviewed-By: Minwoo Jung <[email protected]> Reviewed-By: Gerhard Stöbich <[email protected]>
This fixes an issue that was surfaced by an address sanitizer (asan) run:
Afaict #44669 added reads to
is_stopping_
andcan_call_into_js_
but they were triggered from inside of theAsyncHooks
constructor. Because of the field order inEnvironment
, theAsyncHooks
constructor ran before these fields had been initialized, leading to reads of uninitialized memory.Moving the fields up seemed like the simplest fix.