New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Electron 1.8.x crash with request module #11457

Closed
TheEdward162 opened this Issue Dec 17, 2017 · 6 comments

Comments

Projects
None yet
6 participants
@TheEdward162
Copy link

TheEdward162 commented Dec 17, 2017

  • Electron version: 1.8.1
  • Operating system: Arch Linux (kernel 4.14), also macOS 10.13.2

Expected behavior

Requests should resolve and no crash should occur.

Actual behavior

Linux:

[24520:1217/182314.561309:FATAL:partition_alloc.cc(934)] Check failed: page->num_allocated_slots != -1.
#0 0x0000036228e7 <unknown>
#1 0x00000363862b <unknown>
#2 0x0000035e4595 <unknown>
#3 0x0000034f29fd <unknown>
#4 0x7f3a2012ec23 <unknown>
#5 0x7f3a2049f3c2 <unknown>
#6 0x7f3a204aad61 <unknown>
#7 0x7f3a204a020e <unknown>
#8 0x7f3a20498b67 <unknown>
#9 0x7f3a20496569 <unknown>
#10 0x7f3a2033a4c3 <unknown>
#11 0x7f3a20338d5a <unknown>
#12 0x7f3a203382d4 <unknown>
#13 0x7f3a20346936 <unknown>
#14 0x7f3a200de813 <unknown>
#15 0x0000036163a0 <unknown>
#16 0x000003472028 <unknown>
#17 0x0000034702c8 <unknown>
#18 0x0000036163a0 <unknown>
#19 0x00000363c48d <unknown>
#20 0x00000363c7a8 <unknown>
#21 0x00000363ce46 <unknown>
#22 0x00000361b1da <unknown>
#23 0x00000363c1b7 <unknown>
#24 0x0000035eec6e <unknown>
#25 0x0000014f2a40 <unknown>
#26 0x0000013c0a6a <unknown>
#27 0x0000013c1908 <unknown>
#28 0x000001097d3f <unknown>
#29 0x0000013c1c42 <unknown>
#30 0x000003de1228 main
#31 0x7f3a18c3bf4a __libc_start_main
#32 0x0000005a5c59 <unknown>

macOS:

[2561:1217/182035.285945:FATAL:partition_alloc.cc(934)] Check failed: page->num_allocated_slots != -1. 
0   Electron Framework                  0x000000010e89a43c crashpad::CloseMultipleNowOrOnExec(int, int) + 970204
1   Electron Framework                  0x000000010e861c53 crashpad::CloseMultipleNowOrOnExec(int, int) + 738803
2   Electron Framework                  0x000000010e8796b1 crashpad::CloseMultipleNowOrOnExec(int, int) + 835665
3   Electron Framework                  0x0000000111515a9c crashpad::CloseMultipleNowOrOnExec(int, int) + 47612988
4   libnode.dylib                       0x0000000112f4e42e v8::internal::DeferredHandles::Iterate(v8::internal::ObjectVisitor*) + 20670
5   libnode.dylib                       0x0000000112f4e36e v8::internal::DeferredHandles::Iterate(v8::internal::ObjectVisitor*) + 20478
6   libnode.dylib                       0x00000001133d967a v8::internal::AllocationSpaceName(v8::internal::AllocationSpace) + 27370
7   libnode.dylib                       0x00000001133d2570 v8::internal::operator«(std::__1::basic_ostream<char, std::__1::char_traits<char> >&, v8::internal::MachineType) + 76800
8   libnode.dylib                       0x00000001133d28e4 v8::internal::operator«(std::__1::basic_ostream<char, std::__1::char_traits<char> >&, v8::internal::MachineType) + 77684
9   libnode.dylib                       0x00000001133e211c v8::internal::AllocationSpaceName(v8::internal::AllocationSpace) + 62860
10  Electron Framework                  0x000000010e8d9ae2 crashpad::CloseMultipleNowOrOnExec(int, int) + 1229954
11  Electron Framework                  0x000000010e881057 crashpad::CloseMultipleNowOrOnExec(int, int) + 866807
12  libsystem_pthread.dylib             0x00007fff7f01d6c1 _pthread_body + 340
13  libsystem_pthread.dylib             0x00007fff7f01d56d _pthread_body + 0
14  libsystem_pthread.dylib             0x00007fff7f01cc5d thread_start + 13

How to reproduce

// run this in renderer process

// bug occurs with both promise request module and vanilla request module
const request = require('request-promise-native')

function getImageBase64(url) {
	console.log("Getting image from", url)

	return request({ url: url, encoding: null }).then((body) => {
	 	return new Promise((resolve, reject) => {
	 		if (body) {
	 			resolve(body.toString('base64'))
			 } else
	 			reject()
	 	})
	}).catch((err) => {
	 	console.error(err)

	 	return Promise.reject(err)
	})
}

const url = 'https://images-na.ssl-images-amazon.com/images/M/MV5BMjA4NzcyNzgwM15BMl5BanBnXkFtZTgwNTM5NjY0MjI@._V1_UX200_CR0,0,200,112_AL_.jpg'
for (let i = 0; i < 30; i++) {
	getImageBase64(url).then((res) => {
		//console.log(res)
	})
}

Appears to be the same underlying bug as in #11358
This bug does not appear for me on 1.7.9

@welcome

This comment has been minimized.

Copy link

welcome bot commented Dec 17, 2017

👋 Thanks for opening your first issue here! If you're reporting a 🐞 bug, please make sure you include steps to reproduce it. We get a lot of issues on this repo, so please be patient and we will get back to you as soon as we can.

To help make it easier for us to investigate your issue, please follow the contributing guidelines.

@KochiyaOcean

This comment has been minimized.

Copy link

KochiyaOcean commented Dec 22, 2017

Seems same issues here #11037 #10455

@zcbenz

This comment has been minimized.

Copy link
Contributor

zcbenz commented Dec 26, 2017

This crash happened when Node's Buffer is being freed by blink, while this is explicated guarded in Electron, we probably broke something when doing Chrome upgrade.

@zcbenz

This comment has been minimized.

Copy link
Contributor

zcbenz commented Dec 26, 2017

Test case:

const crypto = require('crypto')
const data =  'lG9E+/g4JmRmedDAnihtBD4Dfaha/GFOjd+xUOQI05UtfVX3DjUXvrS98p7kZQwY3LNhdiFo7MY5rGft8yBuDhKuNNag9vRx/44IuClDhdQ='
const key = 'q90K9yBqhWZnAMCMTOJfPQ=='
for (let i = 0; i < 10000; ++i) {
    let iv = Buffer.from('0'.repeat(32), 'hex')
    let input = Buffer.from(data, 'base64')
    let decipher = crypto.createDecipheriv('aes-128-cbc', Buffer.from(key, 'base64'), iv)
    let ciphertext = Buffer.concat([decipher.update(input), decipher.final()])
}
@alexeykuzmin

This comment has been minimized.

Copy link
Contributor

alexeykuzmin commented Jan 2, 2018

@zcbenz Is it fixed already? Shouldn't it be closed then?

@zcbenz zcbenz closed this Jan 3, 2018

@yangheng

This comment has been minimized.

Copy link

yangheng commented Jan 3, 2018

@zcbenz Why closed? The crypto module is just a saved plan. The point is that it does't exists in main process.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment