duktape/bugs/issue-c5f6b9485d7e2e7359ed7a01b631784ec32ae0d4.yaml

--- !ditz.rubyforge.org,2008-03-06/issue 
title: mark-and-sweep _finalizer access error causes uncaught error
desc: |-
  If _finalizer access fails with error due to prototype loop or perhaps
  because a devious user has set it to an accessor value, mark-and-sweep
  and/or reference counting can now throw an uncaught error during GC
  handling (which is quite fatal).
  
  Finalizer checks should tolerate _finalizer lookup errors and assume
  there is no finalizer if the property cannot be read?  
type: :bugfix
component: duk
release: v0.12
reporter: Sami Vaarala <sami.vaarala@iki.fi>
status: :closed
disposition: :fixed
creation_time: 2014-08-20 10:49:54.364530 Z
references: []

id: c5f6b9485d7e2e7359ed7a01b631784ec32ae0d4
log_events: 
- - 2014-08-20 10:49:54.567675 Z
  - Sami Vaarala <sami.vaarala@iki.fi>
  - created
  - ""
- - 2014-08-20 11:00:59.838404 Z
  - Sami Vaarala <sami.vaarala@iki.fi>
  - commented
  - |-
    The culprit seems to be a duk_hobject_hasprop_raw() check inside mark-and-sweep.
    This wouldn't throw an error for an accessor (which is as intended) but does
    throw for a prototype loop.
    
    Possible fixes:
    
    * Put the duk_hobject_hasprop_raw() check inside a duk_safe_call().  This is
      quite expensive as 99% objects don't have a finalizer.
    
    * Add a variant of duk_hobject_hasprop_raw() (or a flag) which will check for
      property existence but never throws an error - if prototype loop occurs,
      pretend that the property doesn't exist.
    
    * Deny prototype loops also for C code.  This means a prototype walk when the
      prototype is set, which is more expensive than ideal.    
- - 2014-08-22 20:47:22.649258 Z
  - Sami Vaarala <sami.vaarala@iki.fi>
  - closed with disposition fixed
  - ""