Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bun FFI JSCallback fails when called across threads in the same process #15925

Closed
citkane opened this issue Dec 21, 2024 · 4 comments · May be fixed by #15982
Closed

Bun FFI JSCallback fails when called across threads in the same process #15925

citkane opened this issue Dec 21, 2024 · 4 comments · May be fixed by #15982
Labels
crash An issue that could cause a crash linux An issue that occurs on Linux runtime

Comments

@citkane
Copy link

citkane commented Dec 21, 2024

How can we reproduce the crash?

This issue arose while consuming the Webview foreign library.

Webview opens a native OS browser window (webview), blocking the calling (Worker) thread until terminated. In order to interact with the Webview API after a browser window is opened, calls need to be made from the parent thread.

The bun minimal reproduction illustrates how Webview API commands using JSCallback work from the worker thread, but fail from the parent thread.

Observations:

  • The Deno minimal reproduction works as expected for all Webview API commands from both threads.
  • In Deno, the minimal reproduction works as expected using "node:worker_threads"
  • The Bun minimal reproduction fails with native Worker and "node:worker_threads"
  • Webview FFI commands not involving JSCallback work as expected from the parent thread.

I have thus formed an opinion that the issue does not lie with Bun Worker, but specifically with Bun FFI JSCallback.

In order to run the minimal reproduction (for linux x64) , some OS dependencies are required.
minimal.repro.zip contains all of the minimal reproduction code, as well as "libwebview.so" (the Webview library for linux x64)

Relevant log output

Overriding existing handler for signal 10. Set JSC_SIGNAL_FOR_GC if you want WebKit to use a different signal
============================================================
Bun v1.1.39 (1d485617) Linux x64
Linux Kernel v6.1.0 | glibc v2.36
CPU: sse42 popcnt avx avx2
Args: "bun" "./index.ts"
Features: jsc tsconfig workers_spawned 
Builtins: "bun:ffi" "bun:main" "node:path" 
Elapsed: 1229ms | User: 152ms | Sys: 114ms
RSS: 1.07GB | Peak: 0.16GB | Commit: 1.07GB | Faults: 0

panic(main thread): Segmentation fault at address 0x40
oh no: Bun has crashed. This indicates a bug in Bun, not your code.

To send a redacted crash report to Bun's team,
please file a GitHub issue using the link below:

 https://bun.report/1.1.39/la11d48561Ihgg8//DoqqomEk0/pvB__A2AgE

Illegal instruction

Stack Trace (bun.report)

Bun v1.1.39 (1d48561) on linux x86_64 [AutoCommand]

Segmentation fault at address 0x00000040

Features: workers_spawned, jsc, tsconfig, tsconfig
@citkane citkane added the crash An issue that could cause a crash label Dec 21, 2024
@github-actions github-actions bot added linux An issue that occurs on Linux runtime labels Dec 21, 2024
@github-actions GitHub Actions
Copy link
Contributor

@citkane, the latest version of Bun is v1.1.41, but this crash was reported on Bun v1.1.39.

Are you able to reproduce this crash on the latest version of Bun?

bun upgrade

@citkane
Copy link
Author

citkane commented Dec 21, 2024

Identical behaviour on Bun v1.1.41

@citkane
Copy link
Author

citkane commented Dec 22, 2024

I have hacked a workaround in this gist (not a solution, but it narrows down the issue).

When JSCallback pointers are taken in the worker thread and passed by IPC to the parent thread for consumption as parameters, the example runs as expected.

This points the issue to JSCallback.ptr not being memory safe across threads in the same process.

Also to note: converting pointers to/from SharedArrayBuffer between messaging prevents Bun panicking, but the functions that include JSCallback still fail to execute.

@citkane citkane mentioned this issue Dec 24, 2024
Open
2 tasks
@citkane
Copy link
Author

citkane commented Dec 24, 2024

The threadsafe option for FFI JSCallback resolves this issue. This option was not documented. See PR #15982 for update to documentation.

@citkane citkane closed this as completed Dec 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
crash An issue that could cause a crash linux An issue that occurs on Linux runtime
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add documentation for threadsafe option in FFI JSCallback citkane/bun
1 participant
@citkane