mini_racer 0.21.1 → 0.21.3

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 6c838b1bc35ed1adb0156f0e01d699afc180c174718f197a6afc1356fe9e4815
-  data.tar.gz: 7a4b00c4bcd4572bf7fdcce3df6455ded628706975fa8540946faee17e53617d
+  metadata.gz: 3e370b2c6cdb60e5081d5f97840cff28489119f0225a3c9a74ed7f6859caf40e
+  data.tar.gz: 7405ed87278cbaa1d155bc72f8c99d8e8c744df743252eb4128b9ae9ff899d07
 SHA512:
-  metadata.gz: d826ca742dbe6580f92faebf11c827795536c55596c279fa070dd38836d03b7dcecc0b43fe254b6d95590bea1a24d8ec168f9d5008b668ba488a5aff7b6e3aea
-  data.tar.gz: 985effeb709d8dfc1481c679dfdc86a3930a0d84de6d3b6d9d154d6801a6766af76ffecd468e22d8b20b68952e02b756ab0ec11b1bc3c93736b078d046719798
+  metadata.gz: 3c9f53c6a9052cca6a5129d023ecece59613c40c17f4c7666c728f8f6327200e34d707557ea4dcd9b626aed332b327c6c3e3f90e365c630adbec0b2d02c4b1c1
+  data.tar.gz: 4dc0348a006f7620c4c9688c0b877f2bd9500b7ece37fba4fa6e868006af1517e4279537693fd87b2f18c2b0602067084e2332e2bf9fa862504ebaab4ddbbcfc

data/CHANGELOG

@@ -1,3 +1,17 @@
+- 0.21.3 - 18-06-2026
+  - Fix `:single_threaded` contexts inherited across `fork` by recovering idle reusable native runners in the child process without falling back to per-dispatch native thread spawning
+  - Avoid intermittent heap corruption during `:single_threaded` context finalization, especially when forked children exit normally after touching inherited contexts
+  - Avoid finalizer hangs when a forked child garbage-collects a non-idle inherited `:single_threaded` context
+  - Allow Ruby thread interrupts, process shutdown, and cross-thread `Context#dispose` to terminate busy `:single_threaded` JavaScript execution instead of hanging
+  - Make `Context#dispose` while an attached Ruby callback is active either terminate safely or raise instead of deadlocking
+
+- 0.21.2 - 11-06-2026
+  - Add `Context#perform_microtask_checkpoint` to synchronously drain the V8 microtask queue, useful for spec-compliant `dispatchEvent` sequencing inside Ruby callbacks
+  - Fix native memory leaks in `Context#heap_snapshot`/`Context#write_heap_snapshot`; thanks to Pranjali Thakur from depthfirst.com
+  - Fix large integral JavaScript numbers wrapping to negative Ruby integers; thanks to Pranjali Thakur from depthfirst.com
+  - Fix Ruby callback exceptions with embedded NUL bytes permanently deadlocking a context; thanks to Pranjali Thakur from depthfirst.com
+  - Preserve embedded NUL bytes in JavaScript exception messages and attached function names, and reject unsafe V8 flags containing NUL bytes or overly long values
+
 - 0.21.1 - 25-05-2026
   - Run `:single_threaded` V8 dispatches on a reusable mini_racer-owned native thread so V8 does not execute on Ruby-owned threads
   - Stop and join the reusable `:single_threaded` runner when contexts are disposed

data/README.md

@@ -348,6 +348,38 @@ Performance is slightly better than running `context.eval("hello('George')")` si
 * compilation of eval'd string is avoided
 * function arguments don't need to be converted to JSON
 
+### Microtask checkpoints
+
+V8 drains its microtask queue (e.g. callbacks queued via `Promise.resolve().then(...)`) automatically when script execution returns to the embedder, so most code "just works":
+
+```ruby
+context = MiniRacer::Context.new
+context.eval(<<~JS)
+  let x = 0;
+  Promise.resolve().then(() => x = 99);
+JS
+context.eval("x")
+# => 99
+```
+
+When JavaScript invokes a Ruby callback synchronously and you need queued microtasks to drain mid-execution — e.g. for spec-compliant ordering across a chain of synchronous `dispatchEvent` listeners — call `context.perform_microtask_checkpoint` from the callback:
+
+```ruby
+context = MiniRacer::Context.new
+context.attach("drain", -> { context.perform_microtask_checkpoint })
+context.eval(<<~JS)
+  globalThis.log = [];
+  Promise.resolve().then(() => log.push("microtask"));
+  log.push("before");
+  drain();
+  log.push("after");
+JS
+context.eval("log")
+# => ["before", "microtask", "after"]
+```
+
+Without `drain()` the order would be `["before", "after", "microtask"]` because the microtask only runs once the outermost script returns. `perform_microtask_checkpoint` is a thin wrapper over V8's `MicrotasksScope::PerformCheckpoint`.
+
 ## Performance
 
 The `bench` folder contains benchmark.

data/ext/mini_racer_extension/mini_racer_extension.c

@@ -5,6 +5,7 @@
 #include <string.h>
 #include <pthread.h>
 #include <unistd.h>
+#include <errno.h>
 #include <math.h>
 
 #if defined(__linux__) && !defined(__GLIBC__)
@@ -159,6 +160,7 @@ typedef struct Snapshot {
 } Snapshot;
 
 static void context_destroy(Context *c);
+static void context_abandon(Context *c);
 static void context_free(void *arg);
 static void context_mark(void *arg);
 static size_t context_size(const void *arg);
@@ -227,6 +229,7 @@ struct rendezvous_nogvl
 {
     Context *context;
     Buf *req, *res;
+    atomic_int active;
 };
 
 struct rendezvous_des
@@ -316,13 +319,19 @@ static void des_bool(void *arg, int v)
 
 static void des_int(void *arg, int64_t v)
 {
-    put(arg, LONG2FIX(v));
+    put(arg, LL2NUM((LONG_LONG)v));
 }
 
 static void des_num(void *arg, double v)
 {
-    if (isfinite(v) && v == trunc(v) && v >= INT64_MIN && v <= INT64_MAX) {
-        put(arg, LONG2FIX(v));
+    if (isfinite(v) && v == trunc(v)) {
+        // INT64_MAX is not exactly representable as a double: it rounds up to
+        // 2^63, which would let 2^63 through and make the cast undefined.
+        if (v >= -0x1p63 && v < 0x1p63) {
+            put(arg, LL2NUM((LONG_LONG)v));
+        } else {
+            put(arg, rb_dbl2big(v));
+        }
     } else {
         put(arg, DBL2NUM(v));
     }
@@ -364,19 +373,8 @@ static void des_bigint(void *arg, const void *p, size_t n, int sign)
     if (t >> 63)
         *a++ = 0; // suppress sign extension
     v = rb_big_unpack(limbs, a-limbs);
-    if (sign < 0) {
-        // rb_big_unpack returns T_FIXNUM for smallish bignums
-        switch (TYPE(v)) {
-        case T_BIGNUM:
-            v = rb_big_mul(v, LONG2FIX(-1));
-            break;
-        case T_FIXNUM:
-            v = LONG2FIX(-1 * FIX2LONG(v));
-            break;
-        default:
-            abort();
-        }
-    }
+    if (sign < 0)
+        v = rb_funcall(v, rb_intern("-@"), 0);
     put(c, v);
 }
 
@@ -810,6 +808,7 @@ static void dispatch1(Context *c, const uint8_t *p, size_t n)
     case 'C': return v8_timedwait(c, p+1, n-1, v8_call);
     case 'E': return v8_timedwait(c, p+1, n-1, v8_eval);
     case 'H': return v8_heap_snapshot(c->pst);
+    case 'M': return v8_perform_microtask_checkpoint(c->pst);
     case 'P': return v8_pump_message_loop(c->pst);
     case 'S': return v8_heap_stats(c->pst);
     case 'T': return v8_snapshot(c->pst, p+1, n-1);
@@ -874,8 +873,14 @@ void v8_roundtrip(Context *c, const uint8_t **p, size_t *n)
 {
     buf_reset(&c->req);
     pthread_cond_signal(&c->cv);
-    while (!c->req.len)
+    while (!c->req.len && !atomic_load(&c->quit))
         pthread_cond_wait(&c->cv, &c->mtx);
+    if (!c->req.len && atomic_load(&c->quit)) {
+        static const uint8_t disposed[] = "edisposed context";
+        *p = disposed;
+        *n = sizeof(disposed) - 1;
+        return;
+    }
     buf_reset(&c->res);
     *p = c->req.buf;
     *n = c->req.len;
@@ -936,6 +941,7 @@ static VALUE rendezvous_callback_do(VALUE arg)
     Context *c;
     DesCtx d;
     Buf *b;
+    long id;
 
     a = (void *)arg;
     b = a->res;
@@ -945,7 +951,12 @@ static VALUE rendezvous_callback_do(VALUE arg)
     DesCtx_init(&d);
     args = deserialize1(&d, b->buf+1, b->len-1); // skip 'c' marker
     func = rb_ary_pop(args); // callback id
-    func = rb_ary_entry(c->procs, FIX2LONG(func));
+    if (!RB_INTEGER_TYPE_P(func))
+        rb_raise(runtime_error, "bad callback id");
+    id = NUM2LONG(func);
+    if (id < 0 || id >= RARRAY_LEN(c->procs))
+        rb_raise(runtime_error, "bad callback id");
+    func = rb_ary_entry(c->procs, id);
     return rb_funcall2(func, rb_intern("call"), RARRAY_LENINT(args), RARRAY_PTR(args));
 }
 
@@ -981,9 +992,9 @@ fail:
     ser_init0(&s);   // ruby exception pending
     w_byte(&s, 'e'); // send ruby error message to v8 thread
     r = rb_funcall(c->exception, rb_intern("to_s"), 0);
-    err = StringValueCStr(r);
+    err = StringValuePtr(r);
     if (err)
-        w(&s, err, strlen(err));
+        w(&s, err, RSTRING_LEN(r));
     goto out;
 }
 
@@ -1005,6 +1016,33 @@ static void *single_threaded_runner(void *arg)
     return NULL;
 }
 
+static int single_threaded_recover_after_fork(Context *c)
+{
+    pthread_condattr_t cattr;
+    pid_t pid;
+    int r;
+
+    pid = getpid();
+    if (!c->single_threaded_thr_started || c->single_threaded_pid == pid)
+        return 0;
+    if (c->depth || c->req.len || c->res.len)
+        return EBUSY;
+
+    if ((r = pthread_condattr_init(&cattr)))
+        return r;
+#ifndef __APPLE__
+    pthread_condattr_setclock(&cattr, CLOCK_MONOTONIC);
+#endif
+    r = pthread_cond_init(&c->cv, &cattr);
+    pthread_condattr_destroy(&cattr);
+    if (r)
+        return r;
+
+    c->single_threaded_thr_started = 0;
+    c->single_threaded_pid = pid;
+    return 0;
+}
+
 static int single_threaded_runner_start(Context *c)
 {
     pid_t pid;
@@ -1029,7 +1067,10 @@ static inline void *rendezvous_nogvl(void *arg)
 
     a = arg;
     c = a->context;
+    if (single_threaded && (r = single_threaded_recover_after_fork(c)))
+        return (void *)(intptr_t)r;
     pthread_mutex_lock(&c->rr_mtx);
+    atomic_store(&a->active, 1);
     if (c->depth > 0 && c->depth%50 == 0) { // TODO stop steep recursion
         fprintf(stderr, "mini_racer: deep js->ruby->js recursion, depth=%d\n", c->depth);
         fflush(stderr);
@@ -1037,6 +1078,14 @@ static inline void *rendezvous_nogvl(void *arg)
     c->depth++;
 next:
     pthread_mutex_lock(&c->mtx);
+    if (atomic_load(&c->quit)) {
+        buf_reset(a->req);
+        pthread_mutex_unlock(&c->mtx);
+        c->depth--;
+        atomic_store(&a->active, 0);
+        pthread_mutex_unlock(&c->rr_mtx);
+        return (void *)(intptr_t)ECANCELED;
+    }
     assert(c->req.len == 0);
     assert(c->res.len == 0);
     buf_move(a->req, &c->req); // v8 thread takes ownership of req
@@ -1046,6 +1095,7 @@ next:
             buf_move(&c->req, a->req);
             pthread_mutex_unlock(&c->mtx);
             c->depth--;
+            atomic_store(&a->active, 0);
             pthread_mutex_unlock(&c->rr_mtx);
             return (void *)(intptr_t)r;
         }
@@ -1056,29 +1106,66 @@ next:
         do pthread_cond_wait(&c->cv, &c->mtx); while (!c->res.len);
     }
     buf_move(&c->res, a->res);
+    pthread_cond_broadcast(&c->cv);
     pthread_mutex_unlock(&c->mtx);
     if (*a->res->buf == 'c') { // js -> ruby callback?
         rb_thread_call_with_gvl(rendezvous_callback, a);
         buf_reset(a->res);
+        if (atomic_load(&c->quit)) {
+            buf_reset(a->req);
+            c->depth--;
+            atomic_store(&a->active, 0);
+            pthread_mutex_unlock(&c->rr_mtx);
+            return (void *)(intptr_t)ECANCELED;
+        }
         goto next;
     }
     c->depth--;
+    atomic_store(&a->active, 0);
     pthread_mutex_unlock(&c->rr_mtx);
     return NULL;
 }
 
+static void rendezvous_ubf(void *arg)
+{
+    struct rendezvous_nogvl *a;
+    Context *c;
+
+    a = arg;
+    if (!atomic_load(&a->active))
+        return;
+    c = a->context;
+    if (c->pst)
+        v8_terminate_execution(c->pst);
+    pthread_cond_broadcast(&c->cv);
+}
+
+static void terminate_ubf(void *arg)
+{
+    Context *c;
+
+    c = arg;
+    if (c->pst)
+        v8_terminate_execution(c->pst);
+    pthread_cond_broadcast(&c->cv);
+}
+
 static void rendezvous_no_des(Context *c, Buf *req, Buf *res)
 {
     void *r;
+    struct rendezvous_nogvl a;
 
     if (atomic_load(&c->quit)) {
         buf_reset(req);
         rb_raise(context_disposed_error, "disposed context");
     }
-    r = rb_nogvl(rendezvous_nogvl, &(struct rendezvous_nogvl){c, req, res},
-                 NULL, NULL, 0);
+    a.context = c;
+    a.req = req;
+    a.res = res;
+    atomic_init(&a.active, 0);
+    r = rb_nogvl(rendezvous_nogvl, &a, rendezvous_ubf, &a, 0);
     if (r)
-        rb_raise(runtime_error, "pthread_create: %s", strerror((int)(intptr_t)r));
+        rb_raise(runtime_error, "single-threaded runner: %s", strerror((int)(intptr_t)r));
 }
 
 // send request to & receive reply from v8 thread; takes ownership of |req|
@@ -1094,7 +1181,8 @@ static VALUE rendezvous1(Context *c, Buf *req, DesCtx *d)
     c->exception = Qnil;
     // if js land didn't handle exception from ruby callback, re-raise it now
     if (res.len == 1 && *res.buf == 'e') {
-        assert(!NIL_P(r));
+        if (NIL_P(r))
+            rb_raise(context_disposed_error, "disposed context");
         rb_exc_raise(r);
     }
     r = rb_protect(deserialize, (VALUE)&(struct rendezvous_des){d, &res}, &exc);
@@ -1115,16 +1203,35 @@ static VALUE rendezvous(Context *c, Buf *req)
     return rendezvous1(c, req, &d);
 }
 
+static void raise_exception_with_message(VALUE klass, VALUE e)
+{
+    long n;
+    VALUE message;
+
+    if (NIL_P(e))
+        return;
+    e = StringValue(e);
+    n = RSTRING_LEN(e);
+    if (n == 0 || RSTRING_PTR(e)[0] == NO_ERROR)
+        return;
+    message = rb_str_subseq(e, 1, n - 1);
+    rb_exc_raise(rb_exc_new_str(klass, message));
+}
+
 static void handle_exception(VALUE e)
 {
     const char *s;
     VALUE klass;
+    long n;
 
     if (NIL_P(e))
         return;
     e = StringValue(e);
-    s = StringValueCStr(e);
-    switch (*s) {
+    n = RSTRING_LEN(e);
+    if (n == 0)
+        return;
+    s = RSTRING_PTR(e);
+    switch ((unsigned char)*s) {
     case NO_ERROR:
         return;
     case INTERNAL_ERROR:
@@ -1143,9 +1250,9 @@ static void handle_exception(VALUE e)
         klass = terminated_error;
         break;
     default:
-        rb_raise(internal_error, "bad error class %02x", *s);
+        rb_raise(internal_error, "bad error class %02x", (unsigned char)*s);
     }
-    rb_enc_raise(rb_enc_get(e), klass, "%s", s+1);
+    raise_exception_with_message(klass, e);
 }
 
 static VALUE context_alloc(VALUE klass)
@@ -1230,11 +1337,19 @@ fail0:
     return Qnil; // pacify compiler
 }
 
-static void *context_free_thread_do(void *arg)
+static void *context_free_do(void *arg)
 {
     Context *c;
 
     c = arg;
+    if (single_threaded && single_threaded_recover_after_fork(c)) {
+        // The child forked while this inherited context was not idle. There is
+        // no live runner thread to join and the inherited V8/pthread state is
+        // not safe to tear down. A finalizer must not hang here; let the OS
+        // reclaim the abandoned V8 state when the child exits.
+        context_abandon(c);
+        return NULL;
+    }
     if (single_threaded && c->single_threaded_thr_started && c->single_threaded_pid == getpid()) {
         pthread_mutex_lock(&c->mtx);
         atomic_store(&c->quit, 2);
@@ -1249,31 +1364,16 @@ static void *context_free_thread_do(void *arg)
     return NULL;
 }
 
-static void context_free_thread(Context *c)
-{
-    pthread_t thr;
-    int r;
-
-    // dispose on another thread so we don't block when trying to
-    // enter an isolate that's in a stuck state; that *should* be
-    // impossible but apparently it happened regularly before the
-    // rewrite and I'm carrying it over out of an abundance of caution
-    if ((r = pthread_create(&thr, NULL, context_free_thread_do, c))) {
-        fprintf(stderr, "mini_racer: pthread_create: %s", strerror(r));
-        fflush(stderr);
-        context_free_thread_do(c);
-    } else {
-        pthread_detach(thr);
-    }
-}
-
 static void context_free(void *arg)
 {
     Context *c;
 
     c = arg;
     if (single_threaded) {
-        context_free_thread(c);
+        // Free synchronously. A detached cleanup thread can race normal Ruby
+        // process shutdown and trip glibc malloc corruption checks while V8 is
+        // tearing down single-threaded contexts.
+        context_free_do(c);
     } else {
         pthread_mutex_lock(&c->mtx);
         c->quit = 2; // 2 = v8 thread frees
@@ -1282,6 +1382,14 @@ static void context_free(void *arg)
     }
 }
 
+static void context_abandon(Context *c)
+{
+    buf_reset(&c->snapshot);
+    buf_reset(&c->req);
+    buf_reset(&c->res);
+    ruby_xfree(c);
+}
+
 static void context_destroy(Context *c)
 {
     pthread_mutex_unlock(&c->mtx);
@@ -1317,13 +1425,17 @@ static VALUE context_attach(VALUE self, VALUE name, VALUE proc)
     Context *c;
     VALUE e;
     Ser s;
+    long id;
 
     TypedData_Get_Struct(self, Context, &context_type, c);
+    id = RARRAY_LEN(c->procs);
+    if (id > INT32_MAX)
+        rb_raise(runtime_error, "too many callbacks");
     // request is (A)ttach, [name, id] array
     ser_init1(&s, 'A');
     ser_array_begin(&s, 2);
     add_string(&s, name);
-    ser_int(&s, RARRAY_LENINT(c->procs));
+    ser_int(&s, id);
     ser_array_end(&s, 2);
     rb_ary_push(c->procs, proc);
     // response is an exception or undefined
@@ -1335,8 +1447,25 @@ static VALUE context_attach(VALUE self, VALUE name, VALUE proc)
 static void *context_dispose_do(void *arg)
 {
     Context *c;
+    int r;
 
     c = arg;
+    if (single_threaded) {
+        if ((r = single_threaded_recover_after_fork(c)))
+            return (void *)(intptr_t)r;
+    }
+    if (c->depth > 0) {
+        r = pthread_mutex_trylock(&c->rr_mtx);
+        if (!r) {
+            pthread_mutex_unlock(&c->rr_mtx);
+            return (void *)(intptr_t)EBUSY;
+        }
+        if (r != EBUSY)
+            return (void *)(intptr_t)r;
+        if (c->pst)
+            v8_terminate_execution(c->pst);
+        pthread_cond_broadcast(&c->cv);
+    }
     if (single_threaded) {
         pthread_mutex_lock(&c->mtx);
         while (c->req.len || c->res.len)
@@ -1364,9 +1493,12 @@ static void *context_dispose_do(void *arg)
 static VALUE context_dispose(VALUE self)
 {
     Context *c;
+    void *r;
 
     TypedData_Get_Struct(self, Context, &context_type, c);
-    rb_thread_call_without_gvl(context_dispose_do, c, NULL, NULL);
+    r = rb_thread_call_without_gvl(context_dispose_do, c, terminate_ubf, c);
+    if (r)
+        rb_raise(runtime_error, "context dispose: %s", strerror((int)(intptr_t)r));
     return Qnil;
 }
 
@@ -1457,6 +1589,20 @@ static VALUE context_heap_stats(VALUE self)
     return h;
 }
 
+static VALUE buf_reset_ensure(VALUE arg)
+{
+    buf_reset((Buf *)arg);
+    return Qnil;
+}
+
+static VALUE heap_snapshot_to_str(VALUE arg)
+{
+    Buf *res;
+
+    res = (Buf *)arg;
+    return rb_utf8_str_new((char *)res->buf, res->len);
+}
+
 static VALUE context_heap_snapshot(VALUE self)
 {
     Buf req, res;
@@ -1466,7 +1612,19 @@ static VALUE context_heap_snapshot(VALUE self)
     buf_init(&req);
     buf_putc(&req, 'H');              // (H)eap snapshot, returns plain bytes
     rendezvous_no_des(c, &req, &res); // takes ownership of |req|
-    return rb_utf8_str_new((char *)res.buf, res.len);
+    return rb_ensure(heap_snapshot_to_str, (VALUE)&res,
+                     buf_reset_ensure, (VALUE)&res);
+}
+
+static VALUE context_perform_microtask_checkpoint(VALUE self)
+{
+    Context *c;
+    Buf b;
+
+    TypedData_Get_Struct(self, Context, &context_type, c);
+    buf_init(&b);
+    buf_putc(&b, 'M');        // (M)icrotask checkpoint, returns nil
+    return rendezvous(c, &b); // takes ownership of |b|
 }
 
 static VALUE context_pump_message_loop(VALUE self)
@@ -1489,12 +1647,14 @@ static VALUE context_low_memory_notification(VALUE self)
     buf_init(&req);
     buf_putc(&req, 'L');              // (L)ow memory notification, returns nothing
     rendezvous_no_des(c, &req, &res); // takes ownership of |req|
+    buf_reset(&res);
     return Qnil;
 }
 
 static int platform_set_flag1(VALUE k, VALUE v)
 {
-    char *p, *q, buf[256];
+    char *p, *q, *r, buf[256];
+    long pn, vn, len;
     int ok;
 
     k = rb_funcall(k, rb_intern("to_s"), 0);
@@ -1504,12 +1664,40 @@ static int platform_set_flag1(VALUE k, VALUE v)
         Check_Type(v, T_STRING);
     }
     p = RSTRING_PTR(k);
-    if (!strncmp(p, "--", 2))
+    pn = RSTRING_LEN(k);
+    if (memchr(p, '\0', pn))
+        rb_raise(rb_eArgError, "flag contains NUL byte");
+    if (pn >= 2 && p[0] == '-' && p[1] == '-') {
         p += 2;
+        pn -= 2;
+    }
     if (NIL_P(v)) {
-        snprintf(buf, sizeof(buf), "--%s", p);
+        len = 2 + pn;
+        if (len >= (long)sizeof(buf))
+            rb_raise(rb_eArgError, "flag too long");
+        q = buf;
+        *q++ = '-';
+        *q++ = '-';
+        memcpy(q, p, pn);
+        q += pn;
+        *q = '\0';
     } else {
-        snprintf(buf, sizeof(buf), "--%s=%s", p, RSTRING_PTR(v));
+        q = RSTRING_PTR(v);
+        vn = RSTRING_LEN(v);
+        if (memchr(q, '\0', vn))
+            rb_raise(rb_eArgError, "flag contains NUL byte");
+        len = 3 + pn + vn;
+        if (len >= (long)sizeof(buf))
+            rb_raise(rb_eArgError, "flag too long");
+        r = buf;
+        *r++ = '-';
+        *r++ = '-';
+        memcpy(r, p, pn);
+        r += pn;
+        *r++ = '=';
+        memcpy(r, q, vn);
+        r += vn;
+        *r = '\0';
     }
     p = buf;
     pthread_mutex_lock(&flags_mtx);
@@ -1722,8 +1910,7 @@ static VALUE snapshot_initialize(int argc, VALUE *argv, VALUE self)
     a = rendezvous1(c, &s.b, &d);
     e = rb_ary_pop(a);
     context_dispose(cv);
-    if (*RSTRING_PTR(e))
-        rb_raise(snapshot_error, "%s", RSTRING_PTR(e)+1);
+    raise_exception_with_message(snapshot_error, e);
     ss->blob = rb_ary_pop(a);
     return Qnil;
 }
@@ -1753,8 +1940,7 @@ static VALUE snapshot_warmup(VALUE self, VALUE arg)
     a = rendezvous1(c, &s.b, &d);
     e = rb_ary_pop(a);
     context_dispose(cv);
-    if (*RSTRING_PTR(e))
-        rb_raise(snapshot_error, "%s", RSTRING_PTR(e)+1);
+    raise_exception_with_message(snapshot_error, e);
     ss->blob = rb_ary_pop(a);
     return self;
 }
@@ -1824,6 +2010,7 @@ void Init_mini_racer_extension(void)
     rb_define_method(c, "eval", context_eval, -1);
     rb_define_method(c, "heap_stats", context_heap_stats, 0);
     rb_define_method(c, "heap_snapshot", context_heap_snapshot, 0);
+    rb_define_method(c, "perform_microtask_checkpoint", context_perform_microtask_checkpoint, 0);
     rb_define_method(c, "pump_message_loop", context_pump_message_loop, 0);
     rb_define_method(c, "low_memory_notification", context_low_memory_notification, 0);
     rb_define_alloc_func(c, context_alloc);

data/ext/mini_racer_extension/mini_racer_v8.cc

@@ -5,11 +5,12 @@
 #include <memory>
 #include <vector>
 #include <cassert>
+#include <cstdarg>
 #include <cstdio>
 #include <cstdint>
 #include <cstdlib>
 #include <cstring>
-#include <vector>
+#include <limits>
 
 // note: the filter function gets called inside the safe context,
 // i.e., the context that has not been tampered with by user JS
@@ -123,6 +124,106 @@ struct Serialized
     }
 };
 
+void append_bytes(std::vector<char>& out, const char *p, size_t n)
+{
+    out.insert(out.end(), p, p + n);
+}
+
+void append_literal(std::vector<char>& out, const char *s)
+{
+    append_bytes(out, s, strlen(s));
+}
+
+bool append_utf8(std::vector<char>& out, const v8::String::Utf8Value& s)
+{
+    if (!*s) return false;
+    append_bytes(out, *s, s.length());
+    return true;
+}
+
+void append_format(std::vector<char>& out, const char *fmt, ...)
+{
+    char buf[128];
+    va_list ap;
+    va_start(ap, fmt);
+    int n = vsnprintf(buf, sizeof(buf), fmt, ap);
+    va_end(ap);
+    if (n <= 0) return;
+    if (static_cast<size_t>(n) < sizeof(buf)) {
+        append_bytes(out, buf, n);
+        return;
+    }
+
+    std::vector<char> tmp(static_cast<size_t>(n) + 1);
+    va_start(ap, fmt);
+    vsnprintf(tmp.data(), tmp.size(), fmt, ap);
+    va_end(ap);
+    append_bytes(out, tmp.data(), n);
+}
+
+v8::Local<v8::String> string_from_bytes(v8::Isolate *isolate, const std::vector<char>& bytes)
+{
+    v8::Local<v8::String> s;
+    auto type = v8::NewStringType::kNormal;
+    if (bytes.size() <= static_cast<size_t>(std::numeric_limits<int>::max()) &&
+        v8::String::NewFromUtf8(isolate, bytes.data(), type,
+                                static_cast<int>(bytes.size())).ToLocal(&s)) {
+        return s;
+    }
+
+    char fallback[] = {
+        bytes.empty() ? static_cast<char>(INTERNAL_ERROR) : bytes[0],
+        'u', 'n', 'e', 'x', 'p', 'e', 'c', 't', 'e', 'd', ' ', 'e', 'r', 'r', 'o', 'r'
+    };
+    if (v8::String::NewFromUtf8(isolate, fallback, type, static_cast<int>(sizeof(fallback))).ToLocal(&s)) return s;
+    return v8::String::Empty(isolate);
+}
+
+void set_error_message(std::vector<char>& out, int cause, const char *message)
+{
+    out.clear();
+    out.push_back(static_cast<char>(cause));
+    append_literal(out, message);
+}
+
+bool set_error_message(std::vector<char>& out, int cause, const v8::String::Utf8Value& message)
+{
+    out.clear();
+    out.push_back(static_cast<char>(cause));
+    return append_utf8(out, message);
+}
+
+void set_fallback_error(State& st, v8::TryCatch *try_catch, int cause,
+                        std::vector<char>& out)
+{
+    v8::String::Utf8Value s(st.isolate, try_catch->Exception());
+    const char *message = *s ? nullptr : "unexpected failure";
+    if (cause == MEMORY_ERROR) message = "out of memory";
+    if (cause == TERMINATED_ERROR) message = "terminated";
+    if (message) {
+        set_error_message(out, cause, message);
+    } else if (!set_error_message(out, cause, s)) {
+        set_error_message(out, cause, "unexpected failure");
+    }
+}
+
+bool read_path_key(State& st, const char *&p, const char *pe,
+                   v8::Local<v8::String> *key, bool *last)
+{
+    const char *dot;
+    size_t n;
+
+    if (p > pe) return false;
+    dot = static_cast<const char*>(memchr(p, '.', pe - p));
+    *last = (dot == nullptr);
+    n = *last ? static_cast<size_t>(pe - p) : static_cast<size_t>(dot - p);
+    if (n > static_cast<size_t>(std::numeric_limits<int>::max())) return false;
+    auto type = v8::NewStringType::kNormal;
+    if (!v8::String::NewFromUtf8(st.isolate, p, type, static_cast<int>(n)).ToLocal(key)) return false;
+    p = *last ? pe : dot + 1;
+    return true;
+}
+
 bool bubble_up_ruby_exception(State& st, v8::TryCatch *try_catch)
 {
     auto exception = try_catch->Exception();
@@ -249,35 +350,40 @@ v8::Local<v8::Value> sanitize(State& st, v8::Local<v8::Value> v)
 
 v8::Local<v8::String> to_error(State& st, v8::TryCatch *try_catch, int cause)
 {
-    v8::Local<v8::Value> t;
-    char buf[1024];
+    std::vector<char> buf;
 
-    *buf = '\0';
     if (cause == NO_ERROR) {
-        // nothing to do
+        return v8::String::Empty(st.isolate);
     } else if (cause == PARSE_ERROR) {
         auto message = try_catch->Message();
         v8::String::Utf8Value s(st.isolate, message->Get());
         v8::String::Utf8Value name(st.isolate, message->GetScriptResourceName());
-        if (!*s || !*name) goto fallback;
-        auto line = message->GetLineNumber(st.context).FromMaybe(0);
-        auto column = message->GetStartColumn(st.context).FromMaybe(0);
-        snprintf(buf, sizeof(buf), "%c%s at %s:%d:%d", cause, *s, *name, line, column);
-    } else if (try_catch->StackTrace(st.context).ToLocal(&t)) {
-        v8::String::Utf8Value s(st.isolate, t);
-        if (!*s) goto fallback;
-        snprintf(buf, sizeof(buf), "%c%s", cause, *s);
+        if (*s && *name) {
+            buf.push_back(static_cast<char>(cause));
+            append_utf8(buf, s);
+            append_literal(buf, " at ");
+            append_utf8(buf, name);
+            auto line = message->GetLineNumber(st.context).FromMaybe(0);
+            auto column = message->GetStartColumn(st.context).FromMaybe(0);
+            append_format(buf, ":%d:%d", line, column);
+        } else {
+            set_fallback_error(st, try_catch, cause, buf);
+        }
     } else {
-    fallback:
-        v8::String::Utf8Value s(st.isolate, try_catch->Exception());
-        const char *message = *s ? *s : "unexpected failure";
-        if (cause == MEMORY_ERROR) message = "out of memory";
-        if (cause == TERMINATED_ERROR) message = "terminated";
-        snprintf(buf, sizeof(buf), "%c%s", cause, message);
+        v8::Local<v8::Value> t;
+        if (try_catch->StackTrace(st.context).ToLocal(&t)) {
+            v8::String::Utf8Value s(st.isolate, t);
+            if (*s) {
+                buf.push_back(static_cast<char>(cause));
+                append_utf8(buf, s);
+            } else {
+                set_fallback_error(st, try_catch, cause, buf);
+            }
+        } else {
+            set_fallback_error(st, try_catch, cause, buf);
+        }
     }
-    v8::Local<v8::String> s;
-    if (v8::String::NewFromUtf8(st.isolate, buf).ToLocal(&s)) return s;
-    return v8::String::Empty(st.isolate);
+    return string_from_bytes(st.isolate, buf);
 }
 
 extern "C" void v8_global_init(void)
@@ -445,23 +551,19 @@ extern "C" void v8_attach(State *pst, const uint8_t *p, size_t n)
         v8::Local<v8::String> name;
         if (!name_v->ToString(st.context).ToLocal(&name)) goto fail;
         int32_t id;
-        if (!id_v->Int32Value(st.context).To(&id)) goto fail;
-        Callback *cb = new Callback{pst, id};
-        st.callbacks.push_back(cb);
-        v8::Local<v8::External> ext = v8::External::New(st.isolate, cb);
-        v8::Local<v8::Function> function;
-        if (!v8::Function::New(st.context, v8_api_callback, ext).ToLocal(&function)) goto fail;
+        if (!id_v->IsInt32()) goto fail;
+        id = id_v.As<v8::Int32>()->Value();
         // support foo.bar.baz paths
         v8::String::Utf8Value path(st.isolate, name);
         if (!*path) goto fail;
+        const char *p = *path;
+        const char *pe = p + path.length();
         v8::Local<v8::Object> obj = st.context->Global();
         v8::Local<v8::String> key;
-        for (const char *p = *path;;) {
-            size_t n = strcspn(p, ".");
-            auto type = v8::NewStringType::kNormal;
-            if (!v8::String::NewFromUtf8(st.isolate, p, type, n).ToLocal(&key)) goto fail;
-            if (p[n] == '\0') break;
-            p += n + 1;
+        for (;;) {
+            bool last;
+            if (!read_path_key(st, p, pe, &key, &last)) goto fail;
+            if (last) break;
             v8::Local<v8::Value> val;
             if (!obj->Get(st.context, key).ToLocal(&val)) goto fail;
             if (!val->IsObject() && !val->IsFunction()) {
@@ -470,6 +572,11 @@ extern "C" void v8_attach(State *pst, const uint8_t *p, size_t n)
             }
             obj = val.As<v8::Object>();
         }
+        std::unique_ptr<Callback> cb(new Callback{pst, id});
+        v8::Local<v8::External> ext = v8::External::New(st.isolate, cb.get());
+        v8::Local<v8::Function> function;
+        if (!v8::Function::New(st.context, v8_api_callback, ext).ToLocal(&function)) goto fail;
+        st.callbacks.push_back(cb.release());
         if (!obj->Set(st.context, key, function).FromMaybe(false)) goto fail;
     }
     cause = NO_ERROR;
@@ -504,14 +611,14 @@ extern "C" void v8_call(State *pst, const uint8_t *p, size_t n)
         // support foo.bar.baz paths
         v8::String::Utf8Value path(st.isolate, name);
         if (!*path) goto fail;
+        const char *p = *path;
+        const char *pe = p + path.length();
         v8::Local<v8::Object> obj = st.context->Global();
         v8::Local<v8::String> key;
-        for (const char *p = *path;;) {
-            size_t n = strcspn(p, ".");
-            auto type = v8::NewStringType::kNormal;
-            if (!v8::String::NewFromUtf8(st.isolate, p, type, n).ToLocal(&key)) goto fail;
-            if (p[n] == '\0') break;
-            p += n + 1;
+        for (;;) {
+            bool last;
+            if (!read_path_key(st, p, pe, &key, &last)) goto fail;
+            if (last) break;
             v8::Local<v8::Value> val;
             if (!obj->Get(st.context, key).ToLocal(&val)) goto fail;
             if (!val->ToObject(st.context).ToLocal(&obj)) goto fail;
@@ -659,9 +766,22 @@ extern "C" void v8_heap_snapshot(State *pst)
     auto snapshot = st.isolate->GetHeapProfiler()->TakeHeapSnapshot();
     OutputStream os;
     snapshot->Serialize(&os, v8::HeapSnapshot::kJSON);
+    const_cast<v8::HeapSnapshot*>(snapshot)->Delete();
     v8_reply(st.ruby_context, os.buf.data(), os.buf.size()); // not serialized because big
 }
 
+extern "C" void v8_perform_microtask_checkpoint(State *pst)
+{
+    // Leave any termination active so the enclosing v8_call/v8_eval frame
+    // surfaces OOM (set by v8_gc_callback) or watchdog termination to Ruby.
+    State& st = *pst;
+    v8::TryCatch try_catch(st.isolate);
+    try_catch.SetVerbose(st.verbose_exceptions);
+    v8::HandleScope handle_scope(st.isolate);
+    v8::MicrotasksScope::PerformCheckpoint(st.isolate);
+    reply_retry(st, v8::Undefined(st.isolate));
+}
+
 extern "C" void v8_pump_message_loop(State *pst)
 {
     State& st = *pst;
@@ -691,7 +811,7 @@ fail:
 int snapshot(bool is_warmup, bool verbose_exceptions,
              const v8::String::Utf8Value& code,
              v8::StartupData blob, v8::StartupData *result,
-             char (*errbuf)[512])
+             std::vector<char> *errbuf)
 {
     // SnapshotCreator takes ownership of isolate
     v8::Isolate *isolate = v8::Isolate::Allocate();
@@ -715,7 +835,8 @@ int snapshot(bool is_warmup, bool verbose_exceptions,
         auto type = v8::NewStringType::kNormal;
         if (!v8::String::NewFromUtf8(isolate, *code, type, code.length()).ToLocal(&source)) {
             v8::String::Utf8Value s(isolate, try_catch.Exception());
-            if (*s) snprintf(*errbuf, sizeof(*errbuf), "%c%s", cause, *s);
+            if (!set_error_message(*errbuf, cause, s))
+                set_error_message(*errbuf, cause, "unexpected failure");
             goto fail;
         }
         v8::ScriptOrigin origin(filename);
@@ -732,8 +853,16 @@ int snapshot(bool is_warmup, bool verbose_exceptions,
             v8::String::Utf8Value name(isolate, m->GetScriptResourceName());
             auto line = m->GetLineNumber(context).FromMaybe(0);
             auto column = m->GetStartColumn(context).FromMaybe(0);
-            snprintf(*errbuf, sizeof(*errbuf), "%c%s\n%s:%d:%d",
-                     cause, *s, *name, line, column);
+            if (*s && *name) {
+                errbuf->clear();
+                errbuf->push_back(static_cast<char>(cause));
+                append_utf8(*errbuf, s);
+                append_literal(*errbuf, "\n");
+                append_utf8(*errbuf, name);
+                append_format(*errbuf, ":%d:%d", line, column);
+            } else {
+                set_error_message(*errbuf, cause, "unexpected failure");
+            }
             goto fail;
         }
         cause = INTERNAL_ERROR;
@@ -764,7 +893,7 @@ extern "C" void v8_snapshot(State *pst, const uint8_t *p, size_t n)
     v8::Local<v8::Value> result;
     v8::StartupData blob{nullptr, 0};
     int cause = INTERNAL_ERROR;
-    char errbuf[512] = {0};
+    std::vector<char> errbuf;
     {
         v8::Local<v8::Value> code_v;
         if (!des.ReadValue(st.context).ToLocal(&code_v)) goto fail;
@@ -793,10 +922,8 @@ fail:
     if (!cause && try_catch.HasCaught()) cause = RUNTIME_ERROR;
     if (cause) result = v8::Undefined(st.isolate);
     v8::Local<v8::Value> err;
-    if (*errbuf) {
-        if (!v8::String::NewFromUtf8(st.isolate, errbuf).ToLocal(&err)) {
-            err = v8::String::NewFromUtf8Literal(st.isolate, "unexpected error");
-        }
+    if (!errbuf.empty()) {
+        err = string_from_bytes(st.isolate, errbuf);
     } else {
         err = to_error(st, &try_catch, cause);
     }
@@ -818,7 +945,7 @@ extern "C" void v8_warmup(State *pst, const uint8_t *p, size_t n)
     v8::Local<v8::Value> result;
     v8::StartupData blob{nullptr, 0};
     int cause = INTERNAL_ERROR;
-    char errbuf[512] = {0};
+    std::vector<char> errbuf;
     {
         v8::Local<v8::Value> request_v;
         if (!des.ReadValue(st.context).ToLocal(&request_v)) goto fail;
@@ -865,10 +992,8 @@ fail:
     if (!cause && try_catch.HasCaught()) cause = RUNTIME_ERROR;
     if (cause) result = v8::Undefined(st.isolate);
     v8::Local<v8::Value> err;
-    if (*errbuf) {
-        if (!v8::String::NewFromUtf8(st.isolate, errbuf).ToLocal(&err)) {
-            err = v8::String::NewFromUtf8Literal(st.isolate, "unexpected error");
-        }
+    if (!errbuf.empty()) {
+        err = string_from_bytes(st.isolate, errbuf);
     } else {
         err = to_error(st, &try_catch, cause);
     }
@@ -919,6 +1044,7 @@ State::~State()
     {
         v8::Locker locker(isolate);
         v8::Isolate::Scope isolate_scope(isolate);
+        persistent_safe_context_function.Reset();
         persistent_safe_context.Reset();
         persistent_context.Reset();
         ruby_exception.Reset();

data/ext/mini_racer_extension/mini_racer_v8.h

@@ -42,6 +42,7 @@ void v8_call(struct State *pst, const uint8_t *p, size_t n);
 void v8_eval(struct State *pst, const uint8_t *p, size_t n);
 void v8_heap_stats(struct State *pst);
 void v8_heap_snapshot(struct State *pst);
+void v8_perform_microtask_checkpoint(struct State *pst);
 void v8_pump_message_loop(struct State *pst);
 void v8_snapshot(struct State *pst, const uint8_t *p, size_t n);
 void v8_warmup(struct State *pst, const uint8_t *p, size_t n);

data/ext/mini_racer_extension/serde.c

@@ -278,7 +278,7 @@ static void ser_int(Ser *s, int64_t v)
         if (v > INT64_MIN/1024)
             if (v <= INT64_MAX/1024)
                 return ser_num(s, v);
-        t = v < 0 ? -v : v;
+        t = v < 0 ? (uint64_t)(-(v + 1)) + 1 : (uint64_t)v;
         sign = v < 0 ? -1 : 1;
         ser_bigint(s, &t, sizeof(t), sign);
     } else {

data/lib/mini_racer/truffleruby.rb

@@ -118,6 +118,24 @@ module MiniRacer
       @js_symbol_to_symbol_func = eval_in_context "(x) => { var r = x.description; return r === undefined ? 'undefined' : r }"
       @js_new_date_func = eval_in_context "(x) => { return new Date(x) }"
       @js_new_array_func = eval_in_context "(x) => { return new Array(x) }"
+      # looks up a (dotted) function name as properties from globalThis,
+      # instead of evaluating the name as source code, so that names with
+      # embedded NUL bytes or other invalid syntax resolve correctly
+      @js_lookup_call_target_func = eval_in_context <<~JS
+        (name) => {
+          let target = globalThis;
+          for (const key of name.split(".")) {
+            if (target == null) {
+              throw new ReferenceError(name + " is not defined");
+            }
+            target = target[key];
+          }
+          if (target === undefined) {
+            throw new ReferenceError(name + " is not defined");
+          }
+          return target;
+        }
+      JS
       @js_new_uint8array_func = eval_in_context "(x) => { return new Uint8Array(x) }"
     end
 
@@ -174,7 +192,7 @@ module MiniRacer
       raise RuntimeError, "TruffleRuby does not support call after stop" if @stopped
       begin
         translate do
-          function = eval_in_context(function_name)
+          function = @js_lookup_call_target_func.call(convert_ruby_to_js(encode(function_name)))
           function.call(*convert_ruby_to_js(arguments))
         end
       rescue Polyglot::ForeignException => e
@@ -225,8 +243,11 @@ module MiniRacer
 
     def convert_js_to_ruby(value)
       case value
-      when true, false, Integer, Float
+      when true, false, Integer
         value
+      when Float
+        # match the C extension: integral doubles convert to Ruby Integers
+        value.finite? && value == value.truncate ? value.to_i : value
       else
         if value.nil?
           nil
@@ -370,6 +391,10 @@ module MiniRacer
   class Platform
     def self.set_flag_as_str!(flag)
       raise TypeError, "wrong type argument #{flag.class} (should be a string)" unless flag.is_a?(String)
+      raise ArgumentError, "flag contains NUL byte" if flag.include?("\0")
+      # the C extension normalizes flags into a 256 byte "--flag" buffer
+      normalized = flag.start_with?("--") ? flag : "--#{flag}"
+      raise ArgumentError, "flag too long" if normalized.bytesize >= 256
       raise MiniRacer::PlatformAlreadyInitialized, "The platform is already initialized." if Context.instance_variable_get(:@context_initialized)
       Context.instance_variable_set(:@use_strict, true) if "--use_strict" == flag
     end

data/lib/mini_racer/version.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
 module MiniRacer
-  VERSION = "0.21.1"
+  VERSION = "0.21.3"
   LIBV8_NODE_VERSION = "~> 24.12.0.1"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: mini_racer
 version: !ruby/object:Gem::Version
-  version: 0.21.1
+  version: 0.21.3
 platform: ruby
 authors:
 - Sam Saffron
@@ -136,9 +136,9 @@ licenses:
 - MIT
 metadata:
   bug_tracker_uri: https://github.com/discourse/mini_racer/issues
-  changelog_uri: https://github.com/discourse/mini_racer/blob/v0.21.1/CHANGELOG
-  documentation_uri: https://www.rubydoc.info/gems/mini_racer/0.21.1
-  source_code_uri: https://github.com/discourse/mini_racer/tree/v0.21.1
+  changelog_uri: https://github.com/discourse/mini_racer/blob/v0.21.3/CHANGELOG
+  documentation_uri: https://www.rubydoc.info/gems/mini_racer/0.21.3
+  source_code_uri: https://github.com/discourse/mini_racer/tree/v0.21.3
 rdoc_options: []
 require_paths:
 - lib
@@ -147,7 +147,7 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '3.1'
+      version: '3.3'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="