Closed
Description
- Version: v14.2.0
- Platform: mac OS 10.13.6
What steps will reproduce the bug?
When communicating a Uint8 Array Buffer from a worker to the parent process with postMessage, which is included in the transferList argument and then calling unref on the worker, I get a Segfault: 'node index.js' terminated by signal SIGSEGV (Address boundary error).
index.js
const path = require('path')
const { Worker } = require('worker_threads')
const worker = new Worker(path.join(__dirname, 'worker.js'))
worker.postMessage({})
worker.on('message', (message) => {
const hash = Buffer.from(message.value).toString('hex')
console.log(hash)
worker.unref()
})worker.js
const fs = require('fs')
const crypto = require('crypto')
const { parentPort } = require('worker_threads')
parentPort.on('message', (message) => {
const hasher = crypto.createHash('sha256')
fs.createReadStream('example.txt')
.pipe(hasher)
.on('finish', () => {
const { buffer } = hasher.read()
parentPort.postMessage({ value: buffer }, [buffer])
})
})Reproduction here: https://github.com/timsuchanek/segfault-node-14
lldb backtrace
Process 40610 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x20)
frame #0: 0x000000010007b095 node`node::Buffer::New(node::Environment*, char*, unsigned long, bool)::$_2::__invoke(void*, unsigned long, void*) + 21
node`node::Buffer::New(node::Environment*, char*, unsigned long, bool)::$_2::__invoke(void*, unsigned long, void*):
-> 0x10007b095 <+21>: movq 0x20(%rcx), %rcx
0x10007b099 <+25>: movq %rax, %rdi
0x10007b09c <+28>: popq %rbp
0x10007b09d <+29>: jmpq *%rcx
Target 0: (node) stopped.
This works fine in Node 13 or lower and it seems, that this bug was introduced in Node 14.