Segmentation fault on Node 20 macos arm64

[alumni]

OS: Darwin
Platform: arm64
Node: 20.9.0

I tried it on multiple platforms:
Windows x64 (prebuilt for Node20): OK
Linux x64 (prebuilt for Node20): OK
MacOS x64 (prebuilt for Node20): OK
MacOS arm64 (compiled against Node20): NOT OK
MacOS arm64 (compiled against Node18): OK

Stack trace:

PID 97344 received SIGSEGV for address: 0xe18
0   segfault-handler.node               0x0000000119e84d48 _ZL16segfault_handleriP9__siginfoPv + 296
1   libsystem_platform.dylib            0x000000019bbdaa24 _sigtramp + 56
2   node                                0x0000000104c61454 _ZN2v88internal22SharedHeapDeserializer22DeserializeStringTableEv + 140
3   node                                0x0000000104c61454 _ZN2v88internal22SharedHeapDeserializer22DeserializeStringTableEv + 140
4   node                                0x0000000104c61344 _ZN2v88internal22SharedHeapDeserializer22DeserializeIntoIsolateEv + 116
5   node                                0x00000001047e3c1c _ZN2v88internal7Isolate4InitEPNS0_12SnapshotDataES3_S3_b + 2500
6   node                                0x00000001047e42c4 _ZN2v88internal7Isolate16InitWithSnapshotEPNS0_12SnapshotDataES3_S3_b + 12
7   node                                0x0000000104c62ab0 _ZN2v88internal8Snapshot10InitializeEPNS0_7IsolateE + 780
8   node                                0x00000001046b4428 _ZN2v87Isolate10InitializeEPS0_RKNS0_12CreateParamsE + 360
9   isolated_vm.node                    0x000000011f80a170 _ZN3ivm18IsolateEnvironment11IsolateCtorEmNSt3__110shared_ptrIN2v812BackingStoreEEEm + 652
10  isolated_vm.node                    0x000000011f839694 _ZN3ivm18IsolateEnvironment3NewEmNSt3__110shared_ptrIN2v812BackingStoreEEEm + 260
11  isolated_vm.node                    0x000000011f839188 _ZN3ivm13IsolateHandle3NewEN2v810MaybeLocalINS1_6ObjectEEE + 736
12  isolated_vm.node                    0x000000011f847778 _ZN3ivm6detail10RunBarrierIZNS0_13CallbackMakerIPFN2v85LocalINS3_5ValueEEES6_NS3_10MaybeLocalINS3_6ObjectEEEEXadL_ZNS0_23ConstructorFunctionImplIFNSt3__110unique_ptrINS_11ClassHandleENSD_14default_deleteISF_EEEES9_EE6InvokeIXadL_ZNS_13IsolateHandle3NewES9_EEEES6_S6_S9_EELin1EJRKNS3_20FunctionCallbackInfoIS5_EEEE8CallbackESQ_EUlvE_EEvT_ + 196
13  isolated_vm.node                    0x000000011f847520 _ZN3ivm6detail10RunBarrierIZNS_19ConstructorFunctionIPFNSt3__110unique_ptrINS_11ClassHandleENS3_14default_deleteIS5_EEEEN2v810MaybeLocalINS9_6ObjectEEEEXadL_ZNS_13IsolateHandle3NewESC_EEE5EntryERKNS9_20FunctionCallbackInfoINS9_5ValueEEEEUlvE_EEvT_ + 96
14  node                                0x00000001046f67f4 _ZN2v88internal12_GLOBAL__N_119HandleApiCallHelperILb1EEENS0_11MaybeHandleINS0_6ObjectEEEPNS0_7IsolateENS0_6HandleINS0_10HeapObjectEEENS8_INS0_20FunctionTemplateInfoEEENS8_IS4_EEPmi + 616
15  node                                0x00000001046f635c _ZN2v88internal21Builtin_HandleApiCallEiPmPNS0_7IsolateE + 216
16  node                                0x0000000104f7cb24 Builtins_CEntry_Return1_ArgvOnStack_BuiltinExit + 100
17  node                                0x0000000104ef18fc Builtins_JSBuiltinsConstructStub + 316
18  node                                0x00000001050305cc Builtins_ConstructHandler + 652
19  node                                0x0000000104ef43e4 Builtins_InterpreterEntryTrampoline + 260
20  node                                0x0000000104ef43e4 Builtins_InterpreterEntryTrampoline + 260
21  node                                0x0000000104fa3fb4 Builtins_ArrayReduce + 948
22  node                                0x0000000104ef43e4 Builtins_InterpreterEntryTrampoline + 260
23  node                                0x0000000104ef43e4 Builtins_InterpreterEntryTrampoline + 260
24  node                                0x0000000104ef43e4 Builtins_InterpreterEntryTrampoline + 260
25  node                                0x0000000104fd7524 Builtins_PromiseConstructor + 2340
26  node                                0x0000000104ef18fc Builtins_JSBuiltinsConstructStub + 316
27  node                                0x00000001050305cc Builtins_ConstructHandler + 652
28  node                                0x0000000104ef43e4 Builtins_InterpreterEntryTrampoline + 260
29  node                                0x0000000104ef43e4 Builtins_InterpreterEntryTrampoline + 260
30  node                                0x0000000104f2b210 Builtins_AsyncFunctionAwaitResolveClosure + 80
31  node                                0x0000000104fd8fb8 Builtins_PromiseFulfillReactionJob + 56

[duckking163]

Got same issue with Node 18.18.2.
Platform: Ubuntu

[laverdet]

you need to pass --no-node-snapshot. Also don't use the Snapshot feature for anything other than defining functions.

[samijaber]

We use isolated-vm in SDKs that our customers install, and they're running into this issue in Node v20. It's bad DX on our part to require our users to provide extra arguments to their Node instance just for our SDK not to crash their applications, so I'm hoping to find a smoother experience for them.

Unfortunately, an imported npm library cannot dictate node arguments (as far as I know). Is there anything that can be done at the level of isolated-vm itself to solve this issue? I am willing to contribute if I can get some guidance.

[laverdet]

nodejs uses a shared v8 snapshot heap so that worker threads can share memory despite being separate isolates. This is a per-process option and cannot be changed after the process has started. Fixing this is a weeks-long project in order to provide separate process support as first class feature in isolated-vm. It's something I want to do anyway in a post spectre/meltdown world but I can't find the time.

If your customers can't handle the cognitive load of a command line argument then you could spawn a new nodejs process for them using child_process.

[samijaber]

Gotcha, thanks for the added context.

[jpshack-at-palomar]

A consequence of using --no-node-snapshot I have noticed is that the VSCode debugger will not pause on breakpoints when this option is set.