Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v13.x] Backport update to V8 7.9 #30513

Closed
wants to merge 28 commits into from

Conversation

targos
Copy link
Member

@targos targos commented Nov 17, 2019

Backport of #30020

I reverted a few commits that removed deprecated API, but there's one big change that I didn't touch and I don't know if we need to. It is about TracedReference and TracedGlobal, that we don't use anywhere in the Node.js code.

Current diff in deps/v8/include: https://gist.github.com/targos/bfbc7665b3f734db24feb965f2f1cdaa

/cc @addaleax @nodejs/v8-update

targos and others added 26 commits November 17, 2019 10:35
Original commit message:

    [testrunner] delete ancient junit compatible format support

    Testrunner has ancient support for JUnit compatible XML output.

    This CL removes this old feature.

    [email protected],[email protected],[email protected]
    CC=​[email protected]

    Bug: v8:8728
    Change-Id: I7e1beb011dbaec3aa1a27398a5c52abdd778eaf0
    Reviewed-on: https://chromium-review.googlesource.com/c/1430065
    Reviewed-by: Jakob Gruber <[email protected]>
    Reviewed-by: Michael Starzinger <[email protected]>
    Commit-Queue: Tamer Tas <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#59045}

Refs: v8/v8@bd019bd

PR-URL: nodejs#26685
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Refael Ackermann <[email protected]>
PR-URL: nodejs#26685
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Refael Ackermann <[email protected]>
Patch V8 (compiler/js-heap-broker.cc) to remove the use of an optional
property, which is a fairly new C++ feature, since that requires a newer
XCode version than the minimum requirement in BUILDING.md and thus
breaks CI.

PR-URL: nodejs#29694
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Gus Caplan <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Ujjwal Sharma <[email protected]>
This commit updates V8's postmortem metadata generation script
to support V8 7.8.

The following metadata has changed:

- v8dbg_class_JSDate__value__Object
  - The postmortem metadata generation script needed to be
    updated. No action should be required by postmortem tools.

- v8dbg_class_JSRegExp__source__Object
  - The postmortem metadata generation script needed to be
    updated. No action should be required by postmortem tools.

PR-URL: nodejs#29694
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Gus Caplan <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Ujjwal Sharma <[email protected]>
This commit updates V8's postmortem metadata
generation script. This commit re-exposes the
v8dbg_class_UncompiledData__inferred_name__String
constant after it moved to Torque.

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Fixes a compilation issue on some platforms

PR-URL: nodejs#27375
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Ujjwal Sharma <[email protected]>
Reviewed-By: Refael Ackermann <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
This should be semver-patch since actual invocation is version
conditional.

PR-URL: nodejs#27375
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Ujjwal Sharma <[email protected]>
Reviewed-By: Refael Ackermann <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
There is a bug in the most recent version of VS2015 that affects v8.h
and therefore prevents compilation of addons.

Refs: https://stackoverflow.com/q/38378693

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Original commit message:

    [base] Add missing include of <type_traits>

    The missing include causes compilation failures for node.js, see
    nodejs#30020.

    It's not great to have includes in a file called "macros.h", but we
    define several functions there that make use of type traits. Fixing
    that is a separate project.

    [email protected]

    Change-Id: Idb067679e597521230f94eb8c99f1347ed3808cb
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1868622
    Reviewed-by: Michael Lippautz <[email protected]>
    Commit-Queue: Clemens Backes <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64386}

Refs: v8/v8@f2d92ec

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Original commit message:

    Fix check for V8_TARGET_OS_WIN macro

    On Windows with MSVC, the current code triggers a fatal error C1017
    (invalid integer constant expression).

    Change-Id: I41c371a1d7909737052c03c830bb62c41154a192
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1871918
    Commit-Queue: Michaël Zasso <[email protected]>
    Commit-Queue: Jakob Gruber <[email protected]>
    Reviewed-by: Jakob Gruber <[email protected]>
    Reviewed-by: Yang Guo <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64418}

Refs: v8/v8@3e82c8d

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Original commit message:

    [wasm] Disallow interpreter move

    The MOVE_ONLY_NO_DEFAULT_CONSTRUCTOR macro defines a defaulted move
    constructor and move-assignment operator. The {std::unique_ptr} on the
    other hand needs the contained type to be complete when instantiating
    the move assignment operator. Hence, this fails e.g. on MSVC, see
    nodejs#30020 (comment).

    It turns out that we never actually move the interpreter, so we can
    just replace the MOVE_ONLY_NO_DEFAULT_CONSTRUCTOR by
    DISALLOW_COPY_AND_ASSIGN.

    [email protected]

    Change-Id: Iba7d30243510ed9554be62b0c4c8e6f47f0c3307
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1871921
    Reviewed-by: Andreas Haas <[email protected]>
    Commit-Queue: Clemens Backes <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64423}

Refs: v8/v8@cfe9172

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Original commit message:

    [api] Add API functions for constructing standalone BackingStores

    These are useful for the cases when an embedder works with backing
    stores without creating JS ArrayBuffer objects.

    Bug: v8:9380
    Change-Id: I452bd911e7b20fb38568f18f9d15ea1a7ffb5a57
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1825339
    Commit-Queue: Ulan Degenbaev <[email protected]>
    Reviewed-by: Andreas Haas <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64460}

Refs: v8/v8@bba5f1f

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Original commit message:

    [api] Add possibility for BackingStore to keep Allocator alive

    Add an `array_buffer_allocator_shared` field to the
    `Isolate::CreateParams` struct that allows embedders to share
    ownership of the ArrayBuffer::Allocator with V8, and which in
    particular means that when this method is used that the
    BackingStore deleter will not perform an use-after-free access to the
    Allocator under certain circumstances.

    For Background:

    tl;dr: This is necessary for Node.js to perform the transition to
    V8 7.9, because of the way that ArrayBuffer::Allocators and their
    lifetimes currently work there.

    In Node.js, each Worker thread has its own ArrayBuffer::Allocator.
    Changing that would currently be impractical, as each allocator
    depends on per-Isolate state. However, now that backing stores
    are managed globally and keep a pointer to the original
    ArrayBuffer::Allocator, this means that when transferring an
    ArrayBuffer (e.g. from one Worker to another through postMessage()),
    the original Allocator has to be kept alive until the ArrayBuffer
    no longer exists in the receiving Isolate (or until that Isolate
    is disposed). See [1] for an example Node.js test that fails with
    V8 7.9.

    This problem also existed for SharedArrayBuffers, where Node.js
    was broken by V8 earlier for the same reasons (see [2] for the bug
    report on that and [3] for the resolution in Node.js).
    For SharedArrayBuffers, we already had extensive tracking logic,
    so adding a shared_ptr to keep alive the ArrayBuffer::Allocator
    was not a significant amount of work. However, the mechanism for
    transferring non-shared ArrayBuffers is quite different, and
    it seems both easier for us and better for V8 from an API standpoint
    to keep the Allocator alive from where it is being referenced.

    By sharing memory with the custom deleter function/data pair,
    this comes at no memory overhead.

    [1]: nodejs#30044
    [2]: nodejs/node-v8#115
    [3]: nodejs#29637

    Bug: v8:9380
    Change-Id: Ibc2c4fb6341b53653cbd637bd8cb3d4ac43809c7
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1874347
    Commit-Queue: Ulan Degenbaev <[email protected]>
    Reviewed-by: Ulan Degenbaev <[email protected]>
    Reviewed-by: Igor Sheludko <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64542}

Refs: v8/v8@6b0a953

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Original commit message:

    [objects] Add missing include of isolate-utils.h

    On Windows with MSVC, compilation fails because it cannot find
    the GetIsolateForPtrCompr identifier.

    Change-Id: Ib03f5c5ef34e409242bbbe93ec83b7734012feb2
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1878712
    Reviewed-by: Peter Marshall <[email protected]>
    Commit-Queue: Peter Marshall <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64551}

Refs: v8/v8@7228ef8

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Original commit message:

    Make SetSyntheticModuleExport throw instead of crash for nonexistent export name

    Per spec, Module::SetSyntheticModuleExport should throw a ReferenceError
    when called with an export name that was not supplied when constructing
    that SyntheticModule.  Instead, the current implementation crashes with
    a failed CHECK().

    Add a new Module::SyntheticModuleSetExport that throws (without an ensuing
    crash) for this case, and deprecate the old
    Module::SetSyntheticModuleExport.

    Bug: v8:9828
    Change-Id: I3b3d353064c3851882781818099bd8f6ee74c809
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1860996
    Reviewed-by: Adam Klein <[email protected]>
    Reviewed-by: Georg Neis <[email protected]>
    Commit-Queue: Dan Clark <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64438}

Refs: v8/v8@777fa98

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Original commit message:

    PPC: allow for calling CFunctions without function descriptors on AIX.

    The calling conventions on AIX uses function descriptors,
    which means that pointers to functions do not point to code,
    but instead point to metadata about them. When calling JITed code,
    we must assure to use function descriptors instead of raw pointers when
    needed. Before this CL 213504b, all CallCFunction on AIX were guaranteed to have
    function descriptors. Starting form the CL mentioned above, CallCFunction can also
    Jump to a Trampoline which does not have a function descriptor, hence a new
    "CallCFunctionWithoutFunctionDescriptor" method is proposed to deal with this issue.

    BUG= v8:9766

    Change-Id: I9343c31c812f5d4dda8503a5adf024b24dbde072
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1825961
    Commit-Queue: Milad Farazmand <[email protected]>
    Reviewed-by: Michael Starzinger <[email protected]>
    Reviewed-by: Jakob Gruber <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64357}

Refs: v8/v8@07ee86a

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Original commit message:

    [objects] Move functions to inline headers

    This moves a series of functions from dictionary.h and hash-table.h
    to resp. dictionary-inl.h and hash-table-inl.h.
    The functions that were moved all somehow use other functions that
    are defined in -inl.h files.

    This change fixes the Node.js Windows builds.

    Change-Id: I0bbf0222beb3619a5e6f1fb451bc78691025de65
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893346
    Reviewed-by: Peter Marshall <[email protected]>
    Commit-Queue: Michaël Zasso <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64709}

Refs: v8/v8@5e755c6

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Original commit message:

    [api] Fix handle leak when getting Context embedder data

    The `Context::SlowGetAlignedPointerFromEmbedderData()` method returns
    a pointer, so the fact that it allocates handles is not obvious to
    the caller.

    Since this is the slow path anyway, simply add a handle scope inside
    of it.

    The tests are also modified to perform the same check for the
    `Object` equivalent of this method.

    Change-Id: I5f03c9a7b70b3a17315609df021606a53c9feb2d
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1879902
    Reviewed-by: Yang Guo <[email protected]>
    Commit-Queue: Yang Guo <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64583}

Refs: v8/v8@e5dbc95
Fixes: nodejs#30127
PR-URL: nodejs#30130
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
Original commit message:

    [compiler] Explicitly initialize const members

    This fixes a compilation error in Node.js with Xcode:

    initialize the const member 'blueprint_'.

    error: constructor for 'v8::internal::compiler::Callee' must explicitly
    Change-Id: Ia55398428d0de35a9ad5132eabd22d0adb694514
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1895561
    Commit-Queue: Jakob Gruber <[email protected]>
    Reviewed-by: Jakob Gruber <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64719}

Refs: v8/v8@50031fa

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Original commit message:

    [postmortem] Load files using utf-8 to support Python 3

    Change-Id: I174d38cc33210c07d1a7596627e1b2d21bb06313
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1895560
    Reviewed-by: Mathias Bynens <[email protected]>
    Commit-Queue: Michaël Zasso <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64717}

Refs: v8/v8@a7dffcd

PR-URL: nodejs#30218
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: David Carlier <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Chengzhong Wu <[email protected]>
Reviewed-By: Joyee Cheung <[email protected]>
V8 can can no longer be built without snapshot.

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
The following metadata has changed:

- v8dbg_class_UncompiledData__inferred_name__String
  - Implementation was moved to Torque and required
    update to gen-postmortem-metadata.py.
  - Refs: v8/v8@e4e86b5

- v8dbg_class_SharedFunctionInfo__script_or_debug_info__Object
  - Renamed to v8dbg_class_SharedFunctionInfo__script_or_debug_info__HeapObject
  - Refs: v8/v8@07fc96c

- v8dbg_type_JSRegExp__JS_REGEXP_TYPE
  - Renamed to v8dbg_type_JSRegExp__JS_REG_EXP_TYPE.
  - Refs: v8/v8@61815a2

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
This commit updates v8abbr.h to use the updated metadata.

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
On certain platforms, updating V8 to 7.9 made the numbers a bit higher
than the current limit.

PR-URL: nodejs#30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
@nodejs-github-bot nodejs-github-bot added build Issues and PRs related to build files or the CI. v8 engine Issues and PRs related to the V8 dependency. labels Nov 17, 2019
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Nov 17, 2019

MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Patch V8 (compiler/js-heap-broker.cc) to remove the use of an optional
property, which is a fairly new C++ feature, since that requires a newer
XCode version than the minimum requirement in BUILDING.md and thus
breaks CI.

Backport-PR-URL: #30513
PR-URL: #29694
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Gus Caplan <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Ujjwal Sharma <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
This commit updates V8's postmortem metadata generation script
to support V8 7.8.

The following metadata has changed:

- v8dbg_class_JSDate__value__Object
  - The postmortem metadata generation script needed to be
    updated. No action should be required by postmortem tools.

- v8dbg_class_JSRegExp__source__Object
  - The postmortem metadata generation script needed to be
    updated. No action should be required by postmortem tools.

Backport-PR-URL: #30513
PR-URL: #29694
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Gus Caplan <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Ujjwal Sharma <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
This commit updates V8's postmortem metadata
generation script. This commit re-exposes the
v8dbg_class_UncompiledData__inferred_name__String
constant after it moved to Torque.

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Fixes a compilation issue on some platforms

Backport-PR-URL: #30513
PR-URL: #27375
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Ujjwal Sharma <[email protected]>
Reviewed-By: Refael Ackermann <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
This should be semver-patch since actual invocation is version
conditional.

Backport-PR-URL: #30513
PR-URL: #27375
Reviewed-By: Michaël Zasso <[email protected]>
Reviewed-By: Ujjwal Sharma <[email protected]>
Reviewed-By: Refael Ackermann <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
There is a bug in the most recent version of VS2015 that affects v8.h
and therefore prevents compilation of addons.

Refs: https://stackoverflow.com/q/38378693

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    [base] Add missing include of <type_traits>

    The missing include causes compilation failures for node.js, see
    #30020.

    It's not great to have includes in a file called "macros.h", but we
    define several functions there that make use of type traits. Fixing
    that is a separate project.

    [email protected]

    Change-Id: Idb067679e597521230f94eb8c99f1347ed3808cb
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1868622
    Reviewed-by: Michael Lippautz <[email protected]>
    Commit-Queue: Clemens Backes <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64386}

Refs: v8/v8@f2d92ec

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    Fix check for V8_TARGET_OS_WIN macro

    On Windows with MSVC, the current code triggers a fatal error C1017
    (invalid integer constant expression).

    Change-Id: I41c371a1d7909737052c03c830bb62c41154a192
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1871918
    Commit-Queue: Michaël Zasso <[email protected]>
    Commit-Queue: Jakob Gruber <[email protected]>
    Reviewed-by: Jakob Gruber <[email protected]>
    Reviewed-by: Yang Guo <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64418}

Refs: v8/v8@3e82c8d

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    [wasm] Disallow interpreter move

    The MOVE_ONLY_NO_DEFAULT_CONSTRUCTOR macro defines a defaulted move
    constructor and move-assignment operator. The {std::unique_ptr} on the
    other hand needs the contained type to be complete when instantiating
    the move assignment operator. Hence, this fails e.g. on MSVC, see
    #30020 (comment).

    It turns out that we never actually move the interpreter, so we can
    just replace the MOVE_ONLY_NO_DEFAULT_CONSTRUCTOR by
    DISALLOW_COPY_AND_ASSIGN.

    [email protected]

    Change-Id: Iba7d30243510ed9554be62b0c4c8e6f47f0c3307
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1871921
    Reviewed-by: Andreas Haas <[email protected]>
    Commit-Queue: Clemens Backes <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64423}

Refs: v8/v8@cfe9172

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    [api] Add API functions for constructing standalone BackingStores

    These are useful for the cases when an embedder works with backing
    stores without creating JS ArrayBuffer objects.

    Bug: v8:9380
    Change-Id: I452bd911e7b20fb38568f18f9d15ea1a7ffb5a57
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1825339
    Commit-Queue: Ulan Degenbaev <[email protected]>
    Reviewed-by: Andreas Haas <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64460}

Refs: v8/v8@bba5f1f

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    [api] Add possibility for BackingStore to keep Allocator alive

    Add an `array_buffer_allocator_shared` field to the
    `Isolate::CreateParams` struct that allows embedders to share
    ownership of the ArrayBuffer::Allocator with V8, and which in
    particular means that when this method is used that the
    BackingStore deleter will not perform an use-after-free access to the
    Allocator under certain circumstances.

    For Background:

    tl;dr: This is necessary for Node.js to perform the transition to
    V8 7.9, because of the way that ArrayBuffer::Allocators and their
    lifetimes currently work there.

    In Node.js, each Worker thread has its own ArrayBuffer::Allocator.
    Changing that would currently be impractical, as each allocator
    depends on per-Isolate state. However, now that backing stores
    are managed globally and keep a pointer to the original
    ArrayBuffer::Allocator, this means that when transferring an
    ArrayBuffer (e.g. from one Worker to another through postMessage()),
    the original Allocator has to be kept alive until the ArrayBuffer
    no longer exists in the receiving Isolate (or until that Isolate
    is disposed). See [1] for an example Node.js test that fails with
    V8 7.9.

    This problem also existed for SharedArrayBuffers, where Node.js
    was broken by V8 earlier for the same reasons (see [2] for the bug
    report on that and [3] for the resolution in Node.js).
    For SharedArrayBuffers, we already had extensive tracking logic,
    so adding a shared_ptr to keep alive the ArrayBuffer::Allocator
    was not a significant amount of work. However, the mechanism for
    transferring non-shared ArrayBuffers is quite different, and
    it seems both easier for us and better for V8 from an API standpoint
    to keep the Allocator alive from where it is being referenced.

    By sharing memory with the custom deleter function/data pair,
    this comes at no memory overhead.

    [1]: #30044
    [2]: nodejs/node-v8#115
    [3]: #29637

    Bug: v8:9380
    Change-Id: Ibc2c4fb6341b53653cbd637bd8cb3d4ac43809c7
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1874347
    Commit-Queue: Ulan Degenbaev <[email protected]>
    Reviewed-by: Ulan Degenbaev <[email protected]>
    Reviewed-by: Igor Sheludko <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64542}

Refs: v8/v8@6b0a953

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    [objects] Add missing include of isolate-utils.h

    On Windows with MSVC, compilation fails because it cannot find
    the GetIsolateForPtrCompr identifier.

    Change-Id: Ib03f5c5ef34e409242bbbe93ec83b7734012feb2
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1878712
    Reviewed-by: Peter Marshall <[email protected]>
    Commit-Queue: Peter Marshall <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64551}

Refs: v8/v8@7228ef8

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    Make SetSyntheticModuleExport throw instead of crash for nonexistent export name

    Per spec, Module::SetSyntheticModuleExport should throw a ReferenceError
    when called with an export name that was not supplied when constructing
    that SyntheticModule.  Instead, the current implementation crashes with
    a failed CHECK().

    Add a new Module::SyntheticModuleSetExport that throws (without an ensuing
    crash) for this case, and deprecate the old
    Module::SetSyntheticModuleExport.

    Bug: v8:9828
    Change-Id: I3b3d353064c3851882781818099bd8f6ee74c809
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1860996
    Reviewed-by: Adam Klein <[email protected]>
    Reviewed-by: Georg Neis <[email protected]>
    Commit-Queue: Dan Clark <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64438}

Refs: v8/v8@777fa98

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    PPC: allow for calling CFunctions without function descriptors on AIX.

    The calling conventions on AIX uses function descriptors,
    which means that pointers to functions do not point to code,
    but instead point to metadata about them. When calling JITed code,
    we must assure to use function descriptors instead of raw pointers when
    needed. Before this CL 213504b, all CallCFunction on AIX were guaranteed to have
    function descriptors. Starting form the CL mentioned above, CallCFunction can also
    Jump to a Trampoline which does not have a function descriptor, hence a new
    "CallCFunctionWithoutFunctionDescriptor" method is proposed to deal with this issue.

    BUG= v8:9766

    Change-Id: I9343c31c812f5d4dda8503a5adf024b24dbde072
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1825961
    Commit-Queue: Milad Farazmand <[email protected]>
    Reviewed-by: Michael Starzinger <[email protected]>
    Reviewed-by: Jakob Gruber <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64357}

Refs: v8/v8@07ee86a

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    [objects] Move functions to inline headers

    This moves a series of functions from dictionary.h and hash-table.h
    to resp. dictionary-inl.h and hash-table-inl.h.
    The functions that were moved all somehow use other functions that
    are defined in -inl.h files.

    This change fixes the Node.js Windows builds.

    Change-Id: I0bbf0222beb3619a5e6f1fb451bc78691025de65
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1893346
    Reviewed-by: Peter Marshall <[email protected]>
    Commit-Queue: Michaël Zasso <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64709}

Refs: v8/v8@5e755c6

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    [api] Fix handle leak when getting Context embedder data

    The `Context::SlowGetAlignedPointerFromEmbedderData()` method returns
    a pointer, so the fact that it allocates handles is not obvious to
    the caller.

    Since this is the slow path anyway, simply add a handle scope inside
    of it.

    The tests are also modified to perform the same check for the
    `Object` equivalent of this method.

    Change-Id: I5f03c9a7b70b3a17315609df021606a53c9feb2d
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1879902
    Reviewed-by: Yang Guo <[email protected]>
    Commit-Queue: Yang Guo <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64583}

Refs: v8/v8@e5dbc95
Fixes: #30127

Backport-PR-URL: #30513
PR-URL: #30130
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    [compiler] Explicitly initialize const members

    This fixes a compilation error in Node.js with Xcode:

    initialize the const member 'blueprint_'.

    error: constructor for 'v8::internal::compiler::Callee' must explicitly
    Change-Id: Ia55398428d0de35a9ad5132eabd22d0adb694514
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1895561
    Commit-Queue: Jakob Gruber <[email protected]>
    Reviewed-by: Jakob Gruber <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64719}

Refs: v8/v8@50031fa

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Original commit message:

    [postmortem] Load files using utf-8 to support Python 3

    Change-Id: I174d38cc33210c07d1a7596627e1b2d21bb06313
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1895560
    Reviewed-by: Mathias Bynens <[email protected]>
    Commit-Queue: Michaël Zasso <[email protected]>
    Cr-Commit-Position: refs/heads/master@{#64717}

Refs: v8/v8@a7dffcd

Backport-PR-URL: #30513
PR-URL: #30218
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: David Carlier <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Chengzhong Wu <[email protected]>
Reviewed-By: Joyee Cheung <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
V8 can can no longer be built without snapshot.

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
The following metadata has changed:

- v8dbg_class_UncompiledData__inferred_name__String
  - Implementation was moved to Torque and required
    update to gen-postmortem-metadata.py.
  - Refs: v8/v8@e4e86b5

- v8dbg_class_SharedFunctionInfo__script_or_debug_info__Object
  - Renamed to v8dbg_class_SharedFunctionInfo__script_or_debug_info__HeapObject
  - Refs: v8/v8@07fc96c

- v8dbg_type_JSRegExp__JS_REGEXP_TYPE
  - Renamed to v8dbg_type_JSRegExp__JS_REG_EXP_TYPE.
  - Refs: v8/v8@61815a2

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
This commit updates v8abbr.h to use the updated metadata.

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
On certain platforms, updating V8 to 7.9 made the numbers a bit higher
than the current limit.

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Remove custom tracking for `SharedArrayBuffer`s and their allocators
and instead let V8 do the tracking of both. This is required starting
in V8 7.9, because lifetime management for `ArrayBuffer::Allocator`s
differs from what was performed previously (i.e. it is no longer
easily possible for one Isolate to release an `ArrayBuffer` and another
to accept it into its own allocator), and the alternative would
have been adapting the `SharedArrayBuffer` tracking logic to also
apply to regular `ArrayBuffer` instances.

Refs: #30044

Backport-PR-URL: #30513
PR-URL: #30020
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Matteo Collina <[email protected]>
MylesBorins pushed a commit that referenced this pull request Nov 21, 2019
Revert "[cpu-profiler] Removed deprecated methods, advance deprecation"
This reverts commit abf47eee04ccd4634cf46e75d0a00ff816d56b7e.

Revert "api: Rely on v8::Data base type for garbage collection support"
This reverts commit 55be65da1597926416e5546d95ac723419e4c8ef.

Revert "[cleanup] Remove deprecated Neuter API calls"
This reverts commit 0f067efe6908c9785d1aa69e488c57d5a3c36841.

Revert "[api] Remove deprecated method"
This reverts commit ebe753234a3c868a58429f1d096397b229a96388.

Revert "[wasm] Remove obsolete --no-wasm-shared-code flag
This reverts commit 6f8381958cb7808a2ba12e72617e8249a86117d2.

Remove array_buffer_allocator_shared from Isolate::CreateParams.

Co-authored-by: Anna Henningsen <[email protected]>

PR-URL: #30513
Reviewed-By: Jiawen Geng <[email protected]>
Reviewed-By: Myles Borins <[email protected]>
Reviewed-By: Anna Henningsen <[email protected]>
@MylesBorins
Copy link
Contributor

landed in c7c5660...f17c794

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
build Issues and PRs related to build files or the CI. semver-minor PRs that contain new features and should be released in the next minor version. v8 engine Issues and PRs related to the V8 dependency.
Projects
None yet
Development

Successfully merging this pull request may close these issues.