Skip to content

V8 6.1 backports #17354

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

V8 6.1 backports #17354

wants to merge 3 commits into from

Conversation

@ofrobots
Copy link
Contributor

@ofrobots ofrobots commented Nov 27, 2017
edited
Loading

@nodejs-github-bot nodejs-github-bot added v8 engine Issues and PRs related to the V8 dependency. v8.x labels Nov 27, 2017
@refack @MylesBorins
test: flag known flake
3668a82 
`test-inspector-async-hook-setup-at-signal` is also flaky on VS2017
@MylesBorins
Copy link
Contributor

The windows flake is a known flakey, I backported the commit that marks it as such.

I'm unsure if the V8 failure is new, here is a run directly against v8.x-staging so we can check

https://ci.nodejs.org/view/All/job/node-test-commit-v8-linux/1084/

@targos
Copy link
Member

targos commented Nov 28, 2017

The V8 failure is new. It's from a test added in this PR.

@gibfahn gibfahn self-assigned this Nov 28, 2017
@ofrobots
deps: V8: cherry-pick cfc3404f from upstream
cc77b16 
Original commit message:
  [string] Fix regexp fast path in MaybeCallFunctionAtSymbol

  The regexp fast path in MaybeCallFunctionAtSymbol had an issue in which
  we'd call ToString after checking that the given {object} was a fast
  regexp and deciding to take the fast path. This is invalid since
  ToString() can call into user-controlled JS and may mutate {object}.

  There's no way to place the ToString call correctly in this instance:
  1 before BranchIfFastRegExp, it's a spec violation if we end up on the
    slow regexp path;
  2 the problem with the current location is already described above;
  3 and we can't place it into the fast-path regexp builtin (e.g.
    RegExpReplace) either due to the same reasons as 1.

  The solution in this CL is to restrict the fast path to string
  arguments only, i.e. cases where ToString would be a nop and can safely
  be skipped.

  Bug: chromium:782145
  Change-Id: Ifd35b3a9a6cf2e77c96cb860a8ec98eaec35aa85
  Reviewed-on: https://chromium-review.googlesource.com/758257
  Commit-Queue: Jakob Gruber <jgruber@chromium.org>
  Reviewed-by: Yang Guo <yangguo@chromium.org>
  Cr-Commit-Position: refs/heads/master@{nodejs#49213}

Ref: v8/v8@cfc3404
Ref: v8/v8@55a9807
@ofrobots
Copy link
Contributor Author

Dropped one of the commits – it was not needed on V8 6.1.

New V8-CI: https://ci.nodejs.org/view/All/job/node-test-commit-v8-linux/1090/

@ofrobots
Copy link
Contributor Author

@nodejs/v8 PTAL. The PPC machines have problems ATM, but here's another run: https://ci.nodejs.org/view/All/job/node-test-commit-v8-linux/1093/

@mhdawson
Copy link
Member

Fixed the PPC problem see nodejs/build#1020 (comment) is you are interested.

Looks like it was on on the latest run that @ofrobots launched.

mhdawson
mhdawson approved these changes Nov 30, 2017
View reviewed changes
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Rubber stamp LGTM

@ofrobots
Copy link
Contributor Author

ofrobots commented Dec 1, 2017

@gibfahn Leaving this in your hands as the release manager for 8.x, let me know if I should land this, or if anything else is needed from my side.

@gibfahn
Copy link
Member

gibfahn commented Dec 1, 2017

Thanks @ofrobots .

@ofrobots @MylesBorins Do you think this is urgent? Normally I'd leave this till after v8.9.2 goes out on Tuesday, but we can land now if there's a need.

@ofrobots
Copy link
Contributor Author

ofrobots commented Dec 6, 2017

I missed your ping earlier @gibfahn, sorry about that. It would have been good to have this in 8.9.2 but that ship has sailed.

@gibfahn
Copy link
Member

gibfahn commented Dec 7, 2017

It would have been good to have this in 8.9.2 but that ship has sailed.

Once we've done the rc we try not to make any changes unless there's a reason to fast-track. I'm happy to include bugfixes that we think are important, but we need to have that discussion first.

gibfahn pushed a commit that referenced this pull request Dec 19, 2017
@ofrobots @gibfahn
deps: V8: cherry-pick cfc3404f from upstream
c57cd9b 
Original commit message:
  [string] Fix regexp fast path in MaybeCallFunctionAtSymbol

  The regexp fast path in MaybeCallFunctionAtSymbol had an issue in which
  we'd call ToString after checking that the given {object} was a fast
  regexp and deciding to take the fast path. This is invalid since
  ToString() can call into user-controlled JS and may mutate {object}.

  There's no way to place the ToString call correctly in this instance:
  1 before BranchIfFastRegExp, it's a spec violation if we end up on the
    slow regexp path;
  2 the problem with the current location is already described above;
  3 and we can't place it into the fast-path regexp builtin (e.g.
    RegExpReplace) either due to the same reasons as 1.

  The solution in this CL is to restrict the fast path to string
  arguments only, i.e. cases where ToString would be a nop and can safely
  be skipped.

  Bug: chromium:782145
  Change-Id: Ifd35b3a9a6cf2e77c96cb860a8ec98eaec35aa85
  Reviewed-on: https://chromium-review.googlesource.com/758257
  Commit-Queue: Jakob Gruber <jgruber@chromium.org>
  Reviewed-by: Yang Guo <yangguo@chromium.org>
  Cr-Commit-Position: refs/heads/master@{#49213}

Refs: v8/v8@cfc3404
Refs: v8/v8@55a9807
PR-URL: #17354
@gibfahn
Copy link
Member

gibfahn commented Dec 19, 2017

Landed in c57cd9b

@gibfahn gibfahn closed this Dec 19, 2017
This was referenced Dec 20, 2017
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@targos targos targos approved these changes

@mhdawson mhdawson mhdawson approved these changes

Assignees

@gibfahn gibfahn

Labels

v8 engine Issues and PRs related to the V8 dependency.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

7 participants

@ofrobots @MylesBorins @targos @mhdawson @gibfahn @nodejs-github-bot @refack