-
Notifications
You must be signed in to change notification settings - Fork 30.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
deps: backport v8 commits useful for snapshot integration #33300
Conversation
@joyeecheung the first commit is empty. it only bumps the embedder string |
@targos Thanks for catching that, the last commit was reverted in the upstream because it broke a bot, I will get back to this after I fix it in the upstream |
Original commit message: [snapshot] Do not defer ArrayBuffers during snapshotting ArrayBuffer instances are serialized by first re-assigning a index to the backing store field, then serializing the object, and then storing the actual backing store address again (and the same for the ArrayBufferExtension). If serialization of the object itself is deferred, the real backing store address is written into the snapshot, which cannot be processed when deserializing, leading to a crash. This fixes this by not deferring ArrayBuffer serialization and adding a DCHECK for the crash that previously occurred. Change-Id: Id9bea8268061bd0770cde7bfeb6695248978f994 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144123 Commit-Queue: Jakob Gruber <[email protected]> Reviewed-by: Dan Elphick <[email protected]> Cr-Commit-Position: refs/heads/master@{#67114} Refs: v8/v8@ea0719b
Original commit message: [snapshot] Improve snapshot docs and error printing - Minor improvements to the documentation for snapshotting. - Add newlines to printed errors where necessary. Change-Id: I822e7e850adb67eae73b51c23cf34e40ba3106f0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144954 Reviewed-by: Toon Verwaest <[email protected]> Commit-Queue: Toon Verwaest <[email protected]> Cr-Commit-Position: refs/heads/master@{#67111} Refs: v8/v8@bb9f0c2
Original commit message: Reland "[snapshot] rehash JSMap and JSSet during deserialization" This is a reland of 8374feed55a5b3010f2e9593560a2d84f9f6725f. Fixed rehashing of global proxy keys by creating its identity hash early, before the deserialization of the context snapshot. Original change's description: > [snapshot] rehash JSMap and JSSet during deserialization > > To rehash JSMap and JSSet, we simply replace the backing store > with a new one created with the new hash. > > Bug: v8:9187 > Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983 > Commit-Queue: Joyee Cheung <[email protected]> > Reviewed-by: Jakob Gruber <[email protected]> > Reviewed-by: Camillo Bruni <[email protected]> > Cr-Commit-Position: refs/heads/master@{#67663} Bug: v8:9187, v8:10523 Change-Id: I7a0319b1d10ff07644de902fec43e7c2b1dd8da9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2212085 Reviewed-by: Leszek Swirski <[email protected]> Reviewed-by: Camillo Bruni <[email protected]> Reviewed-by: Jakob Gruber <[email protected]> Commit-Queue: Joyee Cheung <[email protected]> Cr-Commit-Position: refs/heads/master@{#67999} Refs: v8/v8@22014de
3951b25
to
10ddf6a
Compare
Replaced the last commit with the reland merged in the upstream. This can wait until next week in case the fuzzer in the upstream finds anything. V8 CI: https://ci.nodejs.org/job/node-test-commit-v8-linux/3141/ |
Did you manually backport the commits (i.e. without |
8ae28ff
to
2935f72
Compare
@targos I think the first two should be clean. The last one definitely isn't because the upstream changed the file names and there are conflicts with off-thread deserialization support changes not in any releases. |
Original commit message: [snapshot] Do not defer ArrayBuffers during snapshotting ArrayBuffer instances are serialized by first re-assigning a index to the backing store field, then serializing the object, and then storing the actual backing store address again (and the same for the ArrayBufferExtension). If serialization of the object itself is deferred, the real backing store address is written into the snapshot, which cannot be processed when deserializing, leading to a crash. This fixes this by not deferring ArrayBuffer serialization and adding a DCHECK for the crash that previously occurred. Change-Id: Id9bea8268061bd0770cde7bfeb6695248978f994 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144123 Commit-Queue: Jakob Gruber <[email protected]> Reviewed-by: Dan Elphick <[email protected]> Cr-Commit-Position: refs/heads/master@{#67114} Refs: v8/v8@ea0719b PR-URL: #33300 Refs: v8/v8@bb9f0c2 Refs: v8/v8@22014de Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: [snapshot] Improve snapshot docs and error printing - Minor improvements to the documentation for snapshotting. - Add newlines to printed errors where necessary. Change-Id: I822e7e850adb67eae73b51c23cf34e40ba3106f0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144954 Reviewed-by: Toon Verwaest <[email protected]> Commit-Queue: Toon Verwaest <[email protected]> Cr-Commit-Position: refs/heads/master@{#67111} Refs: v8/v8@bb9f0c2 PR-URL: #33300 Refs: v8/v8@ea0719b Refs: v8/v8@22014de Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: Reland "[snapshot] rehash JSMap and JSSet during deserialization" This is a reland of 8374feed55a5b3010f2e9593560a2d84f9f6725f. Fixed rehashing of global proxy keys by creating its identity hash early, before the deserialization of the context snapshot. Original change's description: > [snapshot] rehash JSMap and JSSet during deserialization > > To rehash JSMap and JSSet, we simply replace the backing store > with a new one created with the new hash. > > Bug: v8:9187 > Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983 > Commit-Queue: Joyee Cheung <[email protected]> > Reviewed-by: Jakob Gruber <[email protected]> > Reviewed-by: Camillo Bruni <[email protected]> > Cr-Commit-Position: refs/heads/master@{#67663} Bug: v8:9187, v8:10523 Change-Id: I7a0319b1d10ff07644de902fec43e7c2b1dd8da9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2212085 Reviewed-by: Leszek Swirski <[email protected]> Reviewed-by: Camillo Bruni <[email protected]> Reviewed-by: Jakob Gruber <[email protected]> Commit-Queue: Joyee Cheung <[email protected]> Cr-Commit-Position: refs/heads/master@{#67999} Refs: v8/v8@22014de PR-URL: #33300 Refs: v8/v8@ea0719b Refs: v8/v8@bb9f0c2 Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Landed in 178efdf...0cb194e, thanks! |
Original commit message: [snapshot] Do not defer ArrayBuffers during snapshotting ArrayBuffer instances are serialized by first re-assigning a index to the backing store field, then serializing the object, and then storing the actual backing store address again (and the same for the ArrayBufferExtension). If serialization of the object itself is deferred, the real backing store address is written into the snapshot, which cannot be processed when deserializing, leading to a crash. This fixes this by not deferring ArrayBuffer serialization and adding a DCHECK for the crash that previously occurred. Change-Id: Id9bea8268061bd0770cde7bfeb6695248978f994 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144123 Commit-Queue: Jakob Gruber <[email protected]> Reviewed-by: Dan Elphick <[email protected]> Cr-Commit-Position: refs/heads/master@{#67114} Refs: v8/v8@ea0719b PR-URL: #33300 Refs: v8/v8@bb9f0c2 Refs: v8/v8@22014de Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: [snapshot] Improve snapshot docs and error printing - Minor improvements to the documentation for snapshotting. - Add newlines to printed errors where necessary. Change-Id: I822e7e850adb67eae73b51c23cf34e40ba3106f0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144954 Reviewed-by: Toon Verwaest <[email protected]> Commit-Queue: Toon Verwaest <[email protected]> Cr-Commit-Position: refs/heads/master@{#67111} Refs: v8/v8@bb9f0c2 PR-URL: #33300 Refs: v8/v8@ea0719b Refs: v8/v8@22014de Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: Reland "[snapshot] rehash JSMap and JSSet during deserialization" This is a reland of 8374feed55a5b3010f2e9593560a2d84f9f6725f. Fixed rehashing of global proxy keys by creating its identity hash early, before the deserialization of the context snapshot. Original change's description: > [snapshot] rehash JSMap and JSSet during deserialization > > To rehash JSMap and JSSet, we simply replace the backing store > with a new one created with the new hash. > > Bug: v8:9187 > Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983 > Commit-Queue: Joyee Cheung <[email protected]> > Reviewed-by: Jakob Gruber <[email protected]> > Reviewed-by: Camillo Bruni <[email protected]> > Cr-Commit-Position: refs/heads/master@{#67663} Bug: v8:9187, v8:10523 Change-Id: I7a0319b1d10ff07644de902fec43e7c2b1dd8da9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2212085 Reviewed-by: Leszek Swirski <[email protected]> Reviewed-by: Camillo Bruni <[email protected]> Reviewed-by: Jakob Gruber <[email protected]> Commit-Queue: Joyee Cheung <[email protected]> Cr-Commit-Position: refs/heads/master@{#67999} Refs: v8/v8@22014de PR-URL: #33300 Refs: v8/v8@ea0719b Refs: v8/v8@bb9f0c2 Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: [snapshot] Do not defer ArrayBuffers during snapshotting ArrayBuffer instances are serialized by first re-assigning a index to the backing store field, then serializing the object, and then storing the actual backing store address again (and the same for the ArrayBufferExtension). If serialization of the object itself is deferred, the real backing store address is written into the snapshot, which cannot be processed when deserializing, leading to a crash. This fixes this by not deferring ArrayBuffer serialization and adding a DCHECK for the crash that previously occurred. Change-Id: Id9bea8268061bd0770cde7bfeb6695248978f994 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144123 Commit-Queue: Jakob Gruber <[email protected]> Reviewed-by: Dan Elphick <[email protected]> Cr-Commit-Position: refs/heads/master@{#67114} Refs: v8/v8@ea0719b PR-URL: #33300 Refs: v8/v8@bb9f0c2 Refs: v8/v8@22014de Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: [snapshot] Improve snapshot docs and error printing - Minor improvements to the documentation for snapshotting. - Add newlines to printed errors where necessary. Change-Id: I822e7e850adb67eae73b51c23cf34e40ba3106f0 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2144954 Reviewed-by: Toon Verwaest <[email protected]> Commit-Queue: Toon Verwaest <[email protected]> Cr-Commit-Position: refs/heads/master@{#67111} Refs: v8/v8@bb9f0c2 PR-URL: #33300 Refs: v8/v8@ea0719b Refs: v8/v8@22014de Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: Reland "[snapshot] rehash JSMap and JSSet during deserialization" This is a reland of 8374feed55a5b3010f2e9593560a2d84f9f6725f. Fixed rehashing of global proxy keys by creating its identity hash early, before the deserialization of the context snapshot. Original change's description: > [snapshot] rehash JSMap and JSSet during deserialization > > To rehash JSMap and JSSet, we simply replace the backing store > with a new one created with the new hash. > > Bug: v8:9187 > Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983 > Commit-Queue: Joyee Cheung <[email protected]> > Reviewed-by: Jakob Gruber <[email protected]> > Reviewed-by: Camillo Bruni <[email protected]> > Cr-Commit-Position: refs/heads/master@{#67663} Bug: v8:9187, v8:10523 Change-Id: I7a0319b1d10ff07644de902fec43e7c2b1dd8da9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2212085 Reviewed-by: Leszek Swirski <[email protected]> Reviewed-by: Camillo Bruni <[email protected]> Reviewed-by: Jakob Gruber <[email protected]> Commit-Queue: Joyee Cheung <[email protected]> Cr-Commit-Position: refs/heads/master@{#67999} Refs: v8/v8@22014de PR-URL: #33300 Refs: v8/v8@ea0719b Refs: v8/v8@bb9f0c2 Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: Reland "[snapshot] rehash JSMap and JSSet during deserialization" This is a reland of 8374feed55a5b3010f2e9593560a2d84f9f6725f. Fixed rehashing of global proxy keys by creating its identity hash early, before the deserialization of the context snapshot. Original change's description: > [snapshot] rehash JSMap and JSSet during deserialization > > To rehash JSMap and JSSet, we simply replace the backing store > with a new one created with the new hash. > > Bug: v8:9187 > Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983 > Commit-Queue: Joyee Cheung <[email protected]> > Reviewed-by: Jakob Gruber <[email protected]> > Reviewed-by: Camillo Bruni <[email protected]> > Cr-Commit-Position: refs/heads/master@{#67663} Bug: v8:9187, v8:10523 Change-Id: I7a0319b1d10ff07644de902fec43e7c2b1dd8da9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2212085 Reviewed-by: Leszek Swirski <[email protected]> Reviewed-by: Camillo Bruni <[email protected]> Reviewed-by: Jakob Gruber <[email protected]> Commit-Queue: Joyee Cheung <[email protected]> Cr-Commit-Position: refs/heads/master@{#67999} Refs: v8/v8@22014de PR-URL: nodejs#33300 Refs: v8/v8@ea0719b Refs: v8/v8@bb9f0c2 Refs: nodejs#17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: Reland "[snapshot] rehash JSMap and JSSet during deserialization" This is a reland of 8374feed55a5b3010f2e9593560a2d84f9f6725f. Fixed rehashing of global proxy keys by creating its identity hash early, before the deserialization of the context snapshot. Original change's description: > [snapshot] rehash JSMap and JSSet during deserialization > > To rehash JSMap and JSSet, we simply replace the backing store > with a new one created with the new hash. > > Bug: v8:9187 > Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983 > Commit-Queue: Joyee Cheung <[email protected]> > Reviewed-by: Jakob Gruber <[email protected]> > Reviewed-by: Camillo Bruni <[email protected]> > Cr-Commit-Position: refs/heads/master@{#67663} Bug: v8:9187, v8:10523 Change-Id: I7a0319b1d10ff07644de902fec43e7c2b1dd8da9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2212085 Reviewed-by: Leszek Swirski <[email protected]> Reviewed-by: Camillo Bruni <[email protected]> Reviewed-by: Jakob Gruber <[email protected]> Commit-Queue: Joyee Cheung <[email protected]> Cr-Commit-Position: refs/heads/master@{#67999} Refs: v8/v8@22014de PR-URL: nodejs#33300 Refs: v8/v8@ea0719b Refs: v8/v8@bb9f0c2 Refs: nodejs#17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: Reland "[snapshot] rehash JSMap and JSSet during deserialization" This is a reland of 8374feed55a5b3010f2e9593560a2d84f9f6725f. Fixed rehashing of global proxy keys by creating its identity hash early, before the deserialization of the context snapshot. Original change's description: > [snapshot] rehash JSMap and JSSet during deserialization > > To rehash JSMap and JSSet, we simply replace the backing store > with a new one created with the new hash. > > Bug: v8:9187 > Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983 > Commit-Queue: Joyee Cheung <[email protected]> > Reviewed-by: Jakob Gruber <[email protected]> > Reviewed-by: Camillo Bruni <[email protected]> > Cr-Commit-Position: refs/heads/master@{#67663} Bug: v8:9187, v8:10523 Change-Id: I7a0319b1d10ff07644de902fec43e7c2b1dd8da9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2212085 Reviewed-by: Leszek Swirski <[email protected]> Reviewed-by: Camillo Bruni <[email protected]> Reviewed-by: Jakob Gruber <[email protected]> Commit-Queue: Joyee Cheung <[email protected]> Cr-Commit-Position: refs/heads/master@{#67999} Refs: v8/v8@22014de PR-URL: #33300 Refs: v8/v8@ea0719b Refs: v8/v8@bb9f0c2 Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: Reland "[snapshot] rehash JSMap and JSSet during deserialization" This is a reland of 8374feed55a5b3010f2e9593560a2d84f9f6725f. Fixed rehashing of global proxy keys by creating its identity hash early, before the deserialization of the context snapshot. Original change's description: > [snapshot] rehash JSMap and JSSet during deserialization > > To rehash JSMap and JSSet, we simply replace the backing store > with a new one created with the new hash. > > Bug: v8:9187 > Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983 > Commit-Queue: Joyee Cheung <[email protected]> > Reviewed-by: Jakob Gruber <[email protected]> > Reviewed-by: Camillo Bruni <[email protected]> > Cr-Commit-Position: refs/heads/master@{#67663} Bug: v8:9187, v8:10523 Change-Id: I7a0319b1d10ff07644de902fec43e7c2b1dd8da9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2212085 Reviewed-by: Leszek Swirski <[email protected]> Reviewed-by: Camillo Bruni <[email protected]> Reviewed-by: Jakob Gruber <[email protected]> Commit-Queue: Joyee Cheung <[email protected]> Cr-Commit-Position: refs/heads/master@{#67999} Refs: v8/v8@22014de PR-URL: nodejs#33300 Refs: v8/v8@ea0719b Refs: v8/v8@bb9f0c2 Refs: nodejs#17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: Reland "[snapshot] rehash JSMap and JSSet during deserialization" This is a reland of 8374feed55a5b3010f2e9593560a2d84f9f6725f. Fixed rehashing of global proxy keys by creating its identity hash early, before the deserialization of the context snapshot. Original change's description: > [snapshot] rehash JSMap and JSSet during deserialization > > To rehash JSMap and JSSet, we simply replace the backing store > with a new one created with the new hash. > > Bug: v8:9187 > Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983 > Commit-Queue: Joyee Cheung <[email protected]> > Reviewed-by: Jakob Gruber <[email protected]> > Reviewed-by: Camillo Bruni <[email protected]> > Cr-Commit-Position: refs/heads/master@{#67663} Bug: v8:9187, v8:10523 Change-Id: I7a0319b1d10ff07644de902fec43e7c2b1dd8da9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2212085 Reviewed-by: Leszek Swirski <[email protected]> Reviewed-by: Camillo Bruni <[email protected]> Reviewed-by: Jakob Gruber <[email protected]> Commit-Queue: Joyee Cheung <[email protected]> Cr-Commit-Position: refs/heads/master@{#67999} Refs: v8/v8@22014de Backport-PR-URL: #34356 PR-URL: #33300 Refs: v8/v8@ea0719b Refs: v8/v8@bb9f0c2 Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
Original commit message: Reland "[snapshot] rehash JSMap and JSSet during deserialization" This is a reland of 8374feed55a5b3010f2e9593560a2d84f9f6725f. Fixed rehashing of global proxy keys by creating its identity hash early, before the deserialization of the context snapshot. Original change's description: > [snapshot] rehash JSMap and JSSet during deserialization > > To rehash JSMap and JSSet, we simply replace the backing store > with a new one created with the new hash. > > Bug: v8:9187 > Change-Id: I90c25b18b33b7bc2b6ffe1b89fe17aa5f978b517 > Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2143983 > Commit-Queue: Joyee Cheung <[email protected]> > Reviewed-by: Jakob Gruber <[email protected]> > Reviewed-by: Camillo Bruni <[email protected]> > Cr-Commit-Position: refs/heads/master@{#67663} Bug: v8:9187, v8:10523 Change-Id: I7a0319b1d10ff07644de902fec43e7c2b1dd8da9 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2212085 Reviewed-by: Leszek Swirski <[email protected]> Reviewed-by: Camillo Bruni <[email protected]> Reviewed-by: Jakob Gruber <[email protected]> Commit-Queue: Joyee Cheung <[email protected]> Cr-Commit-Position: refs/heads/master@{#67999} Refs: v8/v8@22014de Backport-PR-URL: #34356 PR-URL: #33300 Refs: v8/v8@ea0719b Refs: v8/v8@bb9f0c2 Refs: #17058 Reviewed-By: Jiawen Geng <[email protected]> Reviewed-By: Michaël Zasso <[email protected]>
The first and last commits are fairly new and contain conflicts with our current version of V8, they may need to be reapplied the next time we update V8
deps: V8: backport ea0719b8ed08
Original commit message:
Refs: v8/v8@ea0719b
deps: V8: backport bb9f0c2b2fe9
Original commit message:
Refs: v8/v8@bb9f0c2
deps: V8: backport 22014de00115
Original commit message:
Refs: v8/v8@22014de
Refs: #17058
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passes