Original commit message:
[regexp] Fix case-insensitive matching for one-byte subjects.
The bug occurs because we do not canonicalize character class ranges
before adding case equivalents. While adding case equivalents, we abort
early for one-byte subject strings, assuming that the ranges are sorted.
Which they are not.
R=marja@chromium.org
BUG=v8:5199
Review-Url: https://codereview.chromium.org/2159683002
Cr-Commit-Position: refs/heads/master@{#37833}
Fixes: https://github.com/nodejs/node/issues/7708
PR-URL: https://github.com/nodejs/node/pull/7833
Reviewed-By: targos - Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: ofrobots - Ali Ijaz Sheikh <ofrobots@google.com>
Original commit message:
S390:Update inline asm constraint in test-platform
The GetStackPointer() routine in test-platform uses an inline
assembly code to store the current stack pointer value into a static
variable sp_addr. The existing asm code for S390 uses an ST/STG
instruction, with the memory operand associated with the general ('=g')
constraint to sp_addr.
On GCC 4.8.5, the GCC compiler got confused and treated sp_addr as
an integer operand instead of memory operand, resulting in a store
being emitted that writes to an invalid meory location.
Given the specific store instructions being inlined here, we should
restict the sp_addr operand to explicitly be a memory operand using '=m'
instead of '=g'.
R=bmeurer@chromium.org,jkummerow@chormium.org,rmcilroy@chromium.org,yangguo@chromium.org
BUG=
Review-Url: https://codereview.chromium.org/2158523002
Cr-Commit-Position: refs/heads/master@{#37809}
Fixes: https://github.com/nodejs/node/issues/7659
PR-URL: https://github.com/nodejs/node/pull/7771
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Pick up the latest branch-head for V8 5.1. Introduces a semver-minor
overload of v8::Function::New() for use by v8_inspector.
Refs: https://github.com/nodejs/node/pull/7586
PR-URL: https://github.com/nodejs/node/pull/7615
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Remove the `_malloced_memory` field from the `HeapStatistics`
class to achieve full ABI compatibility with V8 5.0.
Ref: https://github.com/nodejs/node/pull/7016
PR-URL: https://github.com/nodejs/node/pull/7526
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
The next major release will make it a fatal error to use non-primitive
values in function templates and object templates.
Print a warning that includes the C and JS stack trace to tell people to
upgrade their add-ons. The C stack trace is only printed on platforms
that support it (the BSDs, OS X and Linux+glibc.)
The warning can be disabled with the new `--nowarn_template_set` flag.
Refs: https://github.com/nodejs/node/issues/6216
PR-URL: https://github.com/nodejs/node/pull/6277
Reviewed-By: James M Snell <jasnell@gmail.com>
Original commit message:
Improved diagnostic message for JS heap out of memory
This patch replaces the unused 'take_snapshot' parameter on
FatalProcessOutOfMemory() with a 'is_heap_oom' parameter.
The parameter is set to true on error paths where the
JS heap is out of memory, as distinct from a malloc()
failure i.e. process out of memory. The message output to
stderr or passed to embedding applications via FatalErrorCallback
is 'Javascript heap out of memory' rather than
'process out of memory'.
BUG=
R=jochen@chromium.org, verwaest@chromium.org, michael_dawson@ca.ibm.com
Review URL: https://codereview.chromium.org/1873443002
Cr-Commit-Position: refs/heads/master@{#35431}
We'd like this in 6.x to help with diagnosing customer problems.
It provides a better message on OOM so that it is easier to
be able to tell whether the OOM was due to heap exhaustion
or running out of native memory.
PR-URL: https://github.com/nodejs/node/pull/6218
Reviewed-By: Ben Noordhuis <ben@strongloop.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
This commit backports a fix to a JIT bug in V8.
After 100 or so comparisons `typeof null ==="undefined"` is returning
`true` instead of `false`.
Original commit message:
Fix 'typeof null' canonicalization in crankshaft
BUG=
Review URL: https://codereview.chromium.org/1912553002
Cr-Commit-Position: refs/heads/master@{#35699}
Ref: https://bugs.chromium.org/p/chromium/issues/detail?id=604033
PR-URL: https://github.com/nodejs/node/pull/7348
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
regress/regress-crbug-514081 allocates a 2G block of memory
and if there are multiple variants running at the
same time this can lead to crashes, OOM kills or
the OS failing to allocate memory. This patch
limits us to running a single variant of the test
Fixes: https://github.com/nodejs/node/issues/6340
PR-URL: https://github.com/nodejs/node/pull/6678
Reviewed-By: Ben Noorhduis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Pick up the latest bug fix from the V8 5.0 branch.
Original commit message:
V8-Commit: https://github.com/v8/v8/commit/c1d51c7c
Version 5.0.71.35 (cherry-pick)
Merged 2837cb387
disallow left-trim fast path when sampling heap profiler is active
R=hablich@chromium.org, hpayer@chromium.org
BUG=v8:4937
Review URL: https://codereview.chromium.org/1918453002 .
PR-URL: https://github.com/nodejs/node/pull/6372
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
The next major release will make it a fatal error to use non-primitive
values in function templates and object templates.
Print a warning that includes the C and JS stack trace to tell people to
upgrade their add-ons. The C stack trace is only printed on platforms
that support it (the BSDs, OS X and Linux+glibc.)
The warning can be disabled with the new `--nowarn_template_set` flag.
Refs: https://github.com/nodejs/node/issues/6216
PR-URL: https://github.com/nodejs/node/pull/6277
Reviewed-By: James M Snell <jasnell@gmail.com>
There were 2 issues which either the v8 team was reluctant to
backport the fix because the fix was for a disabled feature (wasm) or
that we did not have time to investigate before 5.0 was cut
which result in v8 test failures for PPC in 5.0. These are test
issues and are already resolved in v8 master. This PR
excludes these tests so that our v8 tests in the CI will
be green so that we can detect any real regressions.
PR-URL: https://github.com/nodejs/node/pull/6267
Fixes: https://github.com/nodejs/node/issues/6236
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Original commit message:
Improved diagnostic message for JS heap out of memory
This patch replaces the unused 'take_snapshot' parameter on
FatalProcessOutOfMemory() with a 'is_heap_oom' parameter.
The parameter is set to true on error paths where the
JS heap is out of memory, as distinct from a malloc()
failure i.e. process out of memory. The message output to
stderr or passed to embedding applications via FatalErrorCallback
is 'Javascript heap out of memory' rather than
'process out of memory'.
BUG=
R=jochen@chromium.org, verwaest@chromium.org, michael_dawson@ca.ibm.com
Review URL: https://codereview.chromium.org/1873443002
Cr-Commit-Position: refs/heads/master@{#35431}
We'd like this in 6.x to help with diagnosing customer problems.
It provides a better message on OOM so that it is easier to
be able to tell whether the OOM was due to heap exhaustion
or running out of native memory.
PR-URL: https://github.com/nodejs/node/pull/6218
Reviewed-By: Ben Noordhuis <ben@strongloop.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Original commit message:
tools: fix tickprocessor Cpp symbols on mac
Despite man page documentation:
-f Display the symbol table of a dynamic library flat (as one
file not separate modules).
`nm` on mac treats `-f` as a shorthand for `-format`. The `-f` argument
does not seem to be required, so just remove it completely.
(For `-format` documentation - see `nm --help` on mac).
BUG=
Review URL: https://codereview.chromium.org/1840633002
Cr-Commit-Position: refs/heads/master@{#35445}
Fix: #5903
PR-URL: https://github.com/nodejs/node/pull/6179
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
Ported by exinfinitum from a PR by jasnell:
see https://github.com/nodejs/node-v0.x-archive/pull/14185
Allows the running of v8 tests on node's packaged v8 source code.
Note that the limited win32 support added by jasnell has NOT been ported,
and so these tests are currently UNIX ONLY.
Note that gclient depot tools
(see https://commondatastorage.googleapis.com/
chrome-infra-docs/flat/depot_tools/docs/html/
depot_tools_tutorial.html#_setting_up) and subversion are required
to run tests.
To perform tests, run the following commands:
make v8 DESTCPU=(ARCH)
make test-v8 DESTCPU=(ARCH)
where (ARCH) is your CPU architecture, e.g. x64, ia32.
DESTCPU MUST be specified for this to work properly.
Can also do tests on debug build by using "make test-v8 DESTCPU=(ARCH)
BUILDTYPE=Debug", or perform intl or benchmark tests via make
test-v8-intl or test-v8-benchmarks respectively.
Note that by default, quickcheck and TAP output are disabled, and i18n
is enabled. To activate these options, use options"QUICKCHECK=True" and
"ENABLE_V8_TAP=True" respectively.
Use "DISABLE_V8_I18N" to disable i18n.
Use V8_BUILD_OPTIONS to allow custom user-defined flags to be
appended onto "make v8".
Any tests performed after changes to the packaged v8 file will require
recompiling of v8, which can be done using "make v8 DESTCPU=(ARCH)".
Finally, two additional files necessary for one of the v8 tests have
been added to the v8 folder.
PR-URL: https://github.com/nodejs/node/pull/4704
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: targos - Michaël Zasso <mic.besace@gmail.com>
Original commit message:
```
Stop profiler on isolate teardown if still running
If the profiler is started via the API and not stopped, V8 will
intermittently crash during isolate teardown.
The fix is to run the DeleteAllProfiles function in Isolate::Deinit()
if cpu_profiler_ still exists.
https://groups.google.com/forum/#!topic/v8-dev/WsIlpbaD4mo
TEST= Run in debug mode, if you start a profile and don't stop it,
this assert should fail:
Fatal error in ../src/profiler/cpu-profiler.cc, line 414
Check failed: !is_profiling_.
Review URL: https://codereview.chromium.org/1526253005
Cr-Commit-Position: refs/heads/master@{#32953}
```
PR-URL: https://github.com/nodejs/node/pull/5024
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
Original commit message:
[tools] Make gen-postmortem-metadata.py more reliable
Instead of basing matches off of whitespace, walk the
inheritance chain and include any classes that inherit
from Object.
R=machenbach@chromium.org,jkummerow@chromium.org
NOTRY=true
Review URL: https://codereview.chromium.org/1435643002
Cr-Commit-Position: refs/heads/master@{#31964}
This adds some missing classes to postmortem info like
JSMap and JSSet.
Ref: https://github.com/nodejs/node/pull/3792
PR-URL: https://github.com/nodejs/node/pull/4106
Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: targos - Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: rvagg - Rod Vagg <rod@vagg.org>
Original commit message:
This commit adds some postmortem data that is otherwise unavailable.
I have discovered need in those values when writing:
https://github.com/indutny/llnode
BUG=
Review URL: https://codereview.chromium.org/1436473002
Cr-Commit-Position: refs/heads/master@{#31947}
This postmortem information is useful for both object inspection, and
function's context variables inspection.
Ref: https://github.com/nodejs/node/pull/3779
PR-URL: https://github.com/nodejs/node/pull/4106
Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: targos - Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: rvagg - Rod Vagg <rod@vagg.org>
Original commit message:
[heap] fix crash during the scavenge of ArrayBuffer
Scavenger should not attempt to visit ArrayBuffer's storage, it is a
user-supplied pointer that may have any alignment. Visiting it, may
result in a crash.
BUG=
R=jochen
Review URL: https://codereview.chromium.org/1406133003
Cr-Commit-Position: refs/heads/master@{#31611}
PR-URL: https://github.com/nodejs/node/pull/4259
Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Original commit message:
[tools] Make gen-postmortem-metadata.py more reliable
Instead of basing matches off of whitespace, walk the
inheritance chain and include any classes that inherit
from Object.
R=machenbach@chromium.org,jkummerow@chromium.org
NOTRY=true
Review URL: https://codereview.chromium.org/1435643002
Cr-Commit-Position: refs/heads/master@{#31964}
This adds some missing classes to postmortem info like
JSMap and JSSet.
Ref: https://github.com/nodejs/node/pull/3792
PR-URL: https://github.com/nodejs/node/pull/4106
Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: targos - Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: rvagg - Rod Vagg <rod@vagg.org>
Original commit message:
This commit adds some postmortem data that is otherwise unavailable.
I have discovered need in those values when writing:
https://github.com/indutny/llnode
BUG=
Review URL: https://codereview.chromium.org/1436473002
Cr-Commit-Position: refs/heads/master@{#31947}
This postmortem information is useful for both object inspection, and
function's context variables inspection.
Ref: https://github.com/nodejs/node/pull/3779
PR-URL: https://github.com/nodejs/node/pull/4106
Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: targos - Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: rvagg - Rod Vagg <rod@vagg.org>
Backport 1ee712ab8687e5f4dec93d45da068d37d28feb8b from V8 upstream.
Original commit message:
Add SetAbortOnUncaughtExceptionCallback API
The --abort-on-uncaught-exception command line switch makes
Isolate::Throw abort if the error being thrown cannot be caught by a
try/catch block.
Embedders may want to use other mechanisms than try/catch blocks to
handle uncaught exceptions. For instance, Node.js has "domain" objects
that have error handlers that can handle uncaught exception like
following:
var d = domain.create();
d.on('error', function onError(err) {
console.log('Handling error');
});
d.run(function() {
throw new Error("boom");
});
These error handlers are called by isolates' message listeners.
If --abort-on-uncaught-exception is *not* used, the isolate's
message listener will be called, which will in turn call the domain's
error handler. The process will output 'Handling error' and will exit
successfully (not due to an uncaught exception). This is the behavior
that Node.js users expect.
However, if --abort-on-uncaught-exception is used and when throwing an
error within a domain that has an error handler, the process will abort
and the domain's error handler will not be called. This is not the
behavior that Node.js users expect.
Having a SetAbortOnUncaughtExceptionCallback API allows embedders to
determine when it's not appropriate to abort and instead handle the
exception via the isolate's message listener.
In the example above, Node.js would set a custom callback with
SetAbortOnUncaughtExceptionCallback that would be implemented as
following (the sample code has been simplified to remove what's not
relevant to this change):
bool ShouldAbortOnUncaughtException(Isolate* isolate) {
return !IsDomainActive();
}
Now when --abort-on-uncaught-exception is used, Isolate::Throw would
call that callback and determine that it should not abort if a domain
with an error handler is active. Instead, the isolate's message listener
would be called and the error would be handled by the domain's error
handler.
I believe this can also be useful for other embedders.
BUG=
R=bmeurer@chromium.org
Review URL: https://codereview.chromium.org/1375933003
Cr-Commit-Position: refs/heads/master@{#31111}
Ref: #3036
Ref: https://github.com/nodejs/node/pull/3481
PR-URL: https://github.com/nodejs/node/pull/4106
Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: targos - Michaël Zasso <mic.besace@gmail.com>
Reviewed-By: rvagg - Rod Vagg <rod@vagg.org>
Franziska Hinkelmann
Matt Loring
Joran Siu
Ben Noordhuis
Anna Henningsen
Michaël Zasso
Michael Dawson
Myles Borins
Ali Ijaz Sheikh
Fedor Indutny
Myles Borins
Bryon Leung
Gibson Fahnestock
evan.lucas
Julien Gilli