nodejs · targos · Oct 25, 2021
diff --git a/deps/v8/include/v8-version.h b/deps/v8/include/v8-version.h
@@ -11,7 +11,7 @@
 #define V8_MAJOR_VERSION 9
 #define V8_MINOR_VERSION 5
 #define V8_BUILD_NUMBER 172
-#define V8_PATCH_LEVEL 21
+#define V8_PATCH_LEVEL 25
 
 // Use 1 for candidates and 0 otherwise.
 // (Boolean macro values are not supported by all preprocessors.)

diff --git a/deps/v8/src/compiler/backend/ia32/code-generator-ia32.cc b/deps/v8/src/compiler/backend/ia32/code-generator-ia32.cc
@@ -343,8 +343,8 @@ class OutOfLineRecordWrite final : public OutOfLineCode {
  __ CallRecordWriteStubSaveRegisters(object_, scratch1_,
  remembered_set_action, save_fp_mode,
  StubCallMode::kCallWasmRuntimeStub);
- } else {
 #endif // V8_ENABLE_WEBASSEMBLY
+ } else {
  __ CallRecordWriteStubSaveRegisters(object_, scratch1_,
  remembered_set_action, save_fp_mode);
  }

diff --git a/deps/v8/src/execution/isolate-inl.h b/deps/v8/src/execution/isolate-inl.h
@@ -50,7 +50,7 @@ bool Isolate::has_pending_message() {
 }
 
 Object Isolate::pending_exception() {
- DCHECK(has_pending_exception());
+ CHECK(has_pending_exception());
  DCHECK(!thread_local_top()->pending_exception_.IsException(this));
  return thread_local_top()->pending_exception_;
 }

diff --git a/deps/v8/src/heap/cppgc/marker.cc b/deps/v8/src/heap/cppgc/marker.cc
@@ -243,6 +243,7 @@ void MarkerBase::EnterAtomicPause(MarkingConfig::StackState stack_state) {
  }
  config_.stack_state = stack_state;
  config_.marking_type = MarkingConfig::MarkingType::kAtomic;
+ mutator_marking_state_.set_in_atomic_pause();
 
  // Lock guards against changes to {Weak}CrossThreadPersistent handles, that
  // may conflict with marking. E.g., a WeakCrossThreadPersistent may be

diff --git a/deps/v8/src/heap/cppgc/marking-state.h b/deps/v8/src/heap/cppgc/marking-state.h
@@ -9,6 +9,7 @@
 
 #include "include/cppgc/trace-trait.h"
 #include "include/cppgc/visitor.h"
+#include "src/base/logging.h"
 #include "src/heap/cppgc/compaction-worklists.h"
 #include "src/heap/cppgc/globals.h"
 #include "src/heap/cppgc/heap-object-header.h"
@@ -123,6 +124,8 @@ class MarkingStateBase {
  discovered_new_ephemeron_pairs_ = false;
  }
 
+ void set_in_atomic_pause() { in_atomic_pause_ = true; }
+
  protected:
  inline void MarkAndPush(HeapObjectHeader&, TraceDescriptor);
 
@@ -160,6 +163,7 @@ class MarkingStateBase {
  size_t marked_bytes_ = 0;
  bool in_ephemeron_processing_ = false;
  bool discovered_new_ephemeron_pairs_ = false;
+ bool in_atomic_pause_ = false;
 };
 
 MarkingStateBase::MarkingStateBase(HeapBase& heap,
@@ -300,12 +304,19 @@ void MarkingStateBase::ProcessEphemeron(const void* key, const void* value,
  // would break the main marking loop.
  DCHECK(!in_ephemeron_processing_);
  in_ephemeron_processing_ = true;
- // Filter out already marked keys. The write barrier for WeakMember
- // ensures that any newly set value after this point is kept alive and does
- // not require the callback.
- if (!HeapObjectHeader::FromObject(key)
- .IsInConstruction<AccessMode::kAtomic>() &&
- HeapObjectHeader::FromObject(key).IsMarked<AccessMode::kAtomic>()) {
+ // Keys are considered live even in incremental/concurrent marking settings
+ // because the write barrier for WeakMember ensures that any newly set value
+ // after this point is kept alive and does not require the callback.
+ const bool key_in_construction =
+ HeapObjectHeader::FromObject(key).IsInConstruction<AccessMode::kAtomic>();
+ const bool key_considered_as_live =
+ key_in_construction
+ ? in_atomic_pause_
+ : HeapObjectHeader::FromObject(key).IsMarked<AccessMode::kAtomic>();
+ DCHECK_IMPLIES(
+ key_in_construction && in_atomic_pause_,
+ HeapObjectHeader::FromObject(key).IsMarked<AccessMode::kAtomic>());
+ if (key_considered_as_live) {
  if (value_desc.base_object_payload) {
  MarkAndPush(value_desc.base_object_payload, value_desc);
  } else {

diff --git a/deps/v8/src/ic/accessor-assembler.cc b/deps/v8/src/ic/accessor-assembler.cc
@@ -846,8 +846,8 @@ void AccessorAssembler::HandleLoadICSmiHandlerLoadNamedCase(
  Comment("module export");
  TNode<UintPtrT> index =
  DecodeWord<LoadHandler::ExportsIndexBits>(handler_word);
- TNode<Module> module = LoadObjectField<Module>(
- CAST(p->receiver()), JSModuleNamespace::kModuleOffset);
+ TNode<Module> module =
+ LoadObjectField<Module>(CAST(holder), JSModuleNamespace::kModuleOffset);
  TNode<ObjectHashTable> exports =
  LoadObjectField<ObjectHashTable>(module, Module::kExportsOffset);
  TNode<Cell> cell = CAST(LoadFixedArrayElement(exports, index));

diff --git a/deps/v8/src/ic/ic.cc b/deps/v8/src/ic/ic.cc
@@ -989,7 +989,13 @@ Handle<Object> LoadIC::ComputeHandler(LookupIterator* lookup) {
  // We found the accessor, so the entry must exist.
  DCHECK(entry.is_found());
  int index = ObjectHashTable::EntryToValueIndex(entry);
- return LoadHandler::LoadModuleExport(isolate(), index);
+ Handle<Smi> smi_handler =
+ LoadHandler::LoadModuleExport(isolate(), index);
+ if (holder_is_lookup_start_object) {
+ return smi_handler;
+ }
+ return LoadHandler::LoadFromPrototype(isolate(), map, holder,
+ smi_handler);
  }
 
  Handle<Object> accessors = lookup->GetAccessors();

diff --git a/deps/v8/test/unittests/heap/cppgc/ephemeron-pair-unittest.cc b/deps/v8/test/unittests/heap/cppgc/ephemeron-pair-unittest.cc
@@ -242,5 +242,50 @@ TEST_F(EphemeronPairTest, EphemeronPairWithEmptyMixinValue) {
  FinishMarking();
 }
 
+namespace {
+
+class KeyWithCallback final : public GarbageCollected<KeyWithCallback> {
+ public:
+ template <typename Callback>
+ explicit KeyWithCallback(Callback callback) {
+ callback(this);
+ }
+ void Trace(Visitor*) const {}
+};
+
+class EphemeronHolderForKeyWithCallback final
+ : public GarbageCollected<EphemeronHolderForKeyWithCallback> {
+ public:
+ EphemeronHolderForKeyWithCallback(KeyWithCallback* key, GCed* value)
+ : ephemeron_pair_(key, value) {}
+ void Trace(cppgc::Visitor* visitor) const { visitor->Trace(ephemeron_pair_); }
+
+ private:
+ const EphemeronPair<KeyWithCallback, GCed> ephemeron_pair_;
+};
+
+} // namespace
+
+TEST_F(EphemeronPairTest, EphemeronPairWithKeyInConstruction) {
+ GCed* value = MakeGarbageCollected<GCed>(GetAllocationHandle());
+ Persistent<EphemeronHolderForKeyWithCallback> holder;
+ InitializeMarker(*Heap::From(GetHeap()), GetPlatformHandle().get());
+ FinishSteps();
+ MakeGarbageCollected<KeyWithCallback>(
+ GetAllocationHandle(), [this, &holder, value](KeyWithCallback* thiz) {
+ // The test doesn't use conservative stack scanning to retain key to
+ // avoid retaining value as a side effect.
+ EXPECT_TRUE(HeapObjectHeader::FromObject(thiz).TryMarkAtomic());
+ holder = MakeGarbageCollected<EphemeronHolderForKeyWithCallback>(
+ GetAllocationHandle(), thiz, value);
+ // Finishing marking at this point will leave an ephemeron pair
+ // reachable where the key is still in construction. The GC needs to
+ // mark the value for such pairs as live in the atomic pause as they key
+ // is considered live.
+ FinishMarking();
+ });
+ EXPECT_TRUE(HeapObjectHeader::FromObject(value).IsMarked());
+}
+
 } // namespace internal
 } // namespace cppgc