Open
Conversation
Collaborator
|
Review requested:
|
nodejs-github-bot
added
build
Member
Author
|
Compared to version 14.5, there is a new test failure that is not obvious. Local run: |
This was referenced Feb 20, 2026
targos
added
the
semver-major
Member
Author
|
Additionally, snapshot is no longer reproducible: Edit: not macOS-specific: https://github.com/nodejs/node/actions/runs/22221811293/job/64279253109 |
targos
added
the
help wanted
Member
|
Note that this changeset does not compile with GCC <14.1, unless the following patch is applied: diff --git a/deps/v8/src/objects/js-duration-format.cc b/deps/v8/src/objects/js-duration-format.cc
index 41bdbc2cc6..c9ef451713 100644
--- a/deps/v8/src/objects/js-duration-format.cc
+++ b/deps/v8/src/objects/js-duration-format.cc
@@ -807,7 +807,7 @@ void OutputFractional(const char* type, int64_t integer, int32_t powerOfTen,
// Pass in the value as int64_t and ask ICU to scale down.
nfOpts = nfOpts.scale(icu::number::Scale::powerOfTen(-powerOfTen));
- int64_t factor = static_cast<int64_t>(std::powl(10, powerOfTen));
+ int64_t factor = static_cast<int64_t>(std::pow(10.0L, powerOfTen));
int64_t bound = std::numeric_limits<int64_t>::max() / factor - 1;
UErrorCode status = U_ZERO_ERROR;
// Use faster ICU API formatInt if the value fit the precision int64_t, |
Member
FYI @joyeecheung |
Member
|
For what it's worth this branch seems to build ok with a RISC-V cross compiler too 👍🏻 (An experimental platform but I thought I'd mention it anyway ;-) ) |
Member
Author
|
@nodejs/platform-windows Can you please have a look at the Windows build failure? |
Member
Author
|
There's still this REPL strict mode issue: #61898 (comment) @nodejs/repl |
Member
Author
|
And the reproducible snapshot: #61898 (comment) @nodejs/startup (for lack of a more specific team) |
Member
It's not so much a REPL issue as an issue with the VM global sandbox interceptors, introduced as a regression with 113b5cf. Previously, we were simulating CheckContextualStoreToJSGlobalObject-esque behaviour by rejecting interceptions on global proxy properties in strict mode if the receiver was not the global object. Now that we can no longer observe the receiver, that mechanism doesn't exist, and statements like (We should probably have VM tests for this.) |
Member
We will either need to merge (or upstream) this, or change the GCC build requirement to >=14.1. |
Member
Author
|
Would you like to try and upstream it? |
Member
|
It would be easier if someone with existing Chromium contributor status did the honours, I'd rather not jump through the hoops for a one-liner! |
Member
|
Locally this fixes the snapshot reproducibility test for me See diffdiff --git a/deps/v8/src/builtins/builtins-proxy-gen.cc b/deps/v8/src/builtins/builtins-proxy-gen.cc
index 0bc45bac300..f0047f044f2 100644
--- a/deps/v8/src/builtins/builtins-proxy-gen.cc
+++ b/deps/v8/src/builtins/builtins-proxy-gen.cc
@@ -63,6 +63,10 @@ TNode<JSProxy> ProxiesCodeStubAssembler::AllocateProxy(
StoreObjectFieldNoWriteBarrier(proxy, JSProxy::kTargetOffset, target);
StoreObjectFieldNoWriteBarrier(proxy, JSProxy::kHandlerOffset, handler);
StoreObjectFieldNoWriteBarrier(proxy, JSProxy::kFlagsOffset, flags);
+#if TAGGED_SIZE_8_BYTES
+ StoreObjectFieldNoWriteBarrier(proxy, JSProxy::kPaddingOffset,
+ Int32Constant(0));
+#endif
return CAST(proxy);
}
diff --git a/deps/v8/src/heap/factory.cc b/deps/v8/src/heap/factory.cc
index b6f6938450c..e0117df19f9 100644
--- a/deps/v8/src/heap/factory.cc
+++ b/deps/v8/src/heap/factory.cc
@@ -3945,6 +3945,9 @@ Handle<JSProxy> Factory::NewJSProxy(DirectHandle<JSReceiver> target,
result->set_target(*target, SKIP_WRITE_BARRIER);
result->set_handler(*handler, SKIP_WRITE_BARRIER);
result->set_flags(JSProxy::IsRevocableBit::encode(revocable));
+#if TAGGED_SIZE_8_BYTES
+ result->set_padding(0);
+#endif
return handle(result, isolate());
}
Uploaded https://chromium-review.googlesource.com/c/v8/v8/+/7666243 |
Member
Also uploaded https://chromium-review.googlesource.com/c/v8/v8/+/7666244 (IIUC, it was a libstdc++ issue fixed by https://gcc.gnu.org/pipermail/libstdc++/2023-February/055493.html) |
Contributor
I'll take a look. Thanks for the ping. |
Contributor
Will look into it. Thanks for the ping. |
hubot
pushed a commit
to v8/v8
that referenced
this pull request
Mar 16, 2026
So that snapshots with proxies can be reproducible. Refs: nodejs/node#61898 Change-Id: I01fac5e18c73cd482a1ae63750dbadf42a12e08a Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7666243 Reviewed-by: Jakob Kummerow <jkummerow@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#105830}
Contributor
|
@targos, here is the patch to enable building on Windows: v8-146-fix.patch. Two small changes were needed. |
targos
pushed a commit
to targos/node
that referenced
this pull request
Mar 17, 2026
Original commit message:
Zero-initialize proxy padding
So that snapshots with proxies can be reproducible.
Refs: nodejs#61898
Change-Id: I01fac5e18c73cd482a1ae63750dbadf42a12e08a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7666243
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/main@{#105830}
Refs: v8/v8@edeb0a4
Member
Author
|
Thanks @StefanStojanovic and @joyeecheung. I pushed your fixes. Let's see how it goes on GH runners. |
In illumos, madvise(3C) now takes `void *` for its first argument post-illumos#14418, but uses `caddr_t` pre-illumos#14418. This fix will detect if the illumos mman.h file in use is pre-or-post-illumos#14418 so builds can work either way. PR-URL: nodejs#58237 Reviewed-By: Richard Lau <richard.lau@ibm.com> Reviewed-By: Michael Dawson <midawson@redhat.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Michaël Zasso <targos@protonmail.com> Reviewed-By: Filip Skokan <panva.ip@gmail.com> Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com> Reviewed-By: Chengzhong Wu <legendecas@gmail.com> Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Original commit message:
GCC 15 removed avx10.2-512 target
PiperOrigin-RevId: 823560321
Refs: google/highway@989a498
PR-URL: nodejs#60682
Fixes: nodejs#60566
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Xuguang Mei <meixuguang@gmail.com>
Original commit message:
PPC/S390: [wasm] Fix jump table offset when patching
... need to make sure patching of target occurs at the correct spot
based on what `EmitFarJumpSlot` emits. Also mask the branch offset in
PPC64 EmitJumpSlot to match `Assembler::b()`.
Change-Id: I5a8079d0079d8ad427034761d42c90b64d5746dd
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7642190
Reviewed-by: John <junyan1@ibm.com>
Commit-Queue: Milad Farazmand <mfarazma@ibm.com>
Reviewed-by: Clemens Backes <clemensb@chromium.org>
Cr-Commit-Position: refs/heads/main@{#105646}
Refs: v8/v8@aa0b288
PR-URL: nodejs#62136
Reviewed-By: Aviv Keller <me@aviv.sh>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Gürgün Dayıoğlu <hey@gurgun.day>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Original commit message:
Zero-initialize proxy padding
So that snapshots with proxies can be reproducible.
Refs: nodejs#61898
Change-Id: I01fac5e18c73cd482a1ae63750dbadf42a12e08a
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7666243
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Cr-Commit-Position: refs/heads/main@{#105830}
Refs: v8/v8@edeb0a4
Original commit message:
Fix compilation for older version of libstdc++
On older versions of libstdc++, cmath didn't expose std::powl.
Use std::pow instead.
Co-Authored-By: René <contact.9a5d6388@renegade334.me.uk>
Refs: https://gcc.gnu.org/pipermail/libstdc++/2023-February/055493.html
Refs: nodejs#61898
Change-Id: I4587e14525cae68a05eda03c36b0af40759d9b64
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7666244
Commit-Queue: Joyee Cheung <joyee@igalia.com>
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/main@{#105884}
Refs: v8/v8@d83f479
This enables v8_enable_seeded_array_index_hash and add a test for it. Fixes: https://hackerone.com/reports/3511792 deps: V8: backport 0a8b1cdcc8b2 Original commit message: implement rapidhash secret generation Bug: 409717082 Change-Id: I471f33d66de32002f744aeba534c1d34f71e27d2 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/6733490 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: snek <snek@chromium.org> Cr-Commit-Position: refs/heads/main@{#101499} Refs: v8/v8@0a8b1cd Co-authored-by: Joyee Cheung <joyeec9h3@gmail.com> deps: V8: backport 185f0fe09b72 Original commit message: [numbers] Refactor HashSeed as a lightweight view over ByteArray Instead of copying the seed and secrets into a struct with value fields, HashSeed now stores a pointer pointing either into the read-only ByteArray, or the static default seed for off-heap HashSeed::Default() calls. The underlying storage is always 8-byte aligned so we can cast it directly into a struct. Change-Id: I5896a7f2ae24296eb4c80b757a5d90ac70a34866 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7609720 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#105531} Refs: v8/v8@185f0fe Co-authored-by: Joyee Cheung <joyeec9h3@gmail.com> deps: V8: backport 1361b2a49d02 Original commit message: [strings] improve array index hash distribution Previously, the hashes stored in a Name's raw_hash_field for decimal numeric strings (potential array indices) consist of the literal integer value along with the length of the string. This means consecutive numeric strings can have consecutive hash values, which can lead to O(n^2) probing for insertion in the worst case when e.g. a non-numeric string happen to land in the these buckets. This patch adds a build-time flag v8_enable_seeded_array_index_hash that scrambles the 24-bit array-index value stored in a Name's raw_hash_field to improve the distribution. x ^= x >> kShift; x = (x * m1) & kMask; // round 1 x ^= x >> kShift; x = (x * m2) & kMask; // round 2 x ^= x >> kShift; // finalize To decode, apply the same steps with the modular inverses of m1 and m2 in reverse order. x ^= x >> kShift; x = (x * m2_inv) & kMask; // round 1 x ^= x >> kShift; x = (x * m1_inv) & kMask; // round 2 x ^= x >> kShift; // finalize where kShift = kArrayIndexValueBits / 2, kMask = kArrayIndexValueMask, m1, m2 (both odd) are the lower bits of the rapidhash secrets, m1_inv, m2_inv (modular inverses) are precomputed modular inverse of m1 and m2. The pre-computed values are appended to the hash_seed ByteArray in ReadOnlyRoots and accessed in generated code to reduce overhead. In call sites that don't already have access to the seeds, we read them from the current isolate group/isolate's read only roots. To consolidate the code that encode/decode these hashes, this patch adds MakeArrayIndexHash/DecodeArrayIndexFromHashField in C++ and CSA that perform seeding/unseeding if enabled, and updates places where encoding/decoding of array index is needed to use them. Bug: 477515021 Change-Id: I350afe511951a54c4378396538152cc56565fd55 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7564330 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#105596} Refs: v8/v8@1361b2a Co-authored-by: Joyee Cheung <joyeec9h3@gmail.com> deps: V8: cherry-pick aac14dd95e5b Original commit message: [string] add 3rd round to seeded array index hash Since we already have 3 derived secrets, and arithmetics are relatively cheap, add a 3rd round to the xorshift-multiply seeding scheme. This brings the bias from ~3.4 to ~0.4. Bug: 477515021 Change-Id: I1ef48954bcee8768d8c90db06ac8adb02f06cebf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7655117 Reviewed-by: Chengzhong Wu <cwu631@bloomberg.net> Commit-Queue: Joyee Cheung <joyee@igalia.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#105824} Refs: v8/v8@aac14dd PR-URL: nodejs-private/node-private#834 CVE-ID: CVE-2026-21717 deps: V8: backport 185f0fe09b72 Original commit message: [numbers] Refactor HashSeed as a lightweight view over ByteArray Instead of copying the seed and secrets into a struct with value fields, HashSeed now stores a pointer pointing either into the read-only ByteArray, or the static default seed for off-heap HashSeed::Default() calls. The underlying storage is always 8-byte aligned so we can cast it directly into a struct. Change-Id: I5896a7f2ae24296eb4c80b757a5d90ac70a34866 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7609720 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#105531} Refs: v8/v8@185f0fe Co-authored-by: Joyee Cheung <joyeec9h3@gmail.com> deps: V8: backport 1361b2a49d02 Original commit message: [strings] improve array index hash distribution Previously, the hashes stored in a Name's raw_hash_field for decimal numeric strings (potential array indices) consist of the literal integer value along with the length of the string. This means consecutive numeric strings can have consecutive hash values, which can lead to O(n^2) probing for insertion in the worst case when e.g. a non-numeric string happen to land in the these buckets. This patch adds a build-time flag v8_enable_seeded_array_index_hash that scrambles the 24-bit array-index value stored in a Name's raw_hash_field to improve the distribution. x ^= x >> kShift; x = (x * m1) & kMask; // round 1 x ^= x >> kShift; x = (x * m2) & kMask; // round 2 x ^= x >> kShift; // finalize To decode, apply the same steps with the modular inverses of m1 and m2 in reverse order. x ^= x >> kShift; x = (x * m2_inv) & kMask; // round 1 x ^= x >> kShift; x = (x * m1_inv) & kMask; // round 2 x ^= x >> kShift; // finalize where kShift = kArrayIndexValueBits / 2, kMask = kArrayIndexValueMask, m1, m2 (both odd) are the lower bits of the rapidhash secrets, m1_inv, m2_inv (modular inverses) are precomputed modular inverse of m1 and m2. The pre-computed values are appended to the hash_seed ByteArray in ReadOnlyRoots and accessed in generated code to reduce overhead. In call sites that don't already have access to the seeds, we read them from the current isolate group/isolate's read only roots. To consolidate the code that encode/decode these hashes, this patch adds MakeArrayIndexHash/DecodeArrayIndexFromHashField in C++ and CSA that perform seeding/unseeding if enabled, and updates places where encoding/decoding of array index is needed to use them. Bug: 477515021 Change-Id: I350afe511951a54c4378396538152cc56565fd55 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7564330 Reviewed-by: Leszek Swirski <leszeks@chromium.org> Commit-Queue: Joyee Cheung <joyee@igalia.com> Cr-Commit-Position: refs/heads/main@{#105596} Refs: v8/v8@1361b2a Co-authored-by: Joyee Cheung <joyeec9h3@gmail.com> deps: V8: cherry-pick aac14dd95e5b Original commit message: [string] add 3rd round to seeded array index hash Since we already have 3 derived secrets, and arithmetics are relatively cheap, add a 3rd round to the xorshift-multiply seeding scheme. This brings the bias from ~3.4 to ~0.4. Bug: 477515021 Change-Id: I1ef48954bcee8768d8c90db06ac8adb02f06cebf Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/7655117 Reviewed-by: Chengzhong Wu <cwu631@bloomberg.net> Commit-Queue: Joyee Cheung <joyee@igalia.com> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#105824} Refs: v8/v8@aac14dd
Co-Authored-By: StefanStojanovic <stefan.stojanovic@janeasystems.com>
Add args to `tools/make-v8.sh` for compiling Rust-based components, such as Temporal, for the Linux on ppc64le and s390x V8 CI builds.
Use the method without context parameter; the old API is deprecated. Refs: https://crrev.com/c/7141498
Use the new API which gets a `ModuleCachingCallback` parameter. Refs: https://crrev.com/c/7078551
Member
Author
|
The GitHub CI is now green, but we know that the |
github-actions
bot
added
request-ci-failed
This comment was marked as outdated.
This comment was marked as outdated.
Collaborator
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
Member
Author
|
Okay, now we're back to a debug build error that already happened with earlier V8 versions. @joyeecheung found a fix for it (093b60b) but that doesn't work anymore, because debug builds also create a release binary and the |
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
13 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
PR for previous version: #61681