deps: V8: cherry-pick d3a1a5b6c491

targos · targos · commit ccf1178331b5 · 2020-01-14T08:30:37.000+01:00
Original commit message: [objects] Fix memory leak in PrototypeUsers::Add PrototypeUsers::Add now iterates the WeakArrayList to find empty slots before growing the array. Not reusing empty slots caused a memory leak. It might also be desirable to shrink the WeakArrayList in the future. Right now it is only compacted when invoking CreateBlob. Also removed unused PrototypeUsers::IsEmptySlot declaration. Bug: v8:10031 Change-Id: I570ec78fca37e8f0c794f1f40846a4daab47c225 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1967317 Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Reviewed-by: Igor Sheludko <ishell@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#65456} Refs: v8/v8@d3a1a5b Fixes: #30753 PR-URL: #31005 Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Gus Caplan <me@gus.host> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Rich Trott <rtrott@gmail.com>
diff --git a/common.gypi b/common.gypi
@@ -38,7 +38,7 @@
 
     # Reset this number to 0 on major V8 upgrades.
     # Increment by one for each non-official patch applied to deps/v8.
-    'v8_embedder_string': '-node.24',
+    'v8_embedder_string': '-node.25',
 
     ##### V8 defaults for Node.js #####
 
diff --git a/deps/v8/src/objects/objects.cc b/deps/v8/src/objects/objects.cc
@@ -4025,6 +4025,13 @@ Handle<WeakArrayList> PrototypeUsers::Add(Isolate* isolate,
 
   // If there are empty slots, use one of them.
   int empty_slot = Smi::ToInt(empty_slot_index(*array));
+
+  if (empty_slot == kNoEmptySlotsMarker) {
+    // GCs might have cleared some references, rescan the array for empty slots.
+    PrototypeUsers::ScanForEmptySlots(*array);
+    empty_slot = Smi::ToInt(empty_slot_index(*array));
+  }
+
   if (empty_slot != kNoEmptySlotsMarker) {
     DCHECK_GE(empty_slot, kFirstIndex);
     CHECK_LT(empty_slot, array->length());
@@ -4047,6 +4054,15 @@ Handle<WeakArrayList> PrototypeUsers::Add(Isolate* isolate,
   return array;
 }
 
+// static
+void PrototypeUsers::ScanForEmptySlots(WeakArrayList array) {
+  for (int i = kFirstIndex; i < array.length(); i++) {
+    if (array.Get(i)->IsCleared()) {
+      PrototypeUsers::MarkSlotEmpty(array, i);
+    }
+  }
+}
+
 WeakArrayList PrototypeUsers::Compact(Handle<WeakArrayList> array, Heap* heap,
                                       CompactionCallback callback,
                                       AllocationType allocation) {
diff --git a/deps/v8/src/objects/prototype-info.h b/deps/v8/src/objects/prototype-info.h
@@ -99,7 +99,7 @@ class V8_EXPORT_PRIVATE PrototypeUsers : public WeakArrayList {
   static inline Smi empty_slot_index(WeakArrayList array);
   static inline void set_empty_slot_index(WeakArrayList array, int index);
 
-  static void IsSlotEmpty(WeakArrayList array, int index);
+  static void ScanForEmptySlots(WeakArrayList array);
 
   DISALLOW_IMPLICIT_CONSTRUCTORS(PrototypeUsers);
 };
