v8.16.2 proposal#29617
Merged
v8.16.2 proposal #29617
Uh oh!
There was an error while loading. Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
These tests seem to trigger failures in the entire CI job (not just the test) on AIX. Skip them to see if that helps alleviate spurious failures in node-test-commit-aix (and the upstream PR and commit test jobs). See: - nodejs/build#1820 (comment) - nodejs/build#1847 (comment) PR-URL: #28469 Backport-PR-URL: #29599 Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Daniel Bevenius <[email protected]> Reviewed-By: Rich Trott <[email protected]>
Add SKIP status for more tests in stringbytes-external-exceed-max that are failing on AIX. PR-URL: #28516 Backport-PR-URL: #29599 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Michael Dawson <[email protected]>
Some pty tests persistently hung on the AIX CI buildbots. Fix that by adding a helper script that properly sets up the pty before spawning the script under test. On investigation I discovered that the test runner hung when it tried to close the slave pty's file descriptor, probably due to a bug in AIX's pty implementation. I could reproduce it with a short C program. The test runner also leaked file descriptors to the child process. I couldn't convince python's `subprocess.Popen()` to do what I wanted it to do so I opted to move the logic to a helper script that can do fork/setsid/etc. without having to worry about stomping on state in tools/test.py. In the process I also uncovered some bugs in the pty module of the python distro that ships with macOS 10.14, leading me to reimplement a sizable chunk of the functionality of that module. And last but not least, of course there are differences between ptys on different platforms and the helper script has to paper over that. Of course. Really, this commit took me longer to put together than I care to admit. Caveat emptor: this commit takes the hacky ^D feeding to the slave out of tools/test.py and puts it in the *.in input files. You can also feed other control characters to tests, like ^C or ^Z, simply by inserting them into the corresponding input file. I think that's nice. Fixes: nodejs/build#1820Fixes: #28489 PR-URL: #28600 Backport-PR-URL: #29599 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Anna Henningsen <[email protected]>
Assumption that if memory can be malloc()ed it can be used is not true on AIX. Later access of the allocated pages can trigger SIGKILL if there are insufficient VM pages. Use psdanger() to better estimate available memory. Fixes: nodejs/build#1849 More info: - https://www.ibm.com/support/knowledgecenter/en/ssw_aix_71/generalprogramming/sys_mem_alloc.html - https://www.ibm.com/support/knowledgecenter/en/ssw_aix_71/p_bostechref/psdanger.html Related to: - nodejs/build#1820 (comment) - #28469 - #28516 PR-URL: #28857 Backport-PR-URL: #29599 Reviewed-By: Michael Dawson <[email protected]> Reviewed-By: Beth Griggs <[email protected]> Reviewed-By: Rich Trott <[email protected]>
One skipped test remains, it creates very large Buffer objects, triggering the AIX OOM to kill node and its parent processes. See: nodejs/build#1849 (comment) PR-URL: #29054 Backport-PR-URL: #29599 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Richard Lau <[email protected]>
Original commit message: [turbofan] Fix NumberFloor typing. Bug: chromium:841117 Change-Id: I1e83dfc82f87d0b49d3cca96290ae1d738e37d20 Reviewed-on: https://chromium-review.googlesource.com/1051228 Reviewed-by: Benedikt Meurer <[email protected]> Commit-Queue: Jaroslav Sevcik <[email protected]> Cr-Commit-Position: refs/heads/master@{#53083} Refs: v8/v8@d520ebbFixes: #22810 PR-URL: #27358 Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Refael Ackermann (רפאל פלחי) <[email protected]> Reviewed-By: Anatoli Papirovski <[email protected]> Reviewed-By: Beth Griggs <[email protected]>
This is the certdata.txt[0] from NSS 3.41, released on 2018-12-03. This is the version of NSS that will ship in Firefox 65 on 2018-12-11. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_41_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #25113 Backport-PR-URL: #29137 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]>
This is the certdata.txt[0] from NSS 3.43, released on 2019-03-15. This is the version of NSS that will ship in Firefox 67 on 2019-03-19. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_43_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #27374 Backport-PR-URL: #29137 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]>
This is the certdata.txt[0] from NSS 3.45, released on 2019-07-05. This is the version of NSS that will ship in Firefox 69 on 2019-09-03. [0] https://hg.mozilla.org/projects/nss/raw-file/NSS_3_45_RTM/lib/ckfw/builtins/certdata.txt PR-URL: #28808 Backport-PR-URL: #29137 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - GlobalSign Root CA - R6 - OISTE WISeKey Global Root GC CA - GTS Root R1 - GTS Root R2 - GTS Root R3 - GTS Root R4 - UCA Global G2 Root - UCA Extended Validation Root - Certigna Root CA Certificates removed: - Visa eCommerce Root - TÜRKTRUST Elektronik Sertifika Hizmet Sağlayıcısı H5 - Certplus Root CA G1 - Certplus Root CA G2 - OpenTrust Root CA G1 - OpenTrust Root CA G2 - OpenTrust Root CA G3 PR-URL: #25113 Backport-PR-URL: #29137 Reviewed-By: James M Snell <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]>
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: - emSign Root CA - G1 - emSign ECC Root CA - G3 - emSign Root CA - C1 - emSign ECC Root CA - C3 - Hongkong Post Root CA 3 PR-URL: #27374 Backport-PR-URL: #29137 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]>
This is a partial backport of commit f1a3968 ("tls: expose built-in root certificates") from the master branch. The original commit adds a new API, this commit just backports the non-visible changes to ease backporting follow-up commits. PR-URL: #26415 Backport-PR-URL: #29137 Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Ron Korving <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: Vse Mozhet Byt <[email protected]>
Update the list of root certificates in src/node_root_certs.h with tools/mk-ca-bundle.pl. Certificates added: (none) Certificates removed: - Certinomis - Root CA PR-URL: #28808 Backport-PR-URL: #29137 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
Prevent the `'error'` event from being emitted multiple times if `writable.destroy()` is called with an error before the `_destroy()` callback is called. Emit the first error, discard all others. PR-URL: #26057 Backport-PR-URL: #28000Fixes: #26015 Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Ruben Bridgewater <[email protected]> Reviewed-By: James M Snell <[email protected]>
PR-URL: #28230 Reviewed-By: Beth Griggs <[email protected]>
PR-URL: #28230 Reviewed-By: Beth Griggs <[email protected]>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and perhaps others) are requiring .686 . Fixes: #589 Backport-PR-URL: #28230 PR-URL: #1389 Reviewed-By: Fedor Indutny <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Shigeki Ohtsu <[email protected]>
See https://mta.openssl.org/pipermail/openssl-dev/2015-February/000651.html iojs needs to stop using masm and move to nasm or yasm on Win32. Fixes: #589 Backport-PR-URL: #28230 PR-URL: #1389 Reviewed-By: Fedor Indutny <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
Reapply b910613 . Fixes: #589 Backport-PR-URL: #28230 PR-URL: #1389 Reviewed-By: Fedor Indutny <[email protected]> Reviewed-By: Ben Noordhuis <[email protected]>
In openssl s_client on Windows, RAND_screen() is invoked to initialize random state but it takes several seconds in each connection. This added -no_rand_screen to openssl s_client on Windows to skip RAND_screen() and gets a better performance in the unit test of test-tls-server-verify. Do not enable this except to use in the unit test. Fixes: #1461 Backport-PR-URL: #28230 PR-URL: #1836 Reviewed-By: Ben Noordhuis <[email protected]>
socket.parser can be undefined under unknown circumstances. This is a fix for a bug I cannot reproduce but it is affecting people. Fixes: #26366 PR-URL: #26402 Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
When CMD is used to launch a process and CMD is killed too quickly, the process can stay behind running in suspended state, never completing. This only happens in Windows Server 2008R2. Refs: nodejs/build#1829 PR-URL: #28723 Reviewed-By: Rich Trott <[email protected]> Reviewed-By: Beth Griggs <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
nodejs-github-bot added meta 
richardlau approved these changes Sep 19, 2019
Collaborator
nodejs-github-bot commented Sep 19, 2019
Member
As mentioned in #29445 (comment), it would be good to have #29399 and #29459 in the next v8.x (and 10.x) release, as they solve regressions from the previous security release. I’ll open backport PRs. |
Member
addaleax commented Sep 19, 2019
gengjiawen approved these changes Sep 20, 2019
cjihrig approved these changes Sep 20, 2019
BridgeAR approved these changes Sep 23, 2019
Member
BridgeAR left a comment
BridgeAR left a comment There was a problem hiding this comment.
The PR-URL has to be added in the commit message. Besides that LGTM.
Do not crash when the session is no longer available. Fixes: #29457 PR-URL: #29459 Backport-PR-URL: #29618 Reviewed-By: Luigi Pinca <[email protected]> Reviewed-By: Trivikram Kamat <[email protected]> Reviewed-By: Minwoo Jung <[email protected]> Reviewed-By: Colin Ihrig <[email protected]>
Don’t start reading more input data if we’re still busy writing output. This was overlooked in 8a4a193. Fixes: #29353Fixes: #29393 PR-URL: #29399 Backport-PR-URL: #29618 Reviewed-By: David Carlier <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: James M Snell <[email protected]> Reviewed-By: Matteo Collina <[email protected]>
BethGriggsforce-pushed the v8.16.2-proposal branch from 59ae17e to ad698a3CompareBethGriggsforce-pushed the v8.16.2-proposal branch from ad698a3 to d5c29b8CompareCollaborator
addaleax approved these changes Sep 25, 2019
4 tasks
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
MemberAuthor
BethGriggs commented Oct 8, 2019
Going to delay this release until tomorrow - I'll update the dates in the PR in the morning. A couple of new CITGM failures have shown up and earlier there were issues with the ARM release machines nodejs/build#1946 CITGM rerun: https://ci.nodejs.org/view/Node.js-citgm/job/citgm-smoker/2037/ |
BethGriggsforce-pushed the v8.16.2-proposal branch from d5c29b8 to 4efffd5Compare This comment has been minimized.
This comment has been minimized.
BethGriggs added a commit to BethGriggs/nodejs.org that referenced this pull request Oct 9, 2019
BethGriggs added a commit to nodejs/nodejs.org that referenced this pull request Oct 9, 2019
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
2019-10-09, Version 8.16.2 'Carbon' (LTS), @BethGriggs
Node.js 8 is due to go End-of-Life on 31st December 2019.
Notable changes
Commits
cc9d005628] - crypto: update root certificates (Sam Roberts) #28808347fcd35e3] - crypto: update root certificates (Sam Roberts) #27374b2a6b3254d] - crypto: update root certificates (Sam Roberts) #251135682e50325] - deps: add -no_rand_screen to openssl s_client (Shigeki Ohtsu) nodejs/io.js#18369663ae3546] - deps: fix asm build error of openssl in x86_win32 (Shigeki Ohtsu) iojs/io.js#138987eee99466] - deps: fix openssl assembly error on ia32 win32 (Fedor Indutny) iojs/io.js#1389da99d3f972] - deps: copy all openssl header files to include dir (Sam Roberts) #28230dc9d645ac4] - deps: upgrade openssl sources to 1.0.2s (Sam Roberts) #2823037e24b19a0] - deps: V8: backport d520ebb (Michaël Zasso) #273581a5dc6a3e7] - http: check for existance in resetHeadersTimeoutOnReqEnd (Matteo Collina) #26402dd285968c4] - openssl: fix keypress requirement in apps on win32 (Shigeki Ohtsu) iojs/io.js#13893ee076f03d] - stream: ensure writable.destroy() emits error once (Luigi Pinca) #26057a7e5fe1f06] - test: unskip tests that now pass on AIX (Sam Roberts) #2905465e9b0f5a2] - test: specialize OOM check for AIX (Sam Roberts) #288577aca9cb09b] - test: fix pty test hangs on aix (Ben Noordhuis) #28600588b761fca] - test: skip stringbytes-external-exceed-max on AIX (Sam Roberts) #28516930647d0fe] - test: skip tests related to CI failures on AIX (Sam Roberts) #2846992a2f8bbe3] - test,win: cleanup exec-timeout processes (João Reis) #28723d57f79726d] - tls: partially backport pull request tls: expose built-in root certificates #26415 (Ben Noordhuis) #26415c582fef5cc] - tools: update certdata.txt (Sam Roberts) #288084fbadf6a9e] - tools: update certdata.txt (Sam Roberts) #27374529b2ad25f] - tools: update certdata.txt (Sam Roberts) #25113