Browse Source

V8: Upgrade to 3.13.7.4

v0.9.3-release
isaacs 12 years ago
parent
commit
95c9305874
  1. 9
      deps/v8/build/common.gypi
  2. 10
      deps/v8/src/compiler.cc
  3. 128
      deps/v8/src/gdb-jit.cc
  4. 8
      deps/v8/src/ic-inl.h
  5. 26
      deps/v8/src/mark-compact.cc
  6. 1
      deps/v8/src/mark-compact.h
  7. 2
      deps/v8/src/messages.js
  8. 14
      deps/v8/src/objects.cc
  9. 6
      deps/v8/src/objects.h
  10. 2
      deps/v8/src/parser.h
  11. 17
      deps/v8/src/platform-posix.cc
  12. 8
      deps/v8/src/platform-solaris.cc
  13. 2
      deps/v8/src/version.cc
  14. 12
      deps/v8/src/x64/lithium-codegen-x64.cc
  15. 10
      deps/v8/test/cctest/test-api.cc
  16. 61
      deps/v8/test/cctest/test-heap.cc
  17. 5
      deps/v8/test/mjsunit/limit-locals.js
  18. 54
      deps/v8/test/mjsunit/regress/regress-2326.js
  19. 39
      deps/v8/test/mjsunit/regress/regress-crbug-150729.js
  20. 17
      deps/v8/tools/gen-postmortem-metadata.py
  21. 5
      deps/v8/tools/gyp/v8.gyp

9
deps/v8/build/common.gypi

@ -152,7 +152,7 @@
[ 'v8_use_arm_eabi_hardfloat=="true"', {
'defines': [
'USE_EABI_HARDFLOAT=1',
'CAN_USE_VFP_INSTRUCTIONS',
'CAN_USE_VFP3_INSTRUCTIONS',
],
'target_conditions': [
['_toolset=="target"', {
@ -259,6 +259,7 @@
'WIN32',
],
'msvs_configuration_attributes': {
'OutputDirectory': '<(DEPTH)\\build\\$(ConfigurationName)',
'IntermediateDirectory': '$(OutDir)\\obj\\$(ProjectName)',
'CharacterSet': '1',
},
@ -343,7 +344,7 @@
},
'conditions': [
['OS=="linux" or OS=="freebsd" or OS=="openbsd" or OS=="netbsd"', {
'cflags': [ '-Wno-unused-parameter',
'cflags': [ '-Wall', '<(werror)', '-W', '-Wno-unused-parameter',
'-Wnon-virtual-dtor', '-Woverloaded-virtual' ],
}],
['OS=="android"', {
@ -366,6 +367,10 @@
'conditions': [
['OS=="linux" or OS=="freebsd" or OS=="openbsd" or OS=="netbsd" \
or OS=="android"', {
'cflags!': [
'-O2',
'-Os',
],
'cflags': [
'-fdata-sections',
'-ffunction-sections',

10
deps/v8/src/compiler.cc

@ -746,8 +746,10 @@ static void InstallCodeCommon(CompilationInfo* info) {
static void InsertCodeIntoOptimizedCodeMap(CompilationInfo* info) {
Handle<Code> code = info->code();
Handle<JSFunction> function = info->closure();
if (FLAG_cache_optimized_code && code->kind() == Code::OPTIMIZED_FUNCTION) {
if (FLAG_cache_optimized_code &&
info->osr_ast_id().IsNone() &&
code->kind() == Code::OPTIMIZED_FUNCTION) {
Handle<JSFunction> function = info->closure();
Handle<SharedFunctionInfo> shared(function->shared());
Handle<FixedArray> literals(function->literals());
Handle<Context> native_context(function->context()->native_context());
@ -758,7 +760,9 @@ static void InsertCodeIntoOptimizedCodeMap(CompilationInfo* info) {
static bool InstallCodeFromOptimizedCodeMap(CompilationInfo* info) {
if (FLAG_cache_optimized_code && info->IsOptimizing()) {
if (FLAG_cache_optimized_code &&
info->osr_ast_id().IsNone() &&
info->IsOptimizing()) {
Handle<SharedFunctionInfo> shared = info->shared_info();
Handle<JSFunction> function = info->closure();
ASSERT(!function.is_null());

128
deps/v8/src/gdb-jit.cc

@ -31,13 +31,11 @@
#include "bootstrapper.h"
#include "compiler.h"
#include "frames.h"
#include "frames-inl.h"
#include "global-handles.h"
#include "messages.h"
#include "natives.h"
#include "platform.h"
#include "scopes.h"
#include "natives.h"
#include "scopeinfo.h"
namespace v8 {
namespace internal {
@ -196,7 +194,7 @@ class DebugSectionBase : public ZoneObject {
virtual void WriteBody(Writer::Slot<THeader> header, Writer* writer) {
uintptr_t start = writer->position();
if (WriteBodyInternal(writer)) {
if (WriteBody(writer)) {
uintptr_t end = writer->position();
header->offset = start;
#if defined(__MACH_O)
@ -206,7 +204,7 @@ class DebugSectionBase : public ZoneObject {
}
}
virtual bool WriteBodyInternal(Writer* writer) {
virtual bool WriteBody(Writer* writer) {
return false;
}
@ -342,14 +340,14 @@ class ELFSection : public DebugSectionBase<ELFSectionHeader> {
virtual void WriteBody(Writer::Slot<Header> header, Writer* w) {
uintptr_t start = w->position();
if (WriteBodyInternal(w)) {
if (WriteBody(w)) {
uintptr_t end = w->position();
header->offset = start;
header->size = end - start;
}
}
virtual bool WriteBodyInternal(Writer* w) {
virtual bool WriteBody(Writer* w) {
return false;
}
@ -629,9 +627,9 @@ class MachO BASE_EMBEDDED {
#if defined(__ELF)
class ELF BASE_EMBEDDED {
public:
ELF(Zone* zone) : sections_(6, zone) {
sections_.Add(new(zone) ELFSection("", ELFSection::TYPE_NULL, 0), zone);
sections_.Add(new(zone) StringTable(".shstrtab"), zone);
ELF() : sections_(6) {
sections_.Add(new ELFSection("", ELFSection::TYPE_NULL, 0));
sections_.Add(new StringTable(".shstrtab"));
}
void Write(Writer* w) {
@ -644,8 +642,8 @@ class ELF BASE_EMBEDDED {
return sections_[index];
}
uint32_t AddSection(ELFSection* section, Zone* zone) {
sections_.Add(section, zone);
uint32_t AddSection(ELFSection* section) {
sections_.Add(section);
section->set_index(sections_.length() - 1);
return sections_.length() - 1;
}
@ -677,7 +675,7 @@ class ELF BASE_EMBEDDED {
{ 0x7f, 'E', 'L', 'F', 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0};
#elif defined(V8_TARGET_ARCH_X64)
const uint8_t ident[16] =
{ 0x7f, 'E', 'L', 'F', 2, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0};
{ 0x7f, 'E', 'L', 'F', 2, 1, 1, 0, 0, 0 , 0, 0, 0, 0, 0, 0};
#else
#error Unsupported target architecture.
#endif
@ -854,10 +852,10 @@ class ELFSymbol BASE_EMBEDDED {
class ELFSymbolTable : public ELFSection {
public:
ELFSymbolTable(const char* name, Zone* zone)
explicit ELFSymbolTable(const char* name)
: ELFSection(name, TYPE_SYMTAB, sizeof(uintptr_t)),
locals_(1, zone),
globals_(1, zone) {
locals_(1),
globals_(1) {
}
virtual void WriteBody(Writer::Slot<Header> header, Writer* w) {
@ -885,11 +883,11 @@ class ELFSymbolTable : public ELFSection {
strtab->DetachWriter();
}
void Add(const ELFSymbol& symbol, Zone* zone) {
void Add(const ELFSymbol& symbol) {
if (symbol.binding() == ELFSymbol::BIND_LOCAL) {
locals_.Add(symbol, zone);
locals_.Add(symbol);
} else {
globals_.Add(symbol, zone);
globals_.Add(symbol);
}
}
@ -1021,29 +1019,26 @@ class CodeDescription BASE_EMBEDDED {
static void CreateSymbolsTable(CodeDescription* desc,
ELF* elf,
int text_section_index) {
Zone* zone = desc->info()->zone();
ELFSymbolTable* symtab = new(zone) ELFSymbolTable(".symtab", zone);
StringTable* strtab = new(zone) StringTable(".strtab");
ELFSymbolTable* symtab = new ELFSymbolTable(".symtab");
StringTable* strtab = new StringTable(".strtab");
// Symbol table should be followed by the linked string table.
elf->AddSection(symtab, zone);
elf->AddSection(strtab, zone);
elf->AddSection(symtab);
elf->AddSection(strtab);
symtab->Add(ELFSymbol("V8 Code",
0,
0,
ELFSymbol::BIND_LOCAL,
ELFSymbol::TYPE_FILE,
ELFSection::INDEX_ABSOLUTE),
zone);
ELFSection::INDEX_ABSOLUTE));
symtab->Add(ELFSymbol(desc->name(),
0,
desc->CodeSize(),
ELFSymbol::BIND_GLOBAL,
ELFSymbol::TYPE_FUNC,
text_section_index),
zone);
text_section_index));
}
#endif // defined(__ELF)
@ -1079,7 +1074,7 @@ class DebugInfoSection : public DebugSection {
DW_ATE_SIGNED = 0x5
};
bool WriteBodyInternal(Writer* w) {
bool WriteBody(Writer* w) {
uintptr_t cu_start = w->position();
Writer::Slot<uint32_t> size = w->CreateSlotHere<uint32_t>();
uintptr_t start = w->position();
@ -1099,7 +1094,8 @@ class DebugInfoSection : public DebugSection {
w->WriteString("v8value");
if (desc_->IsInfoAvailable()) {
Scope* scope = desc_->info()->scope();
CompilationInfo* info = desc_->info();
ScopeInfo<FreeStoreAllocationPolicy> scope_info(info->scope());
w->WriteULEB128(2);
w->WriteString(desc_->name());
w->Write<intptr_t>(desc_->CodeStart());
@ -1110,27 +1106,23 @@ class DebugInfoSection : public DebugSection {
w->Write<uint8_t>(DW_OP_reg5); // The frame pointer's here on ia32
#elif defined(V8_TARGET_ARCH_X64)
w->Write<uint8_t>(DW_OP_reg6); // and here on x64.
#elif defined(V8_TARGET_ARCH_ARM)
UNIMPLEMENTED();
#elif defined(V8_TARGET_ARCH_MIPS)
UNIMPLEMENTED();
#else
#error Unsupported target architecture.
#endif
fb_block_size.set(static_cast<uint32_t>(w->position() - fb_block_start));
int params = scope->num_parameters();
int slots = scope->num_stack_slots();
int context_slots = scope->ContextLocalCount();
int params = scope_info.number_of_parameters();
int slots = scope_info.number_of_stack_slots();
int context_slots = scope_info.number_of_context_slots();
// The real slot ID is internal_slots + context_slot_id.
int internal_slots = Context::MIN_CONTEXT_SLOTS;
int locals = scope->StackLocalCount();
int locals = scope_info.LocalCount();
int current_abbreviation = 4;
for (int param = 0; param < params; ++param) {
w->WriteULEB128(current_abbreviation++);
w->WriteString(
*scope->parameter(param)->name()->ToCString(DISALLOW_NULLS));
*scope_info.ParameterName(param)->ToCString(DISALLOW_NULLS));
w->Write<uint32_t>(ty_offset);
Writer::Slot<uint32_t> block_size = w->CreateSlotHere<uint32_t>();
uintptr_t block_start = w->position();
@ -1156,7 +1148,7 @@ class DebugInfoSection : public DebugSection {
ASSERT(Context::CLOSURE_INDEX == 0);
ASSERT(Context::PREVIOUS_INDEX == 1);
ASSERT(Context::EXTENSION_INDEX == 2);
ASSERT(Context::GLOBAL_OBJECT_INDEX == 3);
ASSERT(Context::GLOBAL_INDEX == 3);
w->WriteULEB128(current_abbreviation++);
w->WriteString(".closure");
w->WriteULEB128(current_abbreviation++);
@ -1175,13 +1167,10 @@ class DebugInfoSection : public DebugSection {
w->WriteString(builder.Finalize());
}
ZoneList<Variable*> stack_locals(locals, scope->zone());
ZoneList<Variable*> context_locals(context_slots, scope->zone());
scope->CollectStackAndContextLocals(&stack_locals, &context_locals);
for (int local = 0; local < locals; ++local) {
w->WriteULEB128(current_abbreviation++);
w->WriteString(
*stack_locals[local]->name()->ToCString(DISALLOW_NULLS));
*scope_info.LocalName(local)->ToCString(DISALLOW_NULLS));
w->Write<uint32_t>(ty_offset);
Writer::Slot<uint32_t> block_size = w->CreateSlotHere<uint32_t>();
uintptr_t block_start = w->position();
@ -1298,7 +1287,7 @@ class DebugAbbrevSection : public DebugSection {
w->WriteULEB128(0);
}
bool WriteBodyInternal(Writer* w) {
bool WriteBody(Writer* w) {
int current_abbreviation = 1;
bool extra_info = desc_->IsInfoAvailable();
ASSERT(desc_->IsLineInfoAvailable());
@ -1317,13 +1306,14 @@ class DebugAbbrevSection : public DebugSection {
w->WriteULEB128(0);
if (extra_info) {
Scope* scope = desc_->info()->scope();
int params = scope->num_parameters();
int slots = scope->num_stack_slots();
int context_slots = scope->ContextLocalCount();
CompilationInfo* info = desc_->info();
ScopeInfo<FreeStoreAllocationPolicy> scope_info(info->scope());
int params = scope_info.number_of_parameters();
int slots = scope_info.number_of_stack_slots();
int context_slots = scope_info.number_of_context_slots();
// The real slot ID is internal_slots + context_slot_id.
int internal_slots = Context::MIN_CONTEXT_SLOTS;
int locals = scope->StackLocalCount();
int locals = scope_info.LocalCount();
int total_children =
params + slots + context_slots + internal_slots + locals + 2;
@ -1428,7 +1418,7 @@ class DebugLineSection : public DebugSection {
DW_LNE_DEFINE_FILE = 3
};
bool WriteBodyInternal(Writer* w) {
bool WriteBody(Writer* w) {
// Write prologue.
Writer::Slot<uint32_t> total_length = w->CreateSlotHere<uint32_t>();
uintptr_t start = w->position();
@ -1568,7 +1558,7 @@ class DebugLineSection : public DebugSection {
class UnwindInfoSection : public DebugSection {
public:
explicit UnwindInfoSection(CodeDescription* desc);
virtual bool WriteBodyInternal(Writer* w);
virtual bool WriteBody(Writer* w);
int WriteCIE(Writer* w);
void WriteFDE(Writer* w, int);
@ -1780,7 +1770,7 @@ void UnwindInfoSection::WriteFDEStateAfterRBPPop(Writer* w) {
}
bool UnwindInfoSection::WriteBodyInternal(Writer* w) {
bool UnwindInfoSection::WriteBody(Writer* w) {
uint32_t cie_position = WriteCIE(w);
WriteFDE(w, cie_position);
return true;
@ -1790,14 +1780,13 @@ bool UnwindInfoSection::WriteBodyInternal(Writer* w) {
#endif // V8_TARGET_ARCH_X64
static void CreateDWARFSections(CodeDescription* desc, DebugObject* obj) {
Zone* zone = desc->info()->zone();
if (desc->IsLineInfoAvailable()) {
obj->AddSection(new(zone) DebugInfoSection(desc), zone);
obj->AddSection(new(zone) DebugAbbrevSection(desc), zone);
obj->AddSection(new(zone) DebugLineSection(desc), zone);
obj->AddSection(new DebugInfoSection(desc));
obj->AddSection(new DebugAbbrevSection(desc));
obj->AddSection(new DebugLineSection(desc));
}
#ifdef V8_TARGET_ARCH_X64
obj->AddSection(new(zone) UnwindInfoSection(desc), zone);
obj->AddSection(new UnwindInfoSection(desc));
#endif
}
@ -1916,8 +1905,7 @@ static void UnregisterCodeEntry(JITCodeEntry* entry) {
static JITCodeEntry* CreateELFObject(CodeDescription* desc) {
Zone* zone = desc->info()->zone();
ZoneScope zone_scope(zone, DELETE_ON_EXIT);
ZoneScope zone_scope(Isolate::Current(), DELETE_ON_EXIT);
#ifdef __MACH_O
MachO mach_o;
Writer w(&mach_o);
@ -1930,19 +1918,17 @@ static JITCodeEntry* CreateELFObject(CodeDescription* desc) {
mach_o.Write(&w, desc->CodeStart(), desc->CodeSize());
#else
ELF elf(zone);
ELF elf;
Writer w(&elf);
int text_section_index = elf.AddSection(
new(zone) FullHeaderELFSection(
".text",
ELFSection::TYPE_NOBITS,
kCodeAlignment,
desc->CodeStart(),
0,
desc->CodeSize(),
ELFSection::FLAG_ALLOC | ELFSection::FLAG_EXEC),
zone);
new FullHeaderELFSection(".text",
ELFSection::TYPE_NOBITS,
kCodeAlignment,
desc->CodeStart(),
0,
desc->CodeSize(),
ELFSection::FLAG_ALLOC | ELFSection::FLAG_EXEC));
CreateSymbolsTable(desc, &elf, text_section_index);

8
deps/v8/src/ic-inl.h

@ -79,6 +79,7 @@ Code* IC::GetTargetAtAddress(Address address) {
void IC::SetTargetAtAddress(Address address, Code* target) {
ASSERT(target->is_inline_cache_stub() || target->is_compare_ic_stub());
Heap* heap = target->GetHeap();
Code* old_target = GetTargetAtAddress(address);
#ifdef DEBUG
// STORE_IC and KEYED_STORE_IC use Code::extra_ic_state() to mark
@ -90,8 +91,11 @@ void IC::SetTargetAtAddress(Address address, Code* target) {
}
#endif
Assembler::set_target_address_at(address, target->instruction_start());
target->GetHeap()->incremental_marking()->RecordCodeTargetPatch(address,
target);
if (heap->gc_state() == Heap::MARK_COMPACT) {
heap->mark_compact_collector()->RecordCodeTargetPatch(address, target);
} else {
heap->incremental_marking()->RecordCodeTargetPatch(address, target);
}
PostPatching(address, target, old_target);
}

26
deps/v8/src/mark-compact.cc

@ -340,11 +340,6 @@ bool MarkCompactCollector::StartCompaction(CompactionMode mode) {
if (!compacting_) {
ASSERT(evacuation_candidates_.length() == 0);
#ifdef ENABLE_GDB_JIT_INTERFACE
// If GDBJIT interface is active disable compaction.
if (FLAG_gdbjit) return false;
#endif
CollectEvacuationCandidates(heap()->old_pointer_space());
CollectEvacuationCandidates(heap()->old_data_space());
@ -782,6 +777,13 @@ void MarkCompactCollector::Prepare(GCTracer* tracer) {
ASSERT(!FLAG_never_compact || !FLAG_always_compact);
#ifdef ENABLE_GDB_JIT_INTERFACE
if (FLAG_gdbjit) {
// If GDBJIT interface is active disable compaction.
compacting_collection_ = false;
}
#endif
// Clear marking bits if incremental marking is aborted.
if (was_marked_incrementally_ && abort_incremental_marking_) {
heap()->incremental_marking()->Abort();
@ -4078,6 +4080,20 @@ void MarkCompactCollector::RecordCodeEntrySlot(Address slot, Code* target) {
}
void MarkCompactCollector::RecordCodeTargetPatch(Address pc, Code* target) {
ASSERT(heap()->gc_state() == Heap::MARK_COMPACT);
if (is_compacting()) {
Code* host = heap()->isolate()->inner_pointer_to_code_cache()->
GcSafeFindCodeForInnerPointer(pc);
MarkBit mark_bit = Marking::MarkBitFrom(host);
if (Marking::IsBlack(mark_bit)) {
RelocInfo rinfo(pc, RelocInfo::CODE_TARGET, 0, host);
RecordRelocSlot(&rinfo, target);
}
}
}
static inline SlotsBuffer::SlotType DecodeSlotType(
SlotsBuffer::ObjectSlot slot) {
return static_cast<SlotsBuffer::SlotType>(reinterpret_cast<intptr_t>(slot));

1
deps/v8/src/mark-compact.h

@ -552,6 +552,7 @@ class MarkCompactCollector {
void RecordRelocSlot(RelocInfo* rinfo, Object* target);
void RecordCodeEntrySlot(Address slot, Code* target);
void RecordCodeTargetPatch(Address pc, Code* target);
INLINE(void RecordSlot(Object** anchor_slot, Object** slot, Object* object));

2
deps/v8/src/messages.js

@ -229,7 +229,7 @@ function FormatMessage(message) {
"strict_catch_variable", ["Catch variable may not be eval or arguments in strict mode"],
"too_many_arguments", ["Too many arguments in function call (only 32766 allowed)"],
"too_many_parameters", ["Too many parameters in function definition (only 32766 allowed)"],
"too_many_variables", ["Too many variables declared (only 32767 allowed)"],
"too_many_variables", ["Too many variables declared (only 65535 allowed)"],
"strict_param_name", ["Parameter name eval or arguments is not allowed in strict mode"],
"strict_param_dupe", ["Strict mode function may not have duplicate parameter names"],
"strict_var_name", ["Variable name may not be eval or arguments in strict mode"],

14
deps/v8/src/objects.cc

@ -651,11 +651,9 @@ MaybeObject* Object::GetProperty(Object* receiver,
receiver, result->GetCallbackObject(), name);
case HANDLER:
return result->proxy()->GetPropertyWithHandler(receiver, name);
case INTERCEPTOR: {
JSObject* recvr = JSObject::cast(receiver);
case INTERCEPTOR:
return result->holder()->GetPropertyWithInterceptor(
recvr, name, attributes);
}
receiver, name, attributes);
case TRANSITION:
case NONEXISTENT:
UNREACHABLE();
@ -10204,7 +10202,7 @@ InterceptorInfo* JSObject::GetIndexedInterceptor() {
MaybeObject* JSObject::GetPropertyPostInterceptor(
JSReceiver* receiver,
Object* receiver,
String* name,
PropertyAttributes* attributes) {
// Check local property in holder, ignore interceptor.
@ -10222,7 +10220,7 @@ MaybeObject* JSObject::GetPropertyPostInterceptor(
MaybeObject* JSObject::GetLocalPropertyPostInterceptor(
JSReceiver* receiver,
Object* receiver,
String* name,
PropertyAttributes* attributes) {
// Check local property in holder, ignore interceptor.
@ -10236,13 +10234,13 @@ MaybeObject* JSObject::GetLocalPropertyPostInterceptor(
MaybeObject* JSObject::GetPropertyWithInterceptor(
JSReceiver* receiver,
Object* receiver,
String* name,
PropertyAttributes* attributes) {
Isolate* isolate = GetIsolate();
InterceptorInfo* interceptor = GetNamedInterceptor();
HandleScope scope(isolate);
Handle<JSReceiver> receiver_handle(receiver);
Handle<Object> receiver_handle(receiver);
Handle<JSObject> holder_handle(this);
Handle<String> name_handle(name);

6
deps/v8/src/objects.h

@ -1680,15 +1680,15 @@ class JSObject: public JSReceiver {
String* name,
PropertyAttributes* attributes);
MUST_USE_RESULT MaybeObject* GetPropertyWithInterceptor(
JSReceiver* receiver,
Object* receiver,
String* name,
PropertyAttributes* attributes);
MUST_USE_RESULT MaybeObject* GetPropertyPostInterceptor(
JSReceiver* receiver,
Object* receiver,
String* name,
PropertyAttributes* attributes);
MUST_USE_RESULT MaybeObject* GetLocalPropertyPostInterceptor(
JSReceiver* receiver,
Object* receiver,
String* name,
PropertyAttributes* attributes);

2
deps/v8/src/parser.h

@ -454,7 +454,7 @@ class Parser {
// construct a hashable id, so if more than 2^17 are allowed, this
// should be checked.
static const int kMaxNumFunctionParameters = 32766;
static const int kMaxNumFunctionLocals = 32767;
static const int kMaxNumFunctionLocals = 65535;
enum Mode {
PARSE_LAZILY,

17
deps/v8/src/platform-posix.cc

@ -109,20 +109,11 @@ void* OS::GetRandomMmapAddr() {
raw_addr &= V8_UINT64_C(0x3ffffffff000);
#else
uint32_t raw_addr = V8::RandomPrivate(isolate);
// For our 32-bit mmap() hint, we pick a random address in the bottom
// half of the top half of the address space (that is, the third quarter).
// Because we do not MAP_FIXED, this will be treated only as a hint -- the
// system will not fail to mmap() because something else happens to already
// be mapped at our random address. We deliberately set the hint high enough
// to get well above the system's break (that is, the heap); systems will
// either try the hint and if that fails move higher (MacOS and other BSD
// derivatives) or try the hint and if that fails allocate as if there were
// no hint at all (Linux, Solaris, illumos and derivatives). The high hint
// prevents the break from getting hemmed in at low values, ceding half of
// the address space to the system heap.
// The range 0x20000000 - 0x60000000 is relatively unpopulated across a
// variety of ASLR modes (PAE kernel, NX compat mode, etc) and on macos
// 10.6 and 10.7.
raw_addr &= 0x3ffff000;
raw_addr += 0x80000000;
raw_addr += 0x20000000;
#endif
return reinterpret_cast<void*>(raw_addr);
}

8
deps/v8/src/platform-solaris.cc

@ -125,8 +125,12 @@ const char* OS::LocalTimezone(double time) {
double OS::LocalTimeOffset() {
tzset();
return -static_cast<double>(timezone * msPerSecond);
// On Solaris, struct tm does not contain a tm_gmtoff field.
time_t utc = time(NULL);
ASSERT(utc != -1);
struct tm* loc = localtime(&utc);
ASSERT(loc != NULL);
return static_cast<double>((mktime(loc) - utc) * msPerSecond);
}

2
deps/v8/src/version.cc

@ -35,7 +35,7 @@
#define MAJOR_VERSION 3
#define MINOR_VERSION 13
#define BUILD_NUMBER 7
#define PATCH_LEVEL 1
#define PATCH_LEVEL 4
// Use 1 for candidates and 0 otherwise.
// (Boolean macro values are not supported by all preprocessors.)
#define IS_CANDIDATE_VERSION 0

12
deps/v8/src/x64/lithium-codegen-x64.cc

@ -3742,11 +3742,17 @@ void LCodeGen::DoBoundsCheck(LBoundsCheck* instr) {
__ cmpq(reg, reg2);
}
} else {
Operand length = ToOperand(instr->length());
if (instr->index()->IsConstantOperand()) {
__ cmpq(ToOperand(instr->length()),
Immediate(ToInteger32(LConstantOperand::cast(instr->index()))));
int constant_index =
ToInteger32(LConstantOperand::cast(instr->index()));
if (instr->hydrogen()->length()->representation().IsTagged()) {
__ Cmp(length, Smi::FromInt(constant_index));
} else {
__ cmpq(length, Immediate(constant_index));
}
} else {
__ cmpq(ToOperand(instr->length()), ToRegister(instr->index()));
__ cmpq(length, ToRegister(instr->index()));
}
}
DeoptimizeIf(below_equal, instr->environment());

10
deps/v8/test/cctest/test-api.cc

@ -17435,6 +17435,16 @@ THREADED_TEST(Regress137496) {
}
THREADED_TEST(Regress149912) {
v8::HandleScope scope;
LocalContext context;
Handle<FunctionTemplate> templ = FunctionTemplate::New();
AddInterceptor(templ, EmptyInterceptorGetter, EmptyInterceptorSetter);
context->Global()->Set(v8_str("Bug"), templ->GetFunction());
CompileRun("Number.prototype.__proto__ = new Bug; var x = 0; x.foo();");
}
#ifndef WIN32
class ThreadInterruptTest {
public:

61
deps/v8/test/cctest/test-heap.cc

@ -4,10 +4,12 @@
#include "v8.h"
#include "compilation-cache.h"
#include "execution.h"
#include "factory.h"
#include "macro-assembler.h"
#include "global-handles.h"
#include "stub-cache.h"
#include "cctest.h"
using namespace v8::internal;
@ -2238,3 +2240,62 @@ TEST(ReleaseStackTraceData) {
delete resource;
}
TEST(Regression144230) {
InitializeVM();
v8::HandleScope scope;
// First make sure that the uninitialized CallIC stub is on a single page
// that will later be selected as an evacuation candidate.
{
v8::HandleScope inner_scope;
AlwaysAllocateScope always_allocate;
SimulateFullSpace(HEAP->code_space());
ISOLATE->stub_cache()->ComputeCallInitialize(9, RelocInfo::CODE_TARGET);
}
// Second compile a CallIC and execute it once so that it gets patched to
// the pre-monomorphic stub. These code objects are on yet another page.
{
v8::HandleScope inner_scope;
AlwaysAllocateScope always_allocate;
SimulateFullSpace(HEAP->code_space());
CompileRun("var o = { f:function(a,b,c,d,e,f,g,h,i) {}};"
"function call() { o.f(1,2,3,4,5,6,7,8,9); };"
"call();");
}
// Third we fill up the last page of the code space so that it does not get
// chosen as an evacuation candidate.
{
v8::HandleScope inner_scope;
AlwaysAllocateScope always_allocate;
CompileRun("for (var i = 0; i < 2000; i++) {"
" eval('function f' + i + '() { return ' + i +'; };' +"
" 'f' + i + '();');"
"}");
}
HEAP->CollectAllGarbage(Heap::kNoGCFlags);
// Fourth is the tricky part. Make sure the code containing the CallIC is
// visited first without clearing the IC. The shared function info is then
// visited later, causing the CallIC to be cleared.
Handle<String> name = FACTORY->LookupAsciiSymbol("call");
Handle<GlobalObject> global(ISOLATE->context()->global_object());
MaybeObject* maybe_call = global->GetProperty(*name);
JSFunction* call = JSFunction::cast(maybe_call->ToObjectChecked());
USE(global->SetProperty(*name, Smi::FromInt(0), NONE, kNonStrictMode));
ISOLATE->compilation_cache()->Clear();
call->shared()->set_ic_age(HEAP->global_ic_age() + 1);
Handle<Object> call_code(call->code());
Handle<Object> call_function(call);
// Now we are ready to mess up the heap.
HEAP->CollectAllGarbage(Heap::kReduceMemoryFootprintMask);
// Either heap verification caught the problem already or we go kaboom once
// the CallIC is executed the next time.
USE(global->SetProperty(*name, *call_function, NONE, kNonStrictMode));
CompileRun("call();");
}

5
deps/v8/test/mjsunit/limit-locals.js

@ -25,7 +25,7 @@
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// Test that there is a limit of 32767 locals.
// Test that there is a limit of 65535 locals.
function function_with_n_locals(n) {
test_prefix = "prefix ";
@ -41,6 +41,7 @@ function function_with_n_locals(n) {
assertEquals("prefix 0 suffix", function_with_n_locals(0));
assertEquals("prefix 16000 suffix", function_with_n_locals(16000));
assertEquals("prefix 32767 suffix", function_with_n_locals(32767));
assertEquals("prefix 65535 suffix", function_with_n_locals(65535));
assertThrows("function_with_n_locals(32768)");
assertThrows("function_with_n_locals(65536)");
assertThrows("function_with_n_locals(100000)");

54
deps/v8/test/mjsunit/regress/regress-2326.js

@ -0,0 +1,54 @@
// Copyright 2012 the V8 project authors. All rights reserved.
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
//
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above
// copyright notice, this list of conditions and the following
// disclaimer in the documentation and/or other materials provided
// with the distribution.
// * Neither the name of Google Inc. nor the names of its
// contributors may be used to endorse or promote products derived
// from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// This tests that we do not share optimized code across closures that
// were optimized using OSR (for a particular OSR entry AST id) even if
// caching of optimized code kicks in.
function makeClosure() {
function f(mode, iterations) {
var accumulator = 0;
if (mode == 1) {
while (--iterations > 0) accumulator = Math.ceil(accumulator);
return 1;
} else {
while (--iterations > 0) accumulator = Math.floor(accumulator);
return 2;
}
}
return f;
}
// Generate two closures sharing the same underlying function literal.
var f1 = makeClosure();
var f2 = makeClosure();
// This function should be optimized via OSR in the first tight loop.
assertSame(1, f1(1, 100000));
// This function should be optimized via OSR in the second tight loop.
assertSame(2, f2(2, 100000));

39
deps/v8/test/mjsunit/regress/regress-crbug-150729.js

@ -0,0 +1,39 @@
// Copyright 2012 the V8 project authors. All rights reserved.
// Redistribution and use in source and binary forms, with or without
// modification, are permitted provided that the following conditions are
// met:
//
// * Redistributions of source code must retain the above copyright
// notice, this list of conditions and the following disclaimer.
// * Redistributions in binary form must reproduce the above
// copyright notice, this list of conditions and the following
// disclaimer in the documentation and/or other materials provided
// with the distribution.
// * Neither the name of Google Inc. nor the names of its
// contributors may be used to endorse or promote products derived
// from this software without specific prior written permission.
//
// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
// Flags: --allow-natives-syntax
var t = 0;
function burn() {
i = [t, 1];
var M = [i[0], Math.cos(t) + i[7074959]];
t += .05;
}
for (var j = 0; j < 5; j++) {
if (j == 2) %OptimizeFunctionOnNextCall(burn);
burn();
}

17
deps/v8/tools/gen-postmortem-metadata.py

@ -78,23 +78,14 @@ consts_misc = [
{ 'name': 'SmiValueShift', 'value': 'kSmiTagSize' },
{ 'name': 'PointerSizeLog2', 'value': 'kPointerSizeLog2' },
{ 'name': 'transitions_idx_descriptors',
'value': 'TransitionArray::kDescriptorsIndex' },
{ 'name': 'prop_desc_key',
'value': 'DescriptorArray::kDescriptorKey' },
{ 'name': 'prop_desc_details',
'value': 'DescriptorArray::kDescriptorDetails' },
{ 'name': 'prop_desc_value',
'value': 'DescriptorArray::kDescriptorValue' },
{ 'name': 'prop_desc_size',
'value': 'DescriptorArray::kDescriptorSize' },
{ 'name': 'prop_idx_transitions',
'value': 'DescriptorArray::kTransitionsIndex' },
{ 'name': 'prop_idx_first',
'value': 'DescriptorArray::kFirstIndex' },
{ 'name': 'prop_type_field',
'value': 'FIELD' },
{ 'name': 'prop_type_first_phantom',
'value': 'Code::MAP_TRANSITION' },
'value': 'MAP_TRANSITION' },
{ 'name': 'prop_type_mask',
'value': 'PropertyDetails::TypeField::kMask' },
@ -116,7 +107,7 @@ extras_accessors = [
'JSObject, elements, Object, kElementsOffset',
'FixedArray, data, uintptr_t, kHeaderSize',
'Map, instance_attributes, int, kInstanceAttributesOffset',
'Map, transitions, uintptr_t, kTransitionsOrBackPointerOffset',
'Map, instance_descriptors, int, kInstanceDescriptorsOrBitField3Offset',
'Map, inobject_properties, int, kInObjectPropertiesOffset',
'Map, instance_size, int, kInstanceSizeOffset',
'HeapNumber, value, double, kValueOffset',

5
deps/v8/tools/gyp/v8.gyp

@ -321,8 +321,6 @@
'../../src/full-codegen.h',
'../../src/func-name-inferrer.cc',
'../../src/func-name-inferrer.h',
'../../src/gdb-jit.cc',
'../../src/gdb-jit.h',
'../../src/global-handles.cc',
'../../src/global-handles.h',
'../../src/globals.h',
@ -730,9 +728,6 @@
'../../src/win32-math.h',
],
'msvs_disabled_warnings': [4351, 4355, 4800],
'direct_dependent_settings': {
'msvs_disabled_warnings': [4351, 4355, 4800],
},
'link_settings': {
'libraries': [ '-lwinmm.lib', '-lws2_32.lib' ],
},

Loading…
Cancel
Save