diff --git a/deps/v8/build/common.gypi b/deps/v8/build/common.gypi index 3bcb030846..45b6b48206 100644 --- a/deps/v8/build/common.gypi +++ b/deps/v8/build/common.gypi @@ -152,7 +152,7 @@ [ 'v8_use_arm_eabi_hardfloat=="true"', { 'defines': [ 'USE_EABI_HARDFLOAT=1', - 'CAN_USE_VFP_INSTRUCTIONS', + 'CAN_USE_VFP3_INSTRUCTIONS', ], 'target_conditions': [ ['_toolset=="target"', { @@ -259,6 +259,7 @@ 'WIN32', ], 'msvs_configuration_attributes': { + 'OutputDirectory': '<(DEPTH)\\build\\$(ConfigurationName)', 'IntermediateDirectory': '$(OutDir)\\obj\\$(ProjectName)', 'CharacterSet': '1', }, @@ -343,7 +344,7 @@ }, 'conditions': [ ['OS=="linux" or OS=="freebsd" or OS=="openbsd" or OS=="netbsd"', { - 'cflags': [ '-Wno-unused-parameter', + 'cflags': [ '-Wall', '<(werror)', '-W', '-Wno-unused-parameter', '-Wnon-virtual-dtor', '-Woverloaded-virtual' ], }], ['OS=="android"', { @@ -366,6 +367,10 @@ 'conditions': [ ['OS=="linux" or OS=="freebsd" or OS=="openbsd" or OS=="netbsd" \ or OS=="android"', { + 'cflags!': [ + '-O2', + '-Os', + ], 'cflags': [ '-fdata-sections', '-ffunction-sections', diff --git a/deps/v8/src/compiler.cc b/deps/v8/src/compiler.cc index e4a30dbbce..86374371e9 100644 --- a/deps/v8/src/compiler.cc +++ b/deps/v8/src/compiler.cc @@ -746,8 +746,10 @@ static void InstallCodeCommon(CompilationInfo* info) { static void InsertCodeIntoOptimizedCodeMap(CompilationInfo* info) { Handle code = info->code(); - Handle function = info->closure(); - if (FLAG_cache_optimized_code && code->kind() == Code::OPTIMIZED_FUNCTION) { + if (FLAG_cache_optimized_code && + info->osr_ast_id().IsNone() && + code->kind() == Code::OPTIMIZED_FUNCTION) { + Handle function = info->closure(); Handle shared(function->shared()); Handle literals(function->literals()); Handle native_context(function->context()->native_context()); @@ -758,7 +760,9 @@ static void InsertCodeIntoOptimizedCodeMap(CompilationInfo* info) { static bool InstallCodeFromOptimizedCodeMap(CompilationInfo* info) { - if (FLAG_cache_optimized_code && info->IsOptimizing()) { + if (FLAG_cache_optimized_code && + info->osr_ast_id().IsNone() && + info->IsOptimizing()) { Handle shared = info->shared_info(); Handle function = info->closure(); ASSERT(!function.is_null()); diff --git a/deps/v8/src/gdb-jit.cc b/deps/v8/src/gdb-jit.cc index dde6bbdaad..d3cd44707c 100644 --- a/deps/v8/src/gdb-jit.cc +++ b/deps/v8/src/gdb-jit.cc @@ -31,13 +31,11 @@ #include "bootstrapper.h" #include "compiler.h" -#include "frames.h" -#include "frames-inl.h" #include "global-handles.h" #include "messages.h" -#include "natives.h" #include "platform.h" -#include "scopes.h" +#include "natives.h" +#include "scopeinfo.h" namespace v8 { namespace internal { @@ -196,7 +194,7 @@ class DebugSectionBase : public ZoneObject { virtual void WriteBody(Writer::Slot header, Writer* writer) { uintptr_t start = writer->position(); - if (WriteBodyInternal(writer)) { + if (WriteBody(writer)) { uintptr_t end = writer->position(); header->offset = start; #if defined(__MACH_O) @@ -206,7 +204,7 @@ class DebugSectionBase : public ZoneObject { } } - virtual bool WriteBodyInternal(Writer* writer) { + virtual bool WriteBody(Writer* writer) { return false; } @@ -342,14 +340,14 @@ class ELFSection : public DebugSectionBase { virtual void WriteBody(Writer::Slot
header, Writer* w) { uintptr_t start = w->position(); - if (WriteBodyInternal(w)) { + if (WriteBody(w)) { uintptr_t end = w->position(); header->offset = start; header->size = end - start; } } - virtual bool WriteBodyInternal(Writer* w) { + virtual bool WriteBody(Writer* w) { return false; } @@ -629,9 +627,9 @@ class MachO BASE_EMBEDDED { #if defined(__ELF) class ELF BASE_EMBEDDED { public: - ELF(Zone* zone) : sections_(6, zone) { - sections_.Add(new(zone) ELFSection("", ELFSection::TYPE_NULL, 0), zone); - sections_.Add(new(zone) StringTable(".shstrtab"), zone); + ELF() : sections_(6) { + sections_.Add(new ELFSection("", ELFSection::TYPE_NULL, 0)); + sections_.Add(new StringTable(".shstrtab")); } void Write(Writer* w) { @@ -644,8 +642,8 @@ class ELF BASE_EMBEDDED { return sections_[index]; } - uint32_t AddSection(ELFSection* section, Zone* zone) { - sections_.Add(section, zone); + uint32_t AddSection(ELFSection* section) { + sections_.Add(section); section->set_index(sections_.length() - 1); return sections_.length() - 1; } @@ -677,7 +675,7 @@ class ELF BASE_EMBEDDED { { 0x7f, 'E', 'L', 'F', 1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0}; #elif defined(V8_TARGET_ARCH_X64) const uint8_t ident[16] = - { 0x7f, 'E', 'L', 'F', 2, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0}; + { 0x7f, 'E', 'L', 'F', 2, 1, 1, 0, 0, 0 , 0, 0, 0, 0, 0, 0}; #else #error Unsupported target architecture. #endif @@ -854,10 +852,10 @@ class ELFSymbol BASE_EMBEDDED { class ELFSymbolTable : public ELFSection { public: - ELFSymbolTable(const char* name, Zone* zone) + explicit ELFSymbolTable(const char* name) : ELFSection(name, TYPE_SYMTAB, sizeof(uintptr_t)), - locals_(1, zone), - globals_(1, zone) { + locals_(1), + globals_(1) { } virtual void WriteBody(Writer::Slot
header, Writer* w) { @@ -885,11 +883,11 @@ class ELFSymbolTable : public ELFSection { strtab->DetachWriter(); } - void Add(const ELFSymbol& symbol, Zone* zone) { + void Add(const ELFSymbol& symbol) { if (symbol.binding() == ELFSymbol::BIND_LOCAL) { - locals_.Add(symbol, zone); + locals_.Add(symbol); } else { - globals_.Add(symbol, zone); + globals_.Add(symbol); } } @@ -1021,29 +1019,26 @@ class CodeDescription BASE_EMBEDDED { static void CreateSymbolsTable(CodeDescription* desc, ELF* elf, int text_section_index) { - Zone* zone = desc->info()->zone(); - ELFSymbolTable* symtab = new(zone) ELFSymbolTable(".symtab", zone); - StringTable* strtab = new(zone) StringTable(".strtab"); + ELFSymbolTable* symtab = new ELFSymbolTable(".symtab"); + StringTable* strtab = new StringTable(".strtab"); // Symbol table should be followed by the linked string table. - elf->AddSection(symtab, zone); - elf->AddSection(strtab, zone); + elf->AddSection(symtab); + elf->AddSection(strtab); symtab->Add(ELFSymbol("V8 Code", 0, 0, ELFSymbol::BIND_LOCAL, ELFSymbol::TYPE_FILE, - ELFSection::INDEX_ABSOLUTE), - zone); + ELFSection::INDEX_ABSOLUTE)); symtab->Add(ELFSymbol(desc->name(), 0, desc->CodeSize(), ELFSymbol::BIND_GLOBAL, ELFSymbol::TYPE_FUNC, - text_section_index), - zone); + text_section_index)); } #endif // defined(__ELF) @@ -1079,7 +1074,7 @@ class DebugInfoSection : public DebugSection { DW_ATE_SIGNED = 0x5 }; - bool WriteBodyInternal(Writer* w) { + bool WriteBody(Writer* w) { uintptr_t cu_start = w->position(); Writer::Slot size = w->CreateSlotHere(); uintptr_t start = w->position(); @@ -1099,7 +1094,8 @@ class DebugInfoSection : public DebugSection { w->WriteString("v8value"); if (desc_->IsInfoAvailable()) { - Scope* scope = desc_->info()->scope(); + CompilationInfo* info = desc_->info(); + ScopeInfo scope_info(info->scope()); w->WriteULEB128(2); w->WriteString(desc_->name()); w->Write(desc_->CodeStart()); @@ -1110,27 +1106,23 @@ class DebugInfoSection : public DebugSection { w->Write(DW_OP_reg5); // The frame pointer's here on ia32 #elif defined(V8_TARGET_ARCH_X64) w->Write(DW_OP_reg6); // and here on x64. -#elif defined(V8_TARGET_ARCH_ARM) - UNIMPLEMENTED(); -#elif defined(V8_TARGET_ARCH_MIPS) - UNIMPLEMENTED(); #else #error Unsupported target architecture. #endif fb_block_size.set(static_cast(w->position() - fb_block_start)); - int params = scope->num_parameters(); - int slots = scope->num_stack_slots(); - int context_slots = scope->ContextLocalCount(); + int params = scope_info.number_of_parameters(); + int slots = scope_info.number_of_stack_slots(); + int context_slots = scope_info.number_of_context_slots(); // The real slot ID is internal_slots + context_slot_id. int internal_slots = Context::MIN_CONTEXT_SLOTS; - int locals = scope->StackLocalCount(); + int locals = scope_info.LocalCount(); int current_abbreviation = 4; for (int param = 0; param < params; ++param) { w->WriteULEB128(current_abbreviation++); w->WriteString( - *scope->parameter(param)->name()->ToCString(DISALLOW_NULLS)); + *scope_info.ParameterName(param)->ToCString(DISALLOW_NULLS)); w->Write(ty_offset); Writer::Slot block_size = w->CreateSlotHere(); uintptr_t block_start = w->position(); @@ -1156,7 +1148,7 @@ class DebugInfoSection : public DebugSection { ASSERT(Context::CLOSURE_INDEX == 0); ASSERT(Context::PREVIOUS_INDEX == 1); ASSERT(Context::EXTENSION_INDEX == 2); - ASSERT(Context::GLOBAL_OBJECT_INDEX == 3); + ASSERT(Context::GLOBAL_INDEX == 3); w->WriteULEB128(current_abbreviation++); w->WriteString(".closure"); w->WriteULEB128(current_abbreviation++); @@ -1175,13 +1167,10 @@ class DebugInfoSection : public DebugSection { w->WriteString(builder.Finalize()); } - ZoneList stack_locals(locals, scope->zone()); - ZoneList context_locals(context_slots, scope->zone()); - scope->CollectStackAndContextLocals(&stack_locals, &context_locals); for (int local = 0; local < locals; ++local) { w->WriteULEB128(current_abbreviation++); w->WriteString( - *stack_locals[local]->name()->ToCString(DISALLOW_NULLS)); + *scope_info.LocalName(local)->ToCString(DISALLOW_NULLS)); w->Write(ty_offset); Writer::Slot block_size = w->CreateSlotHere(); uintptr_t block_start = w->position(); @@ -1298,7 +1287,7 @@ class DebugAbbrevSection : public DebugSection { w->WriteULEB128(0); } - bool WriteBodyInternal(Writer* w) { + bool WriteBody(Writer* w) { int current_abbreviation = 1; bool extra_info = desc_->IsInfoAvailable(); ASSERT(desc_->IsLineInfoAvailable()); @@ -1317,13 +1306,14 @@ class DebugAbbrevSection : public DebugSection { w->WriteULEB128(0); if (extra_info) { - Scope* scope = desc_->info()->scope(); - int params = scope->num_parameters(); - int slots = scope->num_stack_slots(); - int context_slots = scope->ContextLocalCount(); + CompilationInfo* info = desc_->info(); + ScopeInfo scope_info(info->scope()); + int params = scope_info.number_of_parameters(); + int slots = scope_info.number_of_stack_slots(); + int context_slots = scope_info.number_of_context_slots(); // The real slot ID is internal_slots + context_slot_id. int internal_slots = Context::MIN_CONTEXT_SLOTS; - int locals = scope->StackLocalCount(); + int locals = scope_info.LocalCount(); int total_children = params + slots + context_slots + internal_slots + locals + 2; @@ -1428,7 +1418,7 @@ class DebugLineSection : public DebugSection { DW_LNE_DEFINE_FILE = 3 }; - bool WriteBodyInternal(Writer* w) { + bool WriteBody(Writer* w) { // Write prologue. Writer::Slot total_length = w->CreateSlotHere(); uintptr_t start = w->position(); @@ -1568,7 +1558,7 @@ class DebugLineSection : public DebugSection { class UnwindInfoSection : public DebugSection { public: explicit UnwindInfoSection(CodeDescription* desc); - virtual bool WriteBodyInternal(Writer* w); + virtual bool WriteBody(Writer* w); int WriteCIE(Writer* w); void WriteFDE(Writer* w, int); @@ -1780,7 +1770,7 @@ void UnwindInfoSection::WriteFDEStateAfterRBPPop(Writer* w) { } -bool UnwindInfoSection::WriteBodyInternal(Writer* w) { +bool UnwindInfoSection::WriteBody(Writer* w) { uint32_t cie_position = WriteCIE(w); WriteFDE(w, cie_position); return true; @@ -1790,14 +1780,13 @@ bool UnwindInfoSection::WriteBodyInternal(Writer* w) { #endif // V8_TARGET_ARCH_X64 static void CreateDWARFSections(CodeDescription* desc, DebugObject* obj) { - Zone* zone = desc->info()->zone(); if (desc->IsLineInfoAvailable()) { - obj->AddSection(new(zone) DebugInfoSection(desc), zone); - obj->AddSection(new(zone) DebugAbbrevSection(desc), zone); - obj->AddSection(new(zone) DebugLineSection(desc), zone); + obj->AddSection(new DebugInfoSection(desc)); + obj->AddSection(new DebugAbbrevSection(desc)); + obj->AddSection(new DebugLineSection(desc)); } #ifdef V8_TARGET_ARCH_X64 - obj->AddSection(new(zone) UnwindInfoSection(desc), zone); + obj->AddSection(new UnwindInfoSection(desc)); #endif } @@ -1916,8 +1905,7 @@ static void UnregisterCodeEntry(JITCodeEntry* entry) { static JITCodeEntry* CreateELFObject(CodeDescription* desc) { - Zone* zone = desc->info()->zone(); - ZoneScope zone_scope(zone, DELETE_ON_EXIT); + ZoneScope zone_scope(Isolate::Current(), DELETE_ON_EXIT); #ifdef __MACH_O MachO mach_o; Writer w(&mach_o); @@ -1930,19 +1918,17 @@ static JITCodeEntry* CreateELFObject(CodeDescription* desc) { mach_o.Write(&w, desc->CodeStart(), desc->CodeSize()); #else - ELF elf(zone); + ELF elf; Writer w(&elf); int text_section_index = elf.AddSection( - new(zone) FullHeaderELFSection( - ".text", - ELFSection::TYPE_NOBITS, - kCodeAlignment, - desc->CodeStart(), - 0, - desc->CodeSize(), - ELFSection::FLAG_ALLOC | ELFSection::FLAG_EXEC), - zone); + new FullHeaderELFSection(".text", + ELFSection::TYPE_NOBITS, + kCodeAlignment, + desc->CodeStart(), + 0, + desc->CodeSize(), + ELFSection::FLAG_ALLOC | ELFSection::FLAG_EXEC)); CreateSymbolsTable(desc, &elf, text_section_index); diff --git a/deps/v8/src/ic-inl.h b/deps/v8/src/ic-inl.h index 6a86921a41..0e41093e5c 100644 --- a/deps/v8/src/ic-inl.h +++ b/deps/v8/src/ic-inl.h @@ -79,6 +79,7 @@ Code* IC::GetTargetAtAddress(Address address) { void IC::SetTargetAtAddress(Address address, Code* target) { ASSERT(target->is_inline_cache_stub() || target->is_compare_ic_stub()); + Heap* heap = target->GetHeap(); Code* old_target = GetTargetAtAddress(address); #ifdef DEBUG // STORE_IC and KEYED_STORE_IC use Code::extra_ic_state() to mark @@ -90,8 +91,11 @@ void IC::SetTargetAtAddress(Address address, Code* target) { } #endif Assembler::set_target_address_at(address, target->instruction_start()); - target->GetHeap()->incremental_marking()->RecordCodeTargetPatch(address, - target); + if (heap->gc_state() == Heap::MARK_COMPACT) { + heap->mark_compact_collector()->RecordCodeTargetPatch(address, target); + } else { + heap->incremental_marking()->RecordCodeTargetPatch(address, target); + } PostPatching(address, target, old_target); } diff --git a/deps/v8/src/mark-compact.cc b/deps/v8/src/mark-compact.cc index 7d8c09f3aa..31fa7afddd 100644 --- a/deps/v8/src/mark-compact.cc +++ b/deps/v8/src/mark-compact.cc @@ -340,11 +340,6 @@ bool MarkCompactCollector::StartCompaction(CompactionMode mode) { if (!compacting_) { ASSERT(evacuation_candidates_.length() == 0); -#ifdef ENABLE_GDB_JIT_INTERFACE - // If GDBJIT interface is active disable compaction. - if (FLAG_gdbjit) return false; -#endif - CollectEvacuationCandidates(heap()->old_pointer_space()); CollectEvacuationCandidates(heap()->old_data_space()); @@ -782,6 +777,13 @@ void MarkCompactCollector::Prepare(GCTracer* tracer) { ASSERT(!FLAG_never_compact || !FLAG_always_compact); +#ifdef ENABLE_GDB_JIT_INTERFACE + if (FLAG_gdbjit) { + // If GDBJIT interface is active disable compaction. + compacting_collection_ = false; + } +#endif + // Clear marking bits if incremental marking is aborted. if (was_marked_incrementally_ && abort_incremental_marking_) { heap()->incremental_marking()->Abort(); @@ -4078,6 +4080,20 @@ void MarkCompactCollector::RecordCodeEntrySlot(Address slot, Code* target) { } +void MarkCompactCollector::RecordCodeTargetPatch(Address pc, Code* target) { + ASSERT(heap()->gc_state() == Heap::MARK_COMPACT); + if (is_compacting()) { + Code* host = heap()->isolate()->inner_pointer_to_code_cache()-> + GcSafeFindCodeForInnerPointer(pc); + MarkBit mark_bit = Marking::MarkBitFrom(host); + if (Marking::IsBlack(mark_bit)) { + RelocInfo rinfo(pc, RelocInfo::CODE_TARGET, 0, host); + RecordRelocSlot(&rinfo, target); + } + } +} + + static inline SlotsBuffer::SlotType DecodeSlotType( SlotsBuffer::ObjectSlot slot) { return static_cast(reinterpret_cast(slot)); diff --git a/deps/v8/src/mark-compact.h b/deps/v8/src/mark-compact.h index 0154380629..d252e1928e 100644 --- a/deps/v8/src/mark-compact.h +++ b/deps/v8/src/mark-compact.h @@ -552,6 +552,7 @@ class MarkCompactCollector { void RecordRelocSlot(RelocInfo* rinfo, Object* target); void RecordCodeEntrySlot(Address slot, Code* target); + void RecordCodeTargetPatch(Address pc, Code* target); INLINE(void RecordSlot(Object** anchor_slot, Object** slot, Object* object)); diff --git a/deps/v8/src/messages.js b/deps/v8/src/messages.js index b819724a10..d896ac3944 100644 --- a/deps/v8/src/messages.js +++ b/deps/v8/src/messages.js @@ -229,7 +229,7 @@ function FormatMessage(message) { "strict_catch_variable", ["Catch variable may not be eval or arguments in strict mode"], "too_many_arguments", ["Too many arguments in function call (only 32766 allowed)"], "too_many_parameters", ["Too many parameters in function definition (only 32766 allowed)"], - "too_many_variables", ["Too many variables declared (only 32767 allowed)"], + "too_many_variables", ["Too many variables declared (only 65535 allowed)"], "strict_param_name", ["Parameter name eval or arguments is not allowed in strict mode"], "strict_param_dupe", ["Strict mode function may not have duplicate parameter names"], "strict_var_name", ["Variable name may not be eval or arguments in strict mode"], diff --git a/deps/v8/src/objects.cc b/deps/v8/src/objects.cc index 45d108b1ca..254cd26f57 100644 --- a/deps/v8/src/objects.cc +++ b/deps/v8/src/objects.cc @@ -651,11 +651,9 @@ MaybeObject* Object::GetProperty(Object* receiver, receiver, result->GetCallbackObject(), name); case HANDLER: return result->proxy()->GetPropertyWithHandler(receiver, name); - case INTERCEPTOR: { - JSObject* recvr = JSObject::cast(receiver); + case INTERCEPTOR: return result->holder()->GetPropertyWithInterceptor( - recvr, name, attributes); - } + receiver, name, attributes); case TRANSITION: case NONEXISTENT: UNREACHABLE(); @@ -10204,7 +10202,7 @@ InterceptorInfo* JSObject::GetIndexedInterceptor() { MaybeObject* JSObject::GetPropertyPostInterceptor( - JSReceiver* receiver, + Object* receiver, String* name, PropertyAttributes* attributes) { // Check local property in holder, ignore interceptor. @@ -10222,7 +10220,7 @@ MaybeObject* JSObject::GetPropertyPostInterceptor( MaybeObject* JSObject::GetLocalPropertyPostInterceptor( - JSReceiver* receiver, + Object* receiver, String* name, PropertyAttributes* attributes) { // Check local property in holder, ignore interceptor. @@ -10236,13 +10234,13 @@ MaybeObject* JSObject::GetLocalPropertyPostInterceptor( MaybeObject* JSObject::GetPropertyWithInterceptor( - JSReceiver* receiver, + Object* receiver, String* name, PropertyAttributes* attributes) { Isolate* isolate = GetIsolate(); InterceptorInfo* interceptor = GetNamedInterceptor(); HandleScope scope(isolate); - Handle receiver_handle(receiver); + Handle receiver_handle(receiver); Handle holder_handle(this); Handle name_handle(name); diff --git a/deps/v8/src/objects.h b/deps/v8/src/objects.h index 45a2ac0d8f..18e388f991 100644 --- a/deps/v8/src/objects.h +++ b/deps/v8/src/objects.h @@ -1680,15 +1680,15 @@ class JSObject: public JSReceiver { String* name, PropertyAttributes* attributes); MUST_USE_RESULT MaybeObject* GetPropertyWithInterceptor( - JSReceiver* receiver, + Object* receiver, String* name, PropertyAttributes* attributes); MUST_USE_RESULT MaybeObject* GetPropertyPostInterceptor( - JSReceiver* receiver, + Object* receiver, String* name, PropertyAttributes* attributes); MUST_USE_RESULT MaybeObject* GetLocalPropertyPostInterceptor( - JSReceiver* receiver, + Object* receiver, String* name, PropertyAttributes* attributes); diff --git a/deps/v8/src/parser.h b/deps/v8/src/parser.h index 1ab7a141be..93dd03a63b 100644 --- a/deps/v8/src/parser.h +++ b/deps/v8/src/parser.h @@ -454,7 +454,7 @@ class Parser { // construct a hashable id, so if more than 2^17 are allowed, this // should be checked. static const int kMaxNumFunctionParameters = 32766; - static const int kMaxNumFunctionLocals = 32767; + static const int kMaxNumFunctionLocals = 65535; enum Mode { PARSE_LAZILY, diff --git a/deps/v8/src/platform-posix.cc b/deps/v8/src/platform-posix.cc index 2b80015161..3bc83733ca 100644 --- a/deps/v8/src/platform-posix.cc +++ b/deps/v8/src/platform-posix.cc @@ -109,20 +109,11 @@ void* OS::GetRandomMmapAddr() { raw_addr &= V8_UINT64_C(0x3ffffffff000); #else uint32_t raw_addr = V8::RandomPrivate(isolate); - - // For our 32-bit mmap() hint, we pick a random address in the bottom - // half of the top half of the address space (that is, the third quarter). - // Because we do not MAP_FIXED, this will be treated only as a hint -- the - // system will not fail to mmap() because something else happens to already - // be mapped at our random address. We deliberately set the hint high enough - // to get well above the system's break (that is, the heap); systems will - // either try the hint and if that fails move higher (MacOS and other BSD - // derivatives) or try the hint and if that fails allocate as if there were - // no hint at all (Linux, Solaris, illumos and derivatives). The high hint - // prevents the break from getting hemmed in at low values, ceding half of - // the address space to the system heap. + // The range 0x20000000 - 0x60000000 is relatively unpopulated across a + // variety of ASLR modes (PAE kernel, NX compat mode, etc) and on macos + // 10.6 and 10.7. raw_addr &= 0x3ffff000; - raw_addr += 0x80000000; + raw_addr += 0x20000000; #endif return reinterpret_cast(raw_addr); } diff --git a/deps/v8/src/platform-solaris.cc b/deps/v8/src/platform-solaris.cc index 07718fe50b..4248ea214f 100644 --- a/deps/v8/src/platform-solaris.cc +++ b/deps/v8/src/platform-solaris.cc @@ -125,8 +125,12 @@ const char* OS::LocalTimezone(double time) { double OS::LocalTimeOffset() { - tzset(); - return -static_cast(timezone * msPerSecond); + // On Solaris, struct tm does not contain a tm_gmtoff field. + time_t utc = time(NULL); + ASSERT(utc != -1); + struct tm* loc = localtime(&utc); + ASSERT(loc != NULL); + return static_cast((mktime(loc) - utc) * msPerSecond); } diff --git a/deps/v8/src/version.cc b/deps/v8/src/version.cc index 628665caf1..c8c8fc30b0 100644 --- a/deps/v8/src/version.cc +++ b/deps/v8/src/version.cc @@ -35,7 +35,7 @@ #define MAJOR_VERSION 3 #define MINOR_VERSION 13 #define BUILD_NUMBER 7 -#define PATCH_LEVEL 1 +#define PATCH_LEVEL 4 // Use 1 for candidates and 0 otherwise. // (Boolean macro values are not supported by all preprocessors.) #define IS_CANDIDATE_VERSION 0 diff --git a/deps/v8/src/x64/lithium-codegen-x64.cc b/deps/v8/src/x64/lithium-codegen-x64.cc index 89e311e461..a07564ed24 100644 --- a/deps/v8/src/x64/lithium-codegen-x64.cc +++ b/deps/v8/src/x64/lithium-codegen-x64.cc @@ -3742,11 +3742,17 @@ void LCodeGen::DoBoundsCheck(LBoundsCheck* instr) { __ cmpq(reg, reg2); } } else { + Operand length = ToOperand(instr->length()); if (instr->index()->IsConstantOperand()) { - __ cmpq(ToOperand(instr->length()), - Immediate(ToInteger32(LConstantOperand::cast(instr->index())))); + int constant_index = + ToInteger32(LConstantOperand::cast(instr->index())); + if (instr->hydrogen()->length()->representation().IsTagged()) { + __ Cmp(length, Smi::FromInt(constant_index)); + } else { + __ cmpq(length, Immediate(constant_index)); + } } else { - __ cmpq(ToOperand(instr->length()), ToRegister(instr->index())); + __ cmpq(length, ToRegister(instr->index())); } } DeoptimizeIf(below_equal, instr->environment()); diff --git a/deps/v8/test/cctest/test-api.cc b/deps/v8/test/cctest/test-api.cc index 7fac9fd618..1e12652c0a 100644 --- a/deps/v8/test/cctest/test-api.cc +++ b/deps/v8/test/cctest/test-api.cc @@ -17435,6 +17435,16 @@ THREADED_TEST(Regress137496) { } +THREADED_TEST(Regress149912) { + v8::HandleScope scope; + LocalContext context; + Handle templ = FunctionTemplate::New(); + AddInterceptor(templ, EmptyInterceptorGetter, EmptyInterceptorSetter); + context->Global()->Set(v8_str("Bug"), templ->GetFunction()); + CompileRun("Number.prototype.__proto__ = new Bug; var x = 0; x.foo();"); +} + + #ifndef WIN32 class ThreadInterruptTest { public: diff --git a/deps/v8/test/cctest/test-heap.cc b/deps/v8/test/cctest/test-heap.cc index 4b765637f5..64ceccf806 100644 --- a/deps/v8/test/cctest/test-heap.cc +++ b/deps/v8/test/cctest/test-heap.cc @@ -4,10 +4,12 @@ #include "v8.h" +#include "compilation-cache.h" #include "execution.h" #include "factory.h" #include "macro-assembler.h" #include "global-handles.h" +#include "stub-cache.h" #include "cctest.h" using namespace v8::internal; @@ -2238,3 +2240,62 @@ TEST(ReleaseStackTraceData) { delete resource; } + + +TEST(Regression144230) { + InitializeVM(); + v8::HandleScope scope; + + // First make sure that the uninitialized CallIC stub is on a single page + // that will later be selected as an evacuation candidate. + { + v8::HandleScope inner_scope; + AlwaysAllocateScope always_allocate; + SimulateFullSpace(HEAP->code_space()); + ISOLATE->stub_cache()->ComputeCallInitialize(9, RelocInfo::CODE_TARGET); + } + + // Second compile a CallIC and execute it once so that it gets patched to + // the pre-monomorphic stub. These code objects are on yet another page. + { + v8::HandleScope inner_scope; + AlwaysAllocateScope always_allocate; + SimulateFullSpace(HEAP->code_space()); + CompileRun("var o = { f:function(a,b,c,d,e,f,g,h,i) {}};" + "function call() { o.f(1,2,3,4,5,6,7,8,9); };" + "call();"); + } + + // Third we fill up the last page of the code space so that it does not get + // chosen as an evacuation candidate. + { + v8::HandleScope inner_scope; + AlwaysAllocateScope always_allocate; + CompileRun("for (var i = 0; i < 2000; i++) {" + " eval('function f' + i + '() { return ' + i +'; };' +" + " 'f' + i + '();');" + "}"); + } + HEAP->CollectAllGarbage(Heap::kNoGCFlags); + + // Fourth is the tricky part. Make sure the code containing the CallIC is + // visited first without clearing the IC. The shared function info is then + // visited later, causing the CallIC to be cleared. + Handle name = FACTORY->LookupAsciiSymbol("call"); + Handle global(ISOLATE->context()->global_object()); + MaybeObject* maybe_call = global->GetProperty(*name); + JSFunction* call = JSFunction::cast(maybe_call->ToObjectChecked()); + USE(global->SetProperty(*name, Smi::FromInt(0), NONE, kNonStrictMode)); + ISOLATE->compilation_cache()->Clear(); + call->shared()->set_ic_age(HEAP->global_ic_age() + 1); + Handle call_code(call->code()); + Handle call_function(call); + + // Now we are ready to mess up the heap. + HEAP->CollectAllGarbage(Heap::kReduceMemoryFootprintMask); + + // Either heap verification caught the problem already or we go kaboom once + // the CallIC is executed the next time. + USE(global->SetProperty(*name, *call_function, NONE, kNonStrictMode)); + CompileRun("call();"); +} diff --git a/deps/v8/test/mjsunit/limit-locals.js b/deps/v8/test/mjsunit/limit-locals.js index ad9ec43686..22f895c714 100644 --- a/deps/v8/test/mjsunit/limit-locals.js +++ b/deps/v8/test/mjsunit/limit-locals.js @@ -25,7 +25,7 @@ // (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE // OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. -// Test that there is a limit of 32767 locals. +// Test that there is a limit of 65535 locals. function function_with_n_locals(n) { test_prefix = "prefix "; @@ -41,6 +41,7 @@ function function_with_n_locals(n) { assertEquals("prefix 0 suffix", function_with_n_locals(0)); assertEquals("prefix 16000 suffix", function_with_n_locals(16000)); assertEquals("prefix 32767 suffix", function_with_n_locals(32767)); +assertEquals("prefix 65535 suffix", function_with_n_locals(65535)); -assertThrows("function_with_n_locals(32768)"); +assertThrows("function_with_n_locals(65536)"); assertThrows("function_with_n_locals(100000)"); diff --git a/deps/v8/test/mjsunit/regress/regress-2326.js b/deps/v8/test/mjsunit/regress/regress-2326.js new file mode 100644 index 0000000000..d2edf2b164 --- /dev/null +++ b/deps/v8/test/mjsunit/regress/regress-2326.js @@ -0,0 +1,54 @@ +// Copyright 2012 the V8 project authors. All rights reserved. +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +// This tests that we do not share optimized code across closures that +// were optimized using OSR (for a particular OSR entry AST id) even if +// caching of optimized code kicks in. + +function makeClosure() { + function f(mode, iterations) { + var accumulator = 0; + if (mode == 1) { + while (--iterations > 0) accumulator = Math.ceil(accumulator); + return 1; + } else { + while (--iterations > 0) accumulator = Math.floor(accumulator); + return 2; + } + } + return f; +} + +// Generate two closures sharing the same underlying function literal. +var f1 = makeClosure(); +var f2 = makeClosure(); + +// This function should be optimized via OSR in the first tight loop. +assertSame(1, f1(1, 100000)); + +// This function should be optimized via OSR in the second tight loop. +assertSame(2, f2(2, 100000)); diff --git a/deps/v8/test/mjsunit/regress/regress-crbug-150729.js b/deps/v8/test/mjsunit/regress/regress-crbug-150729.js new file mode 100644 index 0000000000..15aa587d18 --- /dev/null +++ b/deps/v8/test/mjsunit/regress/regress-crbug-150729.js @@ -0,0 +1,39 @@ +// Copyright 2012 the V8 project authors. All rights reserved. +// Redistribution and use in source and binary forms, with or without +// modification, are permitted provided that the following conditions are +// met: +// +// * Redistributions of source code must retain the above copyright +// notice, this list of conditions and the following disclaimer. +// * Redistributions in binary form must reproduce the above +// copyright notice, this list of conditions and the following +// disclaimer in the documentation and/or other materials provided +// with the distribution. +// * Neither the name of Google Inc. nor the names of its +// contributors may be used to endorse or promote products derived +// from this software without specific prior written permission. +// +// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +// Flags: --allow-natives-syntax + +var t = 0; +function burn() { + i = [t, 1]; + var M = [i[0], Math.cos(t) + i[7074959]]; + t += .05; +} +for (var j = 0; j < 5; j++) { + if (j == 2) %OptimizeFunctionOnNextCall(burn); + burn(); +} diff --git a/deps/v8/tools/gen-postmortem-metadata.py b/deps/v8/tools/gen-postmortem-metadata.py index 3145610c5d..f59cfd3033 100644 --- a/deps/v8/tools/gen-postmortem-metadata.py +++ b/deps/v8/tools/gen-postmortem-metadata.py @@ -78,23 +78,14 @@ consts_misc = [ { 'name': 'SmiValueShift', 'value': 'kSmiTagSize' }, { 'name': 'PointerSizeLog2', 'value': 'kPointerSizeLog2' }, - { 'name': 'transitions_idx_descriptors', - 'value': 'TransitionArray::kDescriptorsIndex' }, - - { 'name': 'prop_desc_key', - 'value': 'DescriptorArray::kDescriptorKey' }, - { 'name': 'prop_desc_details', - 'value': 'DescriptorArray::kDescriptorDetails' }, - { 'name': 'prop_desc_value', - 'value': 'DescriptorArray::kDescriptorValue' }, - { 'name': 'prop_desc_size', - 'value': 'DescriptorArray::kDescriptorSize' }, + { 'name': 'prop_idx_transitions', + 'value': 'DescriptorArray::kTransitionsIndex' }, { 'name': 'prop_idx_first', 'value': 'DescriptorArray::kFirstIndex' }, { 'name': 'prop_type_field', 'value': 'FIELD' }, { 'name': 'prop_type_first_phantom', - 'value': 'Code::MAP_TRANSITION' }, + 'value': 'MAP_TRANSITION' }, { 'name': 'prop_type_mask', 'value': 'PropertyDetails::TypeField::kMask' }, @@ -116,7 +107,7 @@ extras_accessors = [ 'JSObject, elements, Object, kElementsOffset', 'FixedArray, data, uintptr_t, kHeaderSize', 'Map, instance_attributes, int, kInstanceAttributesOffset', - 'Map, transitions, uintptr_t, kTransitionsOrBackPointerOffset', + 'Map, instance_descriptors, int, kInstanceDescriptorsOrBitField3Offset', 'Map, inobject_properties, int, kInObjectPropertiesOffset', 'Map, instance_size, int, kInstanceSizeOffset', 'HeapNumber, value, double, kValueOffset', diff --git a/deps/v8/tools/gyp/v8.gyp b/deps/v8/tools/gyp/v8.gyp index 9f46d22ad4..b646567b57 100644 --- a/deps/v8/tools/gyp/v8.gyp +++ b/deps/v8/tools/gyp/v8.gyp @@ -321,8 +321,6 @@ '../../src/full-codegen.h', '../../src/func-name-inferrer.cc', '../../src/func-name-inferrer.h', - '../../src/gdb-jit.cc', - '../../src/gdb-jit.h', '../../src/global-handles.cc', '../../src/global-handles.h', '../../src/globals.h', @@ -730,9 +728,6 @@ '../../src/win32-math.h', ], 'msvs_disabled_warnings': [4351, 4355, 4800], - 'direct_dependent_settings': { - 'msvs_disabled_warnings': [4351, 4355, 4800], - }, 'link_settings': { 'libraries': [ '-lwinmm.lib', '-lws2_32.lib' ], },