Commit Graph

502 Commits (5e825d1073b57a87fc9a77751ed3e21c86970082)

Author SHA1 Message Date
Fedor Indutny 8b88ff85f1 deps: fix postmortem support in v8
Fix: iojs/io.js#461
PR-URL: https://github.com/iojs/io.js/pull/706
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2015-02-03 19:25:04 +03:00
Ben Noordhuis cbc1262bd9 deps: upgrade v8 to 4.1.0.14
PR-URL: https://github.com/iojs/io.js/pull/656
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
2015-01-29 18:12:27 +01:00
Ben Noordhuis 297cadbab6 deps: fix v8 armv6 run-time detection
The elf_platform suffix in /proc/cpuinfo moved to the model name field
in Linux 3.8.

Out-of-tree patch pending https://codereview.chromium.org/867713003/

Fixes: https://github.com/iojs/io.js/issues/283
PR-URL: https://github.com/iojs/io.js/pull/559
Reviewed-By: Fedor Indutny <fedor@indutny.com>
2015-01-22 23:07:53 +01:00
Ben Noordhuis 069c0dfb1c deps: upgrade v8 to 4.1.0.12
No out-of-tree patches, yay!

PR-URL: https://github.com/iojs/io.js/pull/555
Reviewed-By: Fedor Indutny <fedor@indutny.com>
2015-01-22 13:21:34 +01:00
Ben Noordhuis 803883bb1a v8: fix template literal NULL pointer deref
Fixes a NULL pointer dereference with unterminated template literals.

This is a back-port of commit v8/v8-git-mirror@02218ad from the V8
master branch, see https://code.google.com/p/v8/issues/detail?id=3820.

PR-URL: https://github.com/iojs/io.js/pull/534
Reviewed-By: Caitlin Potter <caitpotter88@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
2015-01-21 13:35:01 +01:00
Jay Jaeho Lee d566ded26b deps: fix V8 debugger bugs
This is following-up fix for https://codereview.chromium.org/813873007/.
This bug currently breaks node-inspector client to work.

PR-URL: https://github.com/iojs/io.js/pull/494
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2015-01-18 22:51:31 +01:00
Fedor Indutny 334020e016 deps: fix v8 build on FreeBSD
clang++ on FreeBSD was blaming v8 for using invalid casts from nullptr:

    reinterpret_cast from 'nullptr_t' to '...' is not allowed

Replace casts with NULL, or NULL with 0 where applicable.

Fixes: https://github.com/iojs/io.js/issues/324
PR-URL: https://github.com/iojs/io.js/pull/332
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2015-01-18 13:07:46 +01:00
Ben Noordhuis 5e7ebc7af6 deps: upgrade v8 to 4.1.0.7
This commit upgrades V8 from 3.31.74.1 to 4.1.0.7.  Despite the major
version bump, there are no API or ABI changes, it's a bug fix release
only.

PR-URL: https://github.com/iojs/io.js/pull/490
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Kenan Sulayman <kenan@sly.mn>
Reviewed-By: Rod Vagg <rod@vagg.org>
2015-01-18 13:05:00 +01:00
Fedor Indutny b949437c00 deps: fix v8 build on FreeBSD
clang++ on FreeBSD was blaming v8 for using invalid casts from nullptr:

    reinterpret_cast from 'nullptr_t' to '...' is not allowed

Replace casts with NULL, or NULL with 0 where applicable.

Fix #324
PR-URL: https://github.com/iojs/io.js/pull/332
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2015-01-13 20:36:43 +03:00
Ben Noordhuis dad73f645c deps: upgrade v8 to 3.31.74.1
PR-URL: https://github.com/iojs/io.js/pull/243
Reviewed-By: Fedor Indutny <fedor@indutny.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
2015-01-07 22:11:18 +01:00
Refael Ackermann 5a438489f0 deps: fix postmortem-metadata generator in v8
Reviewed-By: Fedor Indutny <fedor@indutny.com>
PR-URL: https://github.com/joyent/node/pull/8476
2014-11-14 16:34:58 +01:00
Ben Noordhuis 5d1b6d3e0f deps: upgrade v8 to 3.30.37 2014-11-14 16:34:58 +01:00
Ben Noordhuis 7af8870af9 deps: fix v8 x32 build
Fix double definition errors in the libv8_base.a library target by
compiling out stub functions when building for x32.

This fix is incomplete because, although V8 now builds, it makes a
number of bad assumptions about the size of stack slots, see
https://code.google.com/p/v8/issues/detail?id=3630.

PR-URL: https://github.com/node-forward/node/pull/24
Reviewed-By: Fedor Indutny <fedor@indutny.com>
2014-10-16 22:38:43 +02:00
Refael Ackermann b2e519983f deps: fix postmortem-metadata generator in v8
Reviewed-By: Fedor Indutny <fedor@indutny.com>
PR-URL: https://github.com/joyent/node/pull/8476
2014-10-12 02:05:02 +04:00
Fedor Indutny 6bcea4ff93 deps: update v8 to 3.29.93.1 2014-10-10 14:49:02 +04:00
Julien Gilli 011319e248 build: fix build for SmartOS
This change in V8: https://code.google.com/p/v8/source/detail?r=22210
has introduced a method named OS::GetCurrentThreadId which fails to
compile on OSes where a "gettid" syscall does not exist.
This build issue has been fixed upstream by another change:
https://code.google.com/p/v8/source/detail?r=23459. This commit
integrates this fix. It's still not clear if this is good enough for the
long term, see https://code.google.com/p/v8/issues/detail?id=3620 for
more information.

The other build issue was due to the fact that alloca.h is not included
by other system includes on SmartOS, which is assumed by V8.

PR-URL: https://github.com/joyent/node/pull/8534
Reviewed-By: Fedor Indutny <fedor@indutny.com>
2014-10-10 00:53:56 +04:00
Refael Ackermann d71dd638c6 deps: fix postmortem-metadata generator in v8
Reviewed-By: Fedor Indutny <fedor@indutny.com>
PR-URL: https://github.com/joyent/node/pull/8476
2014-10-08 15:36:07 +04:00
Fedor Indutny 0e1320552b deps: apply floating irhydra patch to v8
Reviewed-By: Fedor Indutny <fedor@indutny.com>
PR-URL: https://github.com/joyent/node/pull/8476
2014-10-08 15:36:04 +04:00
Refael Ackermann 939278ac05 deps: update v8 to 3.28.73
Reviewed-By: Fedor Indutny <fedor@indutny.com>
PR-URL: https://github.com/joyent/node/pull/8476
2014-10-08 15:35:57 +04:00
Fedor Indutny 630f0c4660 deps: backport 60c316 from v8 trunk
Original commit message:

    Extend the interceptor setter ASSERT to support the JSGlobalProxy case.

    BUG=v8:3463
    LOG=n
    R=dcarney@chromium.org

    Review URL: https://codereview.chromium.org/415973004

    git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22589 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

    Signed-off-by: Fedor Indutny <fedor@indutny.com>

fix #7969
2014-09-09 16:52:46 -07:00
Fedor Indutny f3836af2f8 gyp: fix post-mortem in v0.11
Expose missing constants and keep symbols on OSX.
2014-09-09 16:52:45 -07:00
Ben Noordhuis 8d9493c315 deps: cherry-pick r21466 from v8 trunk
Check for cached transition to ExternalArray elements kind.
See [1] and [2] for details.

[1] https://code.google.com/p/v8/issues/detail?id=3337
[2] https://codereview.chromium.org/291193011

Signed-off-by: Fedor Indutny <fedor@indutny.com>
2014-09-09 16:52:45 -07:00
Ben Noordhuis b8a8e5558d deps: cherry-pick r21297 from v8 trunk
Changes the return value of PropertyCallbackInfo<T>::This() from
Local<Value> back to Local<Object>.  See [1] and [2] for background.

[1] https://groups.google.com/forum/#!topic/v8-users/wP2UcQ4cBW4
[2] https://codereview.chromium.org/285643008/

Signed-off-by: Fedor Indutny <fedor@indutny.com>
2014-09-09 16:52:45 -07:00
Ben Noordhuis 6f07d2fa1b deps: fix up v8 postmortem codegen
Signed-off-by: Fedor Indutny <fedor@indutny.com>
2014-09-09 16:52:45 -07:00
Trevor Norris f9ce97084c v8: Upgrade 3.26.33 with 14 patches
V8 3.26.31 has received 14 patches since the upgrade to 3.26.33. Since
3.26.33 is technically a tag on the 3.27 branch, reverting back to
3.26.31 would remove now default functionality like WeakMaps. Because of
that the patches have simply been cherry-picked and squashed.

Here is a summary of all patches:

* Fix index register assignment in LoadFieldByIndex for arm, arm64, and
  mips.
* Fix invalid attributes when generalizing because of incompatible map
  change.
* Skip write barriers when updating the weak hash table.
* MIPS: Avoid HeapObject check in HStoreNamedField.
* Do GC if CodeRange fails to allocate a block.
* Array.concat: properly go to dictionary mode when required.
* Keep CodeRange::current_allocation_block_index_ in range.
* Grow heap slower if GC freed many global handles.
* Do not eliminate bounds checks for "<const> - x".
* Add missing map check to optimized f.apply(...).
* In GrowMode, force the value to the right representation to avoid
  deopts between storing the length and storing the value.
* Reduce max executable size limit.
* Fix invalid condition in check elimination effects.
* Fix off-by-one error in Array.concat slow mode check.

For more information see: https://github.com/v8/v8/commits/3.26

Reviewed-By: Fedor Indutny <fedor@indutny.com>
2014-09-09 16:52:10 -07:00
Fedor Indutny 9a63a1d89b deps: backport 60c316 from v8 trunk
Original commit message:

    Extend the interceptor setter ASSERT to support the JSGlobalProxy case.

    BUG=v8:3463
    LOG=n
    R=dcarney@chromium.org

    Review URL: https://codereview.chromium.org/415973004

    git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22589 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

    Signed-off-by: Fedor Indutny <fedor@indutny.com>

fix #7969
2014-07-25 02:44:24 +04:00
Fedor Indutny 4c48df5a35 gyp: fix post-mortem in v0.11
Expose missing constants and keep symbols on OSX.
2014-07-23 16:25:50 +04:00
Ben Noordhuis d78a3787d2 deps: cherry-pick r21466 from v8 trunk
Check for cached transition to ExternalArray elements kind.
See [1] and [2] for details.

[1] https://code.google.com/p/v8/issues/detail?id=3337
[2] https://codereview.chromium.org/291193011

Signed-off-by: Fedor Indutny <fedor@indutny.com>
2014-06-12 17:46:18 -07:00
Ben Noordhuis 5d178188a7 deps: cherry-pick r21297 from v8 trunk
Changes the return value of PropertyCallbackInfo<T>::This() from
Local<Value> back to Local<Object>.  See [1] and [2] for background.

[1] https://groups.google.com/forum/#!topic/v8-users/wP2UcQ4cBW4
[2] https://codereview.chromium.org/285643008/

Signed-off-by: Fedor Indutny <fedor@indutny.com>
2014-06-12 17:46:18 -07:00
Ben Noordhuis dde590d8b9 deps: fix up v8 postmortem codegen
Signed-off-by: Fedor Indutny <fedor@indutny.com>
2014-06-12 17:46:18 -07:00
Ben Noordhuis 3a280b2034 deps: upgrade v8 to 3.26.33
Signed-off-by: Fedor Indutny <fedor@indutny.com>
2014-06-12 17:46:17 -07:00
jochen@chromium.org e7bfbaf891 v8: backport no handle zapping for release builds
BUG=318206
LOG=y
R=danno@chromium.org

Review URL: https://codereview.chromium.org/295673002

git-svn-id: https://v8.googlecode.com/svn/branches/3.26@21367 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-05-21 13:56:29 -07:00
Ben Noordhuis 5e24adbb90 deps: fix up v8 postmortem codegen
Fix up overzealous parses, strip whitespace from class and field names.
2014-04-02 00:05:25 +04:00
Ben Noordhuis 67e078094b deps: upgrade v8 to 3.25.30 2014-04-02 00:05:24 +04:00
Trevor Norris 8d6fa72d97 v8: upgrade to 3.24.35.22 2014-04-01 11:46:28 -07:00
dcarney@chromium.org 85d595c8c2
deps: apply floating patch to v8
Original commit message below:

fix FunctionCallbackInfo ambiguity

- when compiling tools that embed v8 with g++ FunctionCallbackInfo is currently ambigous
- more info: https://github.com/joyent/node/issues/7337
- original patch is here: https://codereview.appspot.com/78770045/

TBR=svenpanne@chromium.org

Review URL: https://codereview.chromium.org/201573012

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@20217 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
2014-03-28 17:09:36 +04:00
Fedor Indutny 4d140746f0 deps: update v8 to 3.24.35.17 2014-03-18 00:33:01 +04:00
Fedor Indutny 0c5a0ecc7c deps: allow allocations in gc epilogue/prologue
See https://codereview.chromium.org/177243012/
2014-03-13 20:56:56 +04:00
Fedor Indutny 030d03190f deps: backport a6fed7c5 from v8's trunk 2014-03-13 20:56:55 +04:00
Fedor Indutny 1c7bf245dc deps: update v8 to 3.24.40 2014-03-13 20:56:54 +04:00
Bryan Cantrill e496707d39 mdb_v8: update to latest version
* ::jsstack -v prints function defintion
 * ::jsprint works with objects with only numeric properties
 * update tests to use builtin mdb_v8
 * add more symbols to postmortem script - pending upstream
   inclusion
2014-03-10 19:12:14 -07:00
Ben Noordhuis 3421d29d63 v8: unbreak freebsd build
reland de8c0a5

Fixes #7020 and #7021
2014-02-15 18:54:40 -08:00
Timothy J Fontaine 95b8a75d5e v8: Upgrade to 3.22.24.19 2014-01-28 17:16:28 -08:00
Trevor Norris f78e5df854 v8: upgrade to 3.22.24.17 2014-01-23 12:26:51 -08:00
Timothy J Fontaine 5ce4f3ec3d v8: Upgrade to 3.22.24.10 2013-12-31 15:02:38 -08:00
Fedor Indutny 2394b974cc deps: v8 apply temporary fix until backport
Fix node.js debug build with a temporary v8 fix until the v8 team will
backport the fix from the more recent version of v8.

see https://code.google.com/p/v8/issues/detail?id=3062
2013-12-19 12:51:34 +04:00
Fedor Indutny 8803aa3af7 deps: update v8 to 3.22.24.9 2013-12-14 03:16:52 +04:00
Fedor Indutny 6b4dc61322 Merge branch 'v0.10'
Conflicts:
	deps/v8/src/elements-kind.cc
	deps/v8/src/elements-kind.h
	deps/v8/src/hydrogen-instructions.h
	deps/v8/src/hydrogen.cc
	deps/v8/src/lithium.cc
	deps/v8/src/lithium.h
2013-12-14 03:03:50 +04:00
jkummerow@chromium.org 39e2426b20 v8: backport fix for CVE-2013-{6639|6640}
Quoting CVE-2013-6639:

    The DehoistArrayIndex function in hydrogen-dehoist.cc in Google V8
    before 3.22.24.7, as used in Google Chrome before 31.0.1650.63,
    allows remote attackers to cause a denial of service (out-of-bounds
    write) or possibly have unspecified other impact via JavaScript code
    that sets the value of an array element with a crafted index.

Quoting CVE-2013-6640:

    The DehoistArrayIndex function in hydrogen-dehoist.cc in Google V8
    before 3.22.24.7, as used in Google Chrome before 31.0.1650.63,
    allows remote attackers to cause a denial of service (out-of-bounds
    read) via JavaScript code that sets a variable to the value of an
    array element with a crafted index.

Like 6b92a7, this is unlikely to affect node.js because it only runs
local, trusted code.  However, if there exists some module somewhere
that populates an array index with remotely provided data this could
very well be used to crash a remote server running node.  Defense in
depth and all.

This is a backport of upstream commit r17801. Original commit log:

    Limit size of dehoistable array indices

    LOG=Y
    BUG=chromium:319835,chromium:319860
    R=dslomov@chromium.org

    Review URL: https://codereview.chromium.org/74113002
2013-12-14 02:55:29 +04:00
Ben Noordhuis de8c0a51a7 v8: unbreak freebsd build
Pending review of https://codereview.appspot.com/31500043/

Fixes #6576.
2013-11-23 23:07:41 +01:00