From 42552a7eda70321885135b6b05900aacb1de59b7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C3=ABl=20Zasso?= Date: Sat, 17 Apr 2021 16:28:45 +0200 Subject: [PATCH] deps: V8: cherry-pick ad2c5dae4688 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Original commit message: Merged: [deoptimizer] Stricter checks during deoptimization Revision: 506e893b812e03dbebe34b11d8aa9d4eb6869d89 BUG=chromium:1161357 NOTRY=true NOPRESUBMIT=true NOTREECHECKS=true R=​mythria@chromium.org (cherry picked from commit 44d052c19df0801fafdf2be54c899db65e79c67a) Change-Id: I97b69ae11d85bc0acd4a0c7bd28e1b692433de80 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2616219 Reviewed-by: Mythri Alle Commit-Queue: Georg Neis Cr-Original-Commit-Position: refs/branch-heads/8.8@{#23} Cr-Original-Branched-From: 2dbcdc105b963ee2501c82139eef7e0603977ff0-refs/heads/8.8.278@{#1} Cr-Original-Branched-From: 366d30c99049b3f1c673f8a93deb9f879d0fa9f0-refs/heads/master@{#71094} Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2649571 Reviewed-by: Victor-Gabriel Savu Commit-Queue: Achuith Bhandarkar Cr-Commit-Position: refs/branch-heads/8.6@{#56} Cr-Branched-From: a64aed2333abf49e494d2a5ce24bbd14fff19f60-refs/heads/8.6.395@{#1} Cr-Branched-From: a626bc036236c9bf92ac7b87dc40c9e538b087e3-refs/heads/master@{#69472} Refs: https://github.com/v8/v8/commit/ad2c5dae4688ff92105b609e5d554c76a9037baf PR-URL: https://github.com/nodejs/node/pull/38275 Reviewed-By: Matteo Collina Reviewed-By: Jiawen Geng Reviewed-By: Shelley Vohr --- common.gypi | 2 +- deps/v8/src/deoptimizer/deoptimizer.cc | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/common.gypi b/common.gypi index 6d49200da370e3..a1c01c922d0d42 100644 --- a/common.gypi +++ b/common.gypi @@ -36,7 +36,7 @@ # Reset this number to 0 on major V8 upgrades. # Increment by one for each non-official patch applied to deps/v8. - 'v8_embedder_string': '-node.41', + 'v8_embedder_string': '-node.42', ##### V8 defaults for Node.js ##### diff --git a/deps/v8/src/deoptimizer/deoptimizer.cc b/deps/v8/src/deoptimizer/deoptimizer.cc index 44c92f557046db..05cd675bedcc1e 100644 --- a/deps/v8/src/deoptimizer/deoptimizer.cc +++ b/deps/v8/src/deoptimizer/deoptimizer.cc @@ -249,6 +249,7 @@ class ActivationsFinder : public ThreadVisitor { SafepointEntry safepoint = code.GetSafepointEntry(it.frame()->pc()); int trampoline_pc = safepoint.trampoline_pc(); DCHECK_IMPLIES(code == topmost_, safe_to_deopt_); + CHECK_GE(trampoline_pc, 0); // Replace the current pc on the stack with the trampoline. // TODO(v8:10026): avoid replacing a signed pointer. Address* pc_addr = it.frame()->pc_address();