diff --git a/deps/v8/include/v8-version.h b/deps/v8/include/v8-version.h index a7552d91e1807f..9cecad7f89c75f 100644 --- a/deps/v8/include/v8-version.h +++ b/deps/v8/include/v8-version.h @@ -11,7 +11,7 @@ #define V8_MAJOR_VERSION 10 #define V8_MINOR_VERSION 9 #define V8_BUILD_NUMBER 194 -#define V8_PATCH_LEVEL 4 +#define V8_PATCH_LEVEL 6 // Use 1 for candidates and 0 otherwise. // (Boolean macro values are not supported by all preprocessors.) diff --git a/deps/v8/src/ast/scopes.cc b/deps/v8/src/ast/scopes.cc index d1e4dec10f9879..fc06909c519459 100644 --- a/deps/v8/src/ast/scopes.cc +++ b/deps/v8/src/ast/scopes.cc @@ -885,9 +885,8 @@ void DeclarationScope::AddLocal(Variable* var) { } void Scope::Snapshot::Reparent(DeclarationScope* new_parent) { - DCHECK(!IsCleared()); - DCHECK_EQ(new_parent, outer_scope_and_calls_eval_.GetPointer()->inner_scope_); - DCHECK_EQ(new_parent->outer_scope_, outer_scope_and_calls_eval_.GetPointer()); + DCHECK_EQ(new_parent, outer_scope_->inner_scope_); + DCHECK_EQ(new_parent->outer_scope_, outer_scope_); DCHECK_EQ(new_parent, new_parent->GetClosureScope()); DCHECK_NULL(new_parent->inner_scope_); DCHECK(new_parent->unresolved_list_.is_empty()); @@ -912,12 +911,11 @@ void Scope::Snapshot::Reparent(DeclarationScope* new_parent) { new_parent->sibling_ = top_inner_scope_; } - Scope* outer_scope = outer_scope_and_calls_eval_.GetPointer(); - new_parent->unresolved_list_.MoveTail(&outer_scope->unresolved_list_, + new_parent->unresolved_list_.MoveTail(&outer_scope_->unresolved_list_, top_unresolved_); // Move temporaries allocated for complex parameter initializers. - DeclarationScope* outer_closure = outer_scope->GetClosureScope(); + DeclarationScope* outer_closure = outer_scope_->GetClosureScope(); for (auto it = top_local_; it != outer_closure->locals()->end(); ++it) { Variable* local = *it; DCHECK_EQ(VariableMode::kTemporary, local->mode()); @@ -929,16 +927,10 @@ void Scope::Snapshot::Reparent(DeclarationScope* new_parent) { outer_closure->locals_.Rewind(top_local_); // Move eval calls since Snapshot's creation into new_parent. - if (outer_scope_and_calls_eval_->calls_eval_) { - new_parent->RecordDeclarationScopeEvalCall(); - new_parent->inner_scope_calls_eval_ = true; + if (outer_scope_->calls_eval_) { + new_parent->RecordEvalCall(); + declaration_scope_->sloppy_eval_can_extend_vars_ = false; } - - // We are in the arrow function case. The calls eval we may have recorded - // is intended for the inner scope and we should simply restore the - // original "calls eval" flag of the outer scope. - RestoreEvalFlag(); - Clear(); } void Scope::ReplaceOuterScope(Scope* outer) { @@ -2576,6 +2568,9 @@ void Scope::AllocateVariablesRecursively() { this->ForEach([](Scope* scope) -> Iteration { DCHECK(!scope->already_resolved_); if (WasLazilyParsed(scope)) return Iteration::kContinue; + if (scope->sloppy_eval_can_extend_vars_) { + scope->num_heap_slots_ = Context::MIN_CONTEXT_EXTENDED_SLOTS; + } DCHECK_EQ(scope->ContextHeaderLength(), scope->num_heap_slots_); // Allocate variables for this scope. diff --git a/deps/v8/src/ast/scopes.h b/deps/v8/src/ast/scopes.h index 32e16b80b261fb..3d062685643ad7 100644 --- a/deps/v8/src/ast/scopes.h +++ b/deps/v8/src/ast/scopes.h @@ -110,12 +110,6 @@ class V8_EXPORT_PRIVATE Scope : public NON_EXPORTED_BASE(ZoneObject) { class Snapshot final { public: - Snapshot() - : outer_scope_and_calls_eval_(nullptr, false), - top_unresolved_(), - top_local_() { - DCHECK(IsCleared()); - } inline explicit Snapshot(Scope* scope); // Disallow copy and move. @@ -123,45 +117,31 @@ class V8_EXPORT_PRIVATE Scope : public NON_EXPORTED_BASE(ZoneObject) { Snapshot(Snapshot&&) = delete; ~Snapshot() { - // If we're still active, there was no arrow function. In that case outer - // calls eval if it already called eval before this snapshot started, or - // if the code during the snapshot called eval. - if (!IsCleared() && outer_scope_and_calls_eval_.GetPayload()) { - RestoreEvalFlag(); + // Restore eval flags from before the scope was active. + if (sloppy_eval_can_extend_vars_) { + declaration_scope_->sloppy_eval_can_extend_vars_ = true; } - } - - void RestoreEvalFlag() { - if (outer_scope_and_calls_eval_.GetPayload()) { - // This recreates both calls_eval and sloppy_eval_can_extend_vars. - outer_scope_and_calls_eval_.GetPointer()->RecordEvalCall(); + if (calls_eval_) { + outer_scope_->calls_eval_ = true; } } void Reparent(DeclarationScope* new_parent); - bool IsCleared() const { - return outer_scope_and_calls_eval_.GetPointer() == nullptr; - } - - void Clear() { - outer_scope_and_calls_eval_.SetPointer(nullptr); -#ifdef DEBUG - outer_scope_and_calls_eval_.SetPayload(false); - top_inner_scope_ = nullptr; - top_local_ = base::ThreadedList::Iterator(); - top_unresolved_ = UnresolvedList::Iterator(); -#endif - } private: - // During tracking calls_eval caches whether the outer scope called eval. - // Upon move assignment we store whether the new inner scope calls eval into - // the move target calls_eval bit, and restore calls eval on the outer - // scope. - base::PointerWithPayload outer_scope_and_calls_eval_; + Scope* outer_scope_; + Scope* declaration_scope_; Scope* top_inner_scope_; UnresolvedList::Iterator top_unresolved_; base::ThreadedList::Iterator top_local_; + // While the scope is active, the scope caches the flag values for + // outer_scope_ / declaration_scope_ they can be used to know what happened + // while parsing the arrow head. If this turns out to be an arrow head, new + // values on the respective scopes will be cleared and moved to the inner + // scope. Otherwise the cached flags will be merged with the flags from the + // arrow head. + bool calls_eval_; + bool sloppy_eval_can_extend_vars_; }; enum class DeserializationMode { kIncludingVariables, kScopesOnly }; @@ -907,8 +887,8 @@ class V8_EXPORT_PRIVATE DeclarationScope : public Scope { void RecordDeclarationScopeEvalCall() { calls_eval_ = true; - // If this isn't a sloppy eval, we don't care about it. - if (language_mode() != LanguageMode::kSloppy) return; + // The caller already checked whether we're in sloppy mode. + CHECK(is_sloppy(language_mode())); // Sloppy eval in script scopes can only introduce global variables anyway, // so we don't care that it calls sloppy eval. @@ -942,7 +922,6 @@ class V8_EXPORT_PRIVATE DeclarationScope : public Scope { } sloppy_eval_can_extend_vars_ = true; - num_heap_slots_ = Context::MIN_CONTEXT_EXTENDED_SLOTS; } bool sloppy_eval_can_extend_vars() const { @@ -1367,7 +1346,9 @@ class V8_EXPORT_PRIVATE DeclarationScope : public Scope { void Scope::RecordEvalCall() { calls_eval_ = true; - GetDeclarationScope()->RecordDeclarationScopeEvalCall(); + if (is_sloppy(language_mode())) { + GetDeclarationScope()->RecordDeclarationScopeEvalCall(); + } RecordInnerScopeEvalCall(); // The eval contents might access "super" (if it's inside a function that // binds super). @@ -1380,14 +1361,18 @@ void Scope::RecordEvalCall() { } Scope::Snapshot::Snapshot(Scope* scope) - : outer_scope_and_calls_eval_(scope, scope->calls_eval_), + : outer_scope_(scope), + declaration_scope_(scope->GetDeclarationScope()), top_inner_scope_(scope->inner_scope_), top_unresolved_(scope->unresolved_list_.end()), - top_local_(scope->GetClosureScope()->locals_.end()) { - // Reset in order to record eval calls during this Snapshot's lifetime. - outer_scope_and_calls_eval_.GetPointer()->calls_eval_ = false; - outer_scope_and_calls_eval_.GetPointer()->sloppy_eval_can_extend_vars_ = - false; + top_local_(scope->GetClosureScope()->locals_.end()), + calls_eval_(outer_scope_->calls_eval_), + sloppy_eval_can_extend_vars_( + declaration_scope_->sloppy_eval_can_extend_vars_) { + // Reset in order to record (sloppy) eval calls during this Snapshot's + // lifetime. + outer_scope_->calls_eval_ = false; + declaration_scope_->sloppy_eval_can_extend_vars_ = false; } class ModuleScope final : public DeclarationScope { diff --git a/deps/v8/src/sandbox/external-pointer-table-inl.h b/deps/v8/src/sandbox/external-pointer-table-inl.h index bfa31a6e61f443..6b8694b2ba911d 100644 --- a/deps/v8/src/sandbox/external-pointer-table-inl.h +++ b/deps/v8/src/sandbox/external-pointer-table-inl.h @@ -6,6 +6,7 @@ #define V8_SANDBOX_EXTERNAL_POINTER_TABLE_INL_H_ #include "src/base/atomicops.h" +#include "src/common/assert-scope.h" #include "src/sandbox/external-pointer-table.h" #include "src/sandbox/external-pointer.h" #include "src/utils/allocation.h" @@ -75,6 +76,13 @@ ExternalPointerHandle ExternalPointerTable::AllocateAndInitializeEntry( Isolate* isolate, Address initial_value, ExternalPointerTag tag) { DCHECK(is_initialized()); + // We currently don't want entry allocation to trigger garbage collection as + // this may cause seemingly harmless pointer field assignments to trigger + // garbage collection. This is especially true for lazily-initialized + // external pointer slots which will typically only allocate the external + // pointer table entry when the pointer is first set to a non-null value. + DisallowGarbageCollection no_gc; + Freelist freelist; bool success = false; while (!success) { diff --git a/deps/v8/src/sandbox/external-pointer-table.cc b/deps/v8/src/sandbox/external-pointer-table.cc index 95d8819dc5dde7..6a3d8aeb196195 100644 --- a/deps/v8/src/sandbox/external-pointer-table.cc +++ b/deps/v8/src/sandbox/external-pointer-table.cc @@ -315,18 +315,6 @@ ExternalPointerTable::Freelist ExternalPointerTable::Grow(Isolate* isolate) { set_capacity(new_capacity); - // Schedule GC when the table's utilization crosses one of these thresholds. - constexpr double kGCThresholds[] = {0.5, 0.75, 0.9, 0.95, 0.99}; - constexpr double kMaxCapacity = static_cast(kMaxExternalPointers); - double old_utilization = static_cast(old_capacity) / kMaxCapacity; - double new_utilization = static_cast(new_capacity) / kMaxCapacity; - for (double threshold : kGCThresholds) { - if (old_utilization < threshold && new_utilization >= threshold) { - isolate->heap()->ReportExternalMemoryPressure(); - break; - } - } - // Build freelist bottom to top, which might be more cache friendly. uint32_t start = std::max(old_capacity, 1); // Skip entry zero uint32_t last = new_capacity - 1;