deps: upgrade to V8 5.0.71.35

Pick up the latest bug fix from the V8 5.0 branch. Original commit message: V8-Commit: https://github.com/v8/v8/commit/c1d51c7c Version 5.0.71.35 (cherry-pick) Merged 2837cb387 disallow left-trim fast path when sampling heap profiler is active R=hablich@chromium.org, hpayer@chromium.org BUG=v8:4937 Review URL: https://codereview.chromium.org/1918453002 . PR-URL: https://github.com/nodejs/node/pull/6372 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Michaël Zasso <mic.besace@gmail.com>
2016-04-25 07:51:27 -07:00 · 2016-04-25 07:51:27 -07:00 · e5f1e2c1df
commit e5f1e2c1df
parent de1dc0ae2e
4 changed files with 30 additions and 1 deletions
--- a/deps/v8/include/v8-version.h
+++ b/deps/v8/include/v8-version.h
@ -11,7 +11,7 @@
 #define V8_MAJOR_VERSION 5
 #define V8_MINOR_VERSION 0
 #define V8_BUILD_NUMBER 71
-#define V8_PATCH_LEVEL 34
+#define V8_PATCH_LEVEL 35

 // Use 1 for candidates and 0 otherwise.
 // (Boolean macro values are not supported by all preprocessors.)
--- a/deps/v8/src/heap/heap.cc
+++ b/deps/v8/src/heap/heap.cc
@ -3069,6 +3069,9 @@ void Heap::CreateFillerObjectAt(Address addr, int size) {
 bool Heap::CanMoveObjectStart(HeapObject* object) {
  if (!FLAG_move_object_start) return false;

+  // Sampling heap profiler may have a reference to the object.
+  if (isolate()->heap_profiler()->is_sampling_allocations()) return false;
+
  Address address = object->address();

  if (lo_space()->Contains(object)) return false;
--- a/deps/v8/src/profiler/heap-profiler.h
+++ b/deps/v8/src/profiler/heap-profiler.h
@ -32,6 +32,7 @@ class HeapProfiler {

  bool StartSamplingHeapProfiler(uint64_t sample_interval, int stack_depth);
  void StopSamplingHeapProfiler();
+  bool is_sampling_allocations() { return !sampling_heap_profiler_.is_empty(); }
  AllocationProfile* GetAllocationProfile();

  void StartHeapObjectsTracking(bool track_allocations);
--- a/deps/v8/test/cctest/test-heap-profiler.cc
+++ b/deps/v8/test/cctest/test-heap-profiler.cc
@ -3010,3 +3010,28 @@ TEST(SamplingHeapProfilerApiAllocation) {

  heap_profiler->StopSamplingHeapProfiler();
 }
+
+TEST(SamplingHeapProfilerLeftTrimming) {
+  v8::HandleScope scope(v8::Isolate::GetCurrent());
+  LocalContext env;
+  v8::HeapProfiler* heap_profiler = env->GetIsolate()->GetHeapProfiler();
+
+  // Suppress randomness to avoid flakiness in tests.
+  v8::internal::FLAG_sampling_heap_profiler_suppress_randomness = true;
+
+  heap_profiler->StartSamplingHeapProfiler(64);
+
+  CompileRun(
+      "for (var j = 0; j < 500; ++j) {\n"
+      "  var a = [];\n"
+      "  for (var i = 0; i < 5; ++i)\n"
+      "      a[i] = i;\n"
+      "  for (var i = 0; i < 3; ++i)\n"
+      "      a.shift();\n"
+      "}\n");
+
+  CcTest::heap()->CollectGarbage(v8::internal::NEW_SPACE);
+  // Should not crash.
+
+  heap_profiler->StopSamplingHeapProfiler();
+}