Skip to content

Commit

Permalink
deps: V8: cherry-pick 588e15c, c0d4bb8
Browse files Browse the repository at this point in the history
Pick up an upstream bugfix for https://crbug.com/621926 and bump V8
version to 5.1.281.80.

Original commit message for 588e15c:
    Fixes a bug in cmpw.

    The opcodes for 'cmpw r/m16, r16' and 'cmpw r16, r/m16' were
    swapped, causing a few issues when less than/greater than
    comparison were performed.

    Adds a regression test.

    BUG=621926

    Committed: https://crrev.com/efa7095e3e360fbadbe909d831ac11b268ca26b0
    Review-Url: https://codereview.chromium.org/2103713003
    Cr-Original-Commit-Position: refs/heads/master@{nodejs#37339}
    Cr-Commit-Position: refs/heads/master@{nodejs#37345}

Original commit message for c0d4bb8:
    Fixes a wrong use of Operand in a test.

    Operand(reg) -> reg
    Operand(reg, 0) -> [reg]

    BUG=

    Review-Url: https://codereview.chromium.org/2111503002
    Cr-Commit-Position: refs/heads/master@{nodejs#37370}

PR-URL: nodejs#8038
Reviewed-By: bnoordhuis - Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: ofrobots - Ali Ijaz Sheikh <ofrobots@google.com>
Reviewed-By: mhdawson - Michael Dawson <michael_dawson@ca.ibm.com>
  • Loading branch information
epertoso authored and ofrobots committed Aug 25, 2016
1 parent cd77ca3 commit fc2a89c
Show file tree
Hide file tree
Showing 4 changed files with 61 additions and 7 deletions.
2 changes: 1 addition & 1 deletion deps/v8/include/v8-version.h
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
#define V8_MAJOR_VERSION 5
#define V8_MINOR_VERSION 1
#define V8_BUILD_NUMBER 281
#define V8_PATCH_LEVEL 79
#define V8_PATCH_LEVEL 80

// Use 1 for candidates and 0 otherwise.
// (Boolean macro values are not supported by all preprocessors.)
Expand Down
4 changes: 2 additions & 2 deletions deps/v8/src/ia32/assembler-ia32.cc
Original file line number Diff line number Diff line change
Expand Up @@ -787,14 +787,14 @@ void Assembler::cmpw(const Operand& op, Immediate imm16) {
void Assembler::cmpw(Register reg, const Operand& op) {
EnsureSpace ensure_space(this);
EMIT(0x66);
EMIT(0x39);
EMIT(0x3B);
emit_operand(reg, op);
}

void Assembler::cmpw(const Operand& op, Register reg) {
EnsureSpace ensure_space(this);
EMIT(0x66);
EMIT(0x3B);
EMIT(0x39);
emit_operand(reg, op);
}

Expand Down
21 changes: 17 additions & 4 deletions deps/v8/src/ia32/disasm-ia32.cc
Original file line number Diff line number Diff line change
Expand Up @@ -1602,18 +1602,31 @@ int DisassemblerIA32::InstructionDecode(v8::internal::Vector<char> out_buffer,
while (*data == 0x66) data++;
if (*data == 0xf && data[1] == 0x1f) {
AppendToBuffer("nop"); // 0x66 prefix
} else if (*data == 0x90) {
AppendToBuffer("nop"); // 0x66 prefix
} else if (*data == 0x8B) {
} else if (*data == 0x39) {
data++;
data += PrintOperands("mov_w", REG_OPER_OP_ORDER, data);
data += PrintOperands("cmpw", OPER_REG_OP_ORDER, data);
} else if (*data == 0x3B) {
data++;
data += PrintOperands("cmpw", REG_OPER_OP_ORDER, data);
} else if (*data == 0x81) {
data++;
AppendToBuffer("cmpw ");
data += PrintRightOperand(data);
int imm = *reinterpret_cast<int16_t*>(data);
AppendToBuffer(",0x%x", imm);
data += 2;
} else if (*data == 0x89) {
data++;
int mod, regop, rm;
get_modrm(*data, &mod, &regop, &rm);
AppendToBuffer("mov_w ");
data += PrintRightOperand(data);
AppendToBuffer(",%s", NameOfCPURegister(regop));
} else if (*data == 0x8B) {
data++;
data += PrintOperands("mov_w", REG_OPER_OP_ORDER, data);
} else if (*data == 0x90) {
AppendToBuffer("nop"); // 0x66 prefix
} else if (*data == 0xC7) {
data++;
AppendToBuffer("%s ", "mov_w");
Expand Down
41 changes: 41 additions & 0 deletions deps/v8/test/cctest/test-assembler-ia32.cc
Original file line number Diff line number Diff line change
Expand Up @@ -1497,4 +1497,45 @@ TEST(AssemblerIa32JumpTables2) {
}
}

TEST(Regress621926) {
// Bug description:
// The opcodes for cmpw r/m16, r16 and cmpw r16, r/m16 were swapped.
// This was causing non-commutative comparisons to produce the wrong result.
CcTest::InitializeVM();
Isolate* isolate = reinterpret_cast<Isolate*>(CcTest::isolate());
HandleScope scope(isolate);
Assembler assm(isolate, nullptr, 0);

uint16_t a = 42;

Label fail;
__ push(ebx);
__ mov(ebx, Immediate(reinterpret_cast<intptr_t>(&a)));
__ mov(eax, Immediate(41));
__ cmpw(eax, Operand(ebx, 0));
__ j(above_equal, &fail);
__ cmpw(Operand(ebx, 0), eax);
__ j(below_equal, &fail);
__ mov(eax, 1);
__ pop(ebx);
__ ret(0);
__ bind(&fail);
__ mov(eax, 0);
__ pop(ebx);
__ ret(0);

CodeDesc desc;
assm.GetCode(&desc);
Handle<Code> code = isolate->factory()->NewCode(
desc, Code::ComputeFlags(Code::STUB), Handle<Code>());

#ifdef OBJECT_PRINT
OFStream os(stdout);
code->Print(os);
#endif

F0 f = FUNCTION_CAST<F0>(code->entry());
CHECK_EQ(f(), 1);
}

#undef __

0 comments on commit fc2a89c

Please sign in to comment.