From ab25589f59c75cd1d67cea245e7174c45cc701fe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Micha=C3=ABl=20Zasso?= <mic.besace@gmail.com>
Date: Fri, 20 Nov 2015 11:52:17 +0100
Subject: [PATCH] deps: backport 819b40a from V8 upstream

Original commit message:

    Use baseline code to compute message locations.

    This switches Isolate::ComputeLocation to use baseline code when
    computing message locations. This unifies locations between optimized
    and non-optimized code by always going through the FrameSummary for
    location computation.

    R=bmeurer@chromium.org
    TEST=message/regress/regress-4266
    BUG=v8:4266
    LOG=n

    Review URL: https://codereview.chromium.org/1331603002

    Cr-Commit-Position: refs/heads/master@{#30635}

Fixes: https://github.com/nodejs/node/issues/3934
PR-URL: https://github.com/nodejs/node/pull/3937
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
---
 deps/v8/src/ast-numbering.cc                    |  2 +-
 deps/v8/src/compiler/ast-graph-builder.cc       |  3 +--
 deps/v8/src/compiler/linkage.cc                 |  3 ++-
 .../v8/src/full-codegen/arm/full-codegen-arm.cc |  2 +-
 .../full-codegen/arm64/full-codegen-arm64.cc    |  2 +-
 .../src/full-codegen/ia32/full-codegen-ia32.cc  |  2 +-
 .../src/full-codegen/mips/full-codegen-mips.cc  |  2 +-
 .../full-codegen/mips64/full-codegen-mips64.cc  |  2 +-
 .../v8/src/full-codegen/ppc/full-codegen-ppc.cc |  2 +-
 .../v8/src/full-codegen/x64/full-codegen-x64.cc |  2 +-
 .../v8/src/full-codegen/x87/full-codegen-x87.cc |  2 +-
 deps/v8/src/isolate.cc                          |  9 +++++++--
 deps/v8/src/scopes.cc                           |  4 ++--
 deps/v8/src/scopes.h                            |  4 ++--
 deps/v8/test/message/regress/regress-4266.js    | 11 +++++++++++
 deps/v8/test/message/regress/regress-4266.out   | 10 ++++++++++
 deps/v8/test/mjsunit/regress/regress-4266.js    | 17 +++++++++++++++++
 17 files changed, 61 insertions(+), 18 deletions(-)
 create mode 100644 deps/v8/test/message/regress/regress-4266.js
 create mode 100644 deps/v8/test/message/regress/regress-4266.out
 create mode 100644 deps/v8/test/mjsunit/regress/regress-4266.js

diff --git a/deps/v8/src/ast-numbering.cc b/deps/v8/src/ast-numbering.cc
index dc0528caa0cff6..4becade296fa52 100644
--- a/deps/v8/src/ast-numbering.cc
+++ b/deps/v8/src/ast-numbering.cc
@@ -553,7 +553,7 @@ bool AstNumberingVisitor::Renumber(FunctionLiteral* node) {
   Scope* scope = node->scope();
 
   if (scope->HasIllegalRedeclaration()) {
-    scope->VisitIllegalRedeclaration(this);
+    Visit(scope->GetIllegalRedeclaration());
     DisableOptimization(kFunctionWithIllegalRedeclaration);
     return Finish(node);
   }
diff --git a/deps/v8/src/compiler/ast-graph-builder.cc b/deps/v8/src/compiler/ast-graph-builder.cc
index e7725799233cbb..947d2e3b185f1b 100644
--- a/deps/v8/src/compiler/ast-graph-builder.cc
+++ b/deps/v8/src/compiler/ast-graph-builder.cc
@@ -586,8 +586,7 @@ void AstGraphBuilder::CreateGraphBody(bool stack_check) {
 
   // Visit illegal re-declaration and bail out if it exists.
   if (scope->HasIllegalRedeclaration()) {
-    AstEffectContext for_effect(this);
-    scope->VisitIllegalRedeclaration(this);
+    VisitForEffect(scope->GetIllegalRedeclaration());
     return;
   }
 
diff --git a/deps/v8/src/compiler/linkage.cc b/deps/v8/src/compiler/linkage.cc
index 2bbedaceb26b07..80b5e2616f3262 100644
--- a/deps/v8/src/compiler/linkage.cc
+++ b/deps/v8/src/compiler/linkage.cc
@@ -218,10 +218,10 @@ int Linkage::FrameStateInputCount(Runtime::FunctionId function) {
   switch (function) {
     case Runtime::kAllocateInTargetSpace:
     case Runtime::kDateField:
-    case Runtime::kFinalizeClassDefinition:        // TODO(conradw): Is it safe?
     case Runtime::kDefineClassMethod:              // TODO(jarin): Is it safe?
     case Runtime::kDefineGetterPropertyUnchecked:  // TODO(jarin): Is it safe?
     case Runtime::kDefineSetterPropertyUnchecked:  // TODO(jarin): Is it safe?
+    case Runtime::kFinalizeClassDefinition:        // TODO(conradw): Is it safe?
     case Runtime::kForInDone:
     case Runtime::kForInStep:
     case Runtime::kGetOriginalConstructor:
@@ -244,6 +244,7 @@ int Linkage::FrameStateInputCount(Runtime::FunctionId function) {
     case Runtime::kInlineGetCallerJSFunction:
     case Runtime::kInlineGetPrototype:
     case Runtime::kInlineRegExpExec:
+    case Runtime::kInlineSubString:
     case Runtime::kInlineToObject:
       return 1;
     case Runtime::kInlineDeoptimizeNow:
diff --git a/deps/v8/src/full-codegen/arm/full-codegen-arm.cc b/deps/v8/src/full-codegen/arm/full-codegen-arm.cc
index 197a5ecc6fc1f9..56f7e62ded8bae 100644
--- a/deps/v8/src/full-codegen/arm/full-codegen-arm.cc
+++ b/deps/v8/src/full-codegen/arm/full-codegen-arm.cc
@@ -338,7 +338,7 @@ void FullCodeGenerator::Generate() {
   // redeclaration.
   if (scope()->HasIllegalRedeclaration()) {
     Comment cmnt(masm_, "[ Declarations");
-    scope()->VisitIllegalRedeclaration(this);
+    VisitForEffect(scope()->GetIllegalRedeclaration());
 
   } else {
     PrepareForBailoutForId(BailoutId::FunctionEntry(), NO_REGISTERS);
diff --git a/deps/v8/src/full-codegen/arm64/full-codegen-arm64.cc b/deps/v8/src/full-codegen/arm64/full-codegen-arm64.cc
index 73aaf46abde31a..96e8d957d5c543 100644
--- a/deps/v8/src/full-codegen/arm64/full-codegen-arm64.cc
+++ b/deps/v8/src/full-codegen/arm64/full-codegen-arm64.cc
@@ -344,7 +344,7 @@ void FullCodeGenerator::Generate() {
   // redeclaration.
   if (scope()->HasIllegalRedeclaration()) {
     Comment cmnt(masm_, "[ Declarations");
-    scope()->VisitIllegalRedeclaration(this);
+    VisitForEffect(scope()->GetIllegalRedeclaration());
 
   } else {
     PrepareForBailoutForId(BailoutId::FunctionEntry(), NO_REGISTERS);
diff --git a/deps/v8/src/full-codegen/ia32/full-codegen-ia32.cc b/deps/v8/src/full-codegen/ia32/full-codegen-ia32.cc
index 5aa64094413334..1503211b0b8b67 100644
--- a/deps/v8/src/full-codegen/ia32/full-codegen-ia32.cc
+++ b/deps/v8/src/full-codegen/ia32/full-codegen-ia32.cc
@@ -341,7 +341,7 @@ void FullCodeGenerator::Generate() {
   // redeclaration.
   if (scope()->HasIllegalRedeclaration()) {
     Comment cmnt(masm_, "[ Declarations");
-    scope()->VisitIllegalRedeclaration(this);
+    VisitForEffect(scope()->GetIllegalRedeclaration());
 
   } else {
     PrepareForBailoutForId(BailoutId::FunctionEntry(), NO_REGISTERS);
diff --git a/deps/v8/src/full-codegen/mips/full-codegen-mips.cc b/deps/v8/src/full-codegen/mips/full-codegen-mips.cc
index c8da77fba2128c..2f0173191b89ae 100644
--- a/deps/v8/src/full-codegen/mips/full-codegen-mips.cc
+++ b/deps/v8/src/full-codegen/mips/full-codegen-mips.cc
@@ -356,7 +356,7 @@ void FullCodeGenerator::Generate() {
   // redeclaration.
   if (scope()->HasIllegalRedeclaration()) {
     Comment cmnt(masm_, "[ Declarations");
-    scope()->VisitIllegalRedeclaration(this);
+    VisitForEffect(scope()->GetIllegalRedeclaration());
 
   } else {
     PrepareForBailoutForId(BailoutId::FunctionEntry(), NO_REGISTERS);
diff --git a/deps/v8/src/full-codegen/mips64/full-codegen-mips64.cc b/deps/v8/src/full-codegen/mips64/full-codegen-mips64.cc
index 231e8ba3840a77..db25e433dc240c 100644
--- a/deps/v8/src/full-codegen/mips64/full-codegen-mips64.cc
+++ b/deps/v8/src/full-codegen/mips64/full-codegen-mips64.cc
@@ -351,7 +351,7 @@ void FullCodeGenerator::Generate() {
   // redeclaration.
   if (scope()->HasIllegalRedeclaration()) {
     Comment cmnt(masm_, "[ Declarations");
-    scope()->VisitIllegalRedeclaration(this);
+    VisitForEffect(scope()->GetIllegalRedeclaration());
 
   } else {
     PrepareForBailoutForId(BailoutId::FunctionEntry(), NO_REGISTERS);
diff --git a/deps/v8/src/full-codegen/ppc/full-codegen-ppc.cc b/deps/v8/src/full-codegen/ppc/full-codegen-ppc.cc
index 656c37523247f4..5c25c6dc9ed959 100644
--- a/deps/v8/src/full-codegen/ppc/full-codegen-ppc.cc
+++ b/deps/v8/src/full-codegen/ppc/full-codegen-ppc.cc
@@ -349,7 +349,7 @@ void FullCodeGenerator::Generate() {
   // redeclaration.
   if (scope()->HasIllegalRedeclaration()) {
     Comment cmnt(masm_, "[ Declarations");
-    scope()->VisitIllegalRedeclaration(this);
+    VisitForEffect(scope()->GetIllegalRedeclaration());
 
   } else {
     PrepareForBailoutForId(BailoutId::FunctionEntry(), NO_REGISTERS);
diff --git a/deps/v8/src/full-codegen/x64/full-codegen-x64.cc b/deps/v8/src/full-codegen/x64/full-codegen-x64.cc
index 7e0553103f3fff..a9a5e162438a09 100644
--- a/deps/v8/src/full-codegen/x64/full-codegen-x64.cc
+++ b/deps/v8/src/full-codegen/x64/full-codegen-x64.cc
@@ -338,7 +338,7 @@ void FullCodeGenerator::Generate() {
   // redeclaration.
   if (scope()->HasIllegalRedeclaration()) {
     Comment cmnt(masm_, "[ Declarations");
-    scope()->VisitIllegalRedeclaration(this);
+    VisitForEffect(scope()->GetIllegalRedeclaration());
 
   } else {
     PrepareForBailoutForId(BailoutId::FunctionEntry(), NO_REGISTERS);
diff --git a/deps/v8/src/full-codegen/x87/full-codegen-x87.cc b/deps/v8/src/full-codegen/x87/full-codegen-x87.cc
index cfa752c19145db..fdf42cdb8a3c5b 100644
--- a/deps/v8/src/full-codegen/x87/full-codegen-x87.cc
+++ b/deps/v8/src/full-codegen/x87/full-codegen-x87.cc
@@ -338,7 +338,7 @@ void FullCodeGenerator::Generate() {
   // redeclaration.
   if (scope()->HasIllegalRedeclaration()) {
     Comment cmnt(masm_, "[ Declarations");
-    scope()->VisitIllegalRedeclaration(this);
+    VisitForEffect(scope()->GetIllegalRedeclaration());
 
   } else {
     PrepareForBailoutForId(BailoutId::FunctionEntry(), NO_REGISTERS);
diff --git a/deps/v8/src/isolate.cc b/deps/v8/src/isolate.cc
index f63d423fa741c4..1b44ee6834a695 100644
--- a/deps/v8/src/isolate.cc
+++ b/deps/v8/src/isolate.cc
@@ -1279,9 +1279,14 @@ void Isolate::ComputeLocation(MessageLocation* target) {
     Object* script = fun->shared()->script();
     if (script->IsScript() &&
         !(Script::cast(script)->source()->IsUndefined())) {
-      int pos = frame->LookupCode()->SourcePosition(frame->pc());
-      // Compute the location from the function and the reloc info.
       Handle<Script> casted_script(Script::cast(script));
+      // Compute the location from the function and the relocation info of the
+      // baseline code. For optimized code this will use the deoptimization
+      // information to get canonical location information.
+      List<FrameSummary> frames(FLAG_max_inlining_levels + 1);
+      it.frame()->Summarize(&frames);
+      FrameSummary& summary = frames.last();
+      int pos = summary.code()->SourcePosition(summary.pc());
       *target = MessageLocation(casted_script, pos, pos + 1, handle(fun));
     }
   }
diff --git a/deps/v8/src/scopes.cc b/deps/v8/src/scopes.cc
index 8f821461d16949..9c0e471989aba6 100644
--- a/deps/v8/src/scopes.cc
+++ b/deps/v8/src/scopes.cc
@@ -550,9 +550,9 @@ void Scope::SetIllegalRedeclaration(Expression* expression) {
 }
 
 
-void Scope::VisitIllegalRedeclaration(AstVisitor* visitor) {
+Expression* Scope::GetIllegalRedeclaration() {
   DCHECK(HasIllegalRedeclaration());
-  illegal_redecl_->Accept(visitor);
+  return illegal_redecl_;
 }
 
 
diff --git a/deps/v8/src/scopes.h b/deps/v8/src/scopes.h
index 2f600b9f0cbc3a..12a5a9b18a5316 100644
--- a/deps/v8/src/scopes.h
+++ b/deps/v8/src/scopes.h
@@ -189,9 +189,9 @@ class Scope: public ZoneObject {
   // the additional requests will be silently ignored.
   void SetIllegalRedeclaration(Expression* expression);
 
-  // Visit the illegal redeclaration expression. Do not call if the
+  // Retrieve the illegal redeclaration expression. Do not call if the
   // scope doesn't have an illegal redeclaration node.
-  void VisitIllegalRedeclaration(AstVisitor* visitor);
+  Expression* GetIllegalRedeclaration();
 
   // Check if the scope has (at least) one illegal redeclaration.
   bool HasIllegalRedeclaration() const { return illegal_redecl_ != NULL; }
diff --git a/deps/v8/test/message/regress/regress-4266.js b/deps/v8/test/message/regress/regress-4266.js
new file mode 100644
index 00000000000000..552176bccf54e0
--- /dev/null
+++ b/deps/v8/test/message/regress/regress-4266.js
@@ -0,0 +1,11 @@
+// Copyright 2015 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+(function() {
+  try {
+    [].foo();
+  } catch (e) {
+    throw e;
+  }
+})();
diff --git a/deps/v8/test/message/regress/regress-4266.out b/deps/v8/test/message/regress/regress-4266.out
new file mode 100644
index 00000000000000..d31541debe0a95
--- /dev/null
+++ b/deps/v8/test/message/regress/regress-4266.out
@@ -0,0 +1,10 @@
+# Copyright 2015 the V8 project authors. All rights reserved.
+# Use of this source code is governed by a BSD-style license that can be
+# found in the LICENSE file.
+
+*%(basename)s:9: TypeError: [].foo is not a function
+    throw e;
+    ^
+TypeError: [].foo is not a function
+    at *%(basename)s:7:8
+    at *%(basename)s:11:3
diff --git a/deps/v8/test/mjsunit/regress/regress-4266.js b/deps/v8/test/mjsunit/regress/regress-4266.js
new file mode 100644
index 00000000000000..f886250a87399a
--- /dev/null
+++ b/deps/v8/test/mjsunit/regress/regress-4266.js
@@ -0,0 +1,17 @@
+// Copyright 2015 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Flags: --turbo-filter=test --allow-natives-syntax
+
+function test() {
+  try {
+    [].foo();
+  } catch (e) {
+    return e.message;
+  }
+}
+
+assertEquals("[].foo is not a function", test());
+%OptimizeFunctionOnNextCall(test);
+assertEquals("[].foo is not a function", test());