Revision: 12627
Author: [email protected]
Date: Fri Sep 28 02:40:58 2012
Log: Revert merge of r12563 from 3.12 branch.
Fix missing slot recodring during clearing of CallICs.
[email protected],[email protected]
BUG=chromium:144230
Review URL: https://codereview.chromium.org/10993076
http://code.google.com/p/v8/source/detail?r=12627
Modified:
/branches/3.12/src/ic-inl.h
/branches/3.12/src/version.cc
/branches/3.12/test/cctest/test-heap.cc
=======================================
--- /branches/3.12/src/ic-inl.h Tue Sep 25 10:29:23 2012
+++ /branches/3.12/src/ic-inl.h Fri Sep 28 02:40:58 2012
@@ -79,7 +79,6 @@
void IC::SetTargetAtAddress(Address address, Code* target) {
ASSERT(target->is_inline_cache_stub() || target->is_compare_ic_stub());
- Heap* heap = target->GetHeap();
Code* old_target = GetTargetAtAddress(address);
#ifdef DEBUG
// STORE_IC and KEYED_STORE_IC use Code::extra_ic_state() to mark
@@ -91,15 +90,8 @@
}
#endif
Assembler::set_target_address_at(address, target->instruction_start());
- if (heap->gc_state() == Heap::MARK_COMPACT &&
- heap->mark_compact_collector()->is_compacting()) {
- Code* host = heap->isolate()->inner_pointer_to_code_cache()->
- GcSafeFindCodeForInnerPointer(address);
- RelocInfo rinfo(address, RelocInfo::CODE_TARGET, 0, host);
- heap->mark_compact_collector()->RecordRelocSlot(&rinfo, target);
- } else {
- heap->incremental_marking()->RecordCodeTargetPatch(address, target);
- }
+ target->GetHeap()->incremental_marking()->RecordCodeTargetPatch(address,
+ target);
PostPatching(address, target, old_target);
}
=======================================
--- /branches/3.12/src/version.cc Tue Sep 25 10:29:23 2012
+++ /branches/3.12/src/version.cc Fri Sep 28 02:40:58 2012
@@ -35,7 +35,7 @@
#define MAJOR_VERSION 3
#define MINOR_VERSION 12
#define BUILD_NUMBER 19
-#define PATCH_LEVEL 13
+#define PATCH_LEVEL 14
// Use 1 for candidates and 0 otherwise.
// (Boolean macro values are not supported by all preprocessors.)
#define IS_CANDIDATE_VERSION 0
=======================================
--- /branches/3.12/test/cctest/test-heap.cc Tue Sep 25 10:29:23 2012
+++ /branches/3.12/test/cctest/test-heap.cc Fri Sep 28 02:40:58 2012
@@ -4,12 +4,10 @@
#include "v8.h"
-#include "compilation-cache.h"
#include "execution.h"
#include "factory.h"
#include "macro-assembler.h"
#include "global-handles.h"
-#include "stub-cache.h"
#include "cctest.h"
using namespace v8::internal;
@@ -2027,62 +2025,3 @@
CHECK_LE(hashtable->SizeFor(hashtable->length()), 13 * kPointerSize);
}
}
-
-
-TEST(Regression144230) {
- InitializeVM();
- v8::HandleScope scope;
-
- // First make sure that the uninitialized CallIC stub is on a single page
- // that will later be selected as an evacuation candidate.
- {
- v8::HandleScope inner_scope;
- AlwaysAllocateScope always_allocate;
- SimulateFullSpace(HEAP->code_space());
- ISOLATE->stub_cache()->ComputeCallInitialize(9,
RelocInfo::CODE_TARGET);
- }
-
- // Second compile a CallIC and execute it once so that it gets patched to
- // the pre-monomorphic stub. These code objects are on yet another page.
- {
- v8::HandleScope inner_scope;
- AlwaysAllocateScope always_allocate;
- SimulateFullSpace(HEAP->code_space());
- CompileRun("var o = { f:function(a,b,c,d,e,f,g,h,i) {}};"
- "function call() { o.f(1,2,3,4,5,6,7,8,9); };"
- "call();");
- }
-
- // Third we fill up the last page of the code space so that it does not
get
- // chosen as an evacuation candidate.
- {
- v8::HandleScope inner_scope;
- AlwaysAllocateScope always_allocate;
- CompileRun("for (var i = 0; i < 2000; i++) {"
- " eval('function f' + i + '() { return ' + i +'; };' +"
- " 'f' + i + '();');"
- "}");
- }
- HEAP->CollectAllGarbage(Heap::kNoGCFlags);
-
- // Fourth is the tricky part. Make sure the code containing the CallIC is
- // visited first without clearing the IC. The shared function info is
then
- // visited later, causing the CallIC to be cleared.
- Handle<String> name = FACTORY->LookupAsciiSymbol("call");
- Handle<GlobalObject> global(ISOLATE->context()->global());
- MaybeObject* maybe_call = global->GetProperty(*name);
- JSFunction* call = JSFunction::cast(maybe_call->ToObjectChecked());
- USE(global->SetProperty(*name, Smi::FromInt(0), NONE, kNonStrictMode));
- ISOLATE->compilation_cache()->Clear();
- call->shared()->set_ic_age(HEAP->global_ic_age() + 1);
- Handle<Object> call_code(call->code());
- Handle<Object> call_function(call);
-
- // Now we are ready to mess up the heap.
- HEAP->CollectAllGarbage(Heap::kReduceMemoryFootprintMask);
-
- // Either heap verification caught the problem already or we go kaboom
once
- // the CallIC is executed the next time.
- USE(global->SetProperty(*name, *call_function, NONE, kNonStrictMode));
- CompileRun("call();");
-}
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
