Reviewers: rossberg,
Description:
Prevent flushing of code that was set with %SetCode.
This makes sure that shared function infos that break the one-to-one
mapping to code are marked as un-flushable. Otherwise enqueuing through
the GC meta-data field in the code object doesn't work.
[email protected]
TEST=cctest/test-api/Threading4
Please review this at https://codereview.chromium.org/14710015/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files:
M src/bootstrapper.cc
M src/objects-inl.h
M src/objects-visiting-inl.h
M src/objects.h
M src/runtime.cc
M src/v8natives.js
Index: src/bootstrapper.cc
diff --git a/src/bootstrapper.cc b/src/bootstrapper.cc
index
dd77c14e3f9239ca678ca0b2282033f09ee5a312..c162b4612d458bc2f962bd5cb611757e3f03da3e
100644
--- a/src/bootstrapper.cc
+++ b/src/bootstrapper.cc
@@ -455,9 +455,8 @@ Handle<JSFunction>
Genesis::CreateEmptyFunction(Isolate* isolate) {
function_map_writable_prototype_ =
CreateFunctionMap(ADD_WRITEABLE_PROTOTYPE);
Factory* factory = isolate->factory();
- Heap* heap = isolate->heap();
- Handle<String> object_name = Handle<String>(heap->Object_string());
+ Handle<String> object_name = factory->Object_string();
{ // --- O b j e c t ---
Handle<JSFunction> object_fun =
@@ -830,7 +829,7 @@ bool Genesis::InitializeGlobal(Handle<GlobalObject>
inner_global,
Factory* factory = isolate->factory();
Heap* heap = isolate->heap();
- Handle<String> object_name = Handle<String>(heap->Object_string());
+ Handle<String> object_name = factory->Object_string();
CHECK_NOT_EMPTY_HANDLE(isolate,
JSObject::SetLocalPropertyIgnoreAttributes(
inner_global, object_name,
Index: src/objects-inl.h
diff --git a/src/objects-inl.h b/src/objects-inl.h
index
06a13df5a3f4f5cb1b5bad6fc5bad7c8819137ba..42d905bb691e9ec4eb0b6e14a724cecc6fcc6429
100644
--- a/src/objects-inl.h
+++ b/src/objects-inl.h
@@ -4668,6 +4668,7 @@ BOOL_ACCESSORS(SharedFunctionInfo, compiler_hints,
dont_optimize,
kDontOptimize)
BOOL_ACCESSORS(SharedFunctionInfo, compiler_hints, dont_inline,
kDontInline)
BOOL_ACCESSORS(SharedFunctionInfo, compiler_hints, dont_cache, kDontCache)
+BOOL_ACCESSORS(SharedFunctionInfo, compiler_hints, dont_flush, kDontFlush)
BOOL_ACCESSORS(SharedFunctionInfo, compiler_hints, is_generator,
kIsGenerator)
void SharedFunctionInfo::BeforeVisitingPointers() {
Index: src/objects-visiting-inl.h
diff --git a/src/objects-visiting-inl.h b/src/objects-visiting-inl.h
index
add247ea45cda0e3f7c97de7e8b24f9a8f632106..9b39bef2a138a912e9e272bb7b16a1b2bd80d045
100644
--- a/src/objects-visiting-inl.h
+++ b/src/objects-visiting-inl.h
@@ -566,14 +566,14 @@ bool StaticMarkingVisitor<StaticVisitor>::IsFlushable(
return false;
}
- // If this is a full script wrapped in a function we do no flush the
code.
+ // If this is a full script wrapped in a function we do not flush the
code.
if (shared_info->is_toplevel()) {
return false;
}
- // If this is a native function we do not flush the code because %SetCode
- // breaks the one-to-one relation between SharedFunctionInfo and Code.
- if (shared_info->native()) {
+ // If this is a function initialized with %SetCode then the one-to-one
+ // relation between SharedFunctionInfo and Code is broken.
+ if (shared_info->dont_flush()) {
return false;
}
Index: src/objects.h
diff --git a/src/objects.h b/src/objects.h
index
1b4ed5b3b572e8b7cb17b85bddf6479496ef692b..57084ed9f1f4a564b1c355b36dc591bbdc6de371
100644
--- a/src/objects.h
+++ b/src/objects.h
@@ -6111,6 +6111,9 @@ class SharedFunctionInfo: public HeapObject {
// Indicates that code for this function cannot be cached.
DECL_BOOLEAN_ACCESSORS(dont_cache)
+ // Indicates that code for this function cannot be flushed.
+ DECL_BOOLEAN_ACCESSORS(dont_flush)
+
// Indicates that this function is a generator.
DECL_BOOLEAN_ACCESSORS(is_generator)
@@ -6340,6 +6343,7 @@ class SharedFunctionInfo: public HeapObject {
kDontOptimize,
kDontInline,
kDontCache,
+ kDontFlush,
kIsGenerator,
kCompilerHintsCount // Pseudo entry
};
Index: src/runtime.cc
diff --git a/src/runtime.cc b/src/runtime.cc
index
792a14296c4964fce21b15df2855055db6d0d6b8..774e961d5b4529f0c90a2aee9436a18e18bbd309
100644
--- a/src/runtime.cc
+++ b/src/runtime.cc
@@ -2498,6 +2498,13 @@ RUNTIME_FUNCTION(MaybeObject*, Runtime_SetCode) {
return Failure::Exception();
}
+ // Mark both, the source and the target, as un-flushable because the
+ // shared unoptimized code makes them impossible to enqueue in a list.
+ ASSERT(target_shared->code()->gc_metadata() == NULL);
+ ASSERT(source_shared->code()->gc_metadata() == NULL);
+ target_shared->set_dont_flush(true);
+ source_shared->set_dont_flush(true);
+
// Set the code, scope info, formal parameter count, and the length
// of the target shared function info. Set the source code of the
// target function to undefined. SetCode is only used for built-in
Index: src/v8natives.js
diff --git a/src/v8natives.js b/src/v8natives.js
index
fd8b7f20689e6a87d89cc9db30c358caa84b7413..db9213215f7514fd78f767dc60a660e260c63170
100644
--- a/src/v8natives.js
+++ b/src/v8natives.js
@@ -1356,6 +1356,7 @@ function ObjectConstructor(x) {
function SetUpObject() {
%CheckIsBootstrapping();
+ %SetNativeFlag($Object);
%SetCode($Object, ObjectConstructor);
%FunctionSetName(ObjectPoisonProto, "__proto__");
%FunctionRemovePrototype(ObjectPoisonProto);
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
