[v8-dev] [v8] r21757 committed - Version 3.26.31.3 (merged r21299)...

[codesite-noreply via v8-dev]

Revision: 21757
Author:   u...@chromium.org
Date:     Wed Jun 11 07:07:52 2014 UTC
Log:      Version 3.26.31.3 (merged r21299)
Skip write barriers when updating the weak hash table.

BUG=359401,378206
LOG=N
R=svenpa...@chromium.org

Review URL: https://codereview.chromium.org/329063002
http://code.google.com/p/v8/source/detail?r=21757

Modified:
 /branches/3.26/src/heap.cc
 /branches/3.26/src/mark-compact.cc
 /branches/3.26/src/objects.cc
 /branches/3.26/src/version.cc
 /branches/3.26/test/cctest/test-heap.cc

=======================================
--- /branches/3.26/src/heap.cc  Tue May  6 00:04:47 2014 UTC
+++ /branches/3.26/src/heap.cc  Wed Jun 11 07:07:52 2014 UTC
@@ -5473,6 +5473,8 @@
                                          Handle<DependentCode> dep) {
   ASSERT(!InNewSpace(*obj));
   ASSERT(!InNewSpace(*dep));
+  // This handle scope keeps the table handle local to this function, which
+  // allows us to safely skip write barriers in table update operations.
   HandleScope scope(isolate());
   Handle<WeakHashTable>  
table(WeakHashTable::cast(weak_object_to_code_table_),
                               isolate());
=======================================
--- /branches/3.26/src/mark-compact.cc  Thu May  1 00:05:11 2014 UTC
+++ /branches/3.26/src/mark-compact.cc  Wed Jun 11 07:07:52 2014 UTC
@@ -2634,6 +2634,7 @@
         ClearDependentCode(DependentCode::cast(value));
         table->set(key_index, heap_->the_hole_value());
         table->set(value_index, heap_->the_hole_value());
+        table->ElementRemoved();
       }
     }
   }
=======================================
--- /branches/3.26/src/objects.cc       Wed Jun 11 04:56:55 2014 UTC
+++ /branches/3.26/src/objects.cc       Wed Jun 11 07:07:52 2014 UTC
@@ -16169,7 +16169,10 @@
   int entry = table->FindEntry(key);
   // Key is already in table, just overwrite value.
   if (entry != kNotFound) {
-    table->set(EntryToValueIndex(entry), *value);
+    // TODO(ulan): Skipping write barrier is a temporary solution to avoid
+    // memory leaks. Remove this once we have special visitor for weak  
fixed
+    // arrays.
+    table->set(EntryToValueIndex(entry), *value, SKIP_WRITE_BARRIER);
     return table;
   }

@@ -16185,8 +16188,11 @@
                              Handle<Object> key,
                              Handle<Object> value) {
   DisallowHeapAllocation no_allocation;
-  set(EntryToIndex(entry), *key);
-  set(EntryToValueIndex(entry), *value);
+  // TODO(ulan): Skipping write barrier is a temporary solution to avoid
+  // memory leaks. Remove this once we have special visitor for weak fixed
+  // arrays.
+  set(EntryToIndex(entry), *key, SKIP_WRITE_BARRIER);
+  set(EntryToValueIndex(entry), *value, SKIP_WRITE_BARRIER);
   ElementAdded();
 }

=======================================
--- /branches/3.26/src/version.cc       Wed Jun 11 04:56:55 2014 UTC
+++ /branches/3.26/src/version.cc       Wed Jun 11 07:07:52 2014 UTC
@@ -35,7 +35,7 @@
 #define MAJOR_VERSION     3
 #define MINOR_VERSION     26
 #define BUILD_NUMBER      31
-#define PATCH_LEVEL       2
+#define PATCH_LEVEL       3
 // Use 1 for candidates and 0 otherwise.
 // (Boolean macro values are not supported by all preprocessors.)
 #define IS_CANDIDATE_VERSION 0
=======================================
--- /branches/3.26/test/cctest/test-heap.cc     Thu May  1 00:05:11 2014 UTC
+++ /branches/3.26/test/cctest/test-heap.cc     Wed Jun 11 07:07:52 2014 UTC
@@ -40,7 +40,6 @@

 using namespace v8::internal;

-
 // Go through all incremental marking steps in one swoop.
 static void SimulateIncrementalMarking() {
   MarkCompactCollector* collector =  
CcTest::heap()->mark_compact_collector();
@@ -3898,6 +3897,42 @@
   ASSERT(code->marked_for_deoptimization());
 }

+
+TEST(NoWeakHashTableLeakWithIncrementalMarking) {
+  if (i::FLAG_always_opt || !i::FLAG_crankshaft) return;
+  if (!i::FLAG_incremental_marking) return;
+  i::FLAG_weak_embedded_objects_in_optimized_code = true;
+  i::FLAG_allow_natives_syntax = true;
+  i::FLAG_compilation_cache = false;
+  CcTest::InitializeVM();
+  Isolate* isolate = CcTest::i_isolate();
+  v8::internal::Heap* heap = CcTest::heap();
+
+  if (!isolate->use_crankshaft()) return;
+  HandleScope outer_scope(heap->isolate());
+  for (int i = 0; i < 3; i++) {
+    SimulateIncrementalMarking();
+    {
+      LocalContext context;
+      HandleScope scope(heap->isolate());
+      EmbeddedVector<char, 256> source;
+      OS::SNPrintF(source,
+                   "function bar%d() {"
+                   "  return foo%d(1);"
+                   "};"
+                   "function foo%d(x) { with (x) { return 1 + x; } };"
+                   "bar%d();"
+                   "bar%d();"
+                   "bar%d();"
+                   "%OptimizeFunctionOnNextCall(bar%d);"
+                   "bar%d();", i, i, i, i, i, i, i, i);
+      CompileRun(source.start());
+    }
+    heap->CollectAllGarbage(i::Heap::kNoGCFlags);
+  }
+  WeakHashTable* table =  
WeakHashTable::cast(heap->weak_object_to_code_table());
+  CHECK_EQ(0, table->NumberOfElements());
+}


 static Handle<JSFunction> OptimizeDummyFunction(const char* name) {

--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
--- 
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to v8-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.