Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(74)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: test/cctest/test-heap.cc

Issue 10443052: Fix missing write barrier in store field stub. (Closed) Base URL: https://v8.googlecode.com/svn/branches/bleeding_edge
Patch Set: Addressed comments by Vyacheslav Egorov. Created 8 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « src/x64/stub-cache-x64.cc ('k') | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2012 the V8 project authors. All rights reserved. 1 // Copyright 2012 the V8 project authors. All rights reserved.
2 2
3 #include <stdlib.h> 3 #include <stdlib.h>
4 4
5 #include "v8.h" 5 #include "v8.h"
6 6
7 #include "execution.h" 7 #include "execution.h"
8 #include "factory.h" 8 #include "factory.h"
9 #include "macro-assembler.h" 9 #include "macro-assembler.h"
10 #include "global-handles.h" 10 #include "global-handles.h"
(...skipping 1776 matching lines...) Expand 10 before | Expand all | Expand 10 after
1787 CHECK(marking->IsComplete()); 1787 CHECK(marking->IsComplete());
1788 HEAP->CollectAllGarbage(Heap::kNoGCFlags); 1788 HEAP->CollectAllGarbage(Heap::kNoGCFlags);
1789 CHECK(marking->IsStopped()); 1789 CHECK(marking->IsStopped());
1790 1790
1791 // Count number of live transitions after marking. Note that one transition 1791 // Count number of live transitions after marking. Note that one transition
1792 // is left, because 'o' still holds an instance of one transition target. 1792 // is left, because 'o' still holds an instance of one transition target.
1793 int transitions_after = CountMapTransitions(root->map()); 1793 int transitions_after = CountMapTransitions(root->map());
1794 CompileRun("%DebugPrint(root);"); 1794 CompileRun("%DebugPrint(root);");
1795 CHECK_EQ(1, transitions_after); 1795 CHECK_EQ(1, transitions_after);
1796 } 1796 }
1797
1798
1799 TEST(Regress2143a) {
1800 i::FLAG_collect_maps = true;
1801 i::FLAG_incremental_marking = true;
1802 InitializeVM();
1803 v8::HandleScope scope;
1804
1805 // Prepare a map transition from the root object together with a yet
1806 // untransitioned root object.
1807 CompileRun("var root = new Object;"
1808 "root.foo = 0;"
1809 "root = new Object;");
1810
1811 // Go through all incremental marking steps in one swoop.
1812 IncrementalMarking* marking = HEAP->incremental_marking();
1813 CHECK(marking->IsStopped());
1814 marking->Start();
1815 CHECK(marking->IsMarking());
1816 while (!marking->IsComplete()) {
1817 marking->Step(MB, IncrementalMarking::NO_GC_VIA_STACK_GUARD);
1818 }
1819 CHECK(marking->IsComplete());
1820
1821 // Compile a StoreIC that performs the prepared map transition. This
1822 // will restart incremental marking and should make sure the root is
1823 // marked grey again.
1824 CompileRun("function f(o) {"
1825 " o.foo = 0;"
1826 "}"
1827 "f(new Object);"
1828 "f(root);");
1829
1830 // This bug only triggers with aggressive IC clearing.
1831 HEAP->AgeInlineCaches();
1832
1833 // Explicitly request GC to perform final marking step and sweeping.
1834 HEAP->CollectAllGarbage(Heap::kNoGCFlags);
1835 CHECK(marking->IsStopped());
1836
1837 Handle<JSObject> root =
1838 v8::Utils::OpenHandle(
1839 *v8::Handle<v8::Object>::Cast(
1840 v8::Context::GetCurrent()->Global()->Get(v8_str("root"))));
1841
1842 // The root object should be in a sane state.
1843 CHECK(root->IsJSObject());
1844 CHECK(root->map()->IsMap());
1845 }
1846
1847
1848 TEST(Regress2143b) {
1849 i::FLAG_collect_maps = true;
1850 i::FLAG_incremental_marking = true;
1851 i::FLAG_allow_natives_syntax = true;
1852 InitializeVM();
1853 v8::HandleScope scope;
1854
1855 // Prepare a map transition from the root object together with a yet
1856 // untransitioned root object.
1857 CompileRun("var root = new Object;"
1858 "root.foo = 0;"
1859 "root = new Object;");
1860
1861 // Go through all incremental marking steps in one swoop.
1862 IncrementalMarking* marking = HEAP->incremental_marking();
1863 CHECK(marking->IsStopped());
1864 marking->Start();
1865 CHECK(marking->IsMarking());
1866 while (!marking->IsComplete()) {
1867 marking->Step(MB, IncrementalMarking::NO_GC_VIA_STACK_GUARD);
1868 }
1869 CHECK(marking->IsComplete());
1870
1871 // Compile an optimized LStoreNamedField that performs the prepared
1872 // map transition. This will restart incremental marking and should
1873 // make sure the root is marked grey again.
1874 CompileRun("function f(o) {"
1875 " o.foo = 0;"
1876 "}"
1877 "f(new Object);"
1878 "f(new Object);"
1879 "%OptimizeFunctionOnNextCall(f);"
1880 "f(root);"
1881 "%DeoptimizeFunction(f);");
1882
1883 // This bug only triggers with aggressive IC clearing.
1884 HEAP->AgeInlineCaches();
1885
1886 // Explicitly request GC to perform final marking step and sweeping.
1887 HEAP->CollectAllGarbage(Heap::kNoGCFlags);
1888 CHECK(marking->IsStopped());
1889
1890 Handle<JSObject> root =
1891 v8::Utils::OpenHandle(
1892 *v8::Handle<v8::Object>::Cast(
1893 v8::Context::GetCurrent()->Global()->Get(v8_str("root"))));
1894
1895 // The root object should be in a sane state.
1896 CHECK(root->IsJSObject());
1897 CHECK(root->map()->IsMap());
1898 }
OLDNEW
« no previous file with comments | « src/x64/stub-cache-x64.cc ('k') | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698