[modules] Fix NewJSModuleNamespace to avoid GC being able to see incomplete JSModuleNamespace.

A GC could happen when creating the Module string, which would cause the
JSModuleNamespace to be seen in an incomplete state. Instead make this
string a root object so that we don't need to allocate it during
NewJSModuleNamespace construction.

BUG=v8:1569

Review-Url: https://codereview.chromium.org/2631223002
Cr-Commit-Position: refs/heads/master@{#42393}

src/factory.cc

@@ -1853,8 +1853,8 @@ Handle<JSModuleNamespace> Factory::NewJSModuleNamespace() {
       Handle<JSModuleNamespace>::cast(NewJSObjectFromMap(map)));
   FieldIndex index = FieldIndex::ForDescriptor(
       *map, JSModuleNamespace::kToStringTagFieldIndex);
-  Handle<String> to_string_value = NewStringFromAsciiChecked("Module");
-  module_namespace->FastPropertyAtPut(index, *to_string_value);
+  module_namespace->FastPropertyAtPut(index,
+                                      isolate()->heap()->Module_string());
   return module_namespace;
 }
 

src/heap-symbols.h

@@ -107,6 +107,7 @@
   V(minus_infinity_string, "-Infinity")                            \
   V(minus_zero_string, "-0")                                       \
   V(minute_string, "minute")                                       \
+  V(Module_string, "Module")                                       \
   V(month_string, "month")                                         \
   V(multiline_string, "multiline")                                 \
   V(name_string, "name")                                           \