Every place where AllocationMemento is initialized with an

AllocationSite is now checked to be sure a valid Site goes in. This is temporary code to diagnose chromium bug 284577. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23622029 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16705 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

Every place where AllocationMemento is initialized with an
AllocationSite is now checked to be sure a valid Site goes in. This is temporary code to diagnose chromium bug 284577. BUG= R=mstarzinger@chromium.org Review URL: https://codereview.chromium.org/23622029 git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@16705 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
25c4f763 · mvstanton@chromium.org · 94c4c596 · 25c4f763 · 25c4f763
Commit 25c4f763 authored Sep 13, 2013 by mvstanton@chromium.org
Hide whitespace changes
Inline Side-by-side

Showing with 26 additions and 0 deletions

heap.cc src/heap.cc +12 -0

hydrogen.cc src/hydrogen.cc +14 -0

No files found.
--- a/src/heap.cc
+++ b/src/heap.cc
@@ -4310,6 +4310,10 @@ MaybeObject* Heap::AllocateWithAllocationSite(Map* map, AllocationSpace space,
  AllocationMemento* alloc_memento = reinterpret_cast<AllocationMemento*>(
      reinterpret_cast<Address>(result) + map->instance_size());
  alloc_memento->set_map_no_write_barrier(allocation_memento_map());
+
+  // TODO(mvstanton): To diagnose bug 284577, some extra checks
+  CHECK(allocation_site->map() == allocation_site_map());
+
  alloc_memento->set_allocation_site(*allocation_site, SKIP_WRITE_BARRIER);
  return result;
 }
@@ -5053,6 +5057,10 @@ MaybeObject* Heap::CopyJSObjectWithAllocationSite(
      AllocationMemento* alloc_memento;
      if (maybe_alloc_memento->To(&alloc_memento)) {
        alloc_memento->set_map_no_write_barrier(allocation_memento_map());
+
+        // TODO(mvstanton): To diagnose bug 284577, some extra checks
+        CHECK(site->map() == allocation_site_map());
+
        alloc_memento->set_allocation_site(site, SKIP_WRITE_BARRIER);
      }
    }
@@ -5075,6 +5083,10 @@ MaybeObject* Heap::CopyJSObjectWithAllocationSite(
    AllocationMemento* alloc_memento = reinterpret_cast<AllocationMemento*>(
        reinterpret_cast<Address>(clone) + object_size);
    alloc_memento->set_map_no_write_barrier(allocation_memento_map());
+
+    // TODO(mvstanton): To diagnose bug 284577, some extra checks
+    CHECK(site->map() == allocation_site_map());
+
    alloc_memento->set_allocation_site(site, SKIP_WRITE_BARRIER);
  }


--- a/src/hydrogen.cc
+++ b/src/hydrogen.cc
@@ -1831,6 +1831,20 @@ HValue* HGraphBuilder::BuildCreateAllocationMemento(HValue* previous_object,
  Handle<Map> alloc_memento_map(
      isolate()->heap()->allocation_memento_map());
  AddStoreMapConstant(alloc_memento, alloc_memento_map);
+
+  // TODO(mvstanton): the code below is turned on to diagnose chromium bug
+  // 284577.
+  Handle<Map> alloc_site_map(isolate()->heap()->allocation_site_map());
+  IfBuilder builder(this);
+  // Read the map
+  HValue* map_field = Add<HLoadNamedField>(alloc_site,
+                                           HObjectAccess::ForMap());
+  HValue* alloc_site_map_value = Add<HConstant>(alloc_site_map);
+  builder.IfNot<HCompareObjectEqAndBranch>(map_field, alloc_site_map_value);
+  builder.Then();
+  AddInstruction(new(zone()) HDebugBreak());
+  builder.End();
+
  HObjectAccess access = HObjectAccess::ForAllocationMementoSite();
  Add<HStoreNamedField>(alloc_memento, access, alloc_site);
  return alloc_memento;