[deoptimizer] Heap API to invalidate code objects.

This introduces two dedicated API methods to invalidate references from
a given {Code} object. They are needed to reduce lifetime of objects
referenced from deoptimized code. The new methods are aim at embedded
objects and deoptimization data, called {InvalidateCodeEmbeddedObjects}
and {InvalidateCodeDeoptimizationData} respectively.

R=jarin@chromium.org
BUG=v8:6792

Change-Id: I6bf8806c8b00c6e0ec8f0551e9066729a86845b1
Reviewed-on: https://chromium-review.googlesource.com/757010Reviewed-by: Hannes Payer <hpayer@chromium.org>
Reviewed-by: Jaroslav Sevcik <jarin@chromium.org>
Commit-Queue: Michael Starzinger <mstarzinger@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49373}

src/deoptimizer.cc

@@ -214,16 +214,11 @@ void Deoptimizer::DeoptimizeMarkedCodeForContext(Context* context) {
   }
 #endif
 
-  // TODO(mstarzinger,6792): This code-space modification section should be
-  // moved into {Heap} eventually and a safe wrapper be provided.
-  CodeSpaceMemoryModificationScope modification_scope(isolate->heap());
-
   // We will use this set to mark those Code objects that are marked for
   // deoptimization and have not been found in stack frames.
   std::set<Code*> codes;
 
-  // Move marked code from the optimized code list to the deoptimized
-  // code list.
+  // Move marked code from the optimized code list to the deoptimized code list.
   // Walk over all optimized code objects in this native context.
   Code* prev = nullptr;
   Object* element = context->OptimizedCodeListHead();
@@ -234,7 +229,7 @@ void Deoptimizer::DeoptimizeMarkedCodeForContext(Context* context) {
 
     if (code->marked_for_deoptimization()) {
       // Make sure that this object does not point to any garbage.
-      code->InvalidateEmbeddedObjects();
+      isolate->heap()->InvalidateCodeEmbeddedObjects(code);
       codes.insert(code);
 
       if (prev != nullptr) {
@@ -265,12 +260,10 @@ void Deoptimizer::DeoptimizeMarkedCodeForContext(Context* context) {
   isolate->thread_manager()->IterateArchivedThreads(&visitor);
 
   // If there's no activation of a code in any stack then we can remove its
-  // deoptimization data. We do this to ensure that Code objects that will be
-  // unlinked won't be kept alive.
-  std::set<Code*>::iterator it;
-  for (it = codes.begin(); it != codes.end(); ++it) {
-    Code* code = *it;
-    code->set_deoptimization_data(isolate->heap()->empty_fixed_array());
+  // deoptimization data. We do this to ensure that code objects that are
+  // unlinked don't transitively keep objects alive unnecessarily.
+  for (Code* code : codes) {
+    isolate->heap()->InvalidateCodeDeoptimizationData(code);
   }
 }
 

src/heap/heap.cc

@@ -867,6 +867,19 @@ void Heap::ProcessPretenuringFeedback() {
   }
 }
 
+void Heap::InvalidateCodeEmbeddedObjects(Code* code) {
+  MemoryChunk* chunk = MemoryChunk::FromAddress(code->address());
+  CodePageMemoryModificationScope modification_scope(
+      chunk, CodePageMemoryModificationScope::READ_WRITE);
+  code->InvalidateEmbeddedObjects();
+}
+
+void Heap::InvalidateCodeDeoptimizationData(Code* code) {
+  MemoryChunk* chunk = MemoryChunk::FromAddress(code->address());
+  CodePageMemoryModificationScope modification_scope(
+      chunk, CodePageMemoryModificationScope::READ_WRITE);
+  code->set_deoptimization_data(empty_fixed_array());
+}
 
 void Heap::DeoptMarkedAllocationSites() {
   // TODO(hpayer): If iterating over the allocation sites list becomes a

src/heap/heap.h

@@ -847,11 +847,6 @@ class Heap {
   inline int NextScriptId();
   inline int GetNextTemplateSerialNumber();
 
-  void SetArgumentsAdaptorDeoptPCOffset(int pc_offset);
-  void SetConstructStubCreateDeoptPCOffset(int pc_offset);
-  void SetConstructStubInvokeDeoptPCOffset(int pc_offset);
-  void SetInterpreterEntryReturnPCOffset(int pc_offset);
-
   void SetSerializedTemplates(FixedArray* templates);
   void SetSerializedGlobalProxySizes(FixedArray* sizes);
 
@@ -872,10 +867,6 @@ class Heap {
     external_memory_concurrently_freed_.SetValue(0);
   }
 
-  void DeoptMarkedAllocationSites();
-
-  bool DeoptMaybeTenuredAllocationSites();
-
   void AddWeakNewSpaceObjectToCodeDependency(Handle<HeapObject> obj,
                                              Handle<WeakCell> code);
 
@@ -1239,6 +1230,28 @@ class Heap {
   void VerifyObjectLayoutChange(HeapObject* object, Map* new_map);
 #endif
 
+  // ===========================================================================
+  // Deoptimization support API. ===============================================
+  // ===========================================================================
+
+  // Setters for code offsets of well-known deoptimization targets.
+  void SetArgumentsAdaptorDeoptPCOffset(int pc_offset);
+  void SetConstructStubCreateDeoptPCOffset(int pc_offset);
+  void SetConstructStubInvokeDeoptPCOffset(int pc_offset);
+  void SetInterpreterEntryReturnPCOffset(int pc_offset);
+
+  // Invalidates references in the given {code} object that are directly
+  // embedded within the instruction stream. Mutates write-protected code.
+  void InvalidateCodeEmbeddedObjects(Code* code);
+
+  // Invalidates references in the given {code} object that are referenced
+  // transitively from the deoptimization data. Mutates write-protected code.
+  void InvalidateCodeDeoptimizationData(Code* code);
+
+  void DeoptMarkedAllocationSites();
+
+  bool DeoptMaybeTenuredAllocationSites();
+
   // ===========================================================================
   // Embedder heap tracer support. =============================================
   // ===========================================================================