[heap] Avoid concurrently marking through JS API objects.

They can have unboxed double fields and embedder fields. Bug: chromium:775055 Change-Id: Idff67c776cb4209d78006b8f3f8ebc07aa509c42 Reviewed-on: https://chromium-review.googlesource.com/723425Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#48655}

[heap] Avoid concurrently marking through JS API objects.
They can have unboxed double fields and embedder fields. Bug: chromium:775055 Change-Id: Idff67c776cb4209d78006b8f3f8ebc07aa509c42 Reviewed-on: https://chromium-review.googlesource.com/723425Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Reviewed-by: Hannes Payer <hpayer@chromium.org> Commit-Queue: Ulan Degenbaev <ulan@chromium.org> Cr-Commit-Position: refs/heads/master@{#48655}
fcee0a97 · Ulan Degenbaev · Commit Bot · fe5963c6 · fcee0a97
Commit fcee0a97 authored Oct 17, 2017 by Ulan Degenbaev Committed by Commit Bot Oct 17, 2017
Hide whitespace changes
Inline Side-by-side

Showing with 0 additions and 6 deletions

concurrent-marking.cc src/heap/concurrent-marking.cc +0 -6

No files found.
--- a/src/heap/concurrent-marking.cc
+++ b/src/heap/concurrent-marking.cc
@@ -126,12 +126,6 @@ class ConcurrentMarkingVisitor final

  int VisitJSApiObject(Map* map, JSObject* object) {
    if (marking_state_.IsGrey(object)) {
-      int size = JSObject::BodyDescriptor::SizeOf(map, object);
-      VisitMapPointer(object, object->map_slot());
-      // It is OK to iterate body of JS API object here because they do not have
-      // unboxed double fields.
-      DCHECK_IMPLIES(FLAG_unbox_double_fields, map->HasFastPointerLayout());
-      JSObject::BodyDescriptor::IterateBody(object, size, this);
      // The main thread will do wrapper tracing in Blink.
      bailout_.Push(object);
    }