The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/047e906da5e6550b2917be34f71d6f7dcdb6e11a

commit 047e906da5e6550b2917be34f71d6f7dcdb6e11a
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Jul 28 11:32:40 2017

[heap] Process weak cells in concurrent marking visitor.

BUG= chromium:694255 

Change-Id: I6684850ae9759f719e3ed665157eaea2581a65cf
Reviewed-on: https://chromium-review.googlesource.com/590008
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46964}
[modify] https://crrev.com/047e906da5e6550b2917be34f71d6f7dcdb6e11a/src/heap/concurrent-marking.cc
[modify] https://crrev.com/047e906da5e6550b2917be34f71d6f7dcdb6e11a/src/heap/concurrent-marking.h
[modify] https://crrev.com/047e906da5e6550b2917be34f71d6f7dcdb6e11a/src/heap/heap.cc
[modify] https://crrev.com/047e906da5e6550b2917be34f71d6f7dcdb6e11a/src/heap/mark-compact.h
[modify] https://crrev.com/047e906da5e6550b2917be34f71d6f7dcdb6e11a/test/cctest/heap/test-concurrent-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/962de532f5848675d8e59ba0e2ccc50146bbda05

commit 962de532f5848675d8e59ba0e2ccc50146bbda05
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Sat Jul 29 13:34:35 2017

[heap] Fix data race in IncrementalMarking::NotifyLeftTrimming.

BUG= chromium:694255 
TBR=mlippautz@chromium.org

Change-Id: I7dd9623ff85fcc49f034c71a6f5149f9488a9abb
Reviewed-on: https://chromium-review.googlesource.com/593010
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46990}
[modify] https://crrev.com/962de532f5848675d8e59ba0e2ccc50146bbda05/src/heap/incremental-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/c8c3f3cf75a768ba31c1be369b5d55ee9ad5c669

commit c8c3f3cf75a768ba31c1be369b5d55ee9ad5c669
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Jul 31 08:52:16 2017

[heap] Clear old-to-old recorded slots in the sweeper.

Currently we clear only old-to-new slots in the sweeper.
For old-to-old slots we maintain the invariant that there are no
recorded slots in dead objects by explicitly clearing them
on object size change and array trimming.

The write barrier for concurrent marking will record slots
even when the host object is white. Thus, it can introduce slots
in dead objects, which will break evacuation phase if we do not
clear them in the sweeper.

Besides that, the patch makes handling of slots more uniform and
allows us to remove clearing of slots on object size changes.

BUG= chromium:694255 

Change-Id: I48f60eb25ddc48c6948be4461367e3f7abf74672
Reviewed-on: https://chromium-review.googlesource.com/592207
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46996}
[modify] https://crrev.com/c8c3f3cf75a768ba31c1be369b5d55ee9ad5c669/src/heap/mark-compact.cc
[modify] https://crrev.com/c8c3f3cf75a768ba31c1be369b5d55ee9ad5c669/src/heap/mark-compact.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/ed76f17b15fbc7c2b63391a47ab55f2f5207ee8e

commit ed76f17b15fbc7c2b63391a47ab55f2f5207ee8e
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Jul 31 09:41:18 2017

[heap, runtime] Avoid redundant clearing of slots in a trimmed array.

The slots outside the trimmed array will be cleared by the sweeper and
will not be overwritten with an untagged value.

BUG= chromium:694255 

Change-Id: I3e814b9934ca95a09e883e237687434e6bb58c80
Reviewed-on: https://chromium-review.googlesource.com/591651
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46998}
[modify] https://crrev.com/ed76f17b15fbc7c2b63391a47ab55f2f5207ee8e/src/heap/heap.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/3f820ebb0b1920d3773ad0c5256ae299fedf9542

commit 3f820ebb0b1920d3773ad0c5256ae299fedf9542
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Jul 31 09:42:27 2017

[heap, runtime] Avoid redundant clearing of slots outside an object.

When an object shrinks, we can keep the recorded slots until the sweeper
removes them. It is safe because the recorded slots will not be over-
written with untagged values.

BUG= chromium:694255 

Change-Id: I2b910c6345a306e00c7a10396876001e663f51ea
Reviewed-on: https://chromium-review.googlesource.com/591650
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#46999}
[modify] https://crrev.com/3f820ebb0b1920d3773ad0c5256ae299fedf9542/src/objects.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/14e6a65afe8cd7918abd2130eb1d0ab3e4680022

commit 14e6a65afe8cd7918abd2130eb1d0ab3e4680022
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Jul 31 16:54:17 2017

[runtime] Use nullptr instead of NULL when calling WRITE_FIELD.

BUG= chromium:694255 
TBR=cbruni@chromium.org

Change-Id: I8a7907aa18d2855ca571ae564c7eeda41bf13fbb
Reviewed-on: https://chromium-review.googlesource.com/593655
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47017}
[modify] https://crrev.com/14e6a65afe8cd7918abd2130eb1d0ab3e4680022/src/objects-inl.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/6fbbe93c5e60909fbf85933df3f4e4d5e72fb78b

commit 6fbbe93c5e60909fbf85933df3f4e4d5e72fb78b
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Jul 31 19:16:24 2017

Revert "[heap, runtime] Fix data race in prototype map transition during"

This reverts commit d8846ffd5f9787ef79f85492530f40e7de2d22f3.

Reason: the fix doesn't work, the proper fix is to not mutate the map.

BUG= chromium:694255 
TBR=ishell@chromium.org

Change-Id: Iebef7cd01081145c172902727e0035a8745703b7
Reviewed-on: https://chromium-review.googlesource.com/594727
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47020}
[modify] https://crrev.com/6fbbe93c5e60909fbf85933df3f4e4d5e72fb78b/src/objects.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/d624daacc645a1ed50bed641d939e87f8cf51028

commit d624daacc645a1ed50bed641d939e87f8cf51028
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Aug 01 13:43:36 2017

[heap] Remove special handling of map space in old-to-old pointer update.

Now that the layout descriptor is pretenured, we don't need atomic
accessor for the map space.

BUG= chromium:694255 

Change-Id: I0ced8c04eaa61eec0f6a7b518ecba6413a691501
Reviewed-on: https://chromium-review.googlesource.com/595742
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47042}
[modify] https://crrev.com/d624daacc645a1ed50bed641d939e87f8cf51028/src/heap/mark-compact.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/7a5a777c97ed2cce2aa1b7c554646519e23bd05c

commit 7a5a777c97ed2cce2aa1b7c554646519e23bd05c
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Aug 01 16:12:53 2017

[heap] Add mechanism for tracking invalidated slots per memory chunk.

For correct slots recording in concurrent marker, we need to resolve
the race that happens when
1) the mutator is invalidating slots for double unboxing or string
conversions
2) and the concurrent marker is recording these slots.

This patch adds a data-structure for tracking the invalidated objects.
Thus we can allow the concurrent marker to record slots without
worrying about clearing them. During old-to-old pointer updating phase
we re-check all slots that belong to the invalidated objects.

BUG= chromium:694255 

Change-Id: Ifc3d82918cd3b96e5a5fb7125691626a56f4ab83
Reviewed-on: https://chromium-review.googlesource.com/591810
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47049}
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/BUILD.gn
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/heap/heap.cc
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/heap/heap.h
[add] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/heap/invalidated-slots-inl.h
[add] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/heap/invalidated-slots.cc
[add] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/heap/invalidated-slots.h
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/heap/mark-compact.cc
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/heap/remembered-set.h
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/heap/spaces.cc
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/heap/spaces.h
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/objects.cc
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/runtime/runtime-object.cc
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/src/v8.gyp
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/test/cctest/BUILD.gn
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/test/cctest/cctest.gyp
[modify] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/test/cctest/heap/heap-tester.h
[add] https://crrev.com/7a5a777c97ed2cce2aa1b7c554646519e23bd05c/test/cctest/heap/test-invalidated-slots.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/5337b905ce144601ef64abcec94512fd1f06dc9f

commit 5337b905ce144601ef64abcec94512fd1f06dc9f
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Aug 01 17:30:04 2017

[heap] Record slots in concurrent marker and enable compaction.

BUG= chromium:694255 

Change-Id: I25ac134ea2e6f9af13f18e2da819b6d368497646
Reviewed-on: https://chromium-review.googlesource.com/593009
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47051}
[modify] https://crrev.com/5337b905ce144601ef64abcec94512fd1f06dc9f/src/flag-definitions.h
[modify] https://crrev.com/5337b905ce144601ef64abcec94512fd1f06dc9f/src/heap/concurrent-marking.cc
[modify] https://crrev.com/5337b905ce144601ef64abcec94512fd1f06dc9f/src/heap/heap.cc
[modify] https://crrev.com/5337b905ce144601ef64abcec94512fd1f06dc9f/src/heap/mark-compact-inl.h
[modify] https://crrev.com/5337b905ce144601ef64abcec94512fd1f06dc9f/src/heap/mark-compact.cc
[modify] https://crrev.com/5337b905ce144601ef64abcec94512fd1f06dc9f/src/heap/mark-compact.h
[modify] https://crrev.com/5337b905ce144601ef64abcec94512fd1f06dc9f/src/heap/objects-visiting.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0

commit c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Aug 01 18:13:41 2017

Revert "[heap] Add mechanism for tracking invalidated slots per memory chunk."

This reverts commit 7a5a777c97ed2cce2aa1b7c554646519e23bd05c.

Reason for revert: crashing in test-api

Original change's description:
> [heap] Add mechanism for tracking invalidated slots per memory chunk.
> 
> For correct slots recording in concurrent marker, we need to resolve
> the race that happens when
> 1) the mutator is invalidating slots for double unboxing or string
> conversions
> 2) and the concurrent marker is recording these slots.
> 
> This patch adds a data-structure for tracking the invalidated objects.
> Thus we can allow the concurrent marker to record slots without
> worrying about clearing them. During old-to-old pointer updating phase
> we re-check all slots that belong to the invalidated objects.
> 
> BUG= chromium:694255 
> 
> Change-Id: Ifc3d82918cd3b96e5a5fb7125691626a56f4ab83
> Reviewed-on: https://chromium-review.googlesource.com/591810
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47049}

TBR=ulan@chromium.org,mlippautz@chromium.org

Change-Id: I7f4f8e8cb027b921a82e9c0a0623536af02581fb
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:694255 
Reviewed-on: https://chromium-review.googlesource.com/595994
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47052}
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/BUILD.gn
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/src/heap/heap.cc
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/src/heap/heap.h
[delete] https://crrev.com/5337b905ce144601ef64abcec94512fd1f06dc9f/src/heap/invalidated-slots-inl.h
[delete] https://crrev.com/5337b905ce144601ef64abcec94512fd1f06dc9f/src/heap/invalidated-slots.cc
[delete] https://crrev.com/5337b905ce144601ef64abcec94512fd1f06dc9f/src/heap/invalidated-slots.h
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/src/heap/mark-compact.cc
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/src/heap/remembered-set.h
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/src/heap/spaces.cc
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/src/heap/spaces.h
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/src/objects.cc
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/src/runtime/runtime-object.cc
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/src/v8.gyp
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/test/cctest/BUILD.gn
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/test/cctest/cctest.gyp
[modify] https://crrev.com/c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0/test/cctest/heap/heap-tester.h
[delete] https://crrev.com/5337b905ce144601ef64abcec94512fd1f06dc9f/test/cctest/heap/test-invalidated-slots.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/2614b26b449cb6b7508d31237b9e217a584bc939

commit 2614b26b449cb6b7508d31237b9e217a584bc939
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Aug 01 18:14:50 2017

[heap] Disable compaction for concurrent marking.

7a5a777 is going to be reverted and compaction depends on it.

BUG= chromium:694255 
TBR=ulan@chromium.org,mlippautz@chromium.org

No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Change-Id: I975ea597860dd63e543b69bdc787c6667b015567
Reviewed-on: https://chromium-review.googlesource.com/595993
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47053}
[modify] https://crrev.com/2614b26b449cb6b7508d31237b9e217a584bc939/src/flag-definitions.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/638343afd28e602e6510e9d0f6815523fe14361e

commit 638343afd28e602e6510e9d0f6815523fe14361e
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Aug 01 18:38:20 2017

[heap] Revert remaining parts of 5337b9

BUG= chromium:694255 
TBR=ulan@chromium.org,mlippautz@chromium.org

No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Change-Id: I832014d423335514cf1564984832b7a4e2c104ad
Reviewed-on: https://chromium-review.googlesource.com/595984
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47057}
[modify] https://crrev.com/638343afd28e602e6510e9d0f6815523fe14361e/src/heap/heap.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/d4a742fdf16598872944c4378e41b59f35c1f9d6

commit d4a742fdf16598872944c4378e41b59f35c1f9d6
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Aug 02 08:46:56 2017

Reland "[heap] Add mechanism for tracking invalidated slots per memory chunk."

This reverts commit c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0.

Original change's description:
> [heap] Add mechanism for tracking invalidated slots per memory chunk.

> For correct slots recording in concurrent marker, we need to resolve
> the race that happens when
> 1) the mutator is invalidating slots for double unboxing or string
> conversions
> 2) and the concurrent marker is recording these slots.

> This patch adds a data-structure for tracking the invalidated objects.
> Thus we can allow the concurrent marker to record slots without
> worrying about clearing them. During old-to-old pointer updating phase
> we re-check all slots that belong to the invalidated objects.

BUG= chromium:694255 

Change-Id: Idf8927d162377a7bbdff34f81a87e52db27d6a9f
Reviewed-on: https://chromium-review.googlesource.com/596868
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47068}
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/BUILD.gn
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/heap/heap.cc
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/heap/heap.h
[add] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/heap/invalidated-slots-inl.h
[add] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/heap/invalidated-slots.cc
[add] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/heap/invalidated-slots.h
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/heap/mark-compact.cc
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/heap/remembered-set.h
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/heap/spaces.cc
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/heap/spaces.h
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/objects.cc
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/runtime/runtime-object.cc
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/src/v8.gyp
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/test/cctest/BUILD.gn
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/test/cctest/cctest.gyp
[modify] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/test/cctest/heap/heap-tester.h
[add] https://crrev.com/d4a742fdf16598872944c4378e41b59f35c1f9d6/test/cctest/heap/test-invalidated-slots.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/3fe14218583f58ac989a97b8aec02f82fd36e3f2

commit 3fe14218583f58ac989a97b8aec02f82fd36e3f2
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Aug 02 08:51:56 2017

[heap] Add manual GC scope to test-array-buffer-tracker tests.

These tests perform GC manually which does not work well with concurrent
marking and stress incremental marking flags.

BUG= chromium:694255 

Change-Id: I43e32957bf37053e0d3af07afa00b8bb40935ebd
Reviewed-on: https://chromium-review.googlesource.com/596887
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47070}
[modify] https://crrev.com/3fe14218583f58ac989a97b8aec02f82fd36e3f2/test/cctest/heap/test-array-buffer-tracker.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/6fde541d4cd32e2946b95b503c54ee6e32f92ebe

commit 6fde541d4cd32e2946b95b503c54ee6e32f92ebe
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Aug 02 11:38:20 2017

Revert "Reland "[heap] Add mechanism for tracking invalidated slots per memory chunk.""

This reverts commit d4a742fdf16598872944c4378e41b59f35c1f9d6.

Reason for revert: gc-stress failures

Original change's description:
> Reland "[heap] Add mechanism for tracking invalidated slots per memory chunk."
> 
> This reverts commit c59b81d7b8e0062afdbbdb9b72bebaf8b056ccc0.
> 
> Original change's description:
> > [heap] Add mechanism for tracking invalidated slots per memory chunk.
> 
> > For correct slots recording in concurrent marker, we need to resolve
> > the race that happens when
> > 1) the mutator is invalidating slots for double unboxing or string
> > conversions
> > 2) and the concurrent marker is recording these slots.
> 
> > This patch adds a data-structure for tracking the invalidated objects.
> > Thus we can allow the concurrent marker to record slots without
> > worrying about clearing them. During old-to-old pointer updating phase
> > we re-check all slots that belong to the invalidated objects.
> 
> BUG= chromium:694255 
> 
> Change-Id: Idf8927d162377a7bbdff34f81a87e52db27d6a9f
> Reviewed-on: https://chromium-review.googlesource.com/596868
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47068}

TBR=ulan@chromium.org,mlippautz@chromium.org

Change-Id: I81c6059a092cc5834acd799c51fd30dc0ecf5b27
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:694255 
Reviewed-on: https://chromium-review.googlesource.com/597787
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47078}
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/BUILD.gn
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/src/heap/heap.cc
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/src/heap/heap.h
[delete] https://crrev.com/33cac84c73e639fbe73aa3f33dc1485aa2c2f5ac/src/heap/invalidated-slots-inl.h
[delete] https://crrev.com/33cac84c73e639fbe73aa3f33dc1485aa2c2f5ac/src/heap/invalidated-slots.cc
[delete] https://crrev.com/33cac84c73e639fbe73aa3f33dc1485aa2c2f5ac/src/heap/invalidated-slots.h
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/src/heap/mark-compact.cc
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/src/heap/remembered-set.h
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/src/heap/spaces.cc
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/src/heap/spaces.h
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/src/objects.cc
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/src/runtime/runtime-object.cc
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/src/v8.gyp
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/test/cctest/BUILD.gn
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/test/cctest/cctest.gyp
[modify] https://crrev.com/6fde541d4cd32e2946b95b503c54ee6e32f92ebe/test/cctest/heap/heap-tester.h
[delete] https://crrev.com/33cac84c73e639fbe73aa3f33dc1485aa2c2f5ac/test/cctest/heap/test-invalidated-slots.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/0a9d51509595976df75178907228fa9ee5d46b85

commit 0a9d51509595976df75178907228fa9ee5d46b85
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Aug 02 14:29:31 2017

Reland^2 "[heap] Add mechanism for tracking invalidated slots per memory chunk."

This reverts commit 6fde541d4cd32e2946b95b503c54ee6e32f92ebe.

Bug:  chromium:694255 
Change-Id: I4670d0de3d2749afbb3bdb8dc5418822a885330c
Reviewed-on: https://chromium-review.googlesource.com/597850
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47083}
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/BUILD.gn
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/heap.cc
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/heap.h
[add] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/invalidated-slots-inl.h
[add] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/invalidated-slots.cc
[add] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/invalidated-slots.h
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/mark-compact.cc
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/remembered-set.h
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/spaces.cc
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/spaces.h
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/objects.cc
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/runtime/runtime-object.cc
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/v8.gyp
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/test/cctest/BUILD.gn
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/test/cctest/cctest.gyp
[modify] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/test/cctest/heap/heap-tester.h
[add] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/test/cctest/heap/test-invalidated-slots.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/b9acf4ededf108a5c0243d221c3522dd26abfcbf

commit b9acf4ededf108a5c0243d221c3522dd26abfcbf
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Aug 02 15:12:24 2017

Revert "Reland^2 "[heap] Add mechanism for tracking invalidated slots per memory chunk.""

This reverts commit 0a9d51509595976df75178907228fa9ee5d46b85.

Reason for revert: another gc-stress failure

Original change's description:
> Reland^2 "[heap] Add mechanism for tracking invalidated slots per memory chunk."
> 
> This reverts commit 6fde541d4cd32e2946b95b503c54ee6e32f92ebe.
> 
> Bug:  chromium:694255 
> Change-Id: I4670d0de3d2749afbb3bdb8dc5418822a885330c
> Reviewed-on: https://chromium-review.googlesource.com/597850
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47083}

TBR=ulan@chromium.org,mlippautz@chromium.org

Change-Id: Iaabf4586e0297dccb1ab4ef180b6f1eea173273b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:694255 
Reviewed-on: https://chromium-review.googlesource.com/598094
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47084}
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/BUILD.gn
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/src/heap/heap.cc
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/src/heap/heap.h
[delete] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/invalidated-slots-inl.h
[delete] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/invalidated-slots.cc
[delete] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/src/heap/invalidated-slots.h
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/src/heap/mark-compact.cc
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/src/heap/remembered-set.h
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/src/heap/spaces.cc
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/src/heap/spaces.h
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/src/objects.cc
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/src/runtime/runtime-object.cc
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/src/v8.gyp
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/test/cctest/BUILD.gn
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/test/cctest/cctest.gyp
[modify] https://crrev.com/b9acf4ededf108a5c0243d221c3522dd26abfcbf/test/cctest/heap/heap-tester.h
[delete] https://crrev.com/0a9d51509595976df75178907228fa9ee5d46b85/test/cctest/heap/test-invalidated-slots.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/35c923cc10a7bfb47b95dca4c2bdd07891c46605

commit 35c923cc10a7bfb47b95dca4c2bdd07891c46605
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Aug 02 17:13:01 2017

[heap] Add support for atomic access to page flags.

This patch renames AsAtomicWord to AsAtomicPointer and
adds new AsAtomicWord that works with intptr_t.

Slot recording uses atomic page flag accessors.

BUG= chromium:694255 

Change-Id: I1c692813244b41320182e9eea50462d1802fcd98
Reviewed-on: https://chromium-review.googlesource.com/597688
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47086}
[modify] https://crrev.com/35c923cc10a7bfb47b95dca4c2bdd07891c46605/src/base/atomic-utils.h
[modify] https://crrev.com/35c923cc10a7bfb47b95dca4c2bdd07891c46605/src/globals.h
[modify] https://crrev.com/35c923cc10a7bfb47b95dca4c2bdd07891c46605/src/heap/concurrent-marking.cc
[modify] https://crrev.com/35c923cc10a7bfb47b95dca4c2bdd07891c46605/src/heap/heap.cc
[modify] https://crrev.com/35c923cc10a7bfb47b95dca4c2bdd07891c46605/src/heap/mark-compact-inl.h
[modify] https://crrev.com/35c923cc10a7bfb47b95dca4c2bdd07891c46605/src/heap/mark-compact.cc
[modify] https://crrev.com/35c923cc10a7bfb47b95dca4c2bdd07891c46605/src/heap/scavenger-inl.h
[modify] https://crrev.com/35c923cc10a7bfb47b95dca4c2bdd07891c46605/src/heap/slot-set.h
[modify] https://crrev.com/35c923cc10a7bfb47b95dca4c2bdd07891c46605/src/heap/spaces.cc
[modify] https://crrev.com/35c923cc10a7bfb47b95dca4c2bdd07891c46605/src/heap/spaces.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/74b1cbbd865e99b5bfba9982ecafb71463263fbb

commit 74b1cbbd865e99b5bfba9982ecafb71463263fbb
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Aug 02 20:07:08 2017

Revert "[heap] Add support for atomic access to page flags."

This reverts commit 35c923cc10a7bfb47b95dca4c2bdd07891c46605.

Reason for revert: speculative revert for GC stress failure

Original change's description:
> [heap] Add support for atomic access to page flags.
> 
> This patch renames AsAtomicWord to AsAtomicPointer and
> adds new AsAtomicWord that works with intptr_t.
> 
> Slot recording uses atomic page flag accessors.
> 
> BUG= chromium:694255 
> 
> Change-Id: I1c692813244b41320182e9eea50462d1802fcd98
> Reviewed-on: https://chromium-review.googlesource.com/597688
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47086}

TBR=ulan@chromium.org,mlippautz@chromium.org

Change-Id: Id77ce7970c54a55646c072787e88311f6f3e6e91
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:694255 
Reviewed-on: https://chromium-review.googlesource.com/598967
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47094}
[modify] https://crrev.com/74b1cbbd865e99b5bfba9982ecafb71463263fbb/src/base/atomic-utils.h
[modify] https://crrev.com/74b1cbbd865e99b5bfba9982ecafb71463263fbb/src/globals.h
[modify] https://crrev.com/74b1cbbd865e99b5bfba9982ecafb71463263fbb/src/heap/concurrent-marking.cc
[modify] https://crrev.com/74b1cbbd865e99b5bfba9982ecafb71463263fbb/src/heap/heap.cc
[modify] https://crrev.com/74b1cbbd865e99b5bfba9982ecafb71463263fbb/src/heap/mark-compact-inl.h
[modify] https://crrev.com/74b1cbbd865e99b5bfba9982ecafb71463263fbb/src/heap/mark-compact.cc
[modify] https://crrev.com/74b1cbbd865e99b5bfba9982ecafb71463263fbb/src/heap/scavenger-inl.h
[modify] https://crrev.com/74b1cbbd865e99b5bfba9982ecafb71463263fbb/src/heap/slot-set.h
[modify] https://crrev.com/74b1cbbd865e99b5bfba9982ecafb71463263fbb/src/heap/spaces.cc
[modify] https://crrev.com/74b1cbbd865e99b5bfba9982ecafb71463263fbb/src/heap/spaces.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/d27e449e82ec4826e56dcfa0b39eb9941e9d88f7

commit d27e449e82ec4826e56dcfa0b39eb9941e9d88f7
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Aug 03 14:11:09 2017

Reland "[heap] Add support for atomic access to page flags."

This is a reland of 35c923cc10a7bfb47b95dca4c2bdd07891c46605
Original change's description:
> [heap] Add support for atomic access to page flags.
> 
> This patch renames AsAtomicWord to AsAtomicPointer and
> adds new AsAtomicWord that works with intptr_t.
> 
> Slot recording uses atomic page flag accessors.
> 
> BUG= chromium:694255 
> 
> Change-Id: I1c692813244b41320182e9eea50462d1802fcd98
> Reviewed-on: https://chromium-review.googlesource.com/597688
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47086}

Bug:  chromium:694255 
Change-Id: I36780ff4001e068815d4be1e16cd06f1a4f98d13
Reviewed-on: https://chromium-review.googlesource.com/599909
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47131}
[modify] https://crrev.com/d27e449e82ec4826e56dcfa0b39eb9941e9d88f7/src/base/atomic-utils.h
[modify] https://crrev.com/d27e449e82ec4826e56dcfa0b39eb9941e9d88f7/src/globals.h
[modify] https://crrev.com/d27e449e82ec4826e56dcfa0b39eb9941e9d88f7/src/heap/concurrent-marking.cc
[modify] https://crrev.com/d27e449e82ec4826e56dcfa0b39eb9941e9d88f7/src/heap/heap.cc
[modify] https://crrev.com/d27e449e82ec4826e56dcfa0b39eb9941e9d88f7/src/heap/mark-compact-inl.h
[modify] https://crrev.com/d27e449e82ec4826e56dcfa0b39eb9941e9d88f7/src/heap/mark-compact.cc
[modify] https://crrev.com/d27e449e82ec4826e56dcfa0b39eb9941e9d88f7/src/heap/scavenger-inl.h
[modify] https://crrev.com/d27e449e82ec4826e56dcfa0b39eb9941e9d88f7/src/heap/slot-set.h
[modify] https://crrev.com/d27e449e82ec4826e56dcfa0b39eb9941e9d88f7/src/heap/spaces.cc
[modify] https://crrev.com/d27e449e82ec4826e56dcfa0b39eb9941e9d88f7/src/heap/spaces.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/b77115a0affe4b54d5cd6219694d1db9b8e58ae7

commit b77115a0affe4b54d5cd6219694d1db9b8e58ae7
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Aug 03 14:38:19 2017

Reland^3 "[heap] Add mechanism for tracking invalidated slots per memory chunk."

This reverts commit b9acf4ededf108a5c0243d221c3522dd26abfcbf.

Bug:  chromium:694255 
Change-Id: I62766e8b32cfa16af39a28ad07fecd72441ad8cd
Reviewed-on: https://chromium-review.googlesource.com/598468
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47132}
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/BUILD.gn
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/heap/heap.cc
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/heap/heap.h
[add] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/heap/invalidated-slots-inl.h
[add] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/heap/invalidated-slots.cc
[add] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/heap/invalidated-slots.h
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/heap/mark-compact.cc
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/heap/remembered-set.h
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/heap/spaces.cc
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/heap/spaces.h
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/objects.cc
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/runtime/runtime-object.cc
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/src/v8.gyp
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/test/cctest/BUILD.gn
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/test/cctest/cctest.gyp
[modify] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/test/cctest/heap/heap-tester.h
[add] https://crrev.com/b77115a0affe4b54d5cd6219694d1db9b8e58ae7/test/cctest/heap/test-invalidated-slots.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/e625f4b66d87005ea4650277bf8640e533a57697

commit e625f4b66d87005ea4650277bf8640e533a57697
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Aug 03 18:27:42 2017

[heap] Fix InvalidatedSlotsFilter.

On advancing the iterator we need to reset the current object,
so that it can be lazily reloaded later on.

TBR=mlippautz@chromium.org

Bug:  chromium:694255 
Change-Id: If7ddd8670df9d11837f491503312919b55b451fe
Reviewed-on: https://chromium-review.googlesource.com/600687
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47142}
[modify] https://crrev.com/e625f4b66d87005ea4650277bf8640e533a57697/src/heap/invalidated-slots-inl.h
[modify] https://crrev.com/e625f4b66d87005ea4650277bf8640e533a57697/test/cctest/heap/heap-tester.h
[modify] https://crrev.com/e625f4b66d87005ea4650277bf8640e533a57697/test/cctest/heap/test-invalidated-slots.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/4598d17ac639197a0604c7856588bfaa4abd4747

commit 4598d17ac639197a0604c7856588bfaa4abd4747
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 04 07:58:12 2017

[heap] Replace compile time flag with runtime flag for parts of
concurrent marker.

Bug:  chromium:694255 
Change-Id: I973ba8df7a4afc5f58ede02f3f6d043cf7038784
Reviewed-on: https://chromium-review.googlesource.com/600970
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47153}
[modify] https://crrev.com/4598d17ac639197a0604c7856588bfaa4abd4747/src/heap/heap.cc
[modify] https://crrev.com/4598d17ac639197a0604c7856588bfaa4abd4747/src/heap/incremental-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/56f392292cbf5e343f080e6a924ee16001002f75

commit 56f392292cbf5e343f080e6a924ee16001002f75
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 04 08:22:53 2017

[heap] Enable compaction for concurrent marking.

Bug:  chromium:694255 
Change-Id: Id1ae4eb069a4ba79a35f1bb6b2bc2b1c445edb96
Reviewed-on: https://chromium-review.googlesource.com/600969
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47155}
[modify] https://crrev.com/56f392292cbf5e343f080e6a924ee16001002f75/src/flag-definitions.h
[modify] https://crrev.com/56f392292cbf5e343f080e6a924ee16001002f75/src/heap/heap.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/82202251b4d8bd40c6094b0e2fc526d88a93bfa6

commit 82202251b4d8bd40c6094b0e2fc526d88a93bfa6
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 07 08:49:00 2017

[heap] Improve concurrent marking pausing protocol.

This patch allows the concurrent marker to process more objects before
checking for the interrupt request from the main thread.

Bug:  chromium:694255 
TBR: mlippautz@chromium.org
Change-Id: I876d3156ca9843196f2fdddbd8bd28d1a3f472b1
Reviewed-on: https://chromium-review.googlesource.com/602131
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47182}
[modify] https://crrev.com/82202251b4d8bd40c6094b0e2fc526d88a93bfa6/BUILD.gn
[modify] https://crrev.com/82202251b4d8bd40c6094b0e2fc526d88a93bfa6/src/heap/concurrent-marking.cc
[modify] https://crrev.com/82202251b4d8bd40c6094b0e2fc526d88a93bfa6/src/heap/concurrent-marking.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/a90f361fdc476537fc9fcf309d880d4152a98d01

commit a90f361fdc476537fc9fcf309d880d4152a98d01
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 07 09:00:53 2017

[heap] Speed up Worklist::IsGlobalPoolEmpty check.

This patch makes the check lock-free. When concurrent marking is on,
the main thread checks two marking worklist: bailout and shared.

Often the bailout worklist empty, so the emptiness check is in hot path.

Bug:  chromium:694255 
TBR: mlippautz@chromium.org
Change-Id: I5c92ea3fb6c5300d653fbd27b536241851231f24
Reviewed-on: https://chromium-review.googlesource.com/602351
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47184}
[modify] https://crrev.com/a90f361fdc476537fc9fcf309d880d4152a98d01/src/heap/worklist.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/20d4840e557a88ee4b6bf583632844e439507354

commit 20d4840e557a88ee4b6bf583632844e439507354
Author: Jakob Gruber <jgruber@chromium.org>
Date: Mon Aug 07 09:26:55 2017

Revert "[heap] Improve concurrent marking pausing protocol."

This reverts commit 82202251b4d8bd40c6094b0e2fc526d88a93bfa6.

Reason for revert: https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/14346/steps/Mjsunit/logs/large-object-literal-..
Original change's description:
> [heap] Improve concurrent marking pausing protocol.
> 
> This patch allows the concurrent marker to process more objects before
> checking for the interrupt request from the main thread.
> 
> Bug:  chromium:694255 
> TBR: mlippautz@chromium.org
> Change-Id: I876d3156ca9843196f2fdddbd8bd28d1a3f472b1
> Reviewed-on: https://chromium-review.googlesource.com/602131
> Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47182}

TBR=ulan@chromium.org,mlippautz@chromium.org

Change-Id: I92ef49c4fb51468d5b5d689abbe5323f3637f1e6
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:694255 
Reviewed-on: https://chromium-review.googlesource.com/603327
Reviewed-by: Jakob Gruber <jgruber@chromium.org>
Commit-Queue: Jakob Gruber <jgruber@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47187}
[modify] https://crrev.com/20d4840e557a88ee4b6bf583632844e439507354/BUILD.gn
[modify] https://crrev.com/20d4840e557a88ee4b6bf583632844e439507354/src/heap/concurrent-marking.cc
[modify] https://crrev.com/20d4840e557a88ee4b6bf583632844e439507354/src/heap/concurrent-marking.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/e1e423c32c3fe6367e9bbf381b20079b60986c16

commit e1e423c32c3fe6367e9bbf381b20079b60986c16
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 07 09:28:02 2017

[heap] Disable concurrent marking.

It was accidentally enabled in 82202251b4d8

Bug:  chromium:694255 
TBR: mlippautz@chromium.org
Change-Id: I7febb8528a5116cfd43efdc41208db33841da495
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/603308
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47188}

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/4455db16722d3fd501a1b940d17cd325f065c5e2

commit 4455db16722d3fd501a1b940d17cd325f065c5e2
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 07 10:16:02 2017

Reland "[heap] Improve concurrent marking pausing protocol."

This reverts commit 20d4840e557a88ee4b6bf583632844e439507354.

Bug:  chromium:694255 
TBR: mlippautz@chromium.rg
Change-Id: Ie7743ca5607e6ab6d7f5683180c698d0c08fcd66
Reviewed-on: https://chromium-review.googlesource.com/603367
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47189}
[modify] https://crrev.com/4455db16722d3fd501a1b940d17cd325f065c5e2/src/heap/concurrent-marking.cc
[modify] https://crrev.com/4455db16722d3fd501a1b940d17cd325f065c5e2/src/heap/concurrent-marking.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca

commit 4af9cfccf601f512b0fa6d9d5042684d66e2e9ca
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Aug 10 17:28:03 2017

[heap] Refactor object marking state.

This patch merges ObjectMarking and MarkingState. The new marking state
encapsulates object marking, live byte tracking, and access atomicity.

The old ObjectMarking calls are now replaced with calls to marking
state. For example:
ObjectMarking::WhiteToGrey<kAtomicity>(obj, marking_state(obj)
becomes
marking_state()->WhiteToGrey(obj)

This simplifies custom handling of live bytes and allows to chose
atomicity of markbit accesses depending on collector's state.

This also decouples marking bitmap from the marking code, which will
allows in future to use different data-structure for mark-bits.

Bug:  chromium:694255 
Change-Id: Ifb4bc0144187bac1c08f6bc74a9d5c618fe77740
Reviewed-on: https://chromium-review.googlesource.com/602132
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47288}
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/array-buffer-tracker-inl.h
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/array-buffer-tracker.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/array-buffer-tracker.h
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/concurrent-marking.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/heap.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/incremental-marking-inl.h
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/incremental-marking.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/incremental-marking.h
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/mark-compact-inl.h
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/mark-compact.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/mark-compact.h
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/object-stats.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/object-stats.h
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/objects-visiting-inl.h
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/scavenger-inl.h
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/scavenger.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/spaces.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/heap/spaces.h
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/src/objects-inl.h
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/test/cctest/heap/test-compaction.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/test/cctest/heap/test-heap.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/test/cctest/heap/test-mark-compact.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/test/cctest/heap/test-page-promotion.cc
[modify] https://crrev.com/4af9cfccf601f512b0fa6d9d5042684d66e2e9ca/test/cctest/test-unboxed-doubles.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/a7ab836aba387050d1d0bfc33af9893f83028136

commit a7ab836aba387050d1d0bfc33af9893f83028136
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Aug 10 18:46:40 2017

[heap] Fix atomicity of IncrementalMarking::TransferColor.

Bug:  chromium:694255 
TBR: mlippautz@chromium.org
Change-Id: Ie9f2f7bff8ada297b1d078947f073eaf62ac0649
Reviewed-on: https://chromium-review.googlesource.com/610782
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47293}
[modify] https://crrev.com/a7ab836aba387050d1d0bfc33af9893f83028136/src/heap/incremental-marking.cc
[modify] https://crrev.com/a7ab836aba387050d1d0bfc33af9893f83028136/src/heap/incremental-marking.h
[modify] https://crrev.com/a7ab836aba387050d1d0bfc33af9893f83028136/src/heap/mark-compact.cc
[modify] https://crrev.com/a7ab836aba387050d1d0bfc33af9893f83028136/src/heap/mark-compact.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/468d5faa6b245d4f547e3fca32d41e1b14d8e2f8

commit 468d5faa6b245d4f547e3fca32d41e1b14d8e2f8
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Aug 10 19:46:06 2017

[heap] Fix atomicity of IterateAndScavengePromotedObject

Bug:  chromium:694255 
TBR: mlippautz@chromium.org
No-Tree-Checks: true
No-Try: true
Change-Id: I720dcc79c4cb8c1cbd7dd6e6de4c6113c363b2f0
Reviewed-on: https://chromium-review.googlesource.com/610561
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47295}
[modify] https://crrev.com/468d5faa6b245d4f547e3fca32d41e1b14d8e2f8/src/heap/scavenger.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/1e182fd4463621877f080f2d8f79964b6679b5e6

commit 1e182fd4463621877f080f2d8f79964b6679b5e6
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 11 08:05:31 2017

Revert "[heap, runtime] Avoid redundant clearing of slots outside an object."

This reverts commit 3f820ebb0b1920d3773ad0c5256ae299fedf9542.

Revert "[heap, runtime] Avoid redundant clearing of slots in a trimmed array."

This reverts commit ed76f17b15fbc7c2b63391a47ab55f2f5207ee8e.

Reason: canary crashes.

Bug: chromium:752750,  chromium:694255 
TBR: mlippautz@chromium.org
Change-Id: I57c533e8a3db5f28e7659c5f326fa343627a3ff7
Reviewed-on: https://chromium-review.googlesource.com/607868
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47300}
[modify] https://crrev.com/1e182fd4463621877f080f2d8f79964b6679b5e6/src/heap/heap.cc
[modify] https://crrev.com/1e182fd4463621877f080f2d8f79964b6679b5e6/src/objects.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/d9a036317c87afd5e255f700382f5d4db63b5822

commit d9a036317c87afd5e255f700382f5d4db63b5822
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 11 09:11:20 2017

[heap] Track transition arrays using worklists.

This allows handling transitions arrays in concurrent marking

Bug:  chromium:694255 
Change-Id: I28196fccbf03bfba7d7dada1884813be372ddb54
Reviewed-on: https://chromium-review.googlesource.com/610961
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47303}
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/heap/concurrent-marking.cc
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/heap/concurrent-marking.h
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/heap/heap.cc
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/heap/heap.h
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/heap/mark-compact.cc
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/heap/mark-compact.h
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/heap/objects-visiting-inl.h
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/objects-debug.cc
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/objects-printer.cc
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/transitions-inl.h
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/transitions.cc
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/src/transitions.h
[modify] https://crrev.com/d9a036317c87afd5e255f700382f5d4db63b5822/test/cctest/heap/test-concurrent-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/9f97606ebc6b1f8172b7753d525f382c37c5f2cb

commit 9f97606ebc6b1f8172b7753d525f382c37c5f2cb
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 11 10:51:49 2017

[heap] Fix initialization order of MC collectors after 4af9cfccf601.

This fixes the UBSAN failures on the bot.

Bug:  chromium:694255 
Change-Id: I7fc169bc526e71444ce52eba0285a8cafe9d902d
Reviewed-on: https://chromium-review.googlesource.com/612167
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47306}
[modify] https://crrev.com/9f97606ebc6b1f8172b7753d525f382c37c5f2cb/src/heap/heap.cc
[modify] https://crrev.com/9f97606ebc6b1f8172b7753d525f382c37c5f2cb/src/heap/mark-compact.cc
[modify] https://crrev.com/9f97606ebc6b1f8172b7753d525f382c37c5f2cb/src/heap/mark-compact.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/470e8024defc71d52d7a34dbc30ada3bf45e81b8

commit 470e8024defc71d52d7a34dbc30ada3bf45e81b8
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 11 12:47:35 2017

[base] Introduce AsAtomic8 helper class.

This class provides byte level CAS operation using word level CAS.

Bug:  chromium:694255 
Change-Id: I39e661ee8d11e3f61fd5cb64c36f8f5ee94d1244
Reviewed-on: https://chromium-review.googlesource.com/612170
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47311}
[modify] https://crrev.com/470e8024defc71d52d7a34dbc30ada3bf45e81b8/src/base/atomic-utils.h
[modify] https://crrev.com/470e8024defc71d52d7a34dbc30ada3bf45e81b8/test/unittests/base/atomic-utils-unittest.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/00f21d3d487da27f15a337a1c04f60f1610762e8

commit 00f21d3d487da27f15a337a1c04f60f1610762e8
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 11 14:39:55 2017

[heap] Remove custom SharedFunctionInfo marking visitors.

Shared function info marking is now side-effect free, so can be handled
by base HeapVisitor.

Concurrent marker does not bailout on shared function infos.

Bug:  chromium:694255 
Change-Id: I41efece68f6758219fca318deb97a7f163ee9638
Reviewed-on: https://chromium-review.googlesource.com/608700
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47315}
[modify] https://crrev.com/00f21d3d487da27f15a337a1c04f60f1610762e8/src/heap/concurrent-marking.cc
[modify] https://crrev.com/00f21d3d487da27f15a337a1c04f60f1610762e8/src/heap/objects-visiting-inl.h
[modify] https://crrev.com/00f21d3d487da27f15a337a1c04f60f1610762e8/src/heap/objects-visiting.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/a7c7e8f64eb26db7eb48d8aab831f8ef0b738ec6

commit a7c7e8f64eb26db7eb48d8aab831f8ef0b738ec6
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 11 15:32:35 2017

[heap] Handle bytecode arrays in concurrent marker.

Bytecode array visitor has a side-effect of incrementing the age counter.

This patch makes the increment atomic and thus safe for the concurrent
marker.

Bug:  chromium:694255 
Change-Id: I36c65b02ace8d366206bd8295e72aaa19742ed56
Reviewed-on: https://chromium-review.googlesource.com/610001
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47317}
[modify] https://crrev.com/a7c7e8f64eb26db7eb48d8aab831f8ef0b738ec6/src/heap/concurrent-marking.cc
[modify] https://crrev.com/a7c7e8f64eb26db7eb48d8aab831f8ef0b738ec6/src/objects-inl.h
[modify] https://crrev.com/a7c7e8f64eb26db7eb48d8aab831f8ef0b738ec6/src/objects.cc
[modify] https://crrev.com/a7c7e8f64eb26db7eb48d8aab831f8ef0b738ec6/src/objects/object-macros.h
[modify] https://crrev.com/a7c7e8f64eb26db7eb48d8aab831f8ef0b738ec6/test/cctest/heap/test-heap.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/a241576fa14af5a5fcc357a23d2fb18504ade702

commit a241576fa14af5a5fcc357a23d2fb18504ade702
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 11 16:50:39 2017

Revert "[heap] Handle bytecode arrays in concurrent marker."

This reverts commit a7c7e8f64eb26db7eb48d8aab831f8ef0b738ec6.

Reason for revert: TSAN failures.

Original change's description:
> [heap] Handle bytecode arrays in concurrent marker.
> 
> Bytecode array visitor has a side-effect of incrementing the age counter.
> 
> This patch makes the increment atomic and thus safe for the concurrent
> marker.
> 
> Bug:  chromium:694255 
> Change-Id: I36c65b02ace8d366206bd8295e72aaa19742ed56
> Reviewed-on: https://chromium-review.googlesource.com/610001
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47317}

TBR=ulan@chromium.org,rmcilroy@chromium.org

Change-Id: Iceff1e5925bb6ad7c03f858aa2f1fa62240f6909
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:694255 
Reviewed-on: https://chromium-review.googlesource.com/612069
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47319}
[modify] https://crrev.com/a241576fa14af5a5fcc357a23d2fb18504ade702/src/heap/concurrent-marking.cc
[modify] https://crrev.com/a241576fa14af5a5fcc357a23d2fb18504ade702/src/objects-inl.h
[modify] https://crrev.com/a241576fa14af5a5fcc357a23d2fb18504ade702/src/objects.cc
[modify] https://crrev.com/a241576fa14af5a5fcc357a23d2fb18504ade702/src/objects/object-macros.h
[modify] https://crrev.com/a241576fa14af5a5fcc357a23d2fb18504ade702/test/cctest/heap/test-heap.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/eaf7ec9d1598b83c72f175d224d16fa31b4980b3

commit eaf7ec9d1598b83c72f175d224d16fa31b4980b3
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 14 11:46:56 2017

[heap] Process strong fields of maps in concurrent marker.

Bug:  chromium:694255 
TBR: mlippautz@chromium.org
Change-Id: I207fd28c2e19637f45da3735284c8ca223b33481
Reviewed-on: https://chromium-review.googlesource.com/610562
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47333}
[modify] https://crrev.com/eaf7ec9d1598b83c72f175d224d16fa31b4980b3/src/heap/concurrent-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/a88f740f9e373108ee480f561e4ba1ca4422eb0f

commit a88f740f9e373108ee480f561e4ba1ca4422eb0f
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 14 11:54:06 2017

[heap] Fix StartBlackAllocationForTesting.

The function shouldn't try to start black allocation if it is already
started.

Bug:  chromium:694255 
TBR: mlippautz@chromium.org
Change-Id: I77b5346f6ac2ec5947ca4351a8abe33865729fda
Reviewed-on: https://chromium-review.googlesource.com/612385
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47334}
[modify] https://crrev.com/a88f740f9e373108ee480f561e4ba1ca4422eb0f/src/heap/incremental-marking.cc
[modify] https://crrev.com/a88f740f9e373108ee480f561e4ba1ca4422eb0f/src/heap/incremental-marking.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd

commit 19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 14 12:18:37 2017

[heap] Refactor object marking state (part 2).

This follows up 4af9cfcc by separating incremental marking state
from the full MC marking state. Runtime and tests now use only
the incremental marking state. The full MC marking state used
by MC during atomic pause.

This separation decouples atomicity of markbit accesses
during incremental marking and during full MC.

Bug:  chromium:694255 
TBR: mlippautz@chromium.org
Change-Id: Ia409ab06515cd0d1403a272a016633295c0d6692
Reviewed-on: https://chromium-review.googlesource.com/612350
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47336}
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/src/heap/heap.cc
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/src/heap/incremental-marking.cc
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/src/heap/incremental-marking.h
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/src/heap/mark-compact.cc
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/src/heap/mark-compact.h
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/src/heap/objects-visiting-inl.h
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/src/heap/scavenger-inl.h
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/src/heap/scavenger.cc
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/src/heap/spaces.cc
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/src/heap/spaces.h
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/src/objects-inl.h
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/test/cctest/heap/test-compaction.cc
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/test/cctest/heap/test-heap.cc
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/test/cctest/heap/test-mark-compact.cc
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/test/cctest/heap/test-page-promotion.cc
[modify] https://crrev.com/19ae2fc1affa1ae38d4b8d8cbd53f44f679f69fd/test/cctest/test-unboxed-doubles.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/dfc6b4ddaa058e9526cfd3ea226539741b01663c

commit dfc6b4ddaa058e9526cfd3ea226539741b01663c
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Aug 17 18:16:33 2017

[heap] New live byte tracking.

This patch changes how space size and capacity are updated in GC:
- space capacity changes only when a page added/removed from the space.
- space size is reset to zero before sweeping and incremented by
  page->live_bytes_count_ for each to-be-swept page.
- space size is refined after sweeping using the accurate
  page->allocated_bytes counter produces by the sweeper.

Invariants:
1. space.capacity = sum [page.size | for page in space].
2. After marking, before sweeping:
   a) space.size = sum [page.live_bytes_count | for page in space].
3. After sweeping, before marking ends:
   a) space.size = sum [page.allocated_bytes | for page in space].
   b) page.allocated_bytes >= (sum [object.size | for object in page] +
         page.linear_allocation_area).
   c) page.area_size = (page.allocated_bytes + page.wasted_memory +
         sum [free_list_entry.size | for free_list_entry in page].

3.b becomes equality if the mutator is not doing array trimming,
object slack tracking during sweeping.

Bug:  chromium:694255 
Change-Id: Ic8d16a8171187a113fee2df8bf3c2a4c5e77bc08
Reviewed-on: https://chromium-review.googlesource.com/618889
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47409}
[modify] https://crrev.com/dfc6b4ddaa058e9526cfd3ea226539741b01663c/src/heap/heap.cc
[modify] https://crrev.com/dfc6b4ddaa058e9526cfd3ea226539741b01663c/src/heap/heap.h
[modify] https://crrev.com/dfc6b4ddaa058e9526cfd3ea226539741b01663c/src/heap/incremental-marking.cc
[modify] https://crrev.com/dfc6b4ddaa058e9526cfd3ea226539741b01663c/src/heap/mark-compact.cc
[modify] https://crrev.com/dfc6b4ddaa058e9526cfd3ea226539741b01663c/src/heap/spaces-inl.h
[modify] https://crrev.com/dfc6b4ddaa058e9526cfd3ea226539741b01663c/src/heap/spaces.cc
[modify] https://crrev.com/dfc6b4ddaa058e9526cfd3ea226539741b01663c/src/heap/spaces.h
[modify] https://crrev.com/dfc6b4ddaa058e9526cfd3ea226539741b01663c/test/cctest/heap/heap-utils.cc
[modify] https://crrev.com/dfc6b4ddaa058e9526cfd3ea226539741b01663c/test/cctest/heap/test-spaces.cc
[modify] https://crrev.com/dfc6b4ddaa058e9526cfd3ea226539741b01663c/test/unittests/heap/unmapper-unittest.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/29b61d1ca22d8848afc1d902b7a327aa9eae91c7

commit 29b61d1ca22d8848afc1d902b7a327aa9eae91c7
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Aug 17 18:43:48 2017

[heap] Guard VerifyCountersAfterSweeping with ifdef DEBUG.

VERIFY_HEAP does not necessarily imply DEBUG.

Bug:  chromium:694255 
TRB: mlippautz@chromium.org
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Change-Id: I1699288bd9d826ea1d577dd4fc2de81ee450add7
Reviewed-on: https://chromium-review.googlesource.com/618892
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47410}
[modify] https://crrev.com/29b61d1ca22d8848afc1d902b7a327aa9eae91c7/src/heap/spaces.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/6e5606efda433fba503483496e340c19bd76b8b9

commit 6e5606efda433fba503483496e340c19bd76b8b9
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Aug 17 19:40:58 2017

[heap] Sync write barrier stub with runtime for concurrent marking.

This also starts black allocation earlier if concurrent marking compile
time flag is on.

Bug:  chromium:694255 
Change-Id: I73c02676e5149fae10e5f9301ad585926e223a1d
Reviewed-on: https://chromium-review.googlesource.com/618893
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47412}
[modify] https://crrev.com/6e5606efda433fba503483496e340c19bd76b8b9/src/heap/incremental-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/5d385417475a4eb5fa43781d6e7a2c56b7c04674

commit 5d385417475a4eb5fa43781d6e7a2c56b7c04674
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Aug 17 20:52:48 2017

[heap] Fix data race on access to space capacity.

The race happens during evacuation when multiple threads access the
main space capacity to check CanExpandOldGeneration.

Bug:  chromium:694255 
Change-Id: I63dbb71cc3a894f85ee11411a5dc01d53daefa11
Reviewed-on: https://chromium-review.googlesource.com/618876
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47414}
[modify] https://crrev.com/5d385417475a4eb5fa43781d6e7a2c56b7c04674/src/heap/spaces.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/d8a939624e4fb06c23168725f45769c440da4110

commit d8a939624e4fb06c23168725f45769c440da4110
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 18 10:07:51 2017

[heap] Share marking state between incremental marking and full GC.

Bug:  chromium:694255 
Change-Id: I076a41230c559d5aa8540753bb3c42b46bc66ff1
Reviewed-on: https://chromium-review.googlesource.com/620664
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47423}
[modify] https://crrev.com/d8a939624e4fb06c23168725f45769c440da4110/src/heap/incremental-marking.h
[modify] https://crrev.com/d8a939624e4fb06c23168725f45769c440da4110/src/heap/mark-compact.h
[modify] https://crrev.com/d8a939624e4fb06c23168725f45769c440da4110/src/heap/spaces.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/b4a97a939af1b37addee8811957aee605f185c4c

commit b4a97a939af1b37addee8811957aee605f185c4c
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 18 11:54:48 2017

[heap] Make page local counters non-atomic.

Bug:  chromium:694255 
Change-Id: I8cf30b440055637f91c16df6d3672d9268a2ae83
Reviewed-on: https://chromium-review.googlesource.com/620710
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47427}
[modify] https://crrev.com/b4a97a939af1b37addee8811957aee605f185c4c/src/heap/spaces.cc
[modify] https://crrev.com/b4a97a939af1b37addee8811957aee605f185c4c/src/heap/spaces.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/1518b1e349243821e2f0c598d9905306dec45549

commit 1518b1e349243821e2f0c598d9905306dec45549
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 18 16:28:34 2017

[heap] Refactor page initialization.

This fixes layering between page and its owner, so that the page does
not update the owner state.

Bug:  chromium:694255 
Change-Id: Ic4f594340bed42d4f2c13d0a30f451317cbc9f50
Reviewed-on: https://chromium-review.googlesource.com/620732
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47437}
[modify] https://crrev.com/1518b1e349243821e2f0c598d9905306dec45549/src/heap/mark-compact.cc
[modify] https://crrev.com/1518b1e349243821e2f0c598d9905306dec45549/src/heap/spaces.cc
[modify] https://crrev.com/1518b1e349243821e2f0c598d9905306dec45549/src/heap/spaces.h
[modify] https://crrev.com/1518b1e349243821e2f0c598d9905306dec45549/test/unittests/heap/unmapper-unittest.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/e57e9ce342dffaf5ed6f3e638f395ee1925e1de5

commit e57e9ce342dffaf5ed6f3e638f395ee1925e1de5
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Aug 18 17:18:15 2017

[heap] Refactor addition and removal of pages in PagedSpace.

Bug:  chromium:694255 
Change-Id: I7cd5b713f4a1d64dc53d99b65c924cae6e39f193
Reviewed-on: https://chromium-review.googlesource.com/621009
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47439}
[modify] https://crrev.com/e57e9ce342dffaf5ed6f3e638f395ee1925e1de5/src/heap/spaces-inl.h
[modify] https://crrev.com/e57e9ce342dffaf5ed6f3e638f395ee1925e1de5/src/heap/spaces.cc
[modify] https://crrev.com/e57e9ce342dffaf5ed6f3e638f395ee1925e1de5/src/heap/spaces.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/f8a08f385c620f8e67ef511130a77fb279ffccd2

commit f8a08f385c620f8e67ef511130a77fb279ffccd2
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 21 09:03:03 2017

[heap] Remove live byte adjustments from mutator.

The effect of array/string trimming on space size is postponed until sweeping
completes. This simplifies runtime code and fixes live byte update race with
the concurrent marker.

This patch restores monotonicity of PromotedSinceLastGC by notify the heap
when sweeper discovers more free space than estimated.

Bug:  chromium:694255 
Change-Id: I7a8c24f2c3398bc0c8a43ffd1d35ace68010cd65
Reviewed-on: https://chromium-review.googlesource.com/621326
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47464}
[modify] https://crrev.com/f8a08f385c620f8e67ef511130a77fb279ffccd2/src/heap/heap.cc
[modify] https://crrev.com/f8a08f385c620f8e67ef511130a77fb279ffccd2/src/heap/heap.h
[modify] https://crrev.com/f8a08f385c620f8e67ef511130a77fb279ffccd2/src/heap/spaces.cc
[modify] https://crrev.com/f8a08f385c620f8e67ef511130a77fb279ffccd2/src/heap/spaces.h
[modify] https://crrev.com/f8a08f385c620f8e67ef511130a77fb279ffccd2/src/objects.cc
[modify] https://crrev.com/f8a08f385c620f8e67ef511130a77fb279ffccd2/src/runtime/runtime-regexp.cc
[modify] https://crrev.com/f8a08f385c620f8e67ef511130a77fb279ffccd2/test/cctest/heap/test-heap.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/87613860c6f33bc406aa4d7b5c8dc5dcb67d9070

commit 87613860c6f33bc406aa4d7b5c8dc5dcb67d9070
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 21 10:09:16 2017

[heap] Use local live byte counters in concurrent marking.

This makes live byte count updates on the main thread non-atomic.

Bug:  chromium:694255 
TBR: mlippautz@chromium.org
Change-Id: I84da2b0647f63ad9d8f2be757d305d58945a00ff
Reviewed-on: https://chromium-review.googlesource.com/613623
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47468}
[modify] https://crrev.com/87613860c6f33bc406aa4d7b5c8dc5dcb67d9070/src/heap/concurrent-marking.cc
[modify] https://crrev.com/87613860c6f33bc406aa4d7b5c8dc5dcb67d9070/src/heap/concurrent-marking.h
[modify] https://crrev.com/87613860c6f33bc406aa4d7b5c8dc5dcb67d9070/src/heap/heap.cc
[modify] https://crrev.com/87613860c6f33bc406aa4d7b5c8dc5dcb67d9070/src/heap/incremental-marking.h
[modify] https://crrev.com/87613860c6f33bc406aa4d7b5c8dc5dcb67d9070/src/heap/mark-compact.cc
[modify] https://crrev.com/87613860c6f33bc406aa4d7b5c8dc5dcb67d9070/src/heap/spaces.cc
[modify] https://crrev.com/87613860c6f33bc406aa4d7b5c8dc5dcb67d9070/src/heap/spaces.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/895356129e2b76bf43ed01d41cb078502432d66b

commit 895356129e2b76bf43ed01d41cb078502432d66b
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 21 10:31:16 2017

[base] Add byte level CAS atomic op.

This replaces custom Release_CompareAndSwap implementation with a call
to compiler intrinsic / std:atomic, which is TSAN friendly.

Bug:  chromium:694255 
Change-Id: Iab67c8f5a3a2329b18030a70f3dbf3cb5530374e
Reviewed-on: https://chromium-review.googlesource.com/622431
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47469}
[modify] https://crrev.com/895356129e2b76bf43ed01d41cb078502432d66b/src/base/atomic-utils.h
[modify] https://crrev.com/895356129e2b76bf43ed01d41cb078502432d66b/src/base/atomicops_internals_portable.h
[modify] https://crrev.com/895356129e2b76bf43ed01d41cb078502432d66b/src/base/atomicops_internals_std.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/880c4c7b25f6a81c09af65b277eec57843fb270f

commit 880c4c7b25f6a81c09af65b277eec57843fb270f
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 21 12:44:18 2017

Reland "[heap] Handle bytecode arrays in concurrent marker."

This reverts commit a241576fa14af5a5fcc357a23d2fb18504ade702.

Bytecode array visitor has a side-effect of incrementing the age counter.

This patch makes the increment atomic and thus safe for the concurrent
marker.

Bug:  chromium:694255 
Change-Id: Ibe1d75714a5911385b06e52ed50b5f152ec6b73d
Reviewed-on: https://chromium-review.googlesource.com/622432
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47472}
[modify] https://crrev.com/880c4c7b25f6a81c09af65b277eec57843fb270f/src/heap/concurrent-marking.cc
[modify] https://crrev.com/880c4c7b25f6a81c09af65b277eec57843fb270f/src/objects-inl.h
[modify] https://crrev.com/880c4c7b25f6a81c09af65b277eec57843fb270f/src/objects.cc
[modify] https://crrev.com/880c4c7b25f6a81c09af65b277eec57843fb270f/src/objects/object-macros.h
[modify] https://crrev.com/880c4c7b25f6a81c09af65b277eec57843fb270f/test/cctest/heap/test-heap.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/13fd663eea66d01bfb1db3444ca7409c995645bd

commit 13fd663eea66d01bfb1db3444ca7409c995645bd
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Aug 22 13:09:16 2017

[heap] Fix flushing of live bytes in concurrent marker.

Bug:  chromium:694255 
Change-Id: I8a3856d9b9c5d1ee701286dacf5c0c8ad400d91d
Reviewed-on: https://chromium-review.googlesource.com/626120
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47508}
[modify] https://crrev.com/13fd663eea66d01bfb1db3444ca7409c995645bd/src/heap/concurrent-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/8bbc2242433ce2c3faf678327891a693c43923a5

commit 8bbc2242433ce2c3faf678327891a693c43923a5
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Aug 23 09:40:23 2017

[heap] Enable concurrent marking for x86 and x64.

This is an experiment and will be reverted after getting canary
coverage.

Bug:  chromium:694255 
Change-Id: I40388d8c6db0e46e2ce64e88aba04c5ac8822e94
Reviewed-on: https://chromium-review.googlesource.com/625959
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47541}
[modify] https://crrev.com/8bbc2242433ce2c3faf678327891a693c43923a5/BUILD.gn

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/d8d47effe102440ba06e4f07f9563618ab2737e3

commit d8d47effe102440ba06e4f07f9563618ab2737e3
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Aug 23 15:26:43 2017

[heap] Port concurrent marking flag to GYP.

This enables concurrent marking for x86 and x64 on GYP builds.

Bug:  chromium:694255 
Change-Id: I371b38e72ce0e8f7ad5b0eed4e29b223b9ed1cf4
Reviewed-on: https://chromium-review.googlesource.com/628836
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47551}
[modify] https://crrev.com/d8d47effe102440ba06e4f07f9563618ab2737e3/Makefile
[modify] https://crrev.com/d8d47effe102440ba06e4f07f9563618ab2737e3/gypfiles/features.gypi

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/70c4eda572458bd646bea7ea2f185721b540b747

commit 70c4eda572458bd646bea7ea2f185721b540b747
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Aug 23 15:50:39 2017

[heap] Fix more cctests that require ManualGCScope

Bug:  chromium:694255 
Change-Id: Ic21368f68e103ee1278b4e975255c6941f23a2d0
Reviewed-on: https://chromium-review.googlesource.com/629058
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47552}
[modify] https://crrev.com/70c4eda572458bd646bea7ea2f185721b540b747/test/cctest/heap/test-heap.cc
[modify] https://crrev.com/70c4eda572458bd646bea7ea2f185721b540b747/test/cctest/heap/test-page-promotion.cc
[modify] https://crrev.com/70c4eda572458bd646bea7ea2f185721b540b747/test/cctest/test-serialize.cc
[modify] https://crrev.com/70c4eda572458bd646bea7ea2f185721b540b747/test/cctest/test-unboxed-doubles.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/f165dfdd5cb7d177de36b9fb87922ef19bb6e001

commit f165dfdd5cb7d177de36b9fb87922ef19bb6e001
Author: Michael Hablich <hablich@chromium.org>
Date: Thu Aug 24 07:52:10 2017

Revert "[heap] Enable concurrent marking for x86 and x64."

This reverts commit 8bbc2242433ce2c3faf678327891a693c43923a5.

Reason for revert: On Canary 3195.

Original change's description:
> [heap] Enable concurrent marking for x86 and x64.
> 
> This is an experiment and will be reverted after getting canary
> coverage.
> 
> Bug:  chromium:694255 
> Change-Id: I40388d8c6db0e46e2ce64e88aba04c5ac8822e94
> Reviewed-on: https://chromium-review.googlesource.com/625959
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#47541}

TBR=ulan@chromium.org,mlippautz@chromium.org

Change-Id: I642c1f778267a795bf1e1a6bba863552394ad1d4
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:694255 
Reviewed-on: https://chromium-review.googlesource.com/631717
Reviewed-by: Michael Hablich <hablich@chromium.org>
Commit-Queue: Michael Hablich <hablich@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47564}
[modify] https://crrev.com/f165dfdd5cb7d177de36b9fb87922ef19bb6e001/BUILD.gn

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/5bd5fd45c25f0c7796033fff911504479ff1133b

commit 5bd5fd45c25f0c7796033fff911504479ff1133b
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Aug 28 09:14:32 2017

[heap] Disable concurrent marking on GYP builds.

Bug:  chromium:694255 
Change-Id: I58be876aa6db2e528f7d2e045e042657354575c7
Reviewed-on: https://chromium-review.googlesource.com/637393
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47637}
[modify] https://crrev.com/5bd5fd45c25f0c7796033fff911504479ff1133b/gypfiles/features.gypi

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/5e284d9ab7356777de1b0d705b18e6c4194c1920

commit 5e284d9ab7356777de1b0d705b18e6c4194c1920
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Aug 29 14:03:09 2017

[heap] Temporarily bailout on transition array in concurrent marking.

The current processing of a transition array is not safe because the
targets in the array have conditional weakness, which can change
concurrently.

Bug:  chromium:694255 
Change-Id: I86bf7151af39307dc4101a0b0ca02ef7c704df53
Reviewed-on: https://chromium-review.googlesource.com/641410
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#47682}
[modify] https://crrev.com/5e284d9ab7356777de1b0d705b18e6c4194c1920/src/heap/concurrent-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/97b2a814e4170873e939ff27f9956964b55b4f10

commit 97b2a814e4170873e939ff27f9956964b55b4f10
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Sep 14 08:33:49 2017

[heap] Fix black allocation.

This patch ensures that an object returned by AllocateRaw is marked
black if black allocation starts during the object allocation.

This fixes the following issue:
1) Generated code requests allocation of size N for folded allocation.
2) Runtime gets a free list node at address A of size N+M and sets up
   a linear allocation area with top = A+N and limit = A+N+M.
3) Runtime invokes the allocation observer that starts incremental marking
   and start black allocation. The area [A+N, A+N+M) is marked black.
4) Runtime returns a white object at address A as the allocation result.
5) Generated code moves the top pointer to A and does bump pointer
   allocations of white objects from A to A+N+M.
6) Object allocated new A+N can have the impossible marbit pattern.

Bug:  chromium:694255 
Change-Id: I09ceebc97a510fa5fe4ff20706bc46a99f8b7cf4
Reviewed-on: https://chromium-review.googlesource.com/638338
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48005}
[modify] https://crrev.com/97b2a814e4170873e939ff27f9956964b55b4f10/src/heap/incremental-marking.cc
[modify] https://crrev.com/97b2a814e4170873e939ff27f9956964b55b4f10/src/heap/spaces-inl.h
[modify] https://crrev.com/97b2a814e4170873e939ff27f9956964b55b4f10/src/heap/spaces.cc
[modify] https://crrev.com/97b2a814e4170873e939ff27f9956964b55b4f10/src/heap/spaces.h
[modify] https://crrev.com/97b2a814e4170873e939ff27f9956964b55b4f10/test/cctest/heap/test-heap.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/8d1ad4b8aad07c2bb3d904e10efbe75f17236298

commit 8d1ad4b8aad07c2bb3d904e10efbe75f17236298
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Sep 15 11:08:16 2017

[heap] Remove adhoc weakness in TransitionArray.

Currently transition array targets have conditional weakness depending
on the type of the target. Map targets are weak and all other targets
are strong. This patch wraps maps in transitions arrays in weak cells,
which allows us to treat all elements of transition arrays strongly.

Conditional weakness is unsafe for concurrent marking because the
condition can change during marking.

Bug:  chromium:694255 
Change-Id: I64e5d0699698fc7c1758f3fbc52da43014c247af
Reviewed-on: https://chromium-review.googlesource.com/641271
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48034}
[modify] https://crrev.com/8d1ad4b8aad07c2bb3d904e10efbe75f17236298/src/heap/concurrent-marking.cc
[modify] https://crrev.com/8d1ad4b8aad07c2bb3d904e10efbe75f17236298/src/heap/mark-compact.cc
[modify] https://crrev.com/8d1ad4b8aad07c2bb3d904e10efbe75f17236298/src/heap/objects-visiting-inl.h
[modify] https://crrev.com/8d1ad4b8aad07c2bb3d904e10efbe75f17236298/src/transitions-inl.h
[modify] https://crrev.com/8d1ad4b8aad07c2bb3d904e10efbe75f17236298/src/transitions.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/8c4a8250de821e1b3db381fac04efcd14dd6eb2e

commit 8c4a8250de821e1b3db381fac04efcd14dd6eb2e
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Sep 21 07:01:00 2017

[heap] Enable concurrent marking for x86 and x64.

Bug:  chromium:694255 
Change-Id: I28c8c6e5ba6c84123f3951e822c132860cb22c1d
Reviewed-on: https://chromium-review.googlesource.com/641451
Commit-Queue: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Reviewed-by: Hannes Payer (slow) <hpayer@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48100}
[modify] https://crrev.com/8c4a8250de821e1b3db381fac04efcd14dd6eb2e/BUILD.gn
[modify] https://crrev.com/8c4a8250de821e1b3db381fac04efcd14dd6eb2e/gypfiles/features.gypi

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/b36f39c34c6f009956787c5a634dae693d901fdb

commit b36f39c34c6f009956787c5a634dae693d901fdb
Author: Michael Achenbach <machenbach@chromium.org>
Date: Thu Sep 21 09:15:53 2017

Revert "[heap] Enable concurrent marking for x86 and x64."

This reverts commit 8c4a8250de821e1b3db381fac04efcd14dd6eb2e.

Reason for revert: Flaky dcheck on several bots, e.g.:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20debug/builds/17055

Original change's description:
> [heap] Enable concurrent marking for x86 and x64.
> 
> Bug:  chromium:694255 
> Change-Id: I28c8c6e5ba6c84123f3951e822c132860cb22c1d
> Reviewed-on: https://chromium-review.googlesource.com/641451
> Commit-Queue: Kentaro Hara <haraken@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Hannes Payer (slow) <hpayer@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48100}

TBR=ulan@chromium.org,haraken@chromium.org,machenbach@chromium.org,hpayer@chromium.org,mlippautz@chromium.org

Change-Id: Id5954676c75e69b66e85f05ffab737ab7f760101
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:694255 
Reviewed-on: https://chromium-review.googlesource.com/677203
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48103}
[modify] https://crrev.com/b36f39c34c6f009956787c5a634dae693d901fdb/BUILD.gn
[modify] https://crrev.com/b36f39c34c6f009956787c5a634dae693d901fdb/gypfiles/features.gypi

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/a76d0a771e430dbc8716624febc549aede738d96

commit a76d0a771e430dbc8716624febc549aede738d96
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Thu Sep 21 12:35:10 2017

Reland "[heap] Enable concurrent marking for x86 and x64."

This is a reland of 8c4a8250de821e1b3db381fac04efcd14dd6eb2e
Original change's description:
> [heap] Enable concurrent marking for x86 and x64.
> 
> Bug:  chromium:694255 
> Change-Id: I28c8c6e5ba6c84123f3951e822c132860cb22c1d
> Reviewed-on: https://chromium-review.googlesource.com/641451
> Commit-Queue: Kentaro Hara <haraken@chromium.org>
> Reviewed-by: Michael Achenbach <machenbach@chromium.org>
> Reviewed-by: Hannes Payer (slow) <hpayer@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48100}

Bug:  chromium:694255 
TBR: mlippautz@chromium.org
Change-Id: Ic36515dbd418c219bccbbf371126a4dfd66a466f
Reviewed-on: https://chromium-review.googlesource.com/676966
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48107}
[modify] https://crrev.com/a76d0a771e430dbc8716624febc549aede738d96/BUILD.gn
[modify] https://crrev.com/a76d0a771e430dbc8716624febc549aede738d96/gypfiles/features.gypi

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/1530a74496116be44eb03edabe259a498cf26cf0

commit 1530a74496116be44eb03edabe259a498cf26cf0
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Sep 22 01:14:03 2017

[heap] Adjust condition for enabling concurrent marking.

This changes CPU check to use 'target_cpu' instead of 'v8_target_cpu'.

Bug:  chromium:694255 
Change-Id: Ic3ad5253e4e0b66b13e9f16a5842bcf49881fa52
Reviewed-on: https://chromium-review.googlesource.com/677994
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48119}
[modify] https://crrev.com/1530a74496116be44eb03edabe259a498cf26cf0/BUILD.gn
[modify] https://crrev.com/1530a74496116be44eb03edabe259a498cf26cf0/gypfiles/features.gypi

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/dc3bbbdbe869262f4a857b8aceadc10b5b12c993

commit dc3bbbdbe869262f4a857b8aceadc10b5b12c993
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Sep 25 04:39:35 2017

[heap] Tune the number of concurrent marking tasks.

This patch ensures that the concurrent marking tasks do not
use more than the half of the available background threads.

Bug:  chromium:694255 
Change-Id: I67d6eb3e717945f777d0711bd094630573c78661
Reviewed-on: https://chromium-review.googlesource.com/678636
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48130}
[modify] https://crrev.com/dc3bbbdbe869262f4a857b8aceadc10b5b12c993/src/heap/concurrent-marking.cc
[modify] https://crrev.com/dc3bbbdbe869262f4a857b8aceadc10b5b12c993/src/heap/concurrent-marking.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/7c1b01154a460dec5da40a9c8d5ae4e44eea8e4e

commit 7c1b01154a460dec5da40a9c8d5ae4e44eea8e4e
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Sep 29 11:38:50 2017

[heap] Enable concurrent marking on all platforms.

Bug:  chromium:694255 
Change-Id: Ie596e02207f13762dbfa77e4fe65950913302b47
Reviewed-on: https://chromium-review.googlesource.com/690075
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48227}
[modify] https://crrev.com/7c1b01154a460dec5da40a9c8d5ae4e44eea8e4e/BUILD.gn
[modify] https://crrev.com/7c1b01154a460dec5da40a9c8d5ae4e44eea8e4e/gypfiles/features.gypi

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/f3c8da56e91c5731b7b821e8d53bd25932cdd057

commit f3c8da56e91c5731b7b821e8d53bd25932cdd057
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Oct 06 15:10:08 2017

[heap] Use weak cell in normalized map cache.

This replaces ad-hoc weakness in normalized map cache with weak cell.

Bug:  chromium:694255 
Change-Id: I6a12301b2176fe3723b56178a65582cfb412f7d2
Reviewed-on: https://chromium-review.googlesource.com/704834
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48344}
[modify] https://crrev.com/f3c8da56e91c5731b7b821e8d53bd25932cdd057/src/heap/concurrent-marking.cc
[modify] https://crrev.com/f3c8da56e91c5731b7b821e8d53bd25932cdd057/src/heap/heap.cc
[modify] https://crrev.com/f3c8da56e91c5731b7b821e8d53bd25932cdd057/src/heap/heap.h
[modify] https://crrev.com/f3c8da56e91c5731b7b821e8d53bd25932cdd057/src/heap/incremental-marking.cc
[modify] https://crrev.com/f3c8da56e91c5731b7b821e8d53bd25932cdd057/src/objects-debug.cc
[modify] https://crrev.com/f3c8da56e91c5731b7b821e8d53bd25932cdd057/src/objects.cc
[modify] https://crrev.com/f3c8da56e91c5731b7b821e8d53bd25932cdd057/src/objects/map.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/71a3cc54ae288938c45cdae1486d4b81dbebc0bb

commit 71a3cc54ae288938c45cdae1486d4b81dbebc0bb
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Oct 06 16:13:14 2017

Revert "[heap] Use weak cell in normalized map cache."

This reverts commit f3c8da56e91c5731b7b821e8d53bd25932cdd057.

Reason for revert: GC stress failures
https://build.chromium.org/p/client.v8/builders/V8%20Linux64%20GC%20Stress%20-%20custom%20snapshot/builds/15396

Original change's description:
> [heap] Use weak cell in normalized map cache.
> 
> This replaces ad-hoc weakness in normalized map cache with weak cell.
> 
> Bug:  chromium:694255 
> Change-Id: I6a12301b2176fe3723b56178a65582cfb412f7d2
> Reviewed-on: https://chromium-review.googlesource.com/704834
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48344}

TBR=ulan@chromium.org,mlippautz@chromium.org

Change-Id: I0b2d39a1dcff6416998ab36506ee950220c87e89
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:694255 
Reviewed-on: https://chromium-review.googlesource.com/705194
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48349}
[modify] https://crrev.com/71a3cc54ae288938c45cdae1486d4b81dbebc0bb/src/heap/concurrent-marking.cc
[modify] https://crrev.com/71a3cc54ae288938c45cdae1486d4b81dbebc0bb/src/heap/heap.cc
[modify] https://crrev.com/71a3cc54ae288938c45cdae1486d4b81dbebc0bb/src/heap/heap.h
[modify] https://crrev.com/71a3cc54ae288938c45cdae1486d4b81dbebc0bb/src/heap/incremental-marking.cc
[modify] https://crrev.com/71a3cc54ae288938c45cdae1486d4b81dbebc0bb/src/objects-debug.cc
[modify] https://crrev.com/71a3cc54ae288938c45cdae1486d4b81dbebc0bb/src/objects.cc
[modify] https://crrev.com/71a3cc54ae288938c45cdae1486d4b81dbebc0bb/src/objects/map.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/2e70adc7e2036734f20ba5a68e4032851ed69bda

commit 2e70adc7e2036734f20ba5a68e4032851ed69bda
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Oct 09 12:01:18 2017

[heap] Add thread-safe counter that tracks bytes marked concurrently.

Each concurrent marking task maintains task_state[i]->marked_bytes.
When a task finishes, its local counter is flushed into global
total_marked_bytes_ atomic counter.

Bug:  chromium:694255 
Change-Id: I629467385e80bf229e06a4231673ceb5ef8e4aea
Reviewed-on: https://chromium-review.googlesource.com/704823
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48374}
[modify] https://crrev.com/2e70adc7e2036734f20ba5a68e4032851ed69bda/src/heap/concurrent-marking.cc
[modify] https://crrev.com/2e70adc7e2036734f20ba5a68e4032851ed69bda/src/heap/concurrent-marking.h
[modify] https://crrev.com/2e70adc7e2036734f20ba5a68e4032851ed69bda/src/heap/incremental-marking.cc
[modify] https://crrev.com/2e70adc7e2036734f20ba5a68e4032851ed69bda/test/cctest/heap/test-concurrent-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/b54c1a6ef60bc7cf32f2f93f76132658a9a5d3b3

commit b54c1a6ef60bc7cf32f2f93f76132658a9a5d3b3
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Oct 09 13:12:41 2017

[heap] Ensure that sweeping is completed in ConcurrentMarking cctests.

Bug:  chromium:694255 
Change-Id: I5dc6157126544f20bca0ddee967e1d08d69bb060
Reviewed-on: https://chromium-review.googlesource.com/707104
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48380}
[modify] https://crrev.com/b54c1a6ef60bc7cf32f2f93f76132658a9a5d3b3/test/cctest/heap/test-concurrent-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/ed9b0f0e6954be59ca21dbb20e14b8c174baf3b9

commit ed9b0f0e6954be59ca21dbb20e14b8c174baf3b9
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Oct 09 15:02:08 2017

[heap] Fix a race introduced in 2e70adc7e203

The marked bytes counter needs to be updated before decrementing the
pending task counter.

Bug:  chromium:694255 
Change-Id: I19c4dfbdccfb32ded5b7bb707dc93d53e188e34a
Reviewed-on: https://chromium-review.googlesource.com/707140
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48390}
[modify] https://crrev.com/ed9b0f0e6954be59ca21dbb20e14b8c174baf3b9/src/heap/concurrent-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/cd3209e830177398b960c248ca23a93a03676e01

commit cd3209e830177398b960c248ca23a93a03676e01
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Mon Oct 09 15:58:53 2017

[heap] Make concurrent marking tasks cancelable.

Bug:  chromium:694255 
Change-Id: I5c0c0b58cdcf3cf745670148724e3c6ecc34d485
Reviewed-on: https://chromium-review.googlesource.com/707149
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48395}
[modify] https://crrev.com/cd3209e830177398b960c248ca23a93a03676e01/src/heap/concurrent-marking.cc
[modify] https://crrev.com/cd3209e830177398b960c248ca23a93a03676e01/src/heap/concurrent-marking.h
[modify] https://crrev.com/cd3209e830177398b960c248ca23a93a03676e01/test/cctest/heap/test-concurrent-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/b7e6eb920807930202c728b147a80b0d293c8354

commit b7e6eb920807930202c728b147a80b0d293c8354
Author: Michael Lippautz <mlippautz@chromium.org>
Date: Tue Oct 10 11:33:39 2017

[heap] Introduce on-hold concurrent marking work list

When hitting objects that are allocated in the most recent lienar
allocation area, the concurrent marker currently has to bail out to the
main thread.

However, we only have to delay processing those objects until we are at
a safepoint, e.g. IM::Step(). With this change we flush those
on-hold-objects back to the shared queue upon performing an incremental
marking step.

Bug:  chromium:694255 
Change-Id: I25647d0fc581a5c4de0346bc394dc51062f65f70
Reviewed-on: https://chromium-review.googlesource.com/707315
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48424}
[modify] https://crrev.com/b7e6eb920807930202c728b147a80b0d293c8354/src/heap/concurrent-marking.cc
[modify] https://crrev.com/b7e6eb920807930202c728b147a80b0d293c8354/src/heap/concurrent-marking.h
[modify] https://crrev.com/b7e6eb920807930202c728b147a80b0d293c8354/src/heap/heap.cc
[modify] https://crrev.com/b7e6eb920807930202c728b147a80b0d293c8354/src/heap/incremental-marking.cc
[modify] https://crrev.com/b7e6eb920807930202c728b147a80b0d293c8354/src/heap/mark-compact.h
[modify] https://crrev.com/b7e6eb920807930202c728b147a80b0d293c8354/src/heap/spaces.h
[modify] https://crrev.com/b7e6eb920807930202c728b147a80b0d293c8354/src/heap/worklist.h
[modify] https://crrev.com/b7e6eb920807930202c728b147a80b0d293c8354/test/cctest/heap/test-concurrent-marking.cc
[modify] https://crrev.com/b7e6eb920807930202c728b147a80b0d293c8354/test/unittests/heap/worklist-unittest.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/18b8fbb528a8021e04a029e06eafee50b918bce0

commit 18b8fbb528a8021e04a029e06eafee50b918bce0
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Oct 10 19:37:02 2017

[heap] Correctly handle strings in concurrent marking.

String with pointers should use snapshotting protocol because they can
be externalized concurrently.

Sequential strings can be turned into thin strings, so we need to cache
the length and synchronized of markbits.

No-Try: true
Bug:  v8:6915 ,  chromium:694255 
Change-Id: Ibd1f0ead31544f56aa9de9a177bee7e60fbc2e6a
Reviewed-on: https://chromium-review.googlesource.com/708761
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48432}
[modify] https://crrev.com/18b8fbb528a8021e04a029e06eafee50b918bce0/src/heap/concurrent-marking.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/a6cd26ee01d413d512b755ead38a1c8188b15044

commit a6cd26ee01d413d512b755ead38a1c8188b15044
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Oct 11 08:36:15 2017

Reland "[heap] Use weak cell in normalized map cache."

This is a reland of f3c8da56e91c5731b7b821e8d53bd25932cdd057
Original change's description:
> [heap] Use weak cell in normalized map cache.
> 
> This replaces ad-hoc weakness in normalized map cache with weak cell.
> 
> Bug:  chromium:694255 
> Change-Id: I6a12301b2176fe3723b56178a65582cfb412f7d2
> Reviewed-on: https://chromium-review.googlesource.com/704834
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#48344}

Bug:  chromium:694255 
Change-Id: I181a9c02cc934373e40455f1be02f1caf140639b
Reviewed-on: https://chromium-review.googlesource.com/709354
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48442}
[modify] https://crrev.com/a6cd26ee01d413d512b755ead38a1c8188b15044/src/heap/concurrent-marking.cc
[modify] https://crrev.com/a6cd26ee01d413d512b755ead38a1c8188b15044/src/heap/heap.cc
[modify] https://crrev.com/a6cd26ee01d413d512b755ead38a1c8188b15044/src/heap/heap.h
[modify] https://crrev.com/a6cd26ee01d413d512b755ead38a1c8188b15044/src/heap/incremental-marking.cc
[modify] https://crrev.com/a6cd26ee01d413d512b755ead38a1c8188b15044/src/objects-debug.cc
[modify] https://crrev.com/a6cd26ee01d413d512b755ead38a1c8188b15044/src/objects.cc
[modify] https://crrev.com/a6cd26ee01d413d512b755ead38a1c8188b15044/src/objects/map.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/9941c1e344295708e7aa6a69202a7af3792bd486

commit 9941c1e344295708e7aa6a69202a7af3792bd486
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Oct 11 10:37:49 2017

[heap] Fix debug mode race in string casting in concurrent marker.

Bug:  v8:6915 ,  chromium:694255 
Change-Id: I16cd8f13087476a16c7647bec3d03665299ef232
Reviewed-on: https://chromium-review.googlesource.com/712044
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48448}
[modify] https://crrev.com/9941c1e344295708e7aa6a69202a7af3792bd486/src/heap/concurrent-marking.cc
[modify] https://crrev.com/9941c1e344295708e7aa6a69202a7af3792bd486/src/heap/objects-visiting-inl.h
[modify] https://crrev.com/9941c1e344295708e7aa6a69202a7af3792bd486/src/heap/objects-visiting.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/190fea60587bb44eb129bab8ab5f49fcf9bfa8a7

commit 190fea60587bb44eb129bab8ab5f49fcf9bfa8a7
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Wed Oct 11 12:27:57 2017

Change FastArrayShift stub to use for-loop instead of memmove for SMIs.

The concurrent marker visits arrays with fast SMI elements because they
have the same visitor id as arrays with tagged elements.

Visiting concurrently with memmove can be unsafe depending on memmove
implementation.

Bug:  chromium:694255 
Change-Id: Ic6c2cae8761e5b1b042e4274d4f90ac59f32d91f
Reviewed-on: https://chromium-review.googlesource.com/712158
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Tobias Tebbi <tebbi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48454}
[modify] https://crrev.com/190fea60587bb44eb129bab8ab5f49fcf9bfa8a7/src/builtins/builtins-array-gen.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/4b42656dd6fca982c60185c004e2648093d70b51

commit 4b42656dd6fca982c60185c004e2648093d70b51
Author: Michael Lippautz <mlippautz@chromium.org>
Date: Mon Oct 16 10:00:08 2017

[heap] Unify incremental and main marking visitor

With parallel marking enabled, both visitors have to be equal wrt. to
actual visitation.

The differences are captured by template parameters:
- Retaining path tracing which we only do for full GCs.
- Incremental marking of FixedArray.

CQ_INCLUDE_TRYBOTS=master.tryserver.v8:v8_linux64_tsan_rel;master.tryserver.v8:v8_linux64_tsan_concurrent_marking_rel_ng;master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel;master.tryserver.chromium.android:android_optional_gpu_tests_rel

Bug:  chromium:694255 , chromium:750084
Change-Id: I177aeb0ee4f6a35e2f592ba257c9ddc14f88fd99
Reviewed-on: https://chromium-review.googlesource.com/704935
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#48582}
[modify] https://crrev.com/4b42656dd6fca982c60185c004e2648093d70b51/src/heap/heap.h
[modify] https://crrev.com/4b42656dd6fca982c60185c004e2648093d70b51/src/heap/incremental-marking.cc
[modify] https://crrev.com/4b42656dd6fca982c60185c004e2648093d70b51/src/heap/mark-compact-inl.h
[modify] https://crrev.com/4b42656dd6fca982c60185c004e2648093d70b51/src/heap/mark-compact.cc
[modify] https://crrev.com/4b42656dd6fca982c60185c004e2648093d70b51/src/heap/mark-compact.h
[modify] https://crrev.com/4b42656dd6fca982c60185c004e2648093d70b51/src/heap/objects-visiting-inl.h
[modify] https://crrev.com/4b42656dd6fca982c60185c004e2648093d70b51/src/heap/objects-visiting.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/6bb1d47e6e82f75ead36cdab209afc5dafa8329c

commit 6bb1d47e6e82f75ead36cdab209afc5dafa8329c
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Nov 07 13:11:10 2017

[heap] Re-enable concurrent marking.

Bug:  chromium:774644 ,  chromium:694255 
Change-Id: I957037b14bf6508e774d6fd1c97239b31f2296e8
Reviewed-on: https://chromium-review.googlesource.com/756893
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49187}
[modify] https://crrev.com/6bb1d47e6e82f75ead36cdab209afc5dafa8329c/BUILD.gn
[modify] https://crrev.com/6bb1d47e6e82f75ead36cdab209afc5dafa8329c/gypfiles/features.gypi

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/61bf2cc69217a4e9c7a40bb74269508fa26c2062

commit 61bf2cc69217a4e9c7a40bb74269508fa26c2062
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Nov 17 21:57:23 2017

[runtime] Make layout descriptor helper safe for concurrent marking.

The layout descriptor helper computes the object header size using
map->instance_size() and map->GetInObjectProperties().

It races with finalization of slack tracking, which changes both
the instance size and the in-object properties count.

This patch replaces the in-object properties count byte in the map
with the byte that stores the start offset of in-object properties.

The new byte can be used in the layout descriptor to compute the
object header size and it is immutable.

This patch also renames InstanceSize to InstanceSizeInWords where
the instance size is represented in words.

Bug:  chromium:786069 ,  chromium:694255 
Change-Id: I4b48c6944d3fe8a950bd7b0ba43d75216b177a78
Reviewed-on: https://chromium-review.googlesource.com/776720
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49461}
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/src/bootstrapper.cc
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/src/builtins/builtins-async-gen.cc
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/src/builtins/builtins-constructor-gen.cc
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/src/code-stub-assembler.cc
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/src/code-stub-assembler.h
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/src/heap/heap.cc
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/src/ic/keyed-store-generic.cc
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/src/layout-descriptor-inl.h
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/src/objects-inl.h
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/src/objects.cc
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/src/objects/map.h
[modify] https://crrev.com/61bf2cc69217a4e9c7a40bb74269508fa26c2062/tools/gen-postmortem-metadata.py

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/904050276a4d644f0246f1845f52e5b5544058f3

commit 904050276a4d644f0246f1845f52e5b5544058f3
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Nov 28 14:56:05 2017

[heap] Tune incremental marking step size.

The main thread now can reduce marking step size if concurrent marking
tasks are making progress and the bailout worklist is empty.

Bug:  chromium:694255 
Change-Id: I2f58530f184c03667ab3a170a1f6309929645c7c
Reviewed-on: https://chromium-review.googlesource.com/735859
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49671}
[modify] https://crrev.com/904050276a4d644f0246f1845f52e5b5544058f3/src/heap/incremental-marking.cc
[modify] https://crrev.com/904050276a4d644f0246f1845f52e5b5544058f3/src/heap/incremental-marking.h
[modify] https://crrev.com/904050276a4d644f0246f1845f52e5b5544058f3/src/heap/mark-compact.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/adf0fc8c596ea6bc69d97066449a6fb7649d2f30

commit adf0fc8c596ea6bc69d97066449a6fb7649d2f30
Author: Michael Achenbach <machenbach@chromium.org>
Date: Tue Nov 28 16:41:08 2017

Revert "[heap] Tune incremental marking step size."

This reverts commit 904050276a4d644f0246f1845f52e5b5544058f3.

Reason for revert: Flaky msan:
https://build.chromium.org/p/client.v8/builders/V8%20Linux%20-%20arm64%20-%20sim%20-%20MSAN/builds/18432

Original change's description:
> [heap] Tune incremental marking step size.
> 
> The main thread now can reduce marking step size if concurrent marking
> tasks are making progress and the bailout worklist is empty.
> 
> Bug:  chromium:694255 
> Change-Id: I2f58530f184c03667ab3a170a1f6309929645c7c
> Reviewed-on: https://chromium-review.googlesource.com/735859
> Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#49671}

TBR=ulan@chromium.org,mlippautz@chromium.org

Change-Id: Ic10ee9bae51b2b4b78d87c83c67b1307d0c36012
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug:  chromium:694255 
Reviewed-on: https://chromium-review.googlesource.com/794190
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49680}
[modify] https://crrev.com/adf0fc8c596ea6bc69d97066449a6fb7649d2f30/src/heap/incremental-marking.cc
[modify] https://crrev.com/adf0fc8c596ea6bc69d97066449a6fb7649d2f30/src/heap/incremental-marking.h
[modify] https://crrev.com/adf0fc8c596ea6bc69d97066449a6fb7649d2f30/src/heap/mark-compact.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/60184e66e03924b6d057fc8c659168891a97d386

commit 60184e66e03924b6d057fc8c659168891a97d386
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Tue Nov 28 17:48:16 2017

[heap] Reland "Tune incremental marking step size."

This reverts commit adf0fc8c596ea6bc69d97066449a6fb7649d2f30.

Original change's description:
> [heap] Tune incremental marking step size.
>
> The main thread now can reduce marking step size if concurrent marking
> tasks are making progress and the bailout worklist is empty.
>
> Bug:  chromium:694255 

Change-Id: Ib2f04be258e14887059d88da301ddf17f6b453b4
Reviewed-on: https://chromium-review.googlesource.com/794135
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49685}
[modify] https://crrev.com/60184e66e03924b6d057fc8c659168891a97d386/src/heap/concurrent-marking.cc
[modify] https://crrev.com/60184e66e03924b6d057fc8c659168891a97d386/src/heap/incremental-marking.cc
[modify] https://crrev.com/60184e66e03924b6d057fc8c659168891a97d386/src/heap/incremental-marking.h
[modify] https://crrev.com/60184e66e03924b6d057fc8c659168891a97d386/src/heap/mark-compact.h

The following revision refers to this bug:
  https://chromium.googlesource.com/v8/v8.git/+/12779b16b0707bf73404962591b36523048c8c0e

commit 12779b16b0707bf73404962591b36523048c8c0e
Author: Ulan Degenbaev <ulan@chromium.org>
Date: Fri Dec 08 17:38:31 2017

[heap] Use unchecked length getter for concurrent marking of FixedArray.

If the fixed array is being concurrently left-trimmed then checked
getter can assert because the length is not necessarily a Smi.

This patch uses unchecked length getter to cache the length as Object*.
Only if the marker manages to color the array black, we are guaranteed
that the cached length is a Smi.

This patch also uses unchecked cast for FixedArray in HeapVisitor
for concurrent marker.

Note that this patch only affects debug mode.

Bug:  chromium:694255 
Change-Id: I5016a2234a9f5fb98b498e06f5d1428b3f1cc3c6
Reviewed-on: https://chromium-review.googlesource.com/817554
Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#49970}
[modify] https://crrev.com/12779b16b0707bf73404962591b36523048c8c0e/src/heap/concurrent-marking.cc
[modify] https://crrev.com/12779b16b0707bf73404962591b36523048c8c0e/src/objects/fixed-array-inl.h
[modify] https://crrev.com/12779b16b0707bf73404962591b36523048c8c0e/src/objects/fixed-array.h

Marking as fixed since concurrent marking is enabled by default since Nov 2017.

 Issue 812178  is improvement.