Revert "[builtins] Patch self-references in constants table"

This reverts commit 6379e2a464.

Reason for revert:
https://logs.chromium.org/v/?s=chromium%2Fbb%2Fclient.v8%2FV8_Win64%2F23855%2F%2B%2Frecipes%2Fsteps%2FCheck%2F0%2Flogs%2Fmkgrokdump%2F0

Original change's description:
> [builtins] Patch self-references in constants table
> 
> During code generation, we generate self-references (i.e. references to
> the Code object currently being generated) as references to a temporary
> handle. When the final Code object has been allocated, the handle's
> location is fixed up and RelocInfo iteration fixes up all references
> embedded in the generated code.
> 
> This adds support for this mechanism to the builtins constants table
> builder. CodeObject() is now a new handle pointing to a dedicated
> self-reference marker in order to distinguish between self-references
> and references to undefined. In Factory::NewCode, we patch up
> the constants table.
> 
> Bug: v8:6666
> Change-Id: If74ed91bb1c3b8abb20ff2f0a87d1bcd9a1b0511
> Reviewed-on: https://chromium-review.googlesource.com/1018468
> Commit-Queue: Jakob Gruber <jgruber@chromium.org>
> Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
> Reviewed-by: Yang Guo <yangguo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#52854}

TBR=yangguo@chromium.org,mlippautz@chromium.org,jgruber@chromium.org

Change-Id: I8cf8c4b43f51285ea913c6c8fdd339bd9ea645df
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: v8:6666
Reviewed-on: https://chromium-review.googlesource.com/1033092
Reviewed-by: Michael Achenbach <machenbach@chromium.org>
Commit-Queue: Michael Achenbach <machenbach@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52856}

src/arm/macro-assembler-arm.cc

@@ -32,24 +32,14 @@ namespace internal {
 
 MacroAssembler::MacroAssembler(Isolate* isolate, void* buffer, int size,
                                CodeObjectRequired create_code_object)
-    : TurboAssembler(isolate, buffer, size, create_code_object) {
-  if (create_code_object == CodeObjectRequired::kYes) {
-    // Unlike TurboAssembler, which can be used off the main thread and may not
-    // allocate, macro assembler creates its own copy of the self-reference
-    // marker in order to disambiguate between self-references during nested
-    // code generation (e.g.: codegen of the current object triggers stub
-    // compilation through CodeStub::GetCode()).
-    code_object_ = Handle<HeapObject>::New(
-        *isolate->factory()->NewSelfReferenceMarker(), isolate);
-  }
-}
+    : TurboAssembler(isolate, buffer, size, create_code_object) {}
 
 TurboAssembler::TurboAssembler(Isolate* isolate, void* buffer, int buffer_size,
                                CodeObjectRequired create_code_object)
     : Assembler(isolate, buffer, buffer_size), isolate_(isolate) {
   if (create_code_object == CodeObjectRequired::kYes) {
-    code_object_ = Handle<HeapObject>::New(
-        isolate->heap()->self_reference_marker(), isolate);
+    code_object_ =
+        Handle<HeapObject>::New(isolate->heap()->undefined_value(), isolate);
   }
 }
 
@@ -140,6 +130,11 @@ void TurboAssembler::LookupConstant(Register destination,
   CHECK(isolate()->ShouldLoadConstantsFromRootList());
   CHECK(root_array_available_);
 
+  // TODO(jgruber, v8:6666): Support self-references. Currently, we'd end up
+  // adding the temporary code object to the constants list, before creating the
+  // final object in Factory::CopyCode.
+  CHECK(code_object_.is_null() || !object.equals(code_object_));
+
   // Ensure the given object is in the builtins constants table and fetch its
   // index.
   BuiltinsConstantsTableBuilder* builder =
@@ -362,7 +357,8 @@ void TurboAssembler::Move(Register dst, Smi* smi) { mov(dst, Operand(smi)); }
 
 void TurboAssembler::Move(Register dst, Handle<HeapObject> value) {
 #ifdef V8_EMBEDDED_BUILTINS
-  if (root_array_available_ && isolate()->ShouldLoadConstantsFromRootList()) {
+  if (root_array_available_ && isolate()->ShouldLoadConstantsFromRootList() &&
+      !value.equals(CodeObject())) {
     Heap::RootListIndex root_index;
     if (!isolate()->heap()->IsRootHandle(value, &root_index)) {
       LookupConstant(dst, value);

src/arm/macro-assembler-arm.h

@@ -551,14 +551,12 @@ class TurboAssembler : public Assembler {
   bool root_array_available() const { return root_array_available_; }
   void set_root_array_available(bool v) { root_array_available_ = v; }
 
- protected:
-  // This handle will be patched with the code object on installation.
-  Handle<HeapObject> code_object_;
-
  private:
   bool has_frame_ = false;
   bool root_array_available_ = true;
   Isolate* const isolate_;
+  // This handle will be patched with the code object on installation.
+  Handle<HeapObject> code_object_;
 
   // Compare single values and then load the fpscr flags to a register.
   void VFPCompareAndLoadFlags(const SwVfpRegister src1,

src/arm64/macro-assembler-arm64.cc

@@ -30,17 +30,7 @@ namespace internal {
 MacroAssembler::MacroAssembler(Isolate* isolate, byte* buffer,
                                unsigned buffer_size,
                                CodeObjectRequired create_code_object)
-    : TurboAssembler(isolate, buffer, buffer_size, create_code_object) {
-  if (create_code_object == CodeObjectRequired::kYes) {
-    // Unlike TurboAssembler, which can be used off the main thread and may not
-    // allocate, macro assembler creates its own copy of the self-reference
-    // marker in order to disambiguate between self-references during nested
-    // code generation (e.g.: codegen of the current object triggers stub
-    // compilation through CodeStub::GetCode()).
-    code_object_ = Handle<HeapObject>::New(
-        *isolate->factory()->NewSelfReferenceMarker(), isolate);
-  }
-}
+    : TurboAssembler(isolate, buffer, buffer_size, create_code_object) {}
 
 CPURegList TurboAssembler::DefaultTmpList() { return CPURegList(ip0, ip1); }
 
@@ -59,8 +49,8 @@ TurboAssembler::TurboAssembler(Isolate* isolate, void* buffer, int buffer_size,
       fptmp_list_(DefaultFPTmpList()),
       use_real_aborts_(true) {
   if (create_code_object == CodeObjectRequired::kYes) {
-    code_object_ = Handle<HeapObject>::New(
-        isolate->heap()->self_reference_marker(), isolate);
+    code_object_ =
+        Handle<HeapObject>::New(isolate->heap()->undefined_value(), isolate);
   }
 }
 
@@ -1591,7 +1581,8 @@ void TurboAssembler::Move(Register dst, Register src) { Mov(dst, src); }
 
 void TurboAssembler::Move(Register dst, Handle<HeapObject> x) {
 #ifdef V8_EMBEDDED_BUILTINS
-  if (root_array_available_ && isolate()->ShouldLoadConstantsFromRootList()) {
+  if (root_array_available_ && isolate()->ShouldLoadConstantsFromRootList() &&
+      !x.equals(CodeObject())) {
     LookupConstant(dst, x);
     return;
   }
@@ -1889,6 +1880,11 @@ void TurboAssembler::LookupConstant(Register destination,
   CHECK(isolate()->ShouldLoadConstantsFromRootList());
   CHECK(root_array_available_);
 
+  // TODO(jgruber, v8:6666): Support self-references. Currently, we'd end up
+  // adding the temporary code object to the constants list, before creating the
+  // final object in Factory::CopyCode.
+  CHECK(code_object_.is_null() || !object.equals(code_object_));
+
   // Ensure the given object is in the builtins constants table and fetch its
   // index.
   BuiltinsConstantsTableBuilder* builder =

src/arm64/macro-assembler-arm64.h

@@ -1249,9 +1249,6 @@ class TurboAssembler : public Assembler {
   // have mixed types. The format string (x0) should not be included.
   void CallPrintf(int arg_count = 0, const CPURegister* args = nullptr);
 
-  // This handle will be patched with the code object on installation.
-  Handle<HeapObject> code_object_;
-
  private:
   bool has_frame_ = false;
   bool root_array_available_ = true;
@@ -1262,6 +1259,8 @@ class TurboAssembler : public Assembler {
   // of instructions is called.
   bool allow_macro_instructions_;
 #endif
+  // This handle will be patched with the code object on installation.
+  Handle<HeapObject> code_object_;
 
   // Scratch registers available for use by the MacroAssembler.
   CPURegList tmp_list_;

src/builtins/constants-table-builder.cc

@@ -46,36 +46,6 @@ uint32_t BuiltinsConstantsTableBuilder::AddObject(Handle<Object> object) {
   }
 }
 
-void BuiltinsConstantsTableBuilder::PatchSelfReference(
-    Handle<Object> self_reference, Handle<Code> code_object) {
-#ifdef DEBUG
-  // Roots must not be inserted into the constants table as they are already
-  // accessibly from the root list.
-  Heap::RootListIndex root_list_index;
-  DCHECK(!isolate_->heap()->IsRootHandle(code_object, &root_list_index));
-
-  // Not yet finalized.
-  DCHECK_EQ(isolate_->heap()->empty_fixed_array(),
-            isolate_->heap()->builtins_constants_table());
-
-  DCHECK(isolate_->serializer_enabled());
-
-  DCHECK(self_reference->IsOddball());
-  DCHECK(Oddball::cast(*self_reference)->kind() ==
-         Oddball::kSelfReferenceMarker);
-
-  // During indirection generation, we always create a distinct marker for each
-  // macro assembler. The canonical marker is only used when not generating a
-  // snapshot.
-  DCHECK(*self_reference != isolate_->heap()->self_reference_marker());
-#endif
-
-  uint32_t key;
-  if (map_.Delete(self_reference, &key)) {
-    map_.Set(code_object, key);
-  }
-}
-
 void BuiltinsConstantsTableBuilder::Finalize() {
   HandleScope handle_scope(isolate_);
 

src/builtins/constants-table-builder.h

@@ -28,12 +28,6 @@ class BuiltinsConstantsTableBuilder final {
   // object, possibly adding the object to the table. Objects are deduplicated.
   uint32_t AddObject(Handle<Object> object);
 
-  // Self-references during code generation start out by referencing a handle
-  // with a temporary dummy object. Once the final Code object exists, such
-  // entries in the constants map must be patched up.
-  void PatchSelfReference(Handle<Object> self_reference,
-                          Handle<Code> code_object);
-
   // Should be called after all affected code (e.g. builtins and bytecode
   // handlers) has been generated.
   void Finalize();

src/heap/factory.cc

@@ -10,7 +10,6 @@
 #include "src/ast/ast.h"
 #include "src/base/bits.h"
 #include "src/bootstrapper.h"
-#include "src/builtins/constants-table-builder.h"
 #include "src/compiler.h"
 #include "src/conversions.h"
 #include "src/interpreter/interpreter.h"
@@ -191,12 +190,6 @@ Handle<Oddball> Factory::NewOddball(Handle<Map> map, const char* to_string,
   return oddball;
 }
 
-Handle<Oddball> Factory::NewSelfReferenceMarker() {
-  return NewOddball(self_reference_marker_map(), "self_reference_marker",
-                    handle(Smi::FromInt(-1), isolate()), "undefined",
-                    Oddball::kSelfReferenceMarker);
-}
-
 Handle<PropertyArray> Factory::NewPropertyArray(int length,
                                                 PretenureFlag pretenure) {
   DCHECK_LE(0, length);
@@ -2462,15 +2455,7 @@ Handle<Code> Factory::NewCode(
 
   // Allow self references to created code object by patching the handle to
   // point to the newly allocated Code object.
-  if (!self_ref.is_null()) {
-    DCHECK(self_ref->IsOddball());
-    DCHECK(Oddball::cast(*self_ref)->kind() == Oddball::kSelfReferenceMarker);
-#ifdef V8_EMBEDDED_BUILTINS
-    auto builder = isolate()->builtins_constants_table_builder();
-    if (builder != nullptr) builder->PatchSelfReference(self_ref, code);
-#endif  // V8_EMBEDDED_BUILTINS
-    *(self_ref.location()) = *code;
-  }
+  if (!self_ref.is_null()) *(self_ref.location()) = *code;
 
   // Migrate generated code.
   // The generated code can contain Object** values (typically from handles)

src/heap/factory.h

@@ -87,9 +87,6 @@ class V8_EXPORT_PRIVATE Factory {
                              Handle<Object> to_number, const char* type_of,
                              byte kind);
 
-  // Marks self references within code generation.
-  Handle<Oddball> NewSelfReferenceMarker();
-
   // Allocates a fixed array-like object with given map and initialized with
   // undefined values.
   template <typename T = FixedArray>

src/heap/heap.h

@@ -191,7 +191,6 @@ using v8::MemoryPressureLevel;
   V(Map, termination_exception_map, TerminationExceptionMap)                   \
   V(Map, optimized_out_map, OptimizedOutMap)                                   \
   V(Map, stale_register_map, StaleRegisterMap)                                 \
-  V(Map, self_reference_marker_map, SelfReferenceMarkerMap)                    \
   /* Canonical empty values */                                                 \
   V(EnumCache, empty_enum_cache, EmptyEnumCache)                               \
   V(PropertyArray, empty_property_array, EmptyPropertyArray)                   \
@@ -264,8 +263,6 @@ using v8::MemoryPressureLevel;
   V(WeakArrayList, retained_maps, RetainedMaps)                                \
   /* Indirection lists for isolate-independent builtins */                     \
   V(FixedArray, builtins_constants_table, BuiltinsConstantsTable)              \
-  /* Marker for self-references during code-generation */                      \
-  V(HeapObject, self_reference_marker, SelfReferenceMarker)                    \
   /* Feedback vectors that we need for code coverage or type profile */        \
   V(Object, feedback_vectors_for_profiling_tools,                              \
     FeedbackVectorsForProfilingTools)                                          \
@@ -389,7 +386,6 @@ using v8::MemoryPressureLevel;
   V(ScopeInfoMap)                       \
   V(ScriptContextMap)                   \
   V(ScriptContextTableMap)              \
-  V(SelfReferenceMarker)                \
   V(SharedFunctionInfoMap)              \
   V(SimpleNumberDictionaryMap)          \
   V(SloppyArgumentsElementsMap)         \

src/heap/setup-heap-internal.cc

@@ -376,7 +376,6 @@ bool Heap::CreateInitialMaps() {
     ALLOCATE_MAP(ODDBALL_TYPE, Oddball::kSize, termination_exception);
     ALLOCATE_MAP(ODDBALL_TYPE, Oddball::kSize, optimized_out);
     ALLOCATE_MAP(ODDBALL_TYPE, Oddball::kSize, stale_register);
-    ALLOCATE_MAP(ODDBALL_TYPE, Oddball::kSize, self_reference_marker);
     ALLOCATE_VARSIZE_MAP(BIGINT_TYPE, bigint);
 
     for (unsigned i = 0; i < arraysize(string_type_table); i++) {
@@ -847,9 +846,6 @@ void Heap::CreateInitialObjects() {
   // Initialize builtins constants table.
   set_builtins_constants_table(empty_fixed_array());
 
-  // Initialize the self-reference marker.
-  set_self_reference_marker(*factory->NewSelfReferenceMarker());
-
   // Initialize context slot cache.
   isolate_->context_slot_cache()->Clear();
 

src/ia32/macro-assembler-ia32.cc

@@ -28,24 +28,14 @@ namespace internal {
 
 MacroAssembler::MacroAssembler(Isolate* isolate, void* buffer, int size,
                                CodeObjectRequired create_code_object)
-    : TurboAssembler(isolate, buffer, size, create_code_object) {
-  if (create_code_object == CodeObjectRequired::kYes) {
-    // Unlike TurboAssembler, which can be used off the main thread and may not
-    // allocate, macro assembler creates its own copy of the self-reference
-    // marker in order to disambiguate between self-references during nested
-    // code generation (e.g.: codegen of the current object triggers stub
-    // compilation through CodeStub::GetCode()).
-    code_object_ = Handle<HeapObject>::New(
-        *isolate->factory()->NewSelfReferenceMarker(), isolate);
-  }
-}
+    : TurboAssembler(isolate, buffer, size, create_code_object) {}
 
 TurboAssembler::TurboAssembler(Isolate* isolate, void* buffer, int buffer_size,
                                CodeObjectRequired create_code_object)
     : Assembler(isolate, buffer, buffer_size), isolate_(isolate) {
   if (create_code_object == CodeObjectRequired::kYes) {
-    code_object_ = Handle<HeapObject>::New(
-        isolate->heap()->self_reference_marker(), isolate);
+    code_object_ =
+        Handle<HeapObject>::New(isolate->heap()->undefined_value(), isolate);
   }
 }
 

src/ia32/macro-assembler-ia32.h

@@ -360,14 +360,12 @@ class TurboAssembler : public Assembler {
   bool root_array_available() const { return root_array_available_; }
   void set_root_array_available(bool v) { root_array_available_ = v; }
 
- protected:
-  // This handle will be patched with the code object on installation.
-  Handle<HeapObject> code_object_;
-
  private:
   bool has_frame_ = false;
   bool root_array_available_ = false;
   Isolate* const isolate_;
+  // This handle will be patched with the code object on installation.
+  Handle<HeapObject> code_object_;
 };
 
 // MacroAssembler implements a collection of frequently used macros.

src/mips/macro-assembler-mips.cc

@@ -27,17 +27,7 @@ namespace internal {
 
 MacroAssembler::MacroAssembler(Isolate* isolate, void* buffer, int size,
                                CodeObjectRequired create_code_object)
-    : TurboAssembler(isolate, buffer, size, create_code_object) {
-  if (create_code_object == CodeObjectRequired::kYes) {
-    // Unlike TurboAssembler, which can be used off the main thread and may not
-    // allocate, macro assembler creates its own copy of the self-reference
-    // marker in order to disambiguate between self-references during nested
-    // code generation (e.g.: codegen of the current object triggers stub
-    // compilation through CodeStub::GetCode()).
-    code_object_ = Handle<HeapObject>::New(
-        *isolate->factory()->NewSelfReferenceMarker(), isolate);
-  }
-}
+    : TurboAssembler(isolate, buffer, size, create_code_object) {}
 
 TurboAssembler::TurboAssembler(Isolate* isolate, void* buffer, int buffer_size,
                                CodeObjectRequired create_code_object)
@@ -45,8 +35,8 @@ TurboAssembler::TurboAssembler(Isolate* isolate, void* buffer, int buffer_size,
       isolate_(isolate),
       has_double_zero_reg_set_(false) {
   if (create_code_object == CodeObjectRequired::kYes) {
-    code_object_ = Handle<HeapObject>::New(
-        isolate->heap()->self_reference_marker(), isolate);
+    code_object_ =
+        Handle<HeapObject>::New(isolate->heap()->undefined_value(), isolate);
   }
 }
 
@@ -1333,7 +1323,8 @@ void TurboAssembler::Sc(Register rd, const MemOperand& rs) {
 
 void TurboAssembler::li(Register dst, Handle<HeapObject> value, LiFlags mode) {
 #ifdef V8_EMBEDDED_BUILTINS
-  if (root_array_available_ && isolate()->ShouldLoadConstantsFromRootList()) {
+  if (root_array_available_ && isolate()->ShouldLoadConstantsFromRootList() &&
+      !value.equals(CodeObject())) {
     LookupConstant(dst, value);
     return;
   }
@@ -3614,6 +3605,11 @@ void TurboAssembler::LookupConstant(Register destination,
   CHECK(isolate()->ShouldLoadConstantsFromRootList());
   CHECK(root_array_available_);
 
+  // TODO(jgruber, v8:6666): Support self-references. Currently, we'd end up
+  // adding the temporary code object to the constants list, before creating the
+  // final object in Factory::CopyCode.
+  CHECK(code_object_.is_null() || !object.equals(code_object_));
+
   // Ensure the given object is in the builtins constants table and fetch its
   // index.
   BuiltinsConstantsTableBuilder* builder =

src/mips/macro-assembler-mips.h

@@ -855,13 +855,12 @@ class TurboAssembler : public Assembler {
 
   inline int32_t GetOffset(int32_t offset, Label* L, OffsetSize bits);
 
-  // This handle will be patched with the code object on installation.
-  Handle<HeapObject> code_object_;
-
  private:
   bool has_frame_ = false;
   bool root_array_available_ = true;
   Isolate* const isolate_;
+  // This handle will be patched with the code object on installation.
+  Handle<HeapObject> code_object_;
   bool has_double_zero_reg_set_;
 
   void CallCFunctionHelper(Register function_base, int16_t function_offset,

src/mips64/macro-assembler-mips64.cc

@@ -27,17 +27,7 @@ namespace internal {
 
 MacroAssembler::MacroAssembler(Isolate* isolate, void* buffer, int size,
                                CodeObjectRequired create_code_object)
-    : TurboAssembler(isolate, buffer, size, create_code_object) {
-  if (create_code_object == CodeObjectRequired::kYes) {
-    // Unlike TurboAssembler, which can be used off the main thread and may not
-    // allocate, macro assembler creates its own copy of the self-reference
-    // marker in order to disambiguate between self-references during nested
-    // code generation (e.g.: codegen of the current object triggers stub
-    // compilation through CodeStub::GetCode()).
-    code_object_ = Handle<HeapObject>::New(
-        *isolate->factory()->NewSelfReferenceMarker(), isolate);
-  }
-}
+    : TurboAssembler(isolate, buffer, size, create_code_object) {}
 
 TurboAssembler::TurboAssembler(Isolate* isolate, void* buffer, int buffer_size,
                                CodeObjectRequired create_code_object)
@@ -45,8 +35,8 @@ TurboAssembler::TurboAssembler(Isolate* isolate, void* buffer, int buffer_size,
       isolate_(isolate),
       has_double_zero_reg_set_(false) {
   if (create_code_object == CodeObjectRequired::kYes) {
-    code_object_ = Handle<HeapObject>::New(
-        isolate->heap()->self_reference_marker(), isolate);
+    code_object_ =
+        Handle<HeapObject>::New(isolate->heap()->undefined_value(), isolate);
   }
 }
 
@@ -1572,7 +1562,8 @@ void TurboAssembler::Scd(Register rd, const MemOperand& rs) {
 
 void TurboAssembler::li(Register dst, Handle<HeapObject> value, LiFlags mode) {
 #ifdef V8_EMBEDDED_BUILTINS
-  if (root_array_available_ && isolate()->ShouldLoadConstantsFromRootList()) {
+  if (root_array_available_ && isolate()->ShouldLoadConstantsFromRootList() &&
+      !value.equals(CodeObject())) {
     LookupConstant(dst, value);
     return;
   }
@@ -4123,6 +4114,11 @@ void TurboAssembler::LookupConstant(Register destination,
   CHECK(isolate()->ShouldLoadConstantsFromRootList());
   CHECK(root_array_available_);
 
+  // TODO(jgruber, v8:6666): Support self-references. Currently, we'd end up
+  // adding the temporary code object to the constants list, before creating the
+  // final object in Factory::CopyCode.
+  CHECK(code_object_.is_null() || !object.equals(code_object_));
+
   // Ensure the given object is in the builtins constants table and fetch its
   // index.
   BuiltinsConstantsTableBuilder* builder =

src/mips64/macro-assembler-mips64.h

@@ -878,13 +878,12 @@ class TurboAssembler : public Assembler {
   inline Register GetRtAsRegisterHelper(const Operand& rt, Register scratch);
   inline int32_t GetOffset(int32_t offset, Label* L, OffsetSize bits);
 
-  // This handle will be patched with the code object on installation.
-  Handle<HeapObject> code_object_;
-
  private:
   bool has_frame_ = false;
   bool root_array_available_ = true;
   Isolate* const isolate_;
+  // This handle will be patched with the code object on installation.
+  Handle<HeapObject> code_object_;
   bool has_double_zero_reg_set_;
 
   void CompareF(SecondaryField sizeField, FPUCondition cc, FPURegister cmp1,

src/objects-debug.cc

@@ -985,9 +985,6 @@ void Oddball::OddballVerify() {
     CHECK(this == heap->optimized_out());
   } else if (map() == heap->stale_register_map()) {
     CHECK(this == heap->stale_register());
-  } else if (map() == heap->self_reference_marker_map()) {
-    // Multiple instances of this oddball may exist at once.
-    CHECK_EQ(kind(), Oddball::kSelfReferenceMarker);
   } else {
     UNREACHABLE();
   }

src/objects.h

@@ -4050,7 +4050,6 @@ class Oddball: public HeapObject {
   static const byte kException = 8;
   static const byte kOptimizedOut = 9;
   static const byte kStaleRegister = 10;
-  static const byte kSelfReferenceMarker = 10;
 
   typedef FixedBodyDescriptor<kToStringOffset, kTypeOfOffset + kPointerSize,
                               kSize> BodyDescriptor;

src/ppc/macro-assembler-ppc.cc

@@ -34,8 +34,8 @@ TurboAssembler::TurboAssembler(Isolate* isolate, void* buffer, int buffer_size,
                                CodeObjectRequired create_code_object)
     : Assembler(isolate, buffer, buffer_size), isolate_(isolate) {
   if (create_code_object == CodeObjectRequired::kYes) {
-    code_object_ = Handle<HeapObject>::New(
-        isolate->heap()->self_reference_marker(), isolate);
+    code_object_ =
+        Handle<HeapObject>::New(isolate->heap()->undefined_value(), isolate);
   }
 }
 

src/x64/macro-assembler-x64.cc

@@ -65,24 +65,14 @@ StackArgumentsAccessor::StackArgumentsAccessor(
 
 MacroAssembler::MacroAssembler(Isolate* isolate, void* buffer, int size,
                                CodeObjectRequired create_code_object)
-    : TurboAssembler(isolate, buffer, size, create_code_object) {
-  if (create_code_object == CodeObjectRequired::kYes) {
-    // Unlike TurboAssembler, which can be used off the main thread and may not
-    // allocate, macro assembler creates its own copy of the self-reference
-    // marker in order to disambiguate between self-references during nested
-    // code generation (e.g.: codegen of the current object triggers stub
-    // compilation through CodeStub::GetCode()).
-    code_object_ = Handle<HeapObject>::New(
-        *isolate->factory()->NewSelfReferenceMarker(), isolate);
-  }
-}
+    : TurboAssembler(isolate, buffer, size, create_code_object) {}
 
 TurboAssembler::TurboAssembler(Isolate* isolate, void* buffer, int buffer_size,
                                CodeObjectRequired create_code_object)
     : Assembler(isolate, buffer, buffer_size), isolate_(isolate) {
   if (create_code_object == CodeObjectRequired::kYes) {
-    code_object_ = Handle<HeapObject>::New(
-        isolate->heap()->self_reference_marker(), isolate);
+    code_object_ =
+        Handle<HeapObject>::New(isolate->heap()->undefined_value(), isolate);
   }
 }
 
@@ -158,6 +148,11 @@ void TurboAssembler::LookupConstant(Register destination,
   CHECK(isolate()->ShouldLoadConstantsFromRootList());
   CHECK(root_array_available_);
 
+  // TODO(jgruber, v8:6666): Support self-references. Currently, we'd end up
+  // adding the temporary code object to the constants list, before creating the
+  // final object in Factory::CopyCode.
+  CHECK(code_object_.is_null() || !object.equals(code_object_));
+
   // Ensure the given object is in the builtins constants table and fetch its
   // index.
   BuiltinsConstantsTableBuilder* builder =
@@ -1398,7 +1393,8 @@ void TurboAssembler::Push(Handle<HeapObject> source) {
 void TurboAssembler::Move(Register result, Handle<HeapObject> object,
                           RelocInfo::Mode rmode) {
 #ifdef V8_EMBEDDED_BUILTINS
-  if (root_array_available_ && isolate()->ShouldLoadConstantsFromRootList()) {
+  if (root_array_available_ && isolate()->ShouldLoadConstantsFromRootList() &&
+      !object.equals(CodeObject())) {
     Heap::RootListIndex root_index;
     if (!isolate()->heap()->IsRootHandle(object, &root_index)) {
       LookupConstant(result, object);

src/x64/macro-assembler-x64.h

@@ -535,11 +535,10 @@ class TurboAssembler : public Assembler {
   // modified. It may be the "smi 1 constant" register.
   Register GetSmiConstant(Smi* value);
 
-  // This handle will be patched with the code object on installation.
-  Handle<HeapObject> code_object_;
-
  private:
   bool has_frame_ = false;
+  // This handle will be patched with the code object on installation.
+  Handle<HeapObject> code_object_;
   Isolate* const isolate_;
 };
 

test/cctest/heap/test-heap.cc

@@ -3866,8 +3866,9 @@ static Handle<Code> DummyOptimizedCode(Isolate* isolate) {
   masm.Push(isolate->factory()->undefined_value());
   masm.Drop(2);
   masm.GetCode(isolate, &desc);
-  Handle<Code> code = isolate->factory()->NewCode(
-      desc, Code::OPTIMIZED_FUNCTION, masm.CodeObject());
+  Handle<Object> undefined(isolate->heap()->undefined_value(), isolate);
+  Handle<Code> code =
+      isolate->factory()->NewCode(desc, Code::OPTIMIZED_FUNCTION, undefined);
   CHECK(code->IsCode());
   return code;
 }

test/cctest/test-assembler-arm.cc

@@ -2782,8 +2782,7 @@ TEST(code_relative_offset) {
   Isolate* isolate = CcTest::i_isolate();
   HandleScope scope(isolate);
   // Initialize a code object that will contain the code.
-  Handle<HeapObject> code_object(isolate->heap()->self_reference_marker(),
-                                 isolate);
+  Handle<HeapObject> code_object(isolate->heap()->undefined_value(), isolate);
 
   Assembler assm(isolate, nullptr, 0);
 

tools/v8heapconst.py

@@ -260,37 +260,36 @@ KNOWN_MAPS = {
   ("RO_SPACE", 0x04cc9): (147, "FixedUint8ClampedArrayMap"),
   ("RO_SPACE", 0x04d31): (149, "FixedBigUint64ArrayMap"),
   ("RO_SPACE", 0x04d99): (148, "FixedBigInt64ArrayMap"),
-  ("RO_SPACE", 0x04e01): (131, "SelfReferenceMarkerMap"),
-  ("RO_SPACE", 0x04e81): (173, "Tuple2Map"),
-  ("RO_SPACE", 0x04ef9): (171, "ScriptMap"),
-  ("RO_SPACE", 0x04f61): (163, "InterceptorInfoMap"),
-  ("RO_SPACE", 0x08e59): (154, "AccessorInfoMap"),
-  ("RO_SPACE", 0x09069): (153, "AccessCheckInfoMap"),
-  ("RO_SPACE", 0x090d1): (155, "AccessorPairMap"),
-  ("RO_SPACE", 0x09139): (156, "AliasedArgumentsEntryMap"),
-  ("RO_SPACE", 0x091a1): (157, "AllocationMementoMap"),
-  ("RO_SPACE", 0x09209): (158, "AllocationSiteMap"),
-  ("RO_SPACE", 0x09271): (159, "AsyncGeneratorRequestMap"),
-  ("RO_SPACE", 0x092d9): (160, "ContextExtensionMap"),
-  ("RO_SPACE", 0x09341): (161, "DebugInfoMap"),
-  ("RO_SPACE", 0x093a9): (162, "FunctionTemplateInfoMap"),
-  ("RO_SPACE", 0x09411): (164, "InterpreterDataMap"),
-  ("RO_SPACE", 0x09479): (165, "ModuleInfoEntryMap"),
-  ("RO_SPACE", 0x094e1): (166, "ModuleMap"),
-  ("RO_SPACE", 0x09549): (167, "ObjectTemplateInfoMap"),
-  ("RO_SPACE", 0x095b1): (168, "PromiseCapabilityMap"),
-  ("RO_SPACE", 0x09619): (169, "PromiseReactionMap"),
-  ("RO_SPACE", 0x09681): (170, "PrototypeInfoMap"),
-  ("RO_SPACE", 0x096e9): (172, "StackFrameInfoMap"),
-  ("RO_SPACE", 0x09751): (174, "Tuple3Map"),
-  ("RO_SPACE", 0x097b9): (175, "WasmCompiledModuleMap"),
-  ("RO_SPACE", 0x09821): (176, "WasmDebugInfoMap"),
-  ("RO_SPACE", 0x09889): (177, "WasmSharedModuleDataMap"),
-  ("RO_SPACE", 0x098f1): (178, "CallableTaskMap"),
-  ("RO_SPACE", 0x09959): (179, "CallbackTaskMap"),
-  ("RO_SPACE", 0x099c1): (180, "PromiseFulfillReactionJobTaskMap"),
-  ("RO_SPACE", 0x09a29): (181, "PromiseRejectReactionJobTaskMap"),
-  ("RO_SPACE", 0x09a91): (182, "PromiseResolveThenableJobTaskMap"),
+  ("RO_SPACE", 0x04e19): (173, "Tuple2Map"),
+  ("RO_SPACE", 0x04e91): (171, "ScriptMap"),
+  ("RO_SPACE", 0x04ef9): (163, "InterceptorInfoMap"),
+  ("RO_SPACE", 0x08dc1): (154, "AccessorInfoMap"),
+  ("RO_SPACE", 0x08fd1): (153, "AccessCheckInfoMap"),
+  ("RO_SPACE", 0x09039): (155, "AccessorPairMap"),
+  ("RO_SPACE", 0x090a1): (156, "AliasedArgumentsEntryMap"),
+  ("RO_SPACE", 0x09109): (157, "AllocationMementoMap"),
+  ("RO_SPACE", 0x09171): (158, "AllocationSiteMap"),
+  ("RO_SPACE", 0x091d9): (159, "AsyncGeneratorRequestMap"),
+  ("RO_SPACE", 0x09241): (160, "ContextExtensionMap"),
+  ("RO_SPACE", 0x092a9): (161, "DebugInfoMap"),
+  ("RO_SPACE", 0x09311): (162, "FunctionTemplateInfoMap"),
+  ("RO_SPACE", 0x09379): (164, "InterpreterDataMap"),
+  ("RO_SPACE", 0x093e1): (165, "ModuleInfoEntryMap"),
+  ("RO_SPACE", 0x09449): (166, "ModuleMap"),
+  ("RO_SPACE", 0x094b1): (167, "ObjectTemplateInfoMap"),
+  ("RO_SPACE", 0x09519): (168, "PromiseCapabilityMap"),
+  ("RO_SPACE", 0x09581): (169, "PromiseReactionMap"),
+  ("RO_SPACE", 0x095e9): (170, "PrototypeInfoMap"),
+  ("RO_SPACE", 0x09651): (172, "StackFrameInfoMap"),
+  ("RO_SPACE", 0x096b9): (174, "Tuple3Map"),
+  ("RO_SPACE", 0x09721): (175, "WasmCompiledModuleMap"),
+  ("RO_SPACE", 0x09789): (176, "WasmDebugInfoMap"),
+  ("RO_SPACE", 0x097f1): (177, "WasmSharedModuleDataMap"),
+  ("RO_SPACE", 0x09859): (178, "CallableTaskMap"),
+  ("RO_SPACE", 0x098c1): (179, "CallbackTaskMap"),
+  ("RO_SPACE", 0x09929): (180, "PromiseFulfillReactionJobTaskMap"),
+  ("RO_SPACE", 0x09991): (181, "PromiseRejectReactionJobTaskMap"),
+  ("RO_SPACE", 0x099f9): (182, "PromiseResolveThenableJobTaskMap"),
   ("MAP_SPACE", 0x02201): (1057, "ExternalMap"),
   ("MAP_SPACE", 0x02259): (1072, "JSMessageObjectMap"),
 }
@@ -307,7 +306,7 @@ KNOWN_OBJECTS = {
   ("RO_SPACE", 0x02899): "TrueValue",
   ("RO_SPACE", 0x02971): "FalseValue",
   ("RO_SPACE", 0x029c1): "empty_string",
-  ("RO_SPACE", 0x04ee9): "EmptyByteArray",
+  ("RO_SPACE", 0x04e81): "EmptyByteArray",
   ("OLD_SPACE", 0x02201): "UninitializedValue",
   ("OLD_SPACE", 0x02231): "EmptyScopeInfo",
   ("OLD_SPACE", 0x02241): "ArgumentsMarker",
@@ -343,7 +342,6 @@ KNOWN_OBJECTS = {
   ("OLD_SPACE", 0x02851): "InfinityValue",
   ("OLD_SPACE", 0x02861): "MinusZeroValue",
   ("OLD_SPACE", 0x02871): "MinusInfinityValue",
-  ("OLD_SPACE", 0x102b1): "SelfReferenceMarker",
 }
 
 # List of known V8 Frame Markers.