Do not touch a binary op IC target in code object marked for lazy deopt.

Do not touch a binary op IC target in code object marked for lazy deopt.

Bad scenario:

- Enter a binop IC miss handler from optimized code object C from call
  site S,

- From the binop IC, invoke arbitrary javascript that lazy deopts C,
  so all relocation info is nuked and replaced with lazy deopt entries'
  reloc info. In particular, there is no reloc info for S.

- Still from the arbitrary JavaScript, make IC target's code object move.
  Note that the call site S is not updated.

- Return to the miss handler and inspect the IC's target. This will try
  to get the target from S, but that is a potentially invalid pointer.

It is quite possible that we will have to do a similar fix for other ICs,
but we will have to find a reliable repro first. I am not submitting a
repro here because it is quite long running and brittle (it
relies on code compaction happening while in the binop IC).

BUG=v8:3910
LOG=n
R=ishell@chromium.org

Committed: https://crrev.com/bb13e7f7468a5b92022d98be7086b5abf2533359
Cr-Commit-Position: refs/heads/master@{#26872}

[Jarin, 2015-02-25 14:32:52]

Could you take a look, please?

[Igor Sheludko, 2015-02-25 18:44:29]

lgtm

[Jarin, 2015-02-26 08:19:00]

The CQ bit was checked by jarin@chromium.org

[commit-bot: I haz the power, 2015-02-26 08:20:43]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/958473004/1

[commit-bot: I haz the power, 2015-02-26 08:36:52]

Committed patchset #1 (id:1)

[commit-bot: I haz the power, 2015-02-26 08:37:01]

Patchset 1 (id:??) landed as
https://crrev.com/bb13e7f7468a5b92022d98be7086b5abf2533359
Cr-Commit-Position: refs/heads/master@{#26872}