heap: Avoid scheduling other garbage collections during unified heap

tl;dr: Write barrier elimination in ctors requires white-allocation of
objects.

Longer: Avoid scheduling GC calls during object allocation
(construction) as they would potentially invoke V8 marking steps. Such a
marking step is problematic if the object that is currently being
constructed has already been published as constructors rely on
white-allocation of objects in order to avoid write barriers for
initializing stores.  A call to V8 may trigger a marking step which in
turn may mark an object black if it already has been published.

Bug: 903790, 843903
Change-Id: I9ede36f34f074f76b563601fd4bd1dcb30f561c4
Reviewed-on: https://chromium-review.googlesource.com/c/1341997
Commit-Queue: Michael Lippautz <mlippautz@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#609806}

third_party/blink/renderer/platform/heap/thread_state.cc

@@ -631,6 +631,16 @@ void ThreadState::ScheduleGCIfNeeded() {
   if (IsGCForbidden() || SweepForbidden())
     return;
 
+  // This method should not call out to V8 during unified heap garbage
+  // collections. Specifically, reporting memory to V8 may trigger a marking
+  // step which is not allowed during construction of an object. The reason is
+  // that a parent object's constructor is potentially being invoked which may
+  // have already published the object. In that case the object may be colored
+  // black in a v8 marking step which invalidates the assumption that write
+  // barriers may be avoided when constructing an object as it is white.
+  if (IsUnifiedGCMarkingInProgress())
+    return;
+
   ReportMemoryToV8();
 
   if (ShouldForceMemoryPressureGC()) {