[heap] Improve IncrementalMarking::UpdateMarkingDequeAfterScavenge.

Black allocation during scavenges will push objects on the marking deque that point to to-space. They should not be cleared.

BUG=chromium:561449
LOG=n

Review URL: https://codereview.chromium.org/1683983003

Cr-Commit-Position: refs/heads/master@{#33875}
This commit is contained in:
hpayer 2016-02-10 12:01:22 -08:00 committed by Commit bot
parent 8bfd4a5ac9
commit 0ecdd93282

View File

@ -795,8 +795,14 @@ void IncrementalMarking::UpdateMarkingDequeAfterScavenge() {
HeapObject* obj = array[current];
DCHECK(obj->IsHeapObject());
current = ((current + 1) & mask);
if (heap_->InNewSpace(obj)) {
// Only pointers to from space have to be updated.
if (heap_->InFromSpace(obj)) {
MapWord map_word = obj->map_word();
// There may be objects on the marking deque that do not exist anymore,
// e.g. left trimmed objects or objects from the root set (frames).
// If these object are dead at scavenging time, their marking deque
// entries will not point to forwarding addresses. Hence, we can discard
// them.
if (map_word.IsForwardingAddress()) {
HeapObject* dest = map_word.ToForwardingAddress();
array[new_top] = dest;