[heap] Fix clearing of sweeping remembered set

Slots in the sweeping remembered set were not deleted when evacuation of an evacuation candidate fails. Also introduce DCHECKs for other usages of RemoveRange where deleting slots in the sweeping remembered set is not required. Bug: v8:9454 Change-Id: If809ea74e28817a9611104b1f2c6b34900e3432b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1838732 Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#64102}
2019-10-03 23:47:21 +02:00 · 2019-10-03 23:47:21 +02:00 · cfa6c8984e
commit cfa6c8984e
parent 618bb20238
2 changed files with 9 additions and 4 deletions
--- a/src/heap/mark-compact.cc
+++ b/src/heap/mark-compact.cc
@ -2080,6 +2080,7 @@ void MarkCompactCollector::FlushBytecodeFromSFI(
  MemoryChunk* chunk = MemoryChunk::FromAddress(compiled_data_start);

  // Clear any recorded slots for the compiled data as being invalid.
+  DCHECK_NULL(chunk->sweeping_slot_set());
  RememberedSet<OLD_TO_NEW>::RemoveRange(
      chunk, compiled_data_start, compiled_data_start + compiled_data_size,
      SlotSet::PREFREE_EMPTY_BUCKETS);
@ -2233,11 +2234,11 @@ void MarkCompactCollector::RightTrimDescriptorArray(DescriptorArray array,
  DCHECK_LE(0, new_nof_all_descriptors);
  Address start = array.GetDescriptorSlot(new_nof_all_descriptors).address();
  Address end = array.GetDescriptorSlot(old_nof_all_descriptors).address();
-  RememberedSet<OLD_TO_NEW>::RemoveRange(MemoryChunk::FromHeapObject(array),
-                                         start, end,
+  MemoryChunk* chunk = MemoryChunk::FromHeapObject(array);
+  DCHECK_NULL(chunk->sweeping_slot_set());
+  RememberedSet<OLD_TO_NEW>::RemoveRange(chunk, start, end,
                                         SlotSet::PREFREE_EMPTY_BUCKETS);
-  RememberedSet<OLD_TO_OLD>::RemoveRange(MemoryChunk::FromHeapObject(array),
-                                         start, end,
+  RememberedSet<OLD_TO_OLD>::RemoveRange(chunk, start, end,
                                         SlotSet::PREFREE_EMPTY_BUCKETS);
  heap()->CreateFillerObjectAt(start, static_cast<int>(end - start),
                               ClearRecordedSlots::kNo);
@ -3787,6 +3788,9 @@ void MarkCompactCollector::PostProcessEvacuationCandidates() {
    // might not have recorded them in first place.

    // Remove outdated slots.
+    RememberedSetSweeping::RemoveRange(page, page->address(),
+                                       failed_object.address(),
+                                       SlotSet::PREFREE_EMPTY_BUCKETS);
    RememberedSet<OLD_TO_NEW>::RemoveRange(page, page->address(),
                                           failed_object.address(),
                                           SlotSet::PREFREE_EMPTY_BUCKETS);
--- a/src/heap/spaces.cc
+++ b/src/heap/spaces.cc
@ -3958,6 +3958,7 @@ Address LargePage::GetAddressToShrink(Address object_address,
 }

 void LargePage::ClearOutOfLiveRangeSlots(Address free_start) {
+  DCHECK_NULL(this->sweeping_slot_set());
  RememberedSet<OLD_TO_NEW>::RemoveRange(this, free_start, area_end(),
                                         SlotSet::FREE_EMPTY_BUCKETS);
  RememberedSet<OLD_TO_OLD>::RemoveRange(this, free_start, area_end(),