• Ulan Degenbaev's avatar
    Revert "Fix invalidation of old-to-old slots after object trimming." · 5b434929
    Ulan Degenbaev authored
    This reverts commit 719d23c0.
    
    Reason for revert: TSAN failures
    
    Original change's description:
    > Fix invalidation of old-to-old slots after object trimming.
    > 
    > A recorded old-to-old slot may be overwritten with a pointer to a new
    > space object. If the object containing the slot is trimmed later on,
    > then the mark-compactor may crash on a stale pointer to new space.
    > 
    > This patch ensures that:
    > 1) On trimming of an object we add it to the invalidated_slots sets.
    > 2) The InvalidatedSlotsFilter::IsValid returns false for slots outside
    >    the invalidated object unless the page was already swept.
    > 
    > Array left-trimming is handled as a special case because object start
    > moves and cannot be added to the invalidated set. Instead, we clear
    > the freed memory so that the recorded slots contain Smi values.
    > 
    > Bug: chromium:870226,chromium:816426
    > Change-Id: Iffc05a58fcf52ece45fdb085b5d1fd4b3acb5d53
    > Reviewed-on: https://chromium-review.googlesource.com/1163784
    > Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
    > Reviewed-by: Hannes Payer <hpayer@chromium.org>
    > Reviewed-by: Michael Lippautz <mlippautz@chromium.org>
    > Cr-Commit-Position: refs/heads/master@{#54953}
    
    TBR=ulan@chromium.org,hpayer@chromium.org,mlippautz@chromium.org
    
    Change-Id: I2e1ff83c2db7902488951a8f597d38133aeb3b04
    No-Presubmit: true
    No-Tree-Checks: true
    No-Try: true
    Bug: chromium:870226, chromium:816426
    Reviewed-on: https://chromium-review.googlesource.com/1165862Reviewed-by: 's avatarUlan Degenbaev <ulan@chromium.org>
    Commit-Queue: Ulan Degenbaev <ulan@chromium.org>
    Cr-Commit-Position: refs/heads/master@{#54954}
    5b434929
mark-compact.cc 157 KB