[heap] Ensure that all old-to-new slots are valid

Filtering was reverted in https://crrev.com/c/1773252 because of chromium:998256, but this issue seems to be unrelated. Bug: v8:9454 Change-Id: Ie266976c8fc664fe2a7395198a010307f5297f25 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792163Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#63606}

[heap] Ensure that all old-to-new slots are valid
Filtering was reverted in https://crrev.com/c/1773252 because of chromium:998256, but this issue seems to be unrelated. Bug: v8:9454 Change-Id: Ie266976c8fc664fe2a7395198a010307f5297f25 Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/1792163Reviewed-by: Ulan Degenbaev <ulan@chromium.org> Commit-Queue: Dominik Inführ <dinfuehr@chromium.org> Cr-Commit-Position: refs/heads/master@{#63606}
eaa0bb4c · Dominik Inführ · Commit Bot · 8d107684 · eaa0bb4c · eaa0bb4c
Commit eaa0bb4c authored Sep 09, 2019 by Dominik Inführ Committed by Commit Bot Sep 09, 2019
Hide whitespace changes
Inline Side-by-side

Showing with 7 additions and 3 deletions

mark-compact.cc src/heap/mark-compact.cc +3 -1

scavenger.cc src/heap/scavenger.cc +4 -2

No files found.
--- a/src/heap/mark-compact.cc
+++ b/src/heap/mark-compact.cc
@@ -3411,9 +3411,11 @@ class RememberedSetUpdatingItem : public UpdatingItem {

  void UpdateUntypedPointers() {
    if (chunk_->slot_set<OLD_TO_NEW, AccessMode::NON_ATOMIC>() != nullptr) {
+      InvalidatedSlotsFilter filter = InvalidatedSlotsFilter::OldToNew(chunk_);
      RememberedSet<OLD_TO_NEW>::Iterate(
          chunk_,
-          [this](MaybeObjectSlot slot) {
+          [this, &filter](MaybeObjectSlot slot) {
+            CHECK(filter.IsValid(slot.address()));
            return CheckAndUpdateOldToNewSlot(slot);
          },
          SlotSet::PREFREE_EMPTY_BUCKETS);

--- a/src/heap/scavenger.cc
+++ b/src/heap/scavenger.cc
@@ -432,10 +432,12 @@ void Scavenger::AddPageToSweeperIfNecessary(MemoryChunk* page) {

 void Scavenger::ScavengePage(MemoryChunk* page) {
  CodePageMemoryModificationScope memory_modification_scope(page);
+  InvalidatedSlotsFilter filter = InvalidatedSlotsFilter::OldToNew(page);
  RememberedSet<OLD_TO_NEW>::Iterate(
      page,
-      [this](MaybeObjectSlot addr) {
-        return CheckAndScavengeObject(heap_, addr);
+      [this, &filter](MaybeObjectSlot slot) {
+        CHECK(filter.IsValid(slot.address()));
+        return CheckAndScavengeObject(heap_, slot);
      },
      SlotSet::KEEP_EMPTY_BUCKETS);