[heap] Fine-tune write barrier for strong references

There is no need to remove an object pointer's heap object
tag when all we want is the Page that it's on. Also, apply
to IncrementalMarking's writebarrier the optimization that
crrev.com/e570e67383577c7f5ab6da7beb68631bab4ba75d brought
to the old-to-new barrier.

Change-Id: Ic9328d7d6f5c01073288a3e87931ea6095750740
Reviewed-on: https://chromium-review.googlesource.com/1029413
Commit-Queue: Jakob Kummerow <jkummerow@chromium.org>
Reviewed-by: Ulan Degenbaev <ulan@chromium.org>
Reviewed-by: Hannes Payer <hpayer@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52824}

src/heap/heap-inl.h

@@ -326,7 +326,7 @@ bool Heap::InNewSpace(MaybeObject* object) {
 
 bool Heap::InNewSpace(HeapObject* heap_object) {
   // Inlined check from NewSpace::Contains.
-  bool result = Page::FromAddress(heap_object->address())->InNewSpace();
+  bool result = MemoryChunk::FromHeapObject(heap_object)->InNewSpace();
   DCHECK(!result ||                 // Either not in new space
          gc_state_ != NOT_IN_GC ||  // ... or in the middle of GC
          InToSpace(heap_object));   // ... or in to-space (where we allocate).
@@ -345,7 +345,7 @@ bool Heap::InFromSpace(MaybeObject* object) {
 }
 
 bool Heap::InFromSpace(HeapObject* heap_object) {
-  return MemoryChunk::FromAddress(heap_object->address())
+  return MemoryChunk::FromHeapObject(heap_object)
       ->IsFlagSet(Page::IN_FROM_SPACE);
 }
 
@@ -361,8 +361,7 @@ bool Heap::InToSpace(MaybeObject* object) {
 }
 
 bool Heap::InToSpace(HeapObject* heap_object) {
-  return MemoryChunk::FromAddress(heap_object->address())
-      ->IsFlagSet(Page::IN_TO_SPACE);
+  return MemoryChunk::FromHeapObject(heap_object)->IsFlagSet(Page::IN_TO_SPACE);
 }
 
 bool Heap::InOldSpace(Object* object) { return old_space_->Contains(object); }
@@ -385,9 +384,8 @@ bool Heap::ShouldBePromoted(Address old_address) {
 void Heap::RecordWrite(Object* object, Object** slot, Object* value) {
   DCHECK(!HasWeakHeapObjectTag(*slot));
   DCHECK(!HasWeakHeapObjectTag(value));
-  if (!InNewSpace(value) || !object->IsHeapObject() || InNewSpace(object)) {
-    return;
-  }
+  DCHECK(object->IsHeapObject());  // Can't write to slots of a Smi.
+  if (!InNewSpace(value) || InNewSpace(HeapObject::cast(object))) return;
   store_buffer()->InsertEntry(reinterpret_cast<Address>(slot));
 }
 

src/heap/incremental-marking-inl.h

@@ -17,8 +17,10 @@ void IncrementalMarking::RecordWrite(HeapObject* obj, Object** slot,
                                      Object* value) {
   DCHECK_IMPLIES(slot != nullptr, !HasWeakHeapObjectTag(*slot));
   DCHECK(!HasWeakHeapObjectTag(value));
-  RecordMaybeWeakWrite(obj, reinterpret_cast<MaybeObject**>(slot),
-                       reinterpret_cast<MaybeObject*>(value));
+  if (IsMarking() && value->IsHeapObject()) {
+    RecordWriteSlow(obj, reinterpret_cast<HeapObjectReference**>(slot),
+                    HeapObject::cast(value));
+  }
 }
 
 void IncrementalMarking::RecordMaybeWeakWrite(HeapObject* obj,

src/heap/spaces.h

@@ -409,6 +409,11 @@ class MemoryChunk {
   static MemoryChunk* FromAddress(Address a) {
     return reinterpret_cast<MemoryChunk*>(OffsetFrom(a) & ~kAlignmentMask);
   }
+  // Only works if the object is in the first kPageSize of the MemoryChunk.
+  static MemoryChunk* FromHeapObject(HeapObject* o) {
+    return reinterpret_cast<MemoryChunk*>(reinterpret_cast<Address>(o) &
+                                          ~kAlignmentMask);
+  }
 
   static inline MemoryChunk* FromAnyPointerAddress(Heap* heap, Address addr);