Don't record slots of objects that may contain raw values.

BUG=
R=mstarzinger@chromium.org, yangguo@chromium.org

Review URL: https://codereview.chromium.org/555783002

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23791 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

src/heap/mark-compact.cc

@@ -2898,10 +2898,7 @@ void MarkCompactCollector::MigrateObject(HeapObject* dst, HeapObject* src,
 
       Memory::Object_at(dst_slot) = value;
 
-      // We special case ConstantPoolArrays below since they could contain
-      // integers value entries which look like tagged pointers.
-      // TODO(mstarzinger): restructure this code to avoid this special-casing.
-      if (!src->IsConstantPoolArray()) {
+      if (!src->MayContainRawValues()) {
         RecordMigratedSlot(value, dst_slot);
       }
 
@@ -2919,6 +2916,9 @@ void MarkCompactCollector::MigrateObject(HeapObject* dst, HeapObject* src,
                            SlotsBuffer::IGNORE_OVERFLOW);
       }
     } else if (dst->IsConstantPoolArray()) {
+      // We special case ConstantPoolArrays since they could contain integers
+      // value entries which look like tagged pointers.
+      // TODO(mstarzinger): restructure this code to avoid this special-casing.
       ConstantPoolArray* array = ConstantPoolArray::cast(dst);
       ConstantPoolArray::Iterator code_iter(array, ConstantPoolArray::CODE_PTR);
       while (!code_iter.is_finished()) {

src/heap/store-buffer.cc

@@ -507,7 +507,7 @@ void StoreBuffer::IteratePointersToNewSpace(ObjectSlotCallback slot_callback,
             for (HeapObject* heap_object = iterator.Next(); heap_object != NULL;
                  heap_object = iterator.Next()) {
               // We iterate over objects that contain new space pointers only.
-              if (heap_object->MayContainNewSpacePointers()) {
+              if (!heap_object->MayContainRawValues()) {
                 FindPointersToNewSpaceInRegion(
                     heap_object->address() + HeapObject::kHeaderSize,
                     heap_object->address() + heap_object->Size(), slot_callback,

src/objects-inl.h

@@ -1473,21 +1473,22 @@ int HeapObject::Size() {
 }
 
 
-bool HeapObject::MayContainNewSpacePointers() {
+bool HeapObject::MayContainRawValues() {
   InstanceType type = map()->instance_type();
   if (type <= LAST_NAME_TYPE) {
     if (type == SYMBOL_TYPE) {
-      return true;
+      return false;
     }
     DCHECK(type < FIRST_NONSTRING_TYPE);
     // There are four string representations: sequential strings, external
     // strings, cons strings, and sliced strings.
-    // Only the latter two contain non-map-word pointers to heap objects.
-    return ((type & kIsIndirectStringMask) == kIsIndirectStringTag);
+    // Only the former two contain raw values and no heap pointers (besides the
+    // map-word).
+    return ((type & kIsIndirectStringMask) != kIsIndirectStringTag);
   }
-  // The ConstantPoolArray contains heap pointers, but not new space pointers.
-  if (type == CONSTANT_POOL_ARRAY_TYPE) return false;
-  return (type > LAST_DATA_TYPE);
+  // The ConstantPoolArray contains heap pointers, but also raw values.
+  if (type == CONSTANT_POOL_ARRAY_TYPE) return true;
+  return (type <= LAST_DATA_TYPE);
 }
 
 

src/objects.h

@@ -1740,9 +1740,9 @@ class HeapObject: public Object {
   // Returns the heap object's size in bytes
   inline int Size();
 
-  // Returns true if this heap object may contain pointers to objects in new
-  // space.
-  inline bool MayContainNewSpacePointers();
+  // Returns true if this heap object may contain raw values, i.e., values that
+  // look like pointers to heap objects.
+  inline bool MayContainRawValues();
 
   // Given a heap object's map pointer, returns the heap size in bytes
   // Useful when the map pointer field is used for other purposes.