Eliminate invalid pointers in store buffer after marking.

Eliminate invalid pointers in store buffer after marking.

The store buffer can contain stale store buffer entries, i.e., slot in dead objects pointing to new space objects. These slots are treaded as live slots which cause problems with non-pointer fields and makes concurrent sweeping complicated. Removing these pointers from the store buffer before it is used makes life easier.

BUG=

Committed: https://crrev.com/aee169ec65014c651fab81881c12687e62934063
Cr-Commit-Position: refs/heads/master@{#27068}

[Hannes Payer (out of office), 2015-03-06 20:47:00]

hpayer@chromium.org changed reviewers:
+ ishell@chromium.org, ulan@chromium.org

[ulan, 2015-03-09 10:12:48]

lgtm

[Hannes Payer (out of office), 2015-03-09 10:22:58]

The CQ bit was checked by hpayer@chromium.org

[Hannes Payer (out of office), 2015-03-09 10:22:59]

The patchset sent to the CQ was uploaded after l-g-t-m from ulan@chromium.org
Link to the patchset: https://codereview.chromium.org/985453003/#ps80001 (title:
" ")

[Hannes Payer (out of office), 2015-03-09 10:27:42]

The CQ bit was unchecked by hpayer@chromium.org

[Hannes Payer (out of office), 2015-03-09 10:27:42]

The CQ bit was checked by hpayer@chromium.org

[commit-bot: I haz the power, 2015-03-09 10:32:26]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/985453003/80001

[Erik Corry, 2015-03-09 10:39:16]

erik.corry@gmail.com changed reviewers:
+ erik.corry@gmail.com

[Erik Corry, 2015-03-09 10:39:17]

https://codereview.chromium.org/985453003/diff/80001/src/heap/mark-compact.cc
File src/heap/mark-compact.cc (right):

https://codereview.chromium.org/985453003/diff/80001/src/heap/mark-compact.cc...
src/heap/mark-compact.cc:3076: start_index--;
If start_index was zero, it goes negative here, which is going to cause chaos!

[Erik Corry, 2015-03-09 10:46:26]

https://codereview.chromium.org/985453003/diff/80001/src/heap/mark-compact.cc
File src/heap/mark-compact.cc (right):

https://codereview.chromium.org/985453003/diff/80001/src/heap/mark-compact.cc...
src/heap/mark-compact.cc:3095: // Find the first live object in the cell.
Shouldn't this be the _last_ live object in the cell?

[Hannes Payer (out of office), 2015-03-09 10:47:07]

The CQ bit was unchecked by hpayer@chromium.org

[Hannes Payer (out of office), 2015-03-09 11:50:12]

https://codereview.chromium.org/985453003/diff/80001/src/heap/mark-compact.cc
File src/heap/mark-compact.cc (right):

https://codereview.chromium.org/985453003/diff/80001/src/heap/mark-compact.cc...
src/heap/mark-compact.cc:3076: start_index--;
On 2015/03/09 10:39:17, Erik Corry wrote:
> If start_index was zero, it goes negative here, which is going to cause chaos!

start_index will never be zero. It will always be larger or equal than 
Address cell_base = p->area_start();
unsigned int cell_base_start_index = Bitmap::IndexToCell(
       Bitmap::CellAlignIndex(p->AddressToMarkbitIndex(cell_base)));

However, we should not go until 0 but should stop at base_start_index. Changed.

https://codereview.chromium.org/985453003/diff/80001/src/heap/mark-compact.cc...
src/heap/mark-compact.cc:3095: // Find the first live object in the cell.
On 2015/03/09 10:46:26, Erik Corry wrote:
> Shouldn't this be the _last_ live object in the cell?

Done. It depends on your point of view.

[Hannes Payer (out of office), 2015-03-09 11:50:52]

The CQ bit was checked by hpayer@chromium.org

[Hannes Payer (out of office), 2015-03-09 11:50:53]

The patchset sent to the CQ was uploaded after l-g-t-m from ulan@chromium.org
Link to the patchset: https://codereview.chromium.org/985453003/#ps80002 (title:
" ")

[commit-bot: I haz the power, 2015-03-09 11:51:36]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/985453003/80002

[Hannes Payer (out of office), 2015-03-09 11:53:00]

The CQ bit was unchecked by hpayer@chromium.org

[Igor Sheludko, 2015-03-09 11:54:33]

lgtm

[Erik Corry, 2015-03-09 12:15:51]

LGTM!

https://codereview.chromium.org/985453003/diff/150001/src/heap/mark-compact.cc
File src/heap/mark-compact.cc (right):

https://codereview.chromium.org/985453003/diff/150001/src/heap/mark-compact.c...
src/heap/mark-compact.cc:3113: // If the slot is within the first found object
in the cell, the slot is
I think first/last here should match the comment above.

[Hannes Payer (out of office), 2015-03-09 12:26:18]

https://codereview.chromium.org/985453003/diff/150001/src/heap/mark-compact.cc
File src/heap/mark-compact.cc (right):

https://codereview.chromium.org/985453003/diff/150001/src/heap/mark-compact.c...
src/heap/mark-compact.cc:3113: // If the slot is within the first found object
in the cell, the slot is
On 2015/03/09 12:15:50, Erik Corry wrote:
> I think first/last here should match the comment above.

Done.

[Hannes Payer (out of office), 2015-03-09 12:26:24]

The CQ bit was checked by hpayer@chromium.org

[Hannes Payer (out of office), 2015-03-09 12:26:24]

The patchset sent to the CQ was uploaded after l-g-t-m from ishell@chromium.org,
ulan@chromium.org, erik.corry@gmail.com
Link to the patchset: https://codereview.chromium.org/985453003/#ps170001
(title: " ")

[commit-bot: I haz the power, 2015-03-09 12:26:56]

CQ is trying da patch. Follow status at
 https://chromium-cq-status.appspot.com/patch-status/985453003/170001

[commit-bot: I haz the power, 2015-03-09 12:49:55]

Committed patchset #10 (id:170001)

[commit-bot: I haz the power, 2015-03-09 12:50:05]

Patchset 10 (id:??) landed as
https://crrev.com/aee169ec65014c651fab81881c12687e62934063
Cr-Commit-Position: refs/heads/master@{#27068}