Use the HeapObjectIterator to scan-on-scavenge map pages.

Deserializing the partial snapshot may prematurely stop using a map page, adding a free-space filler at the end. Scan-on-scavenge of map-space did not expect anything but maps, and would interpret the uninitialized memory as pointers. Using the heap iterator we can skip over free space and only visit maps.

BUG=390732
LOG=y
R=hpayer@chromium.org

Review URL: https://codereview.chromium.org/364063007

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@22208 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

src/store-buffer.cc

@@ -417,49 +417,6 @@ static inline Address MapEndAlign(Address addr) {
 }
 
 
-void StoreBuffer::FindPointersToNewSpaceInMaps(
-    Address start,
-    Address end,
-    ObjectSlotCallback slot_callback,
-    bool clear_maps) {
-  ASSERT(MapStartAlign(start) == start);
-  ASSERT(MapEndAlign(end) == end);
-
-  Address map_address = start;
-  while (map_address < end) {
-    ASSERT(!heap_->InNewSpace(Memory::Object_at(map_address)));
-    ASSERT(Memory::Object_at(map_address)->IsMap());
-
-    Address pointer_fields_start = map_address + Map::kPointerFieldsBeginOffset;
-    Address pointer_fields_end = map_address + Map::kPointerFieldsEndOffset;
-
-    FindPointersToNewSpaceInRegion(pointer_fields_start,
-                                   pointer_fields_end,
-                                   slot_callback,
-                                   clear_maps);
-    map_address += Map::kSize;
-  }
-}
-
-
-void StoreBuffer::FindPointersToNewSpaceInMapsRegion(
-    Address start,
-    Address end,
-    ObjectSlotCallback slot_callback,
-    bool clear_maps) {
-  Address map_aligned_start = MapStartAlign(start);
-  Address map_aligned_end   = MapEndAlign(end);
-
-  ASSERT(map_aligned_start == start);
-  ASSERT(map_aligned_start <= map_aligned_end && map_aligned_end <= end);
-
-  FindPointersToNewSpaceInMaps(map_aligned_start,
-                               map_aligned_end,
-                               slot_callback,
-                               clear_maps);
-}
-
-
 void StoreBuffer::IteratePointersInStoreBuffer(
     ObjectSlotCallback slot_callback,
     bool clear_maps) {
@@ -549,8 +506,18 @@ void StoreBuffer::IteratePointersToNewSpace(ObjectSlotCallback slot_callback,
           Address start = page->area_start();
           Address end = page->area_end();
           if (owner == heap_->map_space()) {
-            FindPointersToNewSpaceInMapsRegion(
-                start, end, slot_callback, clear_maps);
+            ASSERT(page->WasSweptPrecisely());
+            HeapObjectIterator iterator(page, NULL);
+            for (HeapObject* heap_object = iterator.Next(); heap_object != NULL;
+                 heap_object = iterator.Next()) {
+              // We skip free space objects.
+              if (!heap_object->IsFiller()) {
+                FindPointersToNewSpaceInRegion(
+                    heap_object->address() + HeapObject::kHeaderSize,
+                    heap_object->address() + heap_object->Size(), slot_callback,
+                    clear_maps);
+              }
+            }
           } else {
             FindPointersToNewSpaceInRegion(
                 start, end, slot_callback, clear_maps);

src/store-buffer.h

@@ -167,18 +167,6 @@ class StoreBuffer {
       RegionCallback region_callback,
       ObjectSlotCallback slot_callback);
 
-  void FindPointersToNewSpaceInMaps(
-    Address start,
-    Address end,
-    ObjectSlotCallback slot_callback,
-    bool clear_maps);
-
-  void FindPointersToNewSpaceInMapsRegion(
-    Address start,
-    Address end,
-    ObjectSlotCallback slot_callback,
-    bool clear_maps);
-
   void IteratePointersInStoreBuffer(ObjectSlotCallback slot_callback,
                                     bool clear_maps);