Reviewers: Mads Ager, Description: Skip the context extension object when locating objects referenced from another object (the right way).
BUG=211 Please review this at http://codereview.chromium.org/18857 SVN Base: http://v8.googlecode.com/svn/branches/bleeding_edge/ Affected files: M src/runtime.cc M test/mjsunit/debug-referenced-by.js Index: test/mjsunit/debug-referenced-by.js =================================================================== --- test/mjsunit/debug-referenced-by.js (revision 1159) +++ test/mjsunit/debug-referenced-by.js (working copy) @@ -87,9 +87,7 @@ // Adds a reference when set. h("x_ = a"); var x = mirror.referencedBy(); -// TODO(1323070) This should be 7 and not 8. 8 is caused by the context -// extension object beeing part of the result. -assertEquals(8, mirror.referencedBy().length); +assertEquals(7, mirror.referencedBy().length); // Removes a reference when cleared. h("x_ = null"); assertEquals(6, mirror.referencedBy().length); Index: src/runtime.cc =================================================================== --- src/runtime.cc (revision 1159) +++ src/runtime.cc (working copy) @@ -5753,7 +5753,7 @@ // Skip context extension objects and argument arrays as these are // checked in the context of functions using them. JSObject* obj = JSObject::cast(heap_obj); - if (obj->map()->constructor() == context_extension_function || + if (heap_obj->IsJSContextExtensionObject() || obj->map()->constructor() == arguments_function) { continue; } --~--~---------~--~----~------------~-------~--~----~ v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev -~----------~----~----~----~------~----~------~--~---
