LGTM with a few extra checks.
http://codereview.chromium.org/342015/diff/4001/5001 File src/runtime.cc (right): http://codereview.chromium.org/342015/diff/4001/5001#newcode3806 Line 3806: // This assumpsion is used by the slice encoding in one or two smis. assumpsion -> assumption http://codereview.chromium.org/342015/diff/4001/5001#newcode3849 Line 3849: i++; // Skip position Needs to be checked for type/range. http://codereview.chromium.org/342015/diff/4001/5002 File src/string.js (right): http://codereview.chromium.org/342015/diff/4001/5002#newcode2 Line 2: // modification, are permitted provided that the following conditions are This looks unintentional. http://codereview.chromium.org/342015/diff/4001/5002#newcode812 Line 812: if (start >= 0 && len > 0 && start < 0x80000 && len < 0x800) { Start and len will never be < 0 so we should omit this test. http://codereview.chromium.org/342015 --~--~---------~--~----~------------~-------~--~----~ v8-dev mailing list [email protected] http://groups.google.com/group/v8-dev -~----------~----~----~----~------~----~------~--~---
