Reviewers: danno,
Description:
Fix off-by-one-pointer error in an ASSERT inside DeferredHandles::Iterate.
This will crash v8 in debug mode if the compilation prologue allocates
an exact multiple of kHandleBlockSize handles.
BUG=
TEST=
Please review this at http://codereview.chromium.org/10689191/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files:
M src/api.cc
Index: src/api.cc
diff --git a/src/api.cc b/src/api.cc
index
4b1a3a1618228faa480cb0cd686042e359e85472..72dfc647fb3ae7990106a09e8f06918c42649e51
100644
--- a/src/api.cc
+++ b/src/api.cc
@@ -6514,7 +6514,7 @@ void DeferredHandles::Iterate(ObjectVisitor* v) {
ASSERT(!blocks_.is_empty());
ASSERT((first_block_limit_ >= blocks_.first()) &&
- (first_block_limit_ < &(blocks_.first())[kHandleBlockSize]));
+ (first_block_limit_ <= &(blocks_.first())[kHandleBlockSize]));
v->VisitPointers(blocks_.first(), first_block_limit_);
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
