Fix uploaded ...
https://codereview.chromium.org/14794007/diff/3001/src/objects.cc
File src/objects.cc (right):
https://codereview.chromium.org/14794007/diff/3001/src/objects.cc#newcode8998
src/objects.cc:8998: new_code_map = FACTORY->NewFixedArray(new_length);
On 2013/05/14 18:25:05, Michael Starzinger wrote:
There is a bug in this part of the code as the call to
Factory::NewFixedArray
might trigger a GC and hence cause trimming of old_code_map. This
means that the
below call to Heap::CopyTo might copy beyond the actual array. This is
covered
by our tests only on ARM in release mode due to different GC timings.
I am going
to work on a fix tomorrow.
Fixed in patch set 3.
https://codereview.chromium.org/14794007/
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
