Fix rare access violation during JS heap serialization.

R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/510013002

Patch from Slava Chigrin <vchigrin@yandex-team.ru>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@23488 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
This commit is contained in:
yangguo@chromium.org 2014-08-28 11:45:20 +00:00
parent 0b1e18c231
commit 6b1dd6b268

View File

@ -1532,7 +1532,8 @@ void Serializer::ObjectSerializer::VisitPointers(Object** start,
current_contents == current[-1]) {
DCHECK(!serializer_->isolate()->heap()->InNewSpace(current_contents));
int repeat_count = 1;
while (current < end - 1 && current[repeat_count] == current_contents) {
while (&current[repeat_count] < end - 1 &&
current[repeat_count] == current_contents) {
repeat_count++;
}
current += repeat_count;