Added another check in SafeStackFrameIterator.

While playing with profiling in debug version of Chrome, I encontered a
case when assertion in StackHandlerIterator failed.

Review URL: http://codereview.chromium.org/65005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@1693 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

src/frames.cc

@@ -208,7 +208,9 @@ void SafeStackFrameIterator::Advance() {
   StackFrame* last_frame = iterator_.frame();
   Address last_sp = last_frame->sp(), last_fp = last_frame->fp();
   // Before advancing to the next stack frame, perform pointer validity tests
-  iteration_done_ = !IsValidFrame(last_frame) || !IsValidCaller(last_frame);
+  iteration_done_ = !IsValidFrame(last_frame) ||
+      !CanIterateHandles(last_frame, iterator_.handler()) ||
+      !IsValidCaller(last_frame);
   if (iteration_done_) return;
 
   iterator_.Advance();
@@ -219,6 +221,15 @@ void SafeStackFrameIterator::Advance() {
 }
 
 
+bool SafeStackFrameIterator::CanIterateHandles(StackFrame* frame,
+                                               StackHandler* handler) {
+  // If StackIterator iterates over StackHandles, verify that
+  // StackHandlerIterator can be instantiated (see StackHandlerIterator
+  // constructor.)
+  return !is_valid_top_ || (frame->sp() <= handler->address());
+}
+
+
 bool SafeStackFrameIterator::IsValidFrame(StackFrame* frame) const {
   return IsValidStackAddress(frame->sp()) && IsValidStackAddress(frame->fp()) &&
       // JavaScriptFrame uses function shared info to advance, hence it must

src/frames.h

@@ -638,6 +638,7 @@ class SafeStackFrameIterator BASE_EMBEDDED {
   bool IsValidStackAddress(Address addr) const {
     return IsWithinBounds(low_bound_, high_bound_, addr);
   }
+  bool CanIterateHandles(StackFrame* frame, StackHandler* handler);
   bool IsValidFrame(StackFrame* frame) const;
   bool IsValidCaller(StackFrame* frame);