Version 3.20.12
Removed buggy ToNumber truncation (partial fix for issue 2813)
Calling Map etc without new should throw TypeError (issue 2819)
Fixed a crash for large code objects on ARM (Chromium issue 2736)
Fixed stale unhandlified value in JSObject::SetPropertyForResult. (Chromium issue 265894)
Added new Harmony methods to String.prototype object. (issue 2796,v8:2797,v8:2798,v8:2799)
Performance and stability improvements on all platforms.
git-svn-id: http://v8.googlecode.com/svn/trunk@16010 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
diff --git a/src/frames.cc b/src/frames.cc
index 61792a6..c17a9d5 100644
--- a/src/frames.cc
+++ b/src/frames.cc
@@ -1521,9 +1521,9 @@
FixedArray* array,
int offset,
int previous_handler_offset) const {
- STATIC_ASSERT(StackHandlerConstants::kSlotCount == 5);
+ STATIC_ASSERT(StackHandlerConstants::kSlotCount >= 5);
ASSERT_LE(0, offset);
- ASSERT_GE(array->length(), offset + 5);
+ ASSERT_GE(array->length(), offset + StackHandlerConstants::kSlotCount);
// Unwinding a stack handler into an array chains it in the opposite
// direction, re-using the "next" slot as a "previous" link, so that stack
// handlers can be later re-wound in the correct order. Decode the "state"
@@ -1542,9 +1542,9 @@
FixedArray* array,
int offset,
Address fp) {
- STATIC_ASSERT(StackHandlerConstants::kSlotCount == 5);
+ STATIC_ASSERT(StackHandlerConstants::kSlotCount >= 5);
ASSERT_LE(0, offset);
- ASSERT_GE(array->length(), offset + 5);
+ ASSERT_GE(array->length(), offset + StackHandlerConstants::kSlotCount);
Smi* prev_handler_offset = Smi::cast(array->get(offset));
Code* code = Code::cast(array->get(offset + 1));
Smi* smi_index = Smi::cast(array->get(offset + 2));
@@ -1560,7 +1560,7 @@
Memory::uintptr_at(address() + StackHandlerConstants::kStateOffset) = state;
Memory::Object_at(address() + StackHandlerConstants::kContextOffset) =
context;
- Memory::Address_at(address() + StackHandlerConstants::kFPOffset) = fp;
+ SetFp(address() + StackHandlerConstants::kFPOffset, fp);
*isolate->handler_address() = address();