projects / platform / upstream / v8.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f12e120) | patch
- Fix instance size calculation to ensure that the object cannot
authoriposva@chromium.org <iposva@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Thu, 16 Oct 2008 05:45:33 +0000 (05:45 +0000)
committeriposva@chromium.org <iposva@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Thu, 16 Oct 2008 05:45:33 +0000 (05:45 +0000)
commit6d97b325db7f91b2cdcaf731ea1657c4eaedee50
treedd7beb207268a673ce2ce1cdb47215f6f884fb24tree | snapshot
parentf12e1204631b6bbc3bc0a2a252fe10621e6e3de8commit | diff
- Fix instance size calculation to ensure that the object cannot
  overflow the maximum object size.
- Added a test that will crash previous revisions.

Review URL: http://codereview.chromium.org/7427

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@507 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
src/heap.cc diff | blob | history
src/objects.h diff | blob | history
test/mjsunit/large-object-allocation.js [new file with mode: 0644] blob
Domain: Web Framework / Web Engine;