From: sgjesse@chromium.org <sgjesse@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Date: Tue, 25 May 2010 09:18:08 +0000 (+0000)
Subject: Fix GC issue
X-Git-Tag: upstream/4.7.83~21751
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=10f1cab4bb3cf43eae1c9095eb21c51b1d8ec452;p=platform%2Fupstream%2Fv8.git

Fix GC issue

A raw pointer was used while collecting a stack trace. This was not safe as the code collecting the stack trace allocated memory.
Review URL: http://codereview.chromium.org/2147005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@4712 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
---

diff --git a/src/top.cc b/src/top.cc
index 87dc1f6..516ec67 100644
--- a/src/top.cc
+++ b/src/top.cc
@@ -370,8 +370,7 @@ Local<StackTrace> Top::CaptureCurrentStackTrace(
   v8::HandleScope scope;
   // Ensure no negative values.
   int limit = Max(frame_limit, 0);
-  Handle<JSArray> stackTrace = Factory::NewJSArray(frame_limit);
-  FixedArray* frames = FixedArray::cast(stackTrace->elements());
+  Handle<JSArray> stack_trace = Factory::NewJSArray(frame_limit);
 
   Handle<String> column_key =  Factory::LookupAsciiSymbol("column");
   Handle<String> line_key =  Factory::LookupAsciiSymbol("lineNumber");
@@ -438,13 +437,13 @@ Local<StackTrace> Top::CaptureCurrentStackTrace(
       SetProperty(stackFrame, constructor_key, is_constructor, NONE);
     }
 
-    frames->set(frames_seen, *stackFrame);
+    FixedArray::cast(stack_trace->elements())->set(frames_seen, *stackFrame);
     frames_seen++;
     it.Advance();
   }
 
-  stackTrace->set_length(Smi::FromInt(frames_seen));
-  return scope.Close(Utils::StackTraceToLocal(stackTrace));
+  stack_trace->set_length(Smi::FromInt(frames_seen));
+  return scope.Close(Utils::StackTraceToLocal(stack_trace));
 }