From d51834ad5e3cebfe92eeaeec0a1dd46d284800c6 Mon Sep 17 00:00:00 2001
From: "sgjesse@chromium.org"
 <sgjesse@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Date: Mon, 11 Jul 2011 09:35:18 +0000
Subject: [PATCH] Fix heap corruption and memory leakage in inspection of
 optimized frames.

R=ricow@chromium.org

BUG=none
TEST=test/mjsunit/debug-evaluate-arguments.js

Review URL: http://codereview.chromium.org//7334005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@8590 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
---
 src/deoptimizer.cc | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/src/deoptimizer.cc b/src/deoptimizer.cc
index e0651c7..175ee6e 100644
--- a/src/deoptimizer.cc
+++ b/src/deoptimizer.cc
@@ -1445,7 +1445,7 @@ DeoptimizedFrameInfo::DeoptimizedFrameInfo(
   SetFunction(output_frame->GetFunction());
   expression_count_ = output_frame->GetExpressionCount(deoptimizer);
   parameters_count_ = output_frame->ComputeParametersCount();
-  parameters_ = new Object*[expression_count_];
+  parameters_ = new Object*[parameters_count_];
   for (int i = 0; i < parameters_count_; i++) {
     SetParameter(i, output_frame->GetParameter(deoptimizer, i));
   }
@@ -1457,7 +1457,8 @@ DeoptimizedFrameInfo::DeoptimizedFrameInfo(
 
 
 DeoptimizedFrameInfo::~DeoptimizedFrameInfo() {
-  delete expression_stack_;
+  delete[] expression_stack_;
+  delete[] parameters_;
 }
 
 void DeoptimizedFrameInfo::Iterate(ObjectVisitor* v) {
-- 
2.7.4