From ebcecd49af5aaa894bb1ea71ba4789d00890054b Mon Sep 17 00:00:00 2001
From: "yangguo@chromium.org"
 <yangguo@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Date: Mon, 18 Mar 2013 11:26:09 +0000
Subject: [PATCH] Parallel recompilation: fix off-by-one in deferred handle
 scope iteration.

R=jkummerow@chromium.org
BUG=

Review URL: https://chromiumcodereview.appspot.com/12650005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@13962 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
---
 src/api.cc               |  2 +-
 src/compiler.cc          |  4 ++--
 test/cctest/test-heap.cc | 28 ++++++++++++++++++++++++++++
 3 files changed, 31 insertions(+), 3 deletions(-)

diff --git a/src/api.cc b/src/api.cc
index d2c1402..136a7f2 100644
--- a/src/api.cc
+++ b/src/api.cc
@@ -6971,7 +6971,7 @@ void HandleScopeImplementer::IterateThis(ObjectVisitor* v) {
   for (int i = blocks()->length() - 2; i >= 0; --i) {
     Object** block = blocks()->at(i);
     if (last_handle_before_deferred_block_ != NULL &&
-        (last_handle_before_deferred_block_ < &block[kHandleBlockSize]) &&
+        (last_handle_before_deferred_block_ <= &block[kHandleBlockSize]) &&
         (last_handle_before_deferred_block_ >= block)) {
       v->VisitPointers(block, last_handle_before_deferred_block_);
       ASSERT(!found_block_before_deferred);
diff --git a/src/compiler.cc b/src/compiler.cc
index e51fb42..21ea25f 100644
--- a/src/compiler.cc
+++ b/src/compiler.cc
@@ -943,11 +943,11 @@ void Compiler::RecompileParallel(Handle<JSFunction> closure) {
             new(info->zone()) OptimizingCompiler(*info);
         OptimizingCompiler::Status status = compiler->CreateGraph();
         if (status == OptimizingCompiler::SUCCEEDED) {
+          info.Detach();
+          shared->code()->set_profiler_ticks(0);
           // Do a scavenge to put off the next scavenge as far as possible.
           // This may ease the issue that GVN blocks the next scavenge.
           isolate->heap()->CollectGarbage(NEW_SPACE, "parallel recompile");
-          shared->code()->set_profiler_ticks(0);
-          info.Detach();
           isolate->optimizing_compiler_thread()->QueueForOptimization(compiler);
         } else if (status == OptimizingCompiler::BAILED_OUT) {
           isolate->clear_pending_exception();
diff --git a/test/cctest/test-heap.cc b/test/cctest/test-heap.cc
index e1da9ef..a710385 100644
--- a/test/cctest/test-heap.cc
+++ b/test/cctest/test-heap.cc
@@ -3017,3 +3017,31 @@ TEST(Regress173458) {
   heap->CollectAllGarbage(Heap::kNoGCFlags);
   heap->CollectAllGarbage(Heap::kNoGCFlags);
 }
+
+
+class DummyVisitor : public ObjectVisitor {
+ public:
+  void VisitPointers(Object** start, Object** end) { }
+};
+
+
+TEST(DeferredHandles) {
+  InitializeVM();
+  Isolate* isolate = Isolate::Current();
+  Heap* heap = isolate->heap();
+  v8::HandleScope scope;
+  v8::ImplementationUtilities::HandleScopeData* data =
+      isolate->handle_scope_data();
+  Handle<Object> init(heap->empty_string(), isolate);
+  while (data->next < data->limit) {
+    Handle<Object> obj(heap->empty_string(), isolate);
+  }
+  // An entire block of handles has been filled.
+  // Next handle would require a new block.
+  ASSERT(data->next == data->limit);
+
+  DeferredHandleScope deferred(isolate);
+  DummyVisitor visitor;
+  isolate->handle_scope_implementer()->Iterate(&visitor);
+  deferred.Detach();
+}
-- 
2.7.4