From f865cc044ac2d13638f89519ca89c6e59d276d99 Mon Sep 17 00:00:00 2001
From: "hpayer@chromium.org"
 <hpayer@chromium.org@ce2b1a6d-e550-0410-aec6-3dcde31c8c00>
Date: Tue, 10 Jun 2014 12:49:04 +0000
Subject: [PATCH] Relax assertion in
 StoreBuffer::FindPointersToNewSpaceInMapsRegion

Since r21232, maps are now a non-power-of-two size and thus don't fit
evenly into a page.  No test case, as it is somewhat difficult to get
this condition to trigger.  It is possible with this case, however:

    var result;

    (function() {
        for (var i = 0; i < 1e7; i++) {
            result = (function*() { yield 1; })();
            result.foo = 1;
        }
    })();

R=hpayer@chromium.org
BUG=

Review URL: https://codereview.chromium.org/291913002

Patch from Andy Wingo <wingo@igalia.com>.

git-svn-id: https://v8.googlecode.com/svn/branches/bleeding_edge@21744 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
---
 src/store-buffer.cc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/store-buffer.cc b/src/store-buffer.cc
index 3da50f6..5ec3e54 100644
--- a/src/store-buffer.cc
+++ b/src/store-buffer.cc
@@ -450,7 +450,7 @@ void StoreBuffer::FindPointersToNewSpaceInMapsRegion(
   Address map_aligned_end   = MapEndAlign(end);
 
   ASSERT(map_aligned_start == start);
-  ASSERT(map_aligned_end == end);
+  ASSERT(map_aligned_start <= map_aligned_end && map_aligned_end <= end);
 
   FindPointersToNewSpaceInMaps(map_aligned_start,
                                map_aligned_end,
-- 
2.7.4