Back out a26c9e7823e4 (bug 620291), didn't notice it was nanojit
authorPhil Ringnalda <philringnalda@gmail.com>
Sun, 06 Feb 2011 09:32:24 -0800
changeset 62081 8e517eae885d7c628b6c8bb42a08358f35127ba3
parent 62080 a26c9e7823e42821968755cfde2424e44d58fc1c
child 62082 a02c6f4ffe4a0d3e14e14228f128f885c6acb91a
push idunknown
push userunknown
push dateunknown
bugs620291
milestone2.0b11pre
backs outa26c9e7823e42821968755cfde2424e44d58fc1c
Back out a26c9e7823e4 (bug 620291), didn't notice it was nanojit
js/src/nanojit/CodeAlloc.cpp
--- a/js/src/nanojit/CodeAlloc.cpp
+++ b/js/src/nanojit/CodeAlloc.cpp
@@ -209,23 +209,23 @@ namespace nanojit
 
             if ( coalescedBlock->size() >= minAllocSize ) {
                 // Unlink coalescedBlock from the available block chain.
                 if ( availblocks == coalescedBlock ) {
                     removeBlock(availblocks);
                 }
                 else {
                     CodeList* free_block = availblocks;
-                    while (free_block->next != coalescedBlock) {
+                    while ( free_block && free_block->next != coalescedBlock) {
                         NanoAssert(free_block->size() >= minAllocSize);
                         NanoAssert(free_block->isFree);
                         NanoAssert(free_block->next);
                         free_block = free_block->next;
                     }
-                    NanoAssert(free_block->next == coalescedBlock);
+                    NanoAssert(free_block && free_block->next == coalescedBlock);
                     free_block->next = coalescedBlock->next;
                 }
             }
 
             // combine blk->higher into blk (destroy coalescedBlock)
             blk->higher = higher;
             higher->lower = blk;
         }