Reviewers: yurys, loislo, Dmitry Lomov (chromium),
Message:
ptal
Description:
Fix heap snapshot crash when JSArrayBuffer has no backing_store.
LOG=N
BUG=344239
Please review this at https://codereview.chromium.org/169393004/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files (+2, -0 lines):
M src/heap-snapshot-generator.cc
Index: src/heap-snapshot-generator.cc
diff --git a/src/heap-snapshot-generator.cc b/src/heap-snapshot-generator.cc
index
71362ffc0d36b4a2dc4c405762aea6a270136c5b..8a9b0d6b3d3d2cb2dd4785e0f1cebfd58d2a0b13
100644
--- a/src/heap-snapshot-generator.cc
+++ b/src/heap-snapshot-generator.cc
@@ -1464,6 +1464,8 @@ void V8HeapExplorer::ExtractJSArrayBufferReferences(
"weak_first_view", buffer->weak_first_view(),
JSArrayBuffer::kWeakFirstViewOffset);
// Setup a reference to a native memory backing_store object.
+ if (!buffer->backing_store())
+ return;
size_t data_size = NumberToSize(heap_->isolate(), buffer->byte_length());
CHECK(data_size <= static_cast<size_t>(kMaxInt));
HeapEntry* data_entry = AddEntry(
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
