projects / platform / upstream / nodejs.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 648c003) | patch
deps: backport 0d01728 from v8's upstream
authorFedor Indutny <fedor@indutny.com>
Wed, 16 Sep 2015 17:57:30 +0000 (10:57 -0700)
committerJeremiah Senkpiel <fishrock123@rocketmail.com>
Thu, 17 Sep 2015 01:04:07 +0000 (21:04 -0400)
commit94972d5b13a60240b7d1bce74072009c38c502e6
tree07a788e96c85deef18730ab035914c903b558861tree | snapshot
parent648c003e14381005dfe6c9f962af91e55382b63ecommit | diff
deps: backport 0d01728 from v8's upstream

Original commit message:

    [objects] do not visit ArrayBuffer's backing store

    ArrayBuffer's backing store is a pointer to external heap, and
    can't be treated as a heap object. Doing so will result in
    crashes, when the backing store is unaligned.

    See: https://github.com/nodejs/node/issues/2791

    BUG=chromium:530531
    R=mlippautz@chromium.org
    LOG=N

    Review URL: https://codereview.chromium.org/1327403002

    Cr-Commit-Position: refs/heads/master@{#30771}

Fix: https://github.com/nodejs/node/issues/2791
PR-URL: https://github.com/nodejs/node/pull/2912
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Trevor Norris <trev.norris@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
deps/v8/src/heap/mark-compact.cc diff | blob | history
deps/v8/src/heap/objects-visiting-inl.h diff | blob | history
deps/v8/src/heap/store-buffer.cc diff | blob | history
deps/v8/src/objects-inl.h diff | blob | history
deps/v8/src/objects.cc diff | blob | history
deps/v8/src/objects.h diff | blob | history
deps/v8/test/cctest/test-api.cc diff | blob | history
Domain: Web Framework / Common;