Avoid SLOW_ASSERT when calling HeapGraphNode::GetChildrenCount

It may occur that GetChildrenCount is called on the node which has no children and stored last in the internal nodes array. In that case HeapEntry::children_arr() would fail when taking address of the element at index children_index_ which is past the last element in the children's array.

BUG=None
LOG=N
R=alph@chromium.org, ulan@chromium.org

Review URL: https://codereview.chromium.org/112623005

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@18378 ce2b1a6d-e550-0410-aec6-3dcde31c8c00

diff --git a/src/heap-snapshot-generator-inl.h b/src/heap-snapshot-generator-inl.h
index 43002d2..582de32 100644 (file)
--- a/src/heap-snapshot-generator-inl.h
+++ b/src/heap-snapshot-generator-inl.h
@@ -59,7 +59,10 @@ int HeapEntry::set_children_index(int index) {
 
 HeapGraphEdge** HeapEntry::children_arr() {
   ASSERT(children_index_ >= 0);
-  return &snapshot_->children()[children_index_];
+  SLOW_ASSERT(children_index_ < snapshot_->children().length() ||
+      (children_index_ == snapshot_->children().length() &&
+       children_count_ == 0));
+  return &snapshot_->children().first() + children_index_;
 }