[debug] Use context isolate when creating PropertyIterator

Objects in the shared heap do not have a usable Isolate (i.e. it cannot execute code or have HandleScopes). PropertyIterator should be using the currently executing Isolate via the Context instead. Bug: chromium:1379616 Change-Id: I7ac87519ef4aa901ef7b71e00f98c2cba66e725b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3997702 Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Shu-yu Guo <syg@chromium.org> Cr-Commit-Position: refs/heads/main@{#84052}
2022-11-01 14:44:29 -07:00 · 2022-11-01 14:44:29 -07:00 · 4ac96c3ff8
commit 4ac96c3ff8
parent 49afdd90b2
3 changed files with 47 additions and 1 deletions
--- a/src/debug/debug-interface.cc
+++ b/src/debug/debug-interface.cc
@ -1404,7 +1404,7 @@ void NotifyDebuggerPausedEventSent(v8::Isolate* v8_isolate) {
 std::unique_ptr<PropertyIterator> PropertyIterator::Create(
    Local<Context> context, Local<Object> object, bool skip_indices) {
  internal::Isolate* isolate =
-      reinterpret_cast<i::Isolate*>(object->GetIsolate());
+      reinterpret_cast<i::Isolate*>(context->GetIsolate());
  if (isolate->is_execution_terminating()) {
    return nullptr;
  }
--- a/test/unittests/debug/debug-property-iterator-unittest.cc
+++ b/test/unittests/debug/debug-property-iterator-unittest.cc
@ -148,6 +148,40 @@ TEST_F(DebugPropertyIteratorTest, SkipsIndicesOnTypedArrays) {
  }
 }

+#if V8_CAN_CREATE_SHARED_HEAP_BOOL
+
+using SharedObjectDebugPropertyIteratorTest = TestJSSharedMemoryWithContext;
+
+TEST_F(SharedObjectDebugPropertyIteratorTest, SharedStruct) {
+  TryCatch try_catch(isolate());
+
+  const char source_text[] =
+      "let S = new SharedStructType(['field', 'another_field']);"
+      "new S();";
+
+  auto shared_struct =
+      RunJS(context(), source_text)->ToObject(context()).ToLocalChecked();
+  auto iterator = PropertyIterator::Create(context(), shared_struct);
+
+  ASSERT_NE(iterator, nullptr);
+  ASSERT_FALSE(iterator->Done());
+  EXPECT_TRUE(iterator->is_own());
+  char name_buffer[64];
+  iterator->name().As<v8::String>()->WriteUtf8(isolate(), name_buffer);
+  EXPECT_EQ("field", std::string(name_buffer));
+  ASSERT_TRUE(iterator->Advance().FromMaybe(false));
+
+  ASSERT_FALSE(iterator->Done());
+  EXPECT_TRUE(iterator->is_own());
+  iterator->name().As<v8::String>()->WriteUtf8(isolate(), name_buffer);
+  EXPECT_EQ("another_field", std::string(name_buffer));
+  ASSERT_TRUE(iterator->Advance().FromMaybe(false));
+
+  ASSERT_FALSE(iterator->Done());
+}
+
+#endif  // V8_CAN_CREATE_SHARED_HEAP_BOOL
+
 }  // namespace
 }  // namespace debug
 }  // namespace v8
--- a/test/unittests/test-utils.h
+++ b/test/unittests/test-utils.h
@ -300,6 +300,18 @@ using TestWithContext =                    //
                WithDefaultPlatformMixin<  //
                    ::testing::Test>>>>;

+// Use v8::internal::TestJSSharedMemoryWithNativeContext if you are testing
+// internals, aka. directly work with Handles.
+//
+// Using this will FATAL when !V8_CAN_CREATE_SHARED_HEAP_BOOL
+using TestJSSharedMemoryWithContext =                     //
+    WithContextMixin<                                     //
+        WithIsolateScopeMixin<                            //
+            WithIsolateMixin<                             //
+                WithDefaultPlatformMixin<                 //
+                    WithJSSharedMemoryFeatureFlagsMixin<  //
+                        ::testing::Test>>>>>;
+
 class PrintExtension : public v8::Extension {
 public:
  PrintExtension() : v8::Extension("v8/print", "native function print();") {}