[turbofan] Add framestate to JSPerformPromiseThen operator

The framestate is necessary, because the PerformPromiseThen builtin
calls into the runtime function PromiseRevokeReject, which ultimately
calls back into the embedder. Node may execute JavaScript in the callback,
and the missing framestate can then make our stack frame walker unhappy.

Bug: v8:7659
Change-Id: I47391fd2b9b3c10ef26204a41e58f8082243c702
Reviewed-on: https://chromium-review.googlesource.com/1015361
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Sigurd Schneider <sigurds@chromium.org>
Cr-Commit-Position: refs/heads/master@{#52663}
This commit is contained in:
Sigurd Schneider 2018-04-17 19:18:48 +02:00 committed by Commit Bot
parent b4a43097cd
commit 50212e4d87
2 changed files with 5 additions and 3 deletions

View File

@ -5840,6 +5840,7 @@ Reduction JSCallReducer::ReducePromisePrototypeThen(Node* node) {
Node* context = NodeProperties::GetContextInput(node);
Node* effect = NodeProperties::GetEffectInput(node);
Node* control = NodeProperties::GetControlInput(node);
Node* frame_state = NodeProperties::GetFrameStateInput(node);
// Check that promises aren't being observed through (debug) hooks.
if (!isolate()->IsPromiseHookProtectorIntact()) return NoChange();
@ -5898,9 +5899,9 @@ Reduction JSCallReducer::ReducePromisePrototypeThen(Node* node) {
graph()->NewNode(javascript()->CreatePromise(), context, effect);
// Chain {result} onto {receiver}.
result = effect = graph()->NewNode(javascript()->PerformPromiseThen(),
receiver, on_fulfilled, on_rejected,
result, context, effect, control);
result = effect = graph()->NewNode(
javascript()->PerformPromiseThen(), receiver, on_fulfilled, on_rejected,
result, context, frame_state, effect, control);
ReplaceWithValue(node, result, effect, control);
return Replace(result);
}

View File

@ -119,6 +119,7 @@ bool OperatorProperties::HasFrameStateInput(const Operator* op) {
case IrOpcode::kJSPromiseResolve:
case IrOpcode::kJSRejectPromise:
case IrOpcode::kJSResolvePromise:
case IrOpcode::kJSPerformPromiseThen:
return true;
default: