AuroraMiddleware/v8
1
0
Fork 0
Code Issues 2 Pull Requests Releases Wiki Activity

[deoptimizer] Do not pass arguments markers to the debugger.

Browse Source 
This fixes a bug introduced by r28826 (Unify decoding of deoptimization
translations, https://codereview.chromium.org/1136223004), where we
started leaking arguments marker sentinel to the debugger, which would
then cause crashes. This change replaces the sentinel with the undefined
value in the debugger-inspectable frame.

BUG=chromium:514362
LOG=n
R=yangguo@chromium.org

Review URL: https://codereview.chromium.org/1263333002

Cr-Commit-Position: refs/heads/master@{#29971}
This commit is contained in:
jarin 2015-08-03 03:43:24 -07:00 committed by Commit bot
parent 6ab1f70e12
commit f8dcbf4695
2 changed files with 53 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
src/deoptimizer.cc
View File

@ -2266,7 +2266,12 @@ DeoptimizedFrameInfo::DeoptimizedFrameInfo(Deoptimizer* deoptimizer,
source_position_ = code->SourcePosition(pc);
for (int i = 0; i < expression_count_; i++) {
SetExpression(i, output_frame->GetExpression(i));
Object* value = output_frame->GetExpression(i);
// Replace materialization markers with the undefined value.
if (value == deoptimizer->isolate()->heap()->arguments_marker()) {
value = deoptimizer->isolate()->heap()->undefined_value();
}
SetExpression(i, value);
}
if (has_arguments_adaptor) {
@ -2277,7 +2282,12 @@ DeoptimizedFrameInfo::DeoptimizedFrameInfo(Deoptimizer* deoptimizer,
parameters_count_ = output_frame->ComputeParametersCount();
parameters_ = new Object* [parameters_count_];
for (int i = 0; i < parameters_count_; i++) {
SetParameter(i, output_frame->GetParameter(i));
Object* value = output_frame->GetParameter(i);
// Replace materialization markers with the undefined value.
if (value == deoptimizer->isolate()->heap()->arguments_marker()) {
value = deoptimizer->isolate()->heap()->undefined_value();
}
SetParameter(i, value);
}
}

41
test/mjsunit/debug-materialized.js Normal file
View File

@ -0,0 +1,41 @@
// Copyright 2015 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
// Flags: --allow-natives-syntax --expose-debug-as debug
function dbg(x) {
debugger;
}
function foo() {
arguments[0];
dbg();
}
function bar() {
var t = { a : 1 };
dbg();
return t.a;
}
foo(1);
foo(1);
bar(1);
bar(1);
%OptimizeFunctionOnNextCall(foo);
%OptimizeFunctionOnNextCall(bar);
var Debug = debug.Debug;
Debug.setListener(function(event, exec_state, event_data, data) {
if (event != Debug.DebugEvent.Break) return;
for (var i = 0; i < exec_state.frameCount(); i++) {
var f = exec_state.frame(i);
for (var j = 0; j < f.localCount(); j++) {
print("'" + f.localName(j) + "' = " + f.localValue(j).value());
}
}
});
foo(1);
bar(1);