9691c5cf15
Function prototypes can be lazily allocated. This means they go into the temporary objects set that debug-eval uses to figure out if a write will be side-effect free. We were incorrectly classifying writes to function prototypes as side-effect free because the prototype happened to be lazily allocated when we first accessed it during debug-eval, but was actually reachable from the function (not allocated temporarily). To do this we introduced a way to temporarily turn off the temporary object tracking, and we use it when lazily allocating function prototypes. This could mean that we incorrectly report side-effects when writing to function prototypes for functions which were themselves created during debug-eval side-effect free mode. However, it's unclear if this is a problem, because function declarations set global variables which would already throw due to side-effects. Bug: chromium:1154193 Change-Id: I444a673662095f6deabaafdce3cdf3d86b71446d Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2581968 Reviewed-by: Simon Zünd <szuend@chromium.org> Commit-Queue: Peter Marshall <petermarshall@chromium.org> Cr-Commit-Position: refs/heads/master@{#71692}
60 lines
2.0 KiB
JavaScript
60 lines
2.0 KiB
JavaScript
// Copyright 2018 the V8 project authors. All rights reserved.
|
|
// Use of this source code is governed by a BSD-style license that can be
|
|
// found in the LICENSE file.
|
|
|
|
let {session, contextGroup, Protocol} = InspectorTest.start("Tests that Runtime.evaluate can run without side effects.");
|
|
|
|
session.setupScriptMap();
|
|
contextGroup.addScript(`
|
|
function f() {
|
|
return 2;
|
|
} //# sourceURL=test.js`);
|
|
Protocol.Runtime.enable();
|
|
Protocol.Debugger.enable();
|
|
|
|
Protocol.Debugger.onPaused(message => {
|
|
InspectorTest.log("paused");
|
|
Protocol.Debugger.resume();
|
|
});
|
|
|
|
(async function() {
|
|
InspectorTest.log("Test throwOnSideEffect: false");
|
|
InspectorTest.logMessage(await Protocol.Runtime.evaluate({
|
|
expression: "var x = 2; x;",
|
|
throwOnSideEffect: false
|
|
}));
|
|
|
|
InspectorTest.log("Test prototype extension expression with side-effect, with throwOnSideEffect: true");
|
|
InspectorTest.logMessage(await Protocol.Runtime.evaluate({
|
|
expression: "f.prototype.test = () => console.log('test fn');",
|
|
throwOnSideEffect: true
|
|
}));
|
|
|
|
InspectorTest.log("Test expression with side-effect, with throwOnSideEffect: true");
|
|
InspectorTest.logMessage(await Protocol.Runtime.evaluate({
|
|
expression: "x = 3; x;",
|
|
throwOnSideEffect: true
|
|
}));
|
|
|
|
InspectorTest.log("Test expression without side-effect, with throwOnSideEffect: true");
|
|
InspectorTest.logMessage(await Protocol.Runtime.evaluate({
|
|
expression: "x * 2",
|
|
throwOnSideEffect: true
|
|
}));
|
|
|
|
InspectorTest.log("Test that debug break triggers without throwOnSideEffect");
|
|
await Protocol.Debugger.setBreakpointByUrl({ url: 'test.js', lineNumber: 2 });
|
|
InspectorTest.logMessage(await Protocol.Runtime.evaluate({
|
|
expression: "f()",
|
|
throwOnSideEffect: false
|
|
}));
|
|
|
|
InspectorTest.log("Test that debug break does not trigger with throwOnSideEffect");
|
|
InspectorTest.logMessage(await Protocol.Runtime.evaluate({
|
|
expression: "f()",
|
|
throwOnSideEffect: true
|
|
}));
|
|
|
|
InspectorTest.completeTest();
|
|
})();
|