v8/test/inspector/runtime/evaluate-repl-mode-side-effecting-array-join.js
jameslahm 031b98b25c [runtime] Clear array join stack when throwing uncatchable
... exception.

Array#join depends array_join_stack to avoid infinite loop
and ensures symmetric pushes/pops through catch blocks to
correctly maintain the elements in the join stack.
However, the stack does not pop the elements and leaves in
an invalid state when throwing the uncatchable termination
exception. And the invalid join stack state will affect
subsequent Array#join calls. Because all the terminate
exception will be handled by Isolate::UnwindAndFindHandler,
we could clear the array join stack when unwinding the terminate
exception.

Bug: v8:13259
Change-Id: I23823e823c5fe0b089528c5cf654864cea78ebeb
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3878451
Reviewed-by: Jakob Linke <jgruber@chromium.org>
Commit-Queue: 王澳 <wangao.james@bytedance.com>
Cr-Commit-Position: refs/heads/main@{#83465}
2022-09-28 07:40:55 +00:00

33 lines
917 B
JavaScript

// Copyright 2022 the V8 project authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
let {Protocol} = InspectorTest.start(
'Tests that Runtime.evaluate with REPL mode correctly handles \
Array.prototype.join.');
Protocol.Runtime.enable();
(async function () {
await evaluateReplWithSideEffects('a=[/a/]')
await evaluateRepl('a.toString()');
await evaluateReplWithSideEffects('a.toString()');
InspectorTest.completeTest();
})();
async function evaluateRepl(expression) {
InspectorTest.logMessage(await Protocol.Runtime.evaluate({
expression: expression,
replMode: true,
throwOnSideEffect: true
}));
}
async function evaluateReplWithSideEffects(expression) {
InspectorTest.logMessage(await Protocol.Runtime.evaluate({
expression: expression,
replMode: true,
throwOnSideEffect: false
}));
}