Reviewers: Yang,
Message:
As dicussed offline, the stack traces are still bogus in this case, but at
least
it doesn't crash anymore.
Description:
Handle captured objects in OptimizedFrame::Summarize.
[email protected]
BUG=v8:3029
TEST=mjsunit/regress/regress-3029
Please review this at https://codereview.chromium.org/96773002/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files (+19, -21 lines):
M src/frames.cc
M src/isolate.h
M src/isolate.cc
M test/cctest/test-debug.cc
A + test/mjsunit/regress/regress-3029.js
Index: src/frames.cc
diff --git a/src/frames.cc b/src/frames.cc
index
912c822d1789c4b1e9b64133ea4428498c376f93..9549c2db653621210a28c72a050b14950512eb4e
100644
--- a/src/frames.cc
+++ b/src/frames.cc
@@ -984,14 +984,16 @@ void OptimizedFrame::Summarize(List<FrameSummary>*
frames) {
// to construct a stack trace, the receiver is always in a stack
slot.
opcode = static_cast<Translation::Opcode>(it.Next());
ASSERT(opcode == Translation::STACK_SLOT ||
- opcode == Translation::LITERAL);
+ opcode == Translation::LITERAL ||
+ opcode == Translation::CAPTURED_OBJECT ||
+ opcode == Translation::DUPLICATED_OBJECT);
int index = it.Next();
// Get the correct receiver in the optimized frame.
Object* receiver = NULL;
if (opcode == Translation::LITERAL) {
receiver = data->LiteralArray()->get(index);
- } else {
+ } else if (opcode == Translation::STACK_SLOT) {
// Positive index means the value is spilled to the locals
// area. Negative means it is stored in the incoming parameter
// area.
@@ -1007,6 +1009,12 @@ void OptimizedFrame::Summarize(List<FrameSummary>*
frames) {
? this->receiver()
: this->GetParameter(parameter_index);
}
+ } else {
+ // TODO(3029): Materializing a captured object (or duplicated
+ // object) is hard, we return undefined for now. This breaks the
+ // produced stack trace, as constructor frames aren't marked as
+ // such anymore.
+ receiver = isolate()->heap()->undefined_value();
}
Code* code = function->shared()->code();
Index: src/isolate.cc
diff --git a/src/isolate.cc b/src/isolate.cc
index
941ac42d21cc9aac2d5b05a4f810d3c7d3267279..6495d25998bf7f74608fe84e4dbc3591f32c4c54
100644
--- a/src/isolate.cc
+++ b/src/isolate.cc
@@ -1323,11 +1323,6 @@ MessageLocation Isolate::GetMessageLocation() {
}
-void Isolate::TraceException(bool flag) {
- FLAG_trace_exception = flag; // TODO(isolates): This is an unfortunate
use.
-}
-
-
bool Isolate::OptionalRescheduleException(bool is_bottom_call) {
ASSERT(has_pending_exception());
PropagatePendingExceptionToExternalTryCatch();
Index: src/isolate.h
diff --git a/src/isolate.h b/src/isolate.h
index
e80cd4556016eff479bded7b8a67da31405babce..7ba30883c755bc358709d68e2f59a73a9864616b
100644
--- a/src/isolate.h
+++ b/src/isolate.h
@@ -785,9 +785,6 @@ class Isolate {
// result in the target out parameter.
void ComputeLocation(MessageLocation* target);
- // Override command line flag.
- void TraceException(bool flag);
-
// Out of resource exception helpers.
Failure* StackOverflow();
Failure* TerminateExecution();
Index: test/cctest/test-debug.cc
diff --git a/test/cctest/test-debug.cc b/test/cctest/test-debug.cc
index
ff802e3ddcdb52a0e2257d895d1bd3fa84e67aa9..f42b82b109d61d06395197b81c6d6bcc458de8a4
100644
--- a/test/cctest/test-debug.cc
+++ b/test/cctest/test-debug.cc
@@ -3943,8 +3943,6 @@ TEST(BreakOnException) {
v8::HandleScope scope(env->GetIsolate());
env.ExposeDebug();
- CcTest::i_isolate()->TraceException(false);
-
// Create functions for testing break on exception.
CompileFunction(&env, "function throws(){throw 1;}", "throws");
v8::Local<v8::Function> caught =
@@ -4089,8 +4087,6 @@ TEST(BreakOnCompileException) {
// For this test, we want to break on uncaught exceptions:
ChangeBreakOnException(false, true);
- CcTest::i_isolate()->TraceException(false);
-
// Create a function for checking the function when hitting a break
point.
frame_count = CompileFunction(&env, frame_count_source, "frame_count");
Index: test/mjsunit/regress/regress-3029.js
diff --git a/test/mjsunit/regress/regress-crbug-242870.js
b/test/mjsunit/regress/regress-3029.js
similarity index 89%
copy from test/mjsunit/regress/regress-crbug-242870.js
copy to test/mjsunit/regress/regress-3029.js
index
7183375ca811cedc81c870d34e694e98cf727f9b..ae412dff2ba98b52468cd2fa02d7bfc0653cffb9
100644
--- a/test/mjsunit/regress/regress-crbug-242870.js
+++ b/test/mjsunit/regress/regress-3029.js
@@ -27,17 +27,19 @@
// Flags: --allow-natives-syntax
-var non_const_true = true;
+function c(x) {
+ undefined.boom();
+}
function f() {
- return (non_const_true || true && g());
+ return new c();
}
function g() {
- for (;;) {}
+ f();
}
-assertTrue(f());
-assertTrue(f());
-%OptimizeFunctionOnNextCall(f);
-assertTrue(f());
+assertThrows("g()", TypeError);
+assertThrows("g()", TypeError);
+%OptimizeFunctionOnNextCall(g);
+assertThrows("g()", TypeError);
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
