• Benedikt Meurer's avatar
    [debug] Hold on to promises weakly from the debugger's promise stack. · 3eb6b7ac
    Benedikt Meurer authored
    The debugger maintains a stack of promises used for catch prediction
    with promise builtins and async functions. Previously this stack would
    hold on to the individual promises strongly, and subtle bugs that lead
    to not properly cleaning up the stack in some corner cases would often
    lead to significant memory issues (e.g. leaking whole iframes).
    
    This refactors the PromiseOnStack to be
    
      (a) on the V8 heap, rather than allocating C++ structs with global
          handles pointing to the promises, and
      (b) hold on to the promises only weakly.
    
    While this will not guarantee proper promise stack management, it will
    at least ensure that edge cases don't lead to catastrophic (debugger
    only) leaks.
    
    Bug: chromium:1292063
    Change-Id: I9c293ca2032de3a59e1e9624f132d37187805567
    Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/3545176
    Commit-Queue: Benedikt Meurer <bmeurer@chromium.org>
    Reviewed-by: 's avatarMichael Lippautz <mlippautz@chromium.org>
    Reviewed-by: 's avatarSimon Zünd <szuend@chromium.org>
    Cr-Commit-Position: refs/heads/main@{#79594}
    3eb6b7ac
debug-objects-inl.h 3.26 KB