[debug] Fix null pointer access in FindSharedFunctionInfo

This fixes a null pointer access in FindSharedFunctionInfo that was introduced when adding a guard to top level function compilation. Bug: chromium:1185540 Change-Id: I24b9752637aba0e660bd8f20be83522e1009b69f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2742194 Commit-Queue: Kim-Anh Tran <kimanh@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#73258}

[debug] Fix null pointer access in FindSharedFunctionInfo
This fixes a null pointer access in FindSharedFunctionInfo that was introduced when adding a guard to top level function compilation. Bug: chromium:1185540 Change-Id: I24b9752637aba0e660bd8f20be83522e1009b69f Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2742194 Commit-Queue: Kim-Anh Tran <kimanh@chromium.org> Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/master@{#73258}
5ba47eed · Kim-Anh Tran · Commit Bot · 416fae86 · 5ba47eed · 5ba47eed
Commit 5ba47eed authored Mar 08, 2021 by Kim-Anh Tran Committed by Commit Bot Mar 08, 2021
Showing with 38 additions and 1 deletion

debug.cc src/debug/debug.cc +2 -1

regression-1185540-expected.txt test/inspector/debugger/regression-1185540-expected.txt +2 -0

regression-1185540.js test/inspector/debugger/regression-1185540.js +34 -0

No files found.
--- a/src/debug/debug.cc
+++ b/src/debug/debug.cc
@@ -1596,7 +1596,8 @@ Handle<Object> Debug::FindSharedFunctionInfoInScript(Handle<Script> script,
    IsCompiledScope is_compiled_scope;
    {
      shared = FindSharedFunctionInfoCandidate(position, script, isolate_);
-      if (shared.is_null() && iteration == 0) {
+      if (shared.is_null()) {
+        if (iteration > 0) break;
        // It might be that the shared function info is not available as the
        // top level functions are removed due to the GC. Try to recompile
        // the top level functions.

--- a/test/inspector/debugger/regression-1185540-expected.txt
+++ b/test/inspector/debugger/regression-1185540-expected.txt
+Check that setting a breakpoint in an invalid function is not crashing.
+[]
--- a/test/inspector/debugger/regression-1185540.js
+++ b/test/inspector/debugger/regression-1185540.js
+// Copyright 2021 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+let {session, contextGroup, Protocol} = InspectorTest.start(
+    'Check that setting a breakpoint in an invalid function is not crashing.');
+const invalidFunc = `console.l   og('hi');//# sourceURL=invalid.js`;
+Protocol.Debugger.enable().then(onDebuggerEnabled);
+function onDebuggerEnabled() {
+  Protocol.Runtime.enable();
+  Protocol.Runtime.onExecutionContextCreated(onExecutionContextCreated);
+}
+async function onExecutionContextCreated(messageObject) {
+  const executionContextId = messageObject.params.context.id;
+  await testSetBreakpoint(executionContextId, invalidFunc, 'invalid.js');
+}
+async function testSetBreakpoint(executionContextId, func, url) {
+  const obj = await Protocol.Runtime.compileScript({
+    expression: func,
+    sourceURL: url,
+    persistScript: true,
+    executionContextId
+  });
+  const scriptId = obj.result.scriptId;
+  const {result: {locations}} =
+      await Protocol.Debugger.setBreakpointByUrl({lineNumber: 0, url});
+  InspectorTest.log(JSON.stringify(locations));
+  InspectorTest.completeTest();
+};