-
Simon Zünd authored
The V8 inspector is using the DebugPropertyIterator (a debug only interface) while building RemoteObjects. The DebugPropertyIterator uses the `KeyAccumulator::GetKeys` for this, which can potentially throw, but the DebugPropertyIterator ignores exceptions and keeps iterating. If multiple iteration steps throw an exception (e.g. due to a pending stack overflow), we run into a CHECK in Isolate::Throw, as we can't throw exceptions while another exception is still pending. This CL fixes the CHECK crash by properly propagating exceptions after the iterator is created or advanced and returning early in the inspector if an exception happens. Please note that the regression test that showcases this behavior is still disabled, as fixing the crash causes currently an endless loop. While the exception in `ValueMirror::getProperties` is handled by early returing, we still need to forward it as the result of the `Runtime::evaluate` all the way up the stack. R=bmeurer@chromium.org, yangguo@chromium.org Bug: chromium:1080638 Change-Id: I1d55e0d70490a06a6bc1b0a3525236411da7f64b Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/2639954Reviewed-by: Benedikt Meurer <bmeurer@chromium.org> Reviewed-by: Yang Guo <yangguo@chromium.org> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/master@{#72203}
af7e6893
Name |
Last commit
|
Last update |
---|---|---|
.. | ||
DIR_METADATA | ||
OWNERS | ||
api-arguments-inl.h | ||
api-arguments.cc | ||
api-arguments.h | ||
api-inl.h | ||
api-natives.cc | ||
api-natives.h | ||
api.cc | ||
api.h |