Reviewers: Kasper Lund, Description: Added more checks to SafeStackFrameIterator to prevent crashes when profiling. Tested by profiling 3d-morph.js a 100 times both in debug and release builds.
Please review this at http://codereview.chromium.org/42600 Affected files: M src/frames.cc Index: src/frames.cc diff --git a/src/frames.cc b/src/frames.cc index 763ff486eff0d804e4d98bde5d6de5832c4bfe92..a196bbb6743fdfad93ea03721fe5ea46e676b334 100644 --- a/src/frames.cc +++ b/src/frames.cc @@ -230,6 +230,20 @@ bool SafeStackFrameIterator::IsValidFrame(StackFrame* frame) const { bool SafeStackFrameIterator::IsValidCaller(StackFrame* frame) { StackFrame::State state; + if (frame->is_entry() || frame->is_entry_construct()) { + // see EntryFrame::GetCallerState + if (!IsValidStackAddress( + Memory::Address_at( + frame->fp() + EntryFrameConstants::kCallerFPOffset))) { + return false; + } + } else if (frame->is_arguments_adaptor()) { + // see ArgumentsAdaptorFrame::GetCallerStackPointer + if (!reinterpret_cast<ArgumentsAdaptorFrame*>(frame)-> + GetExpression(0)->IsSmi()) { + return false; + } + } frame->ComputeCallerState(&state); return IsValidStackAddress(state.sp) && IsValidStackAddress(state.fp) && iterator_.SingletonFor(frame->GetCallerState(&state)) != NULL; --~--~---------~--~----~------------~-------~--~----~ v8-dev mailing list v8-dev@googlegroups.com http://groups.google.com/group/v8-dev -~----------~----~----~----~------~----~------~--~---