[debugger] debug-evaluate should not not modify local values.

src/debug/debug-evaluate.cc

 // Copyright 2015 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/debug/debug-evaluate.h"
 
 #include "src/accessors.h"
 #include "src/contexts.h"
 #include "src/debug/debug.h"
 #include "src/debug/debug-frames.h"
@@ skipping 50 matching lines @@
   // selected frame.
   SaveContext* save =
       DebugFrameHelper::FindSavedContextForFrame(isolate, frame);
   SaveContext savex(isolate);
   isolate->set_context(*(save->context()));
 
   // This is not a lot different than DebugEvaluate::Global, except that
   // variables accessible by the function we are evaluating from are
   // materialized and included on top of the native context. Changes to
   // the materialized object are written back afterwards.
+  // Note that the native context is taken from the original context chain,
+  // which may not be the current native context of the isolate.
   ContextBuilder context_builder(isolate, frame, inlined_jsframe_index);
   if (isolate->has_pending_exception()) return MaybeHandle<Object>();
 
-  Handle<Context> context = isolate->native_context();
+  Handle<Context> context = context_builder.native_context();
   Handle<JSObject> receiver(context->global_proxy());
-  Handle<SharedFunctionInfo> outer_info(context->closure()->shared(), isolate);
   MaybeHandle<Object> maybe_result = Evaluate(
       isolate, context_builder.outer_info(),
       context_builder.innermost_context(), context_extension, receiver, source);
-  if (!maybe_result.is_null()) context_builder.UpdateValues();
+  if (!maybe_result.is_null() && !FLAG_debug_eval_readonly_locals) {
+    context_builder.UpdateValues();
+  }
   return maybe_result;
 }
 
 
 // Compile and evaluate source for the given context.
 MaybeHandle<Object> DebugEvaluate::Evaluate(
     Isolate* isolate, Handle<SharedFunctionInfo> outer_info,
     Handle<Context> context, Handle<HeapObject> context_extension,
     Handle<Object> receiver, Handle<String> source) {
   if (context_extension->IsJSObject()) {
@@ skipping 29 matching lines @@
 DebugEvaluate::ContextBuilder::ContextBuilder(Isolate* isolate,
                                               JavaScriptFrame* frame,
                                               int inlined_jsframe_index)
     : isolate_(isolate),
       frame_(frame),
       inlined_jsframe_index_(inlined_jsframe_index) {
   FrameInspector frame_inspector(frame, inlined_jsframe_index, isolate);
   Handle<JSFunction> local_function =
       handle(JSFunction::cast(frame_inspector.GetFunction()));
   Handle<Context> outer_context(local_function->context());
-  Handle<Context> native_context = isolate->native_context();
-  Handle<JSFunction> global_function(native_context->closure());
+  native_context_ = Handle<Context>(outer_context->native_context());
+  Handle<JSFunction> global_function(native_context_->closure());
   outer_info_ = handle(global_function->shared());
   Handle<Context> inner_context;
 
   bool stop = false;
 
   // Iterate the original context chain to create a context chain that reflects
   // our needs. The original context chain may look like this:
   // <native context> <outer contexts> <function context> <inner contexts>
   // In the resulting context chain, we want to materialize the receiver,
   // the parameters of the current function, the stack locals. We only
@@ skipping 17 matching lines @@
     ScopeIterator::ScopeType scope_type = it.Type();
     if (scope_type == ScopeIterator::ScopeTypeLocal) {
       DCHECK_EQ(FUNCTION_SCOPE, it.CurrentScopeInfo()->scope_type());
       it.GetNonLocals(&non_locals_);
       Handle<Context> local_context =
           it.HasContext() ? it.CurrentContext() : outer_context;
 
       // The "this" binding, if any, can't be bound via "with".  If we need
       // to, add another node onto the outer context to bind "this".
       Handle<Context> receiver_context =
-          MaterializeReceiver(native_context, local_context, local_function,
+          MaterializeReceiver(native_context_, local_context, local_function,
                               global_function, it.ThisIsNonLocal());
 
       Handle<JSObject> materialized_function = NewJSObjectWithNullProto();
       frame_inspector.MaterializeStackLocals(materialized_function,
                                              local_function);
       MaterializeArgumentsObject(materialized_function, local_function);
       MaterializeContextChain(materialized_function, local_context);
 
       Handle<Context> with_context = isolate->factory()->NewWithContext(
           global_function, receiver_context, materialized_function);
@@ skipping 122 matching lines @@
   Handle<JSObject> arguments =
       Handle<JSObject>::cast(Accessors::FunctionGetArguments(function));
   Handle<String> arguments_str = isolate_->factory()->arguments_string();
   JSObject::SetOwnPropertyIgnoreAttributes(target, arguments_str, arguments,
                                            NONE)
       .Check();
 }
 
 
 MaybeHandle<Object> DebugEvaluate::ContextBuilder::LoadFromContext(
-    Handle<Context> context, Handle<String> name) {
+    Handle<Context> context, Handle<String> name, bool* global) {
   static const ContextLookupFlags flags = FOLLOW_CONTEXT_CHAIN;
   int index;
   PropertyAttributes attributes;
   BindingFlags binding;
   Handle<Object> holder =
       context->Lookup(name, flags, &index, &attributes, &binding);
   if (holder.is_null()) return MaybeHandle<Object>();
   Handle<Object> value;
   if (index != Context::kNotFound) {  // Found on context.
     Handle<Context> context = Handle<Context>::cast(holder);
+    // Do not shadow variables on the script context.
+    *global = context->IsScriptContext();
     return Handle<Object>(context->get(index), isolate_);
   } else {  // Found on object.
     Handle<JSReceiver> object = Handle<JSReceiver>::cast(holder);
+    // Do not shadow properties on the global object.
+    *global = object->IsJSGlobalObject();
     return JSReceiver::GetDataProperty(object, name);
   }
 }
 
 
 void DebugEvaluate::ContextBuilder::MaterializeContextChain(
     Handle<JSObject> target, Handle<Context> context) {
   for (const Handle<String>& name : non_locals_) {
     HandleScope scope(isolate_);
     Handle<Object> value;
-    if (!LoadFromContext(context, name).ToHandle(&value)) continue;
+    bool global;
+    if (!LoadFromContext(context, name, &global).ToHandle(&value) || global) {
+      // If resolving the variable fails, skip it. If it resolves to a global
+      // variable, skip it as well since it's not read-only and can be resolved
+      // within debug-evaluate.
+      continue;
+    }
     JSObject::SetOwnPropertyIgnoreAttributes(target, name, value, NONE).Check();
   }
 }
 
 
 void DebugEvaluate::ContextBuilder::StoreToContext(Handle<Context> context,
                                                    Handle<String> name,
                                                    Handle<Object> value) {
   static const ContextLookupFlags flags = FOLLOW_CONTEXT_CHAIN;
   int index;
@@ skipping 27 matching lines @@
 }
 
 
 Handle<Context> DebugEvaluate::ContextBuilder::MaterializeReceiver(
     Handle<Context> parent_context, Handle<Context> lookup_context,
     Handle<JSFunction> local_function, Handle<JSFunction> global_function,
     bool this_is_non_local) {
   Handle<Object> receiver = isolate_->factory()->undefined_value();
   Handle<String> this_string = isolate_->factory()->this_string();
   if (this_is_non_local) {
-    LoadFromContext(lookup_context, this_string).ToHandle(&receiver);
+    bool global;
+    LoadFromContext(lookup_context, this_string, &global).ToHandle(&receiver);
   } else if (local_function->shared()->scope_info()->HasReceiver()) {
     receiver = handle(frame_->receiver(), isolate_);
   }
   return isolate_->factory()->NewCatchContext(global_function, parent_context,
                                               this_string, receiver);
 }
 
 }  // namespace internal
 }  // namespace v8