[debugger] Don't leak holes from generator arguments.

src/accessors.cc

 // Copyright 2012 the V8 project authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "src/accessors.h"
 
 #include "src/api.h"
 #include "src/contexts.h"
 #include "src/deoptimizer.h"
 #include "src/execution.h"
@@ skipping 856 matching lines @@
 
     // Get the number of arguments and construct an arguments object
     // mirror for the right frame.
     const int length = frame->ComputeParametersCount();
     Handle<JSObject> arguments = isolate->factory()->NewArgumentsObject(
         function, length);
     Handle<FixedArray> array = isolate->factory()->NewFixedArray(length);
 
     // Copy the parameters to the arguments object.
     DCHECK(array->length() == length);
-    for (int i = 0; i < length; i++) array->set(i, frame->GetParameter(i));
+    for (int i = 0; i < length; i++) {
+      Object* value = frame->GetParameter(i);
+      if (value->IsTheHole(isolate)) {
+        // Generators currently use holes as dummy arguments when resuming.  We
+        // must not leak those.
+        DCHECK(IsResumableFunction(function->shared()->kind()));
+        value = isolate->heap()->undefined_value();
+      }
+      array->set(i, value);
+    }
     arguments->set_elements(*array);
 
     // Return the freshly allocated arguments object.
     return arguments;
   }
 
   // No frame corresponding to the given function found. Return null.
   return isolate->factory()->null_value();
 }
 
@@ skipping 218 matching lines @@
 Handle<AccessorInfo> Accessors::BoundFunctionNameInfo(
     Isolate* isolate, PropertyAttributes attributes) {
   return MakeAccessor(isolate, isolate->factory()->name_string(),
                       &BoundFunctionNameGetter, &ReconfigureToDataProperty,
                       attributes);
 }
 
 
 }  // namespace internal
 }  // namespace v8