Fix for issue 14790 - Crash when using dartium devtools

runtime/vm/stack_frame.cc

 // Copyright (c) 2012, the Dart project authors.  Please see the AUTHORS file
 // for details. All rights reserved. Use of this source code is governed by a
 // BSD-style license that can be found in the LICENSE file.
 
 #include "vm/stack_frame.h"
 
 #include "vm/assembler.h"
 #include "vm/deopt_instructions.h"
 #include "vm/isolate.h"
 #include "vm/object.h"
@@ skipping 43 matching lines @@
 
 void StackFrame::VisitObjectPointers(ObjectPointerVisitor* visitor) {
   // NOTE: This code runs while GC is in progress and runs within
   // a NoHandleScope block. Hence it is not ok to use regular Zone or
   // Scope handles. We use direct stack handles, the raw pointers in
   // these handles are not traversed. The use of handles is mainly to
   // be able to reuse the handle based code and avoid having to add
   // helper functions to the raw object interface.
   ASSERT(visitor != NULL);
   NoGCScope no_gc;
-  RawObject** first = reinterpret_cast<RawObject**>(sp());
-  RawObject** last = reinterpret_cast<RawObject**>(
-      fp() + (kFirstLocalSlotFromFp * kWordSize));
   Code code;
   code = LookupDartCode();
   if (!code.IsNull()) {
     // Visit the code object.
     RawObject* raw_code = code.raw();
     visitor->VisitPointer(&raw_code);
-    // Visit stack based on stack maps.
+
+    // Optimized frames have a stack map. We need to visit the frame based
+    // on the stack map.
     Array maps;
     maps = Array::null();
     Stackmap map;
     map = code.GetStackmap(pc(), &maps, &map);
     if (!map.IsNull()) {
+      RawObject** first = reinterpret_cast<RawObject**>(sp());
+      RawObject** last = reinterpret_cast<RawObject**>(
+          fp() + (kFirstLocalSlotFromFp * kWordSize));
+
       // A stack map is present in the code object, use the stack map to
       // visit frame slots which are marked as having objects.
       //
       // The layout of the frame is (lower addresses to the right):
       // | spill slots | outgoing arguments | saved registers |
       // |XXXXXXXXXXXXX|--------------------|XXXXXXXXXXXXXXXXX|
       //
       // The splill slots and any saved registers are described in the stack
       // map.  The outgoing arguments are assumed to be tagged; the number
       // of outgoing arguments is not explicitly tracked.
@@ skipping 12 matching lines @@
       // The live registers at the 'top' of the frame comprise the rest of the
       // stack map.
       for (intptr_t bit = length - 1; bit >= spill_slot_count; --bit) {
         if (map.IsObject(bit)) visitor->VisitPointer(first);
         ++first;
       }
 
       // The last slot can be one slot (but not more) past the last slot
       // in the case that all slots were covered by the stack map.
       ASSERT((last + 1) >= first);
+      visitor->VisitPointers(first, last);
+
+      // Now visit other slots which might be part of the calling convention.
+      first = reinterpret_cast<RawObject**>(
+          fp() + ((kFirstLocalSlotFromFp + 1) * kWordSize));
+      last = reinterpret_cast<RawObject**>(
+          fp() + (kFirstObjectSlotFromFp * kWordSize));
+      visitor->VisitPointers(first, last);
+      return;
     }
   }
-  // Each slot between the first and last included are tagged objects.
+  // For normal unoptimized Dart frames and Stub frames each slot
+  // between the first and last included are tagged objects.
+  RawObject** first = reinterpret_cast<RawObject**>(sp());
+  RawObject** last = reinterpret_cast<RawObject**>(
+      fp() + (kFirstObjectSlotFromFp * kWordSize));
   visitor->VisitPointers(first, last);
 }
 
 
 RawFunction* StackFrame::LookupDartFunction() const {
   const Code& code = Code::Handle(LookupDartCode());
   if (!code.IsNull()) {
     return code.function();
   }
   return Function::null();
@@ skipping 284 matching lines @@
     if (deopt_instr->kind() == DeoptInstr::kCallerFp) {
       return index;
     }
   }
   UNREACHABLE();
   return 0;
 }
 
 
 }  // namespace dart