I think there is a representation for Debugger.Frames that does not require frames to be removed from the Debugger::frames FrameMap when they are popped. It does still require prompt notification of:
-
frame pops for
Debugger.Frameinstances that have anonPophandler set, to report the pop to Debugger's users; and -
changes of a frame's representation (on-stack replacement; bailouts; etc.), to update the key in the map.
Not needing to report pops comes at the cost of a more expensive validity check before using a Debugger.Frame. But even so, we should be able to skip this check in some circumstances.
In the presence of multiple Debuggers, there may be many Debugger.Frame instances for a single JavaScript frame. We introduce a new structure, js::DebuggerFrameShared, that is one-to-one with JavaScript frames, and shared by all the Debugger.Frames that refer to it.
struct DebuggerFrameShared {
// The number of Debugger.Frame instances referring to this DebuggerFrameShared.
unsigned refCount;
// Initialized from a running counter stored in perThreadData.
unsigned generation;
union { AbstractFramePtr, ScriptFrameIter } frame;
};