Revision: 11976
Author: [email protected]
Date: Tue Jul 3 01:41:13 2012
Log: Fix lazy compilation for strict eval scopes.
This prevents lazy compilation of functions that have an outer context
containing a strict eval scope. Such a scope potentially contains
context allocated variables in an artificial function scope that is not
deserialized correctly.
[email protected]
BUG=chromium:135066
TEST=mjsunit/regress/regress-crbug-135066
Review URL: https://chromiumcodereview.appspot.com/10704058
http://code.google.com/p/v8/source/detail?r=11976
Added:
/branches/bleeding_edge/test/mjsunit/regress/regress-crbug-135066.js
Modified:
/branches/bleeding_edge/src/scopes.cc
/branches/bleeding_edge/src/scopes.h
=======================================
--- /dev/null
+++ /branches/bleeding_edge/test/mjsunit/regress/regress-crbug-135066.js
Tue Jul 3 01:41:13 2012
@@ -0,0 +1,53 @@
+// Copyright 2012 the V8 project authors. All rights reserved.
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted provided that the following conditions are
+// met:
+//
+// * Redistributions of source code must retain the above copyright
+// notice, this list of conditions and the following disclaimer.
+// * Redistributions in binary form must reproduce the above
+// copyright notice, this list of conditions and the following
+// disclaimer in the documentation and/or other materials provided
+// with the distribution.
+// * Neither the name of Google Inc. nor the names of its
+// contributors may be used to endorse or promote products derived
+// from this software without specific prior written permission.
+//
+// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+
+// Filler long enough to trigger lazy parsing.
+var filler = "//" + new Array(1024).join('x');
+
+// Test strict eval in global context.
+eval(
+ "'use strict';" +
+ "var x = 23;" +
+ "var f = function bozo1() {" +
+ " return x;" +
+ "};" +
+ "assertSame(23, f());" +
+ filler
+);
+
+// Test default eval in strict context.
+(function() {
+ "use strict";
+ eval(
+ "var y = 42;" +
+ "var g = function bozo2() {" +
+ " return y;" +
+ "};" +
+ "assertSame(42, g());" +
+ filler
+ );
+})();
=======================================
--- /branches/bleeding_edge/src/scopes.cc Wed Jun 20 01:58:41 2012
+++ /branches/bleeding_edge/src/scopes.cc Tue Jul 3 01:41:13 2012
@@ -662,28 +662,36 @@
}
-bool Scope::AllowsLazyCompilation() const {
- return !force_eager_compilation_ &&
- !TrivialDeclarationScopesBeforeWithScope();
+bool Scope::HasLazyCompilableOuterContext() const {
+ Scope* outer = outer_scope_;
+ if (outer == NULL) return true;
+ // There are several reasons that prevent lazy compilation:
+ // - This scope is inside a with scope and all declaration scopes between
+ // them have empty contexts. Such declaration scopes become invisible
+ // during scope info deserialization.
+ // - This scope is inside a strict eval scope with variables that are
+ // potentially context allocated in an artificial function scope that
+ // is not deserialized correctly.
+ outer = outer->DeclarationScope();
+ bool found_non_trivial_declarations = false;
+ for (const Scope* scope = outer; scope != NULL; scope =
scope->outer_scope_) {
+ if (scope->is_eval_scope()) return false;
+ if (scope->is_with_scope() && !found_non_trivial_declarations) return
false;
+ if (scope->is_declaration_scope() && scope->num_heap_slots() > 0) {
+ found_non_trivial_declarations = true;
+ }
+ }
+ return true;
}
-bool Scope::AllowsLazyCompilationWithoutContext() const {
- return !force_eager_compilation_ && HasTrivialOuterContext();
+bool Scope::AllowsLazyCompilation() const {
+ return !force_eager_compilation_ && HasLazyCompilableOuterContext();
}
-bool Scope::TrivialDeclarationScopesBeforeWithScope() const {
- Scope* outer = outer_scope_;
- if (outer == NULL) return false;
- outer = outer->DeclarationScope();
- while (outer != NULL) {
- if (outer->is_with_scope()) return true;
- if (outer->is_declaration_scope() && outer->num_heap_slots() > 0)
- return false;
- outer = outer->outer_scope_;
- }
- return false;
+bool Scope::AllowsLazyCompilationWithoutContext() const {
+ return !force_eager_compilation_ && HasTrivialOuterContext();
}
=======================================
--- /branches/bleeding_edge/src/scopes.h Tue Jun 19 07:29:48 2012
+++ /branches/bleeding_edge/src/scopes.h Tue Jul 3 01:41:13 2012
@@ -380,10 +380,8 @@
// True if the outer context of this scope is always the global context.
bool HasTrivialOuterContext() const;
- // True if this scope is inside a with scope and all declaration scopes
- // between them have empty contexts. Such declaration scopes become
- // invisible during scope info deserialization.
- bool TrivialDeclarationScopesBeforeWithScope() const;
+ // True if the outer context allows lazy compilation of this scope.
+ bool HasLazyCompilableOuterContext() const;
// The number of contexts between this and scope; zero if this == scope.
int ContextChainLength(Scope* scope);
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
