Changeset 90938 in webkit
- Timestamp:
- Jul 13, 2011 11:59:34 AM (13 years ago)
- Location:
- trunk
- Files:
-
- 7 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/LayoutTests/ChangeLog
r90936 r90938 1 2011-07-12 Gavin Barraclough <barraclough@apple.com> 2 3 https://bugs.webkit.org/show_bug.cgi?id=64424 4 Our direct eval behaviour deviates slightly from the spec. 5 6 Reviewed by Oliver Hunt. 7 8 Correct expected results. 9 10 * fast/js/eval-keyword-vs-function-expected.txt: 11 * fast/js/eval-keyword-vs-function.html: 12 1 13 2011-07-13 Abhishek Arya <inferno@chromium.org> 2 14 -
trunk/LayoutTests/fast/js/eval-keyword-vs-function-expected.txt
r30871 r90938 13 13 PASS: globalEval("x") should be 0 and is. 14 14 PASS: localEval("x") should be 0 and is. 15 PASS: (function() { var eval = window.eval; return eval("x"); })() should be 0and is.15 PASS: (function() { var eval = window.eval; return eval("x"); })() should be 1 and is. 16 16 17 17 ----- Variable Object: ----- … … 21 21 PASS: globalEval("var y; "y" in window") should be true and is. 22 22 PASS: localEval("var y; "y" in window") should be true and is. 23 PASS: (function() { var eval = window.eval; return eval("var y; "y" in window"); })() should be true and is.23 PASS: (function() { var eval = window.eval; return eval("var y; "y" in window"); })() should be false and is. 24 24 25 25 ----- Scope Chain for Setters: ----- … … 29 29 PASS: globalEval("z = 3; window.z") should be 3 and is. 30 30 PASS: localEval("z = 4; window.z") should be 4 and is. 31 PASS: (function() { var eval = window.eval; return eval("z = 5; window.z"); })() should be 5and is.31 PASS: (function() { var eval = window.eval; return eval("z = 5; window.z"); })() should be 4 and is. 32 32 33 33 ----- This Object: ----- -
trunk/LayoutTests/fast/js/eval-keyword-vs-function.html
r30871 r90938 44 44 shouldBe('globalEval("x")', globalEval("x"), 0); 45 45 shouldBe('localEval("x")', localEval("x"), 0); 46 shouldBe('(function() { var eval = window.eval; return eval("x"); })()', (function() { var eval = window.eval; return eval("x"); })(), 0); 46 47 // Per ES5 15.1.2.11 & 10.2.2.1 any reference that hits an enviromment record (i.e. does not have a base) 48 // and has a reference name of "eval" is treated as a direct eval - the assignment to a var makes no difference. 49 shouldBe('(function() { var eval = window.eval; return eval("x"); })()', (function() { var eval = window.eval; return eval("x"); })(), 1); 47 50 } 48 51 … … 63 66 delete window.y; 64 67 65 shouldBe('(function() { var eval = window.eval; return eval("var y; \"y\" in window"); })()', (function() { var eval = window.eval; return eval("var y; \"y\" in window"); })(), true); 68 // Per ES5 15.1.2.11 & 10.2.2.1 any reference that hits an enviromment record (i.e. does not have a base) 69 // and has a reference name of "eval" is treated as a direct eval - the assignment to a var makes no difference. 70 shouldBe('(function() { var eval = window.eval; return eval("var y; \"y\" in window"); })()', (function() { var eval = window.eval; return eval("var y; \"y\" in window"); })(), false); 66 71 } 67 72 … … 80 85 shouldBe('localEval("z = 4; window.z")', localEval("z = 4; window.z"), 4); 81 86 82 shouldBe('(function() { var eval = window.eval; return eval("z = 5; window.z"); })()', (function() { var eval = window.eval; return eval("z = 5; window.z"); })(), 5); 87 // Per ES5 15.1.2.11 & 10.2.2.1 any reference that hits an enviromment record (i.e. does not have a base) 88 // and has a reference name of "eval" is treated as a direct eval - the assignment to a var makes no difference. 89 shouldBe('(function() { var eval = window.eval; return eval("z = 5; window.z"); })()', (function() { var eval = window.eval; return eval("z = 5; window.z"); })(), 4); 83 90 } 84 91 -
trunk/Source/JavaScriptCore/ChangeLog
r90916 r90938 1 2011-07-12 Gavin Barraclough <barraclough@apple.com> 2 3 https://bugs.webkit.org/show_bug.cgi?id=64424 4 Our direct eval behaviour deviates slightly from the spec. 5 6 Reviewed by Oliver Hunt. 7 8 The ES5 spec defines a concept of 'Direct Call to Eval' (see section 15.1.2.1.1), where 9 behaviour will differ from that of an indirect call (e.g. " { eval: window.eval }.eval();" 10 or "var a = eval; a();" are indirect calls), particularly in non-strict scopes variables 11 may be introduced into the caller's environment. 12 13 ES5 direct calls are any call where the callee function is provided by a reference, a base 14 of that Reference is an EnvironmentRecord (this corresponds to all productions 15 "PrimaryExpression: Identifier", see 10.2.2.1 GetIdentifierReference), and where the name 16 of the reference is "eval". This means any expression of the form "eval(...)", and that 17 calls the standard built in eval method from on the Global Object, is considered to be 18 direct. 19 20 In JavaScriptCore we are currently overly restrictive. We also check that the 21 EnvironmentRecord that is the base of the reference is the Declaractive Environment Record 22 at the root of the scope chain, corresponding to the Global Object - an "eval(..)" statement 23 that hits a var eval in a nested scope is not considered to be direct. This behaviour does 24 not emanate from the spec, and is incorrect. 25 26 * interpreter/Interpreter.cpp: 27 (JSC::Interpreter::privateExecute): 28 - Fixed direct eval check in op_call_eval. 29 * jit/JITStubs.cpp: 30 (JSC::DEFINE_STUB_FUNCTION): 31 - Fixed direct eval check in op_call_eval. 32 * runtime/Executable.h: 33 (JSC::isHostFunction): 34 - Added check for host function with specific NativeFunction. 35 1 36 2011-07-13 Ademar de Souza Reis Jr. <ademar.reis@openbossa.org> 2 37 -
trunk/Source/JavaScriptCore/interpreter/Interpreter.cpp
r90401 r90938 4100 4100 JSValue funcVal = callFrame->r(func).jsValue(); 4101 4101 4102 Register* newCallFrame = callFrame->registers() + registerOffset; 4103 Register* argv = newCallFrame - RegisterFile::CallFrameHeaderSize - argCount; 4104 JSValue thisValue = argv[0].jsValue(); 4105 JSGlobalObject* globalObject = callFrame->scopeChain()->globalObject.get(); 4106 4107 if (thisValue == globalObject && funcVal == globalObject->evalFunction()) { 4102 if (isHostFunction(callFrame->globalData(), funcVal, globalFuncEval)) { 4103 Register* newCallFrame = callFrame->registers() + registerOffset; 4104 Register* argv = newCallFrame - RegisterFile::CallFrameHeaderSize - argCount; 4105 4108 4106 JSValue result = callEval(callFrame, registerFile, argv, argCount, registerOffset); 4109 4107 if ((exceptionValue = globalData->exception)) -
trunk/Source/JavaScriptCore/jit/JITStubs.cpp
r90875 r90938 3160 3160 int argCount = stackFrame.args[2].int32(); 3161 3161 3162 if (!isHostFunction(callFrame->globalData(), funcVal, globalFuncEval)) 3163 return JSValue::encode(JSValue()); 3164 3162 3165 Register* newCallFrame = callFrame->registers() + registerOffset; 3163 3166 Register* argv = newCallFrame - RegisterFile::CallFrameHeaderSize - argCount; 3164 JSValue baseValue = argv[0].jsValue(); 3165 JSGlobalObject* globalObject = callFrame->scopeChain()->globalObject.get(); 3166 3167 if (baseValue == globalObject && funcVal == globalObject->evalFunction()) { 3168 JSValue result = interpreter->callEval(callFrame, registerFile, argv, argCount, registerOffset); 3169 CHECK_FOR_EXCEPTION_AT_END(); 3170 return JSValue::encode(result); 3171 } 3172 3173 return JSValue::encode(JSValue()); 3167 3168 JSValue result = interpreter->callEval(callFrame, registerFile, argv, argCount, registerOffset); 3169 CHECK_FOR_EXCEPTION_AT_END(); 3170 return JSValue::encode(result); 3174 3171 } 3175 3172 -
trunk/Source/JavaScriptCore/runtime/Executable.h
r90437 r90938 515 515 return static_cast<NativeExecutable*>(m_executable.get())->function(); 516 516 } 517 518 inline bool isHostFunction(JSGlobalData& globalData, JSValue value, NativeFunction nativeFunction) 519 { 520 JSFunction* function = static_cast<JSFunction*>(getJSFunction(globalData, value)); 521 if (!function || !function->isHostFunction()) 522 return false; 523 return function->nativeFunction() == nativeFunction; 524 } 525 517 526 } 518 527
Note: See TracChangeset
for help on using the changeset viewer.