Bug 609256 - With strict this, there's no longer any need to compute this when a syntactically direct eval doesn't resolve to the eval function. r=luke

2024-11-01 14:45:29 +00:00 · 2010-11-08 16:14:29 -08:00 · 2010-11-08 16:14:29 -08:00 · d878529010
commit d878529010
parent 4cc4b9cf5d
4 changed files with 35 additions and 6 deletions
--- a/js/src/jsinterp.cpp
+++ b/js/src/jsinterp.cpp
@ -4671,7 +4671,7 @@ BEGIN_CASE(JSOP_EVAL)

    newfun = callee->getFunctionPrivate();
    if (!IsBuiltinEvalFunction(newfun))
-        goto not_direct_eval;
+        goto call_using_invoke;

    if (!DirectEval(cx, newfun, argc, vp))
        goto error;
@ -4688,7 +4688,6 @@ BEGIN_CASE(JSOP_FUNCALL)
    if (IsFunctionObject(*vp, &callee)) {
        newfun = callee->getFunctionPrivate();

-      not_direct_eval:
        /* Clear frame flags since this is not a constructor call. */
        flags = 0;
        if (newfun->isInterpreted())
--- a/js/src/methodjit/InvokeHelpers.cpp
+++ b/js/src/methodjit/InvokeHelpers.cpp
@ -453,11 +453,8 @@ stubs::Eval(VMFrame &f, uint32 argc)
    if (!IsFunctionObject(*vp, &callee) ||
        !IsBuiltinEvalFunction((fun = callee->getFunctionPrivate())))
    {
-        if (!ComputeThisFromVpInPlace(f.cx, vp) ||
-            !Invoke(f.cx, InvokeArgsAlreadyOnTheStack(vp, argc), 0))
-        {
+        if (!Invoke(f.cx, InvokeArgsAlreadyOnTheStack(vp, argc), 0))
            THROW();
-        }
        return;
    }

--- a/js/src/tests/ecma_5/Global/direct-eval-but-not.js
+++ b/js/src/tests/ecma_5/Global/direct-eval-but-not.js
@ -0,0 +1,32 @@
+// Any copyright is dedicated to the Public Domain.
+// http://creativecommons.org/licenses/publicdomain/
+
+//-----------------------------------------------------------------------------
+var BUGNUMBER = 609256;
+var summary =
+  "Don't crash doing a direct eval when eval doesn't resolve to an object " +
+  "(let alone the original eval function)";
+
+print(BUGNUMBER + ": " + summary);
+
+/**************
+ * BEGIN TEST *
+ **************/
+
+var eval = "";
+try
+{
+  eval();
+  throw new Error("didn't throw?");
+}
+catch (e)
+{
+  assertEq(e instanceof TypeError, true);
+}
+
+/******************************************************************************/
+
+if (typeof reportCompare === "function")
+  reportCompare(true, true);
+
+print("All tests passed!");
--- a/js/src/tests/ecma_5/Global/jstests.list
+++ b/js/src/tests/ecma_5/Global/jstests.list
@ -5,3 +5,4 @@ script eval-02.js
 script eval-inside-with-is-direct.js
 script parenthesized-eval-is-direct.js
 script eval-native-callback-is-indirect.js
+script direct-eval-but-not.js