Closed Bug 1268955 Opened 9 years ago Closed 9 years ago

Differential Testing: Different output message involving caller

Categories

(Core :: JavaScript Engine: JIT, defect)

Product:
Core
Component:
JavaScript Engine: JIT
Platform:
x86
All
Type:
defect
Priority:
Not set
Severity:
major

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla49
Tracking Flags:
Tracking Status
firefox49 --- fixed

People

(Reporter: gkw, Assigned: bbouvier)

References

Details

(Keywords: testcase)

Attachments

(1 file)

1268955.patch
5.53 KB, patch
Waldo
: review+
Details | Diff | Splinter Review
x = eval("\ \"use strict\";\ (function(stdlib, foreign, heap) {\ \"use asm\";\ function f() {};\ return f;\ });\ "); try { x["caller"]; print(x); } catch (e) { print(e); } $ ./js-dbg-32-dm-clang-darwin-4292da9df16b --fuzzing-safe --no-threads --ion-eager testcase.js function (stdlib, foreign, heap) { "use asm"; function f() {}; return f; } $ ./js-dbg-32-dm-clang-darwin-4292da9df16b --fuzzing-safe --no-threads --ion-eager --no-fpu testcase.js TypeError: 'caller', 'callee', and 'arguments' properties may not be accessed on strict mode functions or the arguments objects for calls to them Tested this on m-c rev 4292da9df16b. My configure flags are: LD=ld CROSS_COMPILE=1 CC="clang -Qunused-arguments -msse2 -mfpmath=sse -arch i386" RANLIB=ranlib CXX="clang++ -Qunused-arguments -msse2 -mfpmath=sse -arch i386" AS=$CC AR=ar STRIP="strip -x -S" HOST_CC="clang -Qunused-arguments -msse2 -mfpmath=sse" AUTOCONF=/usr/local/Cellar/autoconf213/2.13/bin/autoconf213 HOST_CXX="clang++ -Qunused-arguments -msse2 -mfpmath=sse" sh /Users/skywalker/trees/mozilla-central/js/src/configure --target=i386-apple-darwin14.5.0 --disable-jemalloc --enable-debug --enable-more-deterministic --with-ccache --enable-gczeal --enable-debug-symbols --disable-tests python -u ~/funfuzz/js/compileShell.py -b "--enable-debug --enable-more-deterministic --32" -r 4292da9df16b
This has seemed to exist prior to m-c rev dc4b163f7db7 (early Nov 2014). Guessing this might be related to asm.js, so setting needinfo? from :bbouvier as a start.
Flags: needinfo?(bbouvier)
Nice catch, gary! asm.js doesn't respect "use strict" semantics when it comes to calling arguments or caller.
Flags: needinfo?(bbouvier)
Attached patch 1268955.patchSplinter Review
Waldo, setting you as the reviewer, since you referenced this issue in the comment I'm deleting here.
Assignee: nobody → bbouvier
Status: NEW → ASSIGNED
Attachment #8747654 - Flags: review?(jwalden+bmo)
Comment on attachment 8747654 [details] [diff] [review] 1268955.patch Review of attachment 8747654 [details] [diff] [review]: ----------------------------------------------------------------- ::: js/src/asmjs/AsmJS.cpp @@ +8280,5 @@ > +js::IsAsmJSStrictModeModuleOrFunction(JSFunction* fun) > +{ > + if (IsAsmJSModule(fun)) { > + return AsmJSModuleToModuleObject(fun)->module().asAsmJS().strict(); > + } Don't brace this. ::: js/src/jit-test/tests/asm.js/testSource.js @@ +398,5 @@ > > })(); > + > +/* Check strict semantics */ > +(function () { Please put this in a new test, rather than tacking onto the existing one. @@ +399,5 @@ > })(); > + > +/* Check strict semantics */ > +(function () { > + var caught = false; Declare this at first use much further down. @@ +412,5 @@ > + caught = false; > + try { > + scope[callee][getter]; > + } catch (e) { > + print(e); Remove the print, and beyond just checking for caught-ness, please do an instanceof TypeError check. ::: js/src/jsfun.cpp @@ +139,2 @@ > fun->isBoundFunction()) > { This all fits in 99ch now, right? One-line it. @@ +220,5 @@ > static bool > CallerRestrictions(JSContext* cx, HandleFunction fun) > { > // Throw if the function is a builtin (note: this doesn't include asm.js), > + // a strict mode function or a bound function. Over my dead body are you removing the serial comma after "strict mode function". PUT IT BACK OR ELSE. :-) @@ +227,2 @@ > fun->isBoundFunction()) > { One line.
Attachment #8747654 - Flags: review?(jwalden+bmo) → review+
That said, please keep some mention of the bug I noted -- I still have not much confidence in our arguments/caller semantics being correct for all possible pairings of callee/caller.
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: