[parser] fix null-dereference in DoExpression rewriting

BUG=v8:4661, v8:4488
LOG=N
R=adamk@chromium.org, rossberg@chromium.org, jkummerow@chromium.org

Review URL: https://codereview.chromium.org/1575133003

Cr-Commit-Position: refs/heads/master@{#33250}

src/parsing/parser.cc

@@ -2196,7 +2196,8 @@ Statement* Parser::ParseClassDeclaration(ZoneList<const AstRawString*>* names,
 }
 
 
-Block* Parser::ParseBlock(ZoneList<const AstRawString*>* labels, bool* ok) {
+Block* Parser::ParseBlock(ZoneList<const AstRawString*>* labels,
+                          bool finalize_block_scope, bool* ok) {
   // The harmony mode uses block elements instead of statements.
   //
   // Block ::
@@ -2222,12 +2223,19 @@ Block* Parser::ParseBlock(ZoneList<const AstRawString*>* labels, bool* ok) {
   }
   Expect(Token::RBRACE, CHECK_OK);
   block_scope->set_end_position(scanner()->location().end_pos);
-  block_scope = block_scope->FinalizeBlockScope();
+  if (finalize_block_scope) {
+    block_scope = block_scope->FinalizeBlockScope();
+  }
   body->set_scope(block_scope);
   return body;
 }
 
 
+Block* Parser::ParseBlock(ZoneList<const AstRawString*>* labels, bool* ok) {
+  return ParseBlock(labels, true, ok);
+}
+
+
 Block* Parser::DeclarationParsingResult::BuildInitializationBlock(
     ZoneList<const AstRawString*>* names, bool* ok) {
   Block* result = descriptor.parser->factory()->NewBlock(
@@ -3992,12 +4000,13 @@ DoExpression* Parser::ParseDoExpression(bool* ok) {
   Expect(Token::DO, CHECK_OK);
   Variable* result =
       scope_->NewTemporary(ast_value_factory()->dot_result_string());
-  Block* block = ParseBlock(nullptr, CHECK_OK);
+  Block* block = ParseBlock(nullptr, false, CHECK_OK);
   DoExpression* expr = factory()->NewDoExpression(block, result, pos);
   if (!Rewriter::Rewrite(this, expr, ast_value_factory())) {
     *ok = false;
     return nullptr;
   }
+  block->set_scope(block->scope()->FinalizeBlockScope());
   return expr;
 }
 

src/parsing/parser.h

@@ -735,6 +735,8 @@ class Parser : public ParserBase<ParserTraits> {
                                    bool* ok);
   Statement* ParseNativeDeclaration(bool* ok);
   Block* ParseBlock(ZoneList<const AstRawString*>* labels, bool* ok);
+  Block* ParseBlock(ZoneList<const AstRawString*>* labels,
+                    bool finalize_block_scope, bool* ok);
   Block* ParseVariableStatement(VariableDeclarationContext var_context,
                                 ZoneList<const AstRawString*>* names,
                                 bool* ok);

test/mjsunit/harmony/do-expressions.js

@@ -263,6 +263,36 @@ function TestHoisting() {
 TestHoisting();
 
 
+// v8:4661
+
+function tryFinallySimple() { (do { try {} finally {} }); }
+tryFinallySimple();
+tryFinallySimple();
+tryFinallySimple();
+tryFinallySimple();
+
+var finallyRanCount = 0;
+function tryFinallyDoExpr() {
+  return (do {
+    try {
+      throw "BOO";
+    } catch (e) {
+      "Caught: " + e + " (" + finallyRanCount + ")"
+    } finally {
+      ++finallyRanCount;
+    }
+  });
+}
+assertEquals("Caught: BOO (0)", tryFinallyDoExpr());
+assertEquals(1, finallyRanCount);
+assertEquals("Caught: BOO (1)", tryFinallyDoExpr());
+assertEquals(2, finallyRanCount);
+assertEquals("Caught: BOO (2)", tryFinallyDoExpr());
+assertEquals(3, finallyRanCount);
+assertEquals("Caught: BOO (3)", tryFinallyDoExpr());
+assertEquals(4, finallyRanCount);
+
+
 function TestOSR() {
   var numbers = do {
     let nums = [];