Commit e831ec2c authored by vegorov@chromium.org's avatar vegorov@chromium.org

Bailout on possible direct eval calls.

Environment structure for such calls is different from normal global calls.

R=fschneider@chromium.org
BUG=chromium:122681

Review URL: https://chromiumcodereview.appspot.com/10024060

git-svn-id: http://v8.googlecode.com/svn/branches/bleeding_edge@11256 ce2b1a6d-e550-0410-aec6-3dcde31c8c00
parent caf579d0
......@@ -2454,6 +2454,10 @@ HGraph* HGraphBuilder::CreateGraph() {
Bailout("function with illegal redeclaration");
return NULL;
}
if (scope->calls_eval()) {
Bailout("function calls eval");
return NULL;
}
SetUpScope(scope);
// Add an edge to the body entry. This is warty: the graph's start
......@@ -5936,6 +5940,10 @@ void HGraphBuilder::VisitCall(Call* expr) {
VariableProxy* proxy = expr->expression()->AsVariableProxy();
bool global_call = proxy != NULL && proxy->var()->IsUnallocated();
if (proxy != NULL && proxy->var()->is_possibly_eval()) {
return Bailout("possible direct call to eval");
}
if (global_call) {
Variable* var = proxy->var();
bool known_global_function = false;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment