The parser has special behavior with respect to the bindings
of inner functions in sloppy mode which are not at the top
level of scopes. This behavior should be turned off when the
--harmony-sloppy-function flag is set, as lexical scoping
rules are used instead. Previously, the incorrect flag
--harmony-sloppy was used, resulting in a crashing bug.
BUG=chromium:520029
LOG=Y
R=adamk
Review URL: https://codereview.chromium.org/
1303033003
Cr-Commit-Position: refs/heads/master@{#30315}
Scope* declaration_scope = scope_->DeclarationScope();
Scope* original_declaration_scope = original_scope_->DeclarationScope();
Scope* scope = function_type == FunctionLiteral::DECLARATION &&
- is_sloppy(language_mode) && !allow_harmony_sloppy() &&
+ is_sloppy(language_mode) &&
+ !allow_harmony_sloppy_function() &&
(original_scope_ == original_declaration_scope ||
declaration_scope != original_declaration_scope)
? NewScope(declaration_scope, FUNCTION_SCOPE, kind)
--- /dev/null
+// Copyright 2015 the V8 project authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+// Flags: --harmony-sloppy-let --harmony-sloppy
+
+// Test that hoisting a function out of a lexical scope does not
+// lead to a parsing error
+
+// This used to cause a crash in the parser
+function f(one) { class x { } { class x { } function g() { one; x; } g() } } f()
+
+// This used to lead to a ReferenceError
+function g() { var x = 1; { let x = 2; function g() { x; } g(); } }
+assertEquals(undefined, g());
+
+// This used to cause a crash in the parser
+function __f_4(one) {
+ var __v_10 = one + 1;
+ {
+ let __v_10 = one + 3;
+ function __f_6() {
+ one;
+ __v_10;
+ }
+ __f_6();
+ }
+}
+__f_4();
projects / platform / upstream / v8.git / commitdiff