Reviewers: dcarney, Jakob, rossberg, Sven Panne,
Message:
Committed patchset #2 manually as r20126 (presubmit successful).
Description:
Increase the "local variables in a function" limit.
The limit was originally added to avoid having large user-controlled
constants
(variable indexes) in the code generated by full-codegen.
History behind this change:
The original CL for adding the limit was
https://codereview.chromium.org/7003030
and at that time, the limit was 32767.
Reason for adding the limit (in CL comments): "The motivation behind this
change
is to avoid large user controlled constants in the code. The slot_operand
used
in the IA32 full code generator uses a relative load where the local index
is an
(negative) immediate."
The limit was then bumped to 65535 by
https://codereview.chromium.org/10965063
and to 131071 by https://codereview.chromium.org/11099063.
R=dcar...@chromium.org, svenpa...@chromium.org, jkumme...@chromium.org,
rossb...@chromium.org
BUG=v8:3205
LOG=Y
Committed: https://code.google.com/p/v8/source/detail?r=20126
Please review this at https://codereview.chromium.org/206143004/
SVN Base: https://v8.googlecode.com/svn/branches/bleeding_edge
Affected files (+9, -49 lines):
D test/mjsunit/limit-locals.js
M src/messages.js
M src/parser.h
Index: test/mjsunit/limit-locals.js
diff --git a/test/mjsunit/limit-locals.js b/test/mjsunit/limit-locals.js
deleted file mode 100644
index
1d36c80e5d643d5ee9c48543d185a64de3ec72ee..0000000000000000000000000000000000000000
--- a/test/mjsunit/limit-locals.js
+++ /dev/null
@@ -1,47 +0,0 @@
-// Copyright 2010 the V8 project authors. All rights reserved.
-// Redistribution and use in source and binary forms, with or without
-// modification, are permitted provided that the following conditions are
-// met:
-//
-// * Redistributions of source code must retain the above copyright
-// notice, this list of conditions and the following disclaimer.
-// * Redistributions in binary form must reproduce the above
-// copyright notice, this list of conditions and the following
-// disclaimer in the documentation and/or other materials provided
-// with the distribution.
-// * Neither the name of Google Inc. nor the names of its
-// contributors may be used to endorse or promote products derived
-// from this software without specific prior written permission.
-//
-// THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
-// "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
-// LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
-// A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
-// OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
-// SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
-// LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
-// DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
-// THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
-// (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-// OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-
-// Test that there is a limit of 131071 locals.
-
-// Flags: --stack-size=1200
-
-function function_with_n_locals(n) {
- test_prefix = "prefix ";
- test_suffix = " suffix";
- var src = "test_prefix + (function () {"
- for (var i = 1; i <= n; i++) {
- src += "; var x" + i;
- }
- src += "; return " + n + ";})() + test_suffix";
- return eval(src);
-}
-
-assertEquals("prefix 0 suffix", function_with_n_locals(0));
-assertEquals("prefix 16000 suffix", function_with_n_locals(16000));
-assertEquals("prefix 131071 suffix", function_with_n_locals(131071));
-
-assertThrows("function_with_n_locals(131072)");
Index: src/messages.js
diff --git a/src/messages.js b/src/messages.js
index
e6365a441e32c732ab2a0aad9a455a2523fdebbe..bc1478527f45677e968d9dd61377ce29132ffd1f
100644
--- a/src/messages.js
+++ b/src/messages.js
@@ -157,7 +157,7 @@ var kMessages = {
strict_eval_arguments: ["Unexpected eval or arguments in strict
mode"],
too_many_arguments: ["Too many arguments in function call
(only 65535 allowed)"],
too_many_parameters: ["Too many parameters in function
definition (only 65535 allowed)"],
- too_many_variables: ["Too many variables declared (only
131071 allowed)"],
+ too_many_variables: ["Too many variables declared (only
4194303 allowed)"],
strict_param_dupe: ["Strict mode function may not have
duplicate parameter names"],
strict_octal_literal: ["Octal literals are not allowed in
strict mode."],
strict_duplicate_property: ["Duplicate data property in object
literal not allowed in strict mode"],
Index: src/parser.h
diff --git a/src/parser.h b/src/parser.h
index
3d2f03229f0558f1e0860b93e88ae52f35878be0..f3984e86132a3f1126f860fa1b91d1555434b219
100644
--- a/src/parser.h
+++ b/src/parser.h
@@ -618,7 +618,14 @@ class Parser : public ParserBase<ParserTraits> {
private:
friend class ParserTraits;
- static const int kMaxNumFunctionLocals = 131071; // 2^17-1
+ // Limit the allowed number of local variables in a function. The hard
limit
+ // is that offsets computed by FullCodeGenerator::StackOperand and
similar
+ // functions are ints, and they should not overflow. In addition,
accessing
+ // local variables creates user-controlled constants in the generated
code,
+ // and we don't want too much user-controlled memory inside the code
(this was
+ // the reason why this limit was introduced in the first place; see
+ // https://codereview.chromium.org/7003030/ ).
+ static const int kMaxNumFunctionLocals = 4194303; // 2^22-1
enum Mode {
PARSE_LAZILY,
--
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to v8-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
