Nashorn bugs (hg tip 23958764f866)

A. Sundararajan sundararajan.athijegannathan at oracle.com
Mon Sep 30 07:58:51 PDT 2013 

Thanks. Noted in one of the umbrella issues filed to track (what you 
already reported!)

Thanks
-Sundar

On Friday 27 September 2013 01:23 PM, André Bargull wrote:
> A few more bugs in Nashorn.
>
> - André
>
>
> jjs> s = "(function(){y; return 0})()";
> jjs> (function(){with({y:1}) eval(s) })();
> jjs> (function(){with({get y(){print("get")}}) eval(s) })()
>
> Expected: prints "get"
> Actual: no output
>
> jjs> s = " "; for (var i=0;i<31;++i) s+=s; s.length
> -2147483648
>
> Expected: no integer overflow
> Actual: integer overflow
>
> jjs> function f(o){var eval=0; with({get eval(){return o.eval}}) 
> return eval("1+2");}; f(this)
>
> Expected: returns 3
> Actual: throws TypeError
>
> jjs> try{throw 3}catch(e){print(eval("e"))}
>
> Expected: prints 3
> Actual: throws ReferenceError
>
> jjs> function f(){var a=1,e=2; try{throw 3}catch(e){return +function 
> g(){return eval("a+e")}()} }f()
>
> Expected: returns 4
> Actual: returns 3
>
> jjs> function f(){var a=1; with({get a(){return false}}) return a}; f()
>
> Expected: returns false
> Actual: returns 0
>
> jjs> function public(){"use strict"}
>
> Expected: throws strict-mode SyntaxError
> Actual: no error
>
> jjs> function f(public){"use strict"}
>
> Expected: throws strict-mode SyntaxError
> Actual: no error
>
> jjs> function f(){ L1:try{ return }finally{break L1}  }f()
>
> Exception in thread "main" java.lang.VerifyError: StackMapTable error: 
> bad offset
> Exception Details:
>   Location:
> jdk/nashorn/internal/scripts/Script$\^shell\_.f(Ljdk/nashorn/internal/runtime/ScriptFunction;Ljava/lang/Object;)Ljava/lang/Object; 
> @0: aload_0
>   Reason:
>     Invalid stackmap specification.
>   Current Frame:
>     bci: @17
>     flags: { }
>     locals: { 'jdk/nashorn/internal/runtime/ScriptFunction', 
> 'java/lang/Object', 'jdk/nashorn/internal/runtime/ScriptObject' }
>     stack: { }
>   Bytecode:
>     0000000: 2ab6 0018 4da7 000c 3a04 1904 3a05 a700
>     0000010: 03
>   Exception Handler Table:
>     bci [5, 8] => handler: 8
>   Stackmap Table:
> full_frame(@8,{Object[#20],Object[#54],Object[#56]},{Object[#44]})
>     same_frame(@17)
>
>     at java.lang.Class.getDeclaredFields0(Native Method)
>     at java.lang.Class.privateGetDeclaredFields(Class.java:2476)
>     at java.lang.Class.getDeclaredField(Class.java:1975)
>     at jdk.nashorn.internal.codegen.Compiler$2.run(Compiler.java:417)
>     at jdk.nashorn.internal.codegen.Compiler$2.run(Compiler.java:413)
>     at java.security.AccessController.doPrivileged(Native Method)
>     ...
>
> jjs> function f(e){ eval("e") }f()
> jjs> function f(){ eval("e") }f()
> java.lang.ClassCastException: Cannot cast 
> jdk.nashorn.internal.scripts.JO1P0 to jdk.nashorn.internal.scripts.JO1P1
>
> jjs> function f(){switch(x){}}f()
>
> Expected: throws ReferenceError "x" not defined
> Actual: returns undefined
>
> jjs> function f(){ function g(){return 0} function g(){return 1} 
> function g$1(){return 2}; return g$1()  }f()
>
> Expected: returns 2
> Actual: returns 1
>
> jjs> function f(){ function g(){return 0} var h=function g(){return 
> 1}; function g$1(){return 2}; return h()  }f()
>
> Expected: returns 1
> Actual: returns 2
>
> jjs> function f(){ void {get ""(){}} }f()
>
> Expected: properly encoded byte code names
> Actual: `f$get \=` method name in generated code (null prefix `\=` 
> within name)
>
> jjs> function f(){ void {get ":"(){}} }f()
>
> Expected: properly encoded byte code names
> Actual: `f$get \!` method name in generated code (missing null prefix 
> `\=`)
>
> jjs> function f(){  return Object.getOwnPropertyDescriptor({get 
> ":"(){}}, ":").get.name }f()
>
> Expected: don't return a mangled byte code name
> Actual: returns "get \!"
>
> jjs> function f(){  return Object.getOwnPropertyDescriptor({set 
> ":"(a){}}, ":").set }f()
>
> Expected: include leading `"` in function source representation
> Actual: returns `:"(a){}`
>
> jjs> eval("function " + Array.apply(null,Array(0x10000)).join("a") + 
> "(){}")
> Exception in thread "main" java.lang.ClassFormatError: Unknown 
> constant tag 58 in class file 
> jdk/nashorn/internal/scripts/Script$\^shell\_#1\^eval\_$2
>     at java.lang.ClassLoader.defineClass1(Native Method)
>     at java.lang.ClassLoader.defineClass(ClassLoader.java:752)
>     at 
> jdk.nashorn.internal.runtime.ScriptLoader.installClass(ScriptLoader.java:87)
>     at 
> jdk.nashorn.internal.runtime.Context$ContextCodeInstaller.install(Context.java:125)
>     at jdk.nashorn.internal.codegen.Compiler.install(Compiler.java:408)
>     ...
>
> jjs> (1000000000000000128).toString()
> Expected: 1000000000000000100
> Actual: 1000000000000000130
>
> jjs> (1000000000000000128).toFixed()
> Expected: 1000000000000000128
> Actual: 1000000000000000130
>
> jjs> Function("-", {toString:function(){throw "err"}})
>
> Expected: throws "err"
> Actual: throws SyntaxError
>
> jjs> Function("return function() { eval(''); return anonymous; }")
>
> Expected: throws ReferenceError
> Actual: returns function
>
> jjs> Array.prototype.splice.call(Java.type("java.util.HashMap"))
> jjs> Array.prototype.slice.call(Java.type("java.util.HashMap"))
> java.lang.ClassCastException: jdk.internal.dynalink.beans.StaticClass 
> cannot be cast to jdk.nashorn.internal.runtime.ScriptObject
>
> Expected: same behaviour for non ScriptObjects
> Actual: splice returns undefined whereas slice throws a 
> ClassCastException

More information about the nashorn-dev mailing list