[webkit-changes] [WebKit/WebKit] 9a3c9a: Fix new-target Syntax Error

EWS noreply at github.com
Tue Nov 15 09:48:37 PST 2022 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 9a3c9a17863e2d04c262b559b1249f98857a7c16
      https://github.com/WebKit/WebKit/commit/9a3c9a17863e2d04c262b559b1249f98857a7c16
  Author: Yijia Huang <yijia_huang at apple.com>
  Date:   2022-11-15 (Tue, 15 Nov 2022)

  Changed paths:
    M JSTests/stress/class-static-block.js
    M Source/JavaScriptCore/parser/Parser.cpp

  Log Message:
  -----------
  Fix new-target Syntax Error
https://bugs.webkit.org/show_bug.cgi?id=247789
rdar://102324348

Reviewed by Yusuke Suzuki.

Running JavaScript program
```
class x {
    static {
        if (0?.[{ [Symbol.toPrimitive]: x => super[new.target()] }] ** 0);
    }
}
```
should throw a TypeError.

V8
```
if (0?.[{ [Symbol.toPrimitive]: x => super[new.target()] }] ** 0);
                                                ^
TypeError: .new.target is not a function
```

GraalJS
```
TypeError: <new.target> is not a function
```

>From class static block spec, a ClassStaticBlockDefinition Record contains a
[[BodyFunction]] with value function object.
https://tc39.es/proposal-class-static-block/#sec-ecmascript-specification-types

And according to Built-in Function Objects (section 10.3), "The behaviour
specified for each built-in function via algorithm steps or other means is
the specification of the function body behaviour for both [[Call]] and
[[Construct]] invocations of the function. However, [[Construct]] invocation
is not supported by all built-in functions. For each built-in function, when
invoked with [[Call]], the [[Call]] thisArgument provides the this value,
the [[Call]] argumentsList provides the named parameters, and the NewTarget
value is undefined."
https://tc39.es/ecma262/multipage/ordinary-and-exotic-objects-behaviours.html#sec-built-in-function-objects

In MDN, "In normal function calls (as opposed to constructor function calls),
new.target is undefined. This lets you detect whether a function was called
with new as a constructor."
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/new.target#new.target_in_function_calls

"In class constructors, new.target refers to the constructor that was directly
invoked by new. This is also the case if the constructor is in a parent class
and was delegated from a child constructor. new.target points to the class
definition of class which is initialized. For example, when b was initialized
using new B(), the name of B was printed; and similarly, in case of a, the
name of class A was printed."
https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/new.target#new.target_in_constructors

To fix this issue, we should treat class static block as function block
with super binding.

* JSTests/stress/class-static-block.js:
(await.x):
(await):
(assert.x):
(assert):
(assert.x.nested):
(shouldThrow.eval.x):
(shouldThrow):
(await.doSomethingWith): Deleted.
* Source/JavaScriptCore/parser/Parser.cpp:
(JSC::Parser<LexerType>::parseBlockStatement):
(JSC::Parser<LexerType>::parseClass):
(JSC::Parser<LexerType>::parseMemberExpression):
* Source/JavaScriptCore/parser/Parser.h:

Canonical link: https://commits.webkit.org/256700@main

More information about the webkit-changes mailing list