[webkit-reviews] review granted: [Bug 185995] for-in loops should preserve and restore the TDZ stack for each of its internal loops. : [Attachment 341342] proposed patch.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Fri May 25 16:04:05 PDT 2018


Saam Barati <sbarati at apple.com> has granted Mark Lam <mark.lam at apple.com>'s
request for review:
Bug 185995: for-in loops should preserve and restore the TDZ stack for each of
its internal loops.
https://bugs.webkit.org/show_bug.cgi?id=185995

Attachment 341342: proposed patch.

https://bugs.webkit.org/attachment.cgi?id=341342&action=review




--- Comment #2 from Saam Barati <sbarati at apple.com> ---
Comment on attachment 341342
  --> https://bugs.webkit.org/attachment.cgi?id=341342
proposed patch.

View in context: https://bugs.webkit.org/attachment.cgi?id=341342&action=review

r=me

> JSTests/stress/regress-185995.js:5
> +	   "var list = { 'a' : 5 };" + "\n" +
> +	   "for(const { x = x } in list)" + "\n" +
> +	   "	x();";

Why not just write this code out in the try instead of eval?

> Source/JavaScriptCore/bytecompiler/NodesCodegen.cpp:3079
> +    BytecodeGenerator::PreservedTDZStack preservedTDZStack;
> +    generator.preserveTDZStack(preservedTDZStack);

Not a big deal, but I think it'd make sense if this just were an RAII. Could
just be a SetForScope<....> and you can use it in each scope below.


More information about the webkit-reviews mailing list