[Webkit-unassigned] [Bug 153864] Invoking super()/super inside of the eval should not lead to SyntaxError

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Mar 16 11:16:54 PDT 2016 

https://bugs.webkit.org/show_bug.cgi?id=153864

--- Comment #8 from GSkachkov <gskachkov at gmail.com> ---
Comment on attachment 274093
  --> https://bugs.webkit.org/attachment.cgi?id=274093
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=274093&action=review

>> Source/JavaScriptCore/ChangeLog:3
>> +        Invoking super()/super inside of the eval should not lead to SyntaxError
> 
> Do we have a bug open for new.target inside eval?

Yes, I did this recently
 https://bugs.webkit.org/show_bug.cgi?id=155545

>>> Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp:643
>>> +    if (needsToUpdateArrowFunctionContext() && !codeBlock->isArrowFunctionContext() && !isDerivedConstructorContext()) {
>> 
>> Why the "!isDerivedConstructorContext()" check?
> 
> Ah, I guess it's that way so we don't recreate a scope. I think I understand.

Yes, that is correct. It is for this case: 
class C {};
class D extends C {
  constructor() {
    eval("(()=>super())()");//Error
  }
}
new D();
Otherwise we will have two context scope for 'this'. I've spend last three evenings to find out why mention simple test case did not work

>> Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp:4145
>> +    return m_scopeNode->doAnyInnerArrowFunctionsUseNewTarget() || m_scopeNode->doAnyInnerArrowFunctionsUseSuperCall() || m_scopeNode->doAnyInnerArrowFunctionsUseEval() || m_codeBlock->usesEval();
> 
> I believe m_codeBlock->usesEval() should always be true if m_scopeNode->doAnyInnerAroowFunctionsUseEval().
> You should double check though.

It is true, but unfortunately this patch cover cases when we do not have arrow function, for instance from previous comments, so I need to check m_codeBlock->usesEval(). Possible we need to change name of the function isNewTargetUsedInInnerArrowFunction -> isNewTargetUsedInInnerArrowFunctionOrEval

>> Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp:4150
>> +    return m_scopeNode->doAnyInnerArrowFunctionsUseSuperCall() || m_scopeNode->doAnyInnerArrowFunctionsUseSuperProperty() || m_scopeNode->doAnyInnerArrowFunctionsUseEval() || m_codeBlock->usesEval();
> 
> ditto

The same

>> Source/JavaScriptCore/bytecompiler/BytecodeGenerator.cpp:4155
>> +    return m_scopeNode->doAnyInnerArrowFunctionsUseSuperCall() || m_scopeNode->doAnyInnerArrowFunctionsUseEval() || m_codeBlock->usesEval();
> 
> ditto

The same

>> Source/JavaScriptCore/parser/Parser.cpp:3848
>> +        // TODO: Change error message for more suitable. https://bugs.webkit.org/show_bug.cgi?id=155491 
> 
> Style: FIXME not TODO

Will be updated in next patch.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.webkit.org/pipermail/webkit-unassigned/attachments/20160316/e6a2c267/attachment-0001.html>

More information about the webkit-unassigned mailing list