Changeset 223175 in webkit

Timestamp:

Oct 11, 2017 5:59:36 AM (7 years ago)

Author:

Caio Lima

Message:

Object properties are undefined in super.call() but not in this.call()
​https://bugs.webkit.org/show_bug.cgi?id=177230

Reviewed by Saam Barati.

JSTests:

• stress/super-call-function-subclass.js: Added.

(assert):
(A.prototype.t):
(A):

• stress/super-dot-call-and-apply.js: Added.

(assert):
(A):
(A.prototype.call):
(A.prototype.apply):
(B.prototype.testSuper):
(B):
(const.obj.new.B.string_appeared_here.obj.testSuper.C):
(D.prototype.testSuper):
(D):

Source/JavaScriptCore:

Bytecode generation for "super.call(...)" or "super.apply(...)"
shouldn't be considered as CallFunctionCallDotNode or
ApplyFunctionCallDotNode because they should be considered as common
super property access as any other function. According to spec[1],
"super" is not refering to parent constructor.

[1] - ​https://tc39.github.io/ecma262/#sec-super-keyword-runtime-semantics-evaluation

• parser/ASTBuilder.h:

(JSC::ASTBuilder::makeFunctionCallNode):

• parser/Parser.cpp:

(JSC::Parser<LexerType>::parseMemberExpression):

• parser/SyntaxChecker.h:

(JSC::SyntaxChecker::makeFunctionCallNode):

Location:

trunk

Files:

• JSTests/ChangeLog (modified) (1 diff)
• JSTests/stress/super-call-function-subclass.js (added)
• JSTests/stress/super-dot-call-and-apply.js (added)
• Source/JavaScriptCore/ChangeLog (modified) (1 diff)
• Source/JavaScriptCore/parser/ASTBuilder.h (modified) (3 diffs)
• Source/JavaScriptCore/parser/Parser.cpp (modified) (3 diffs)
• Source/JavaScriptCore/parser/SyntaxChecker.h (modified) (1 diff)

trunk/JSTests/ChangeLog

@@ +1 @@
+2017-10-11  Caio Lima  <ticaiolima@gmail.com>
+
+        Object properties are undefined in super.call() but not in this.call()
+        https://bugs.webkit.org/show_bug.cgi?id=177230
+
+        Reviewed by Saam Barati.
+
+        * stress/super-call-function-subclass.js: Added.
+        (assert):
+        (A.prototype.t):
+        (A):
+        * stress/super-dot-call-and-apply.js: Added.
+        (assert):
+        (A):
+        (A.prototype.call):
+        (A.prototype.apply):
+        (B.prototype.testSuper):
+        (B):
+        (const.obj.new.B.string_appeared_here.obj.testSuper.C):
+        (D.prototype.testSuper):
+        (D):
+
 2017-10-10  Saam Barati  <sbarati@apple.com>
 

trunk/Source/JavaScriptCore/ChangeLog

@@ +1 @@
+2017-10-11  Caio Lima  <ticaiolima@gmail.com>
+
+        Object properties are undefined in super.call() but not in this.call()
+        https://bugs.webkit.org/show_bug.cgi?id=177230
+
+        Reviewed by Saam Barati.
+
+        Bytecode generation for "super.call(...)" or "super.apply(...)"
+        shouldn't be considered as CallFunctionCallDotNode or
+        ApplyFunctionCallDotNode because they should be considered as common
+        super property access as any other function. According to spec[1],
+        "super" is not refering to parent constructor.
+
+        [1] - https://tc39.github.io/ecma262/#sec-super-keyword-runtime-semantics-evaluation
+
+        * parser/ASTBuilder.h:
+        (JSC::ASTBuilder::makeFunctionCallNode):
+        * parser/Parser.cpp:
+        (JSC::Parser<LexerType>::parseMemberExpression):
+        * parser/SyntaxChecker.h:
+        (JSC::SyntaxChecker::makeFunctionCallNode):
+
 2017-10-11  Yusuke Suzuki  <utatane.tea@gmail.com>
 

trunk/Source/JavaScriptCore/parser/ASTBuilder.h

@@ -130 +130 @@
 
     ExpressionNode* makeBinaryNode(const JSTokenLocation&, int token, std::pair<ExpressionNode*, BinaryOpInfo>, std::pair<ExpressionNode*, BinaryOpInfo>);
-    ExpressionNode* makeFunctionCallNode(const JSTokenLocation&, ExpressionNode* func, ArgumentsNode* args, const JSTextPosition& divotStart, const JSTextPosition& divot, const JSTextPosition& divotEnd, size_t callOrApplyChildDepth);
+    ExpressionNode* makeFunctionCallNode(const JSTokenLocation&, ExpressionNode* func, bool previousBaseWasSuper, ArgumentsNode* args, const JSTextPosition& divotStart, const JSTextPosition& divot, const JSTextPosition& divotEnd, size_t callOrApplyChildDepth);
 
     JSC::SourceElements* createSourceElements() { return new (m_parserArena) JSC::SourceElements(); }
@@ -1318 +1318 @@
 }
 
-ExpressionNode* ASTBuilder::makeFunctionCallNode(const JSTokenLocation& location, ExpressionNode* func, ArgumentsNode* args, const JSTextPosition& divotStart, const JSTextPosition& divot, const JSTextPosition& divotEnd, size_t callOrApplyChildDepth)
+ExpressionNode* ASTBuilder::makeFunctionCallNode(const JSTokenLocation& location, ExpressionNode* func, bool previousBaseWasSuper, ArgumentsNode* args, const JSTextPosition& divotStart, const JSTextPosition& divot, const JSTextPosition& divotEnd, size_t callOrApplyChildDepth)
 {
     ASSERT(divot.offset >= divot.lineStartOffset);
@@ -1349 +1349 @@
     DotAccessorNode* dot = static_cast<DotAccessorNode*>(func);
     FunctionCallDotNode* node;
-    if (dot->identifier() == m_vm->propertyNames->builtinNames().callPublicName() || dot->identifier() == m_vm->propertyNames->builtinNames().callPrivateName())
+    if (!previousBaseWasSuper && (dot->identifier() == m_vm->propertyNames->builtinNames().callPublicName() || dot->identifier() == m_vm->propertyNames->builtinNames().callPrivateName()))
         node = new (m_parserArena) CallFunctionCallDotNode(location, dot->base(), dot->identifier(), args, divot, divotStart, divotEnd, callOrApplyChildDepth);
-    else if (dot->identifier() == m_vm->propertyNames->builtinNames().applyPublicName() || dot->identifier() == m_vm->propertyNames->builtinNames().applyPrivateName())
+    else if (!previousBaseWasSuper && (dot->identifier() == m_vm->propertyNames->builtinNames().applyPublicName() || dot->identifier() == m_vm->propertyNames->builtinNames().applyPrivateName()))
         node = new (m_parserArena) ApplyFunctionCallDotNode(location, dot->base(), dot->identifier(), args, divot, divotStart, divotEnd, callOrApplyChildDepth);
     else

trunk/Source/JavaScriptCore/parser/Parser.cpp

@@ -4648 +4648 @@
 
     bool baseIsSuper = match(SUPER);
+    bool previousBaseWasSuper = false;
     bool baseIsImport = match(IMPORT);
     semanticFailIfTrue((baseIsSuper || baseIsImport) && newCount, "Cannot use new with ", getToken());
@@ -4789 +4790 @@
                         functionScope->setInnerArrowFunctionUsesSuperCall();
                 }
-                base = context.makeFunctionCallNode(startLocation, base, arguments, expressionStart,
+                base = context.makeFunctionCallNode(startLocation, base, previousBaseWasSuper, arguments, expressionStart,
                     expressionEnd, lastTokenEndPosition(), callOrApplyDepthScope ? callOrApplyDepthScope->distanceToInnermostChild() : 0);
             }
@@ -4819 +4820 @@
             goto endMemberExpression;
         }
+        previousBaseWasSuper = baseIsSuper;
         baseIsSuper = false;
     }

trunk/Source/JavaScriptCore/parser/SyntaxChecker.h

@@ -144 +144 @@
 
     int createSourceElements() { return SourceElementsResult; }
-    ExpressionType makeFunctionCallNode(const JSTokenLocation&, int, int, int, int, int, size_t) { return CallExpr; }
+    ExpressionType makeFunctionCallNode(const JSTokenLocation&, int, bool, int, int, int, int, size_t) { return CallExpr; }
     ExpressionType createCommaExpr(const JSTokenLocation&, ExpressionType expr) { return expr; }
     ExpressionType appendToCommaExpr(const JSTokenLocation&, ExpressionType& head, ExpressionType, ExpressionType next) { head = next; return next; }