Closed
Bug 1054835
Opened 10 years ago
Closed 10 years ago
JSMSG_PAREN_BEFORE_FORMAL parse error in Method Definitions in strict mode
Categories
(Core :: JavaScript Engine, defect)
Tracking
()
RESOLVED
FIXED
mozilla35
People
(Reporter: 446240525, Assigned: jorendorff)
References
Details
Attachments
(2 files)
2.85 KB,
patch
|
Details | Diff | Splinter Review | |
9.34 KB,
patch
|
Waldo
:
review+
|
Details | Diff | Splinter Review |
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2124.0 Safari/537.36 Steps to reproduce: js> a={a(){}} ({a:function a(){}}) js> a={a(){"use strict"}} typein:205:5 SyntaxError: missing ( before formal parameters: typein:205:5 a={a(){"use strict"}} typein:205:5 .....^
This probably isn't the right way to fix this problem.
Attachment #8484815 -
Flags: review?(jorendorff)
Assignee | ||
Comment 2•10 years ago
|
||
Comment on attachment 8484815 [details] [diff] [review] bug1054835.patch Review of attachment 8484815 [details] [diff] [review]: ----------------------------------------------------------------- Sorry for the slow review, ziyunfei. You're right, this isn't the best fix. :) The problem is this code at Parser::functionDef(): 2057 tokenStream.seek(start); 2058 if (funName && tokenStream.getToken() == TOK_ERROR) 2059 return null(); What this means is: "After seeking, if funName is not null, call getToken() to skip the next token, and return null if getToken() fails." This is clearly silly; we shouldn't have to skip a token. We should arrange for 'start' to contain the exact position we want to seek to. The main reason we haven't already done this is premature optimization: we're trying to use a single TokenStream::Position to deal with both arrow functions (in assignExpr()) and strict mode (in functionDef()). We use rewinding for both; it saves some stack space to pass a reference to the same Position object from assignExpr() to functionDef(). We shouldn't really be using rewinding at all. While we're doing it, I think we should tune the code for clarity and correctness. I'm going to take this and mop up some of the mess here.
Attachment #8484815 -
Flags: review?(jorendorff)
Assignee | ||
Comment 3•10 years ago
|
||
Attachment #8493382 -
Flags: review?(jwalden+bmo)
Assignee | ||
Updated•10 years ago
|
Assignee: nobody → jorendorff
Status: UNCONFIRMED → ASSIGNED
Ever confirmed: true
Comment 4•10 years ago
|
||
Comment on attachment 8493382 [details] [diff] [review] JSMSG_PAREN_BEFORE_FORMAL parse error in Method Definitions in strict mode. Tests by ziyunfei, who discovered the bug Review of attachment 8493382 [details] [diff] [review]: ----------------------------------------------------------------- Seems right, but I didn't think on it super-super-deeply. Relying on fuzzers to come up with any garbage seems the most effective use of time for utmost assurance here.
Attachment #8493382 -
Flags: review?(jwalden+bmo) → review+
Assignee | ||
Comment 5•10 years ago
|
||
Oops, I forgot to delete the code that was actually causing the problem:
>diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
>--- a/js/src/frontend/Parser.cpp
>+++ b/js/src/frontend/Parser.cpp
>@@ -2058,8 +2058,6 @@ Parser<ParseHandler>::functionDef(Handle
> directives = newDirectives;
>
> tokenStream.seek(start);
>- if (funName && tokenStream.getToken() == TOK_ERROR)
>- return null();
>
> // functionArgsAndBody may have already set pn->pn_body before failing.
> handler.setFunctionBody(pn, null());
Assignee | ||
Comment 6•10 years ago
|
||
Looks better now: https://tbpl.mozilla.org/?tree=Try&rev=7a7d1ec8b5f6
Assignee | ||
Comment 7•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/962f8d56981f
Comment 8•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/962f8d56981f
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla35
You need to log in
before you can comment on or make changes to this bug.
Description
•