(This bug is reported as #4458636 to Apple Bug Reporter in Feb. 2006, but exists till now) Webkit doesn't work correctly on the lifetime control of global variables declared explicitly in window.eval() method while calling from a function. Those variables declared explicitly will be destoryed out of the caller function of window.eval(). The attached test.html shows the problem: alert() in f() works fine, both test1 & test2 will popup, but only test1 will popup by alert() in the global context. And if window.eval() is called in the global context, both places of alert() works fine. Workaround: Don't use var while declare global variables in eval() test.html: <?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title>Testcase</title> <script> function f() { window.eval('test1=1', 'JavaScript'); window.eval('var test2=2', 'JavaScript'); alert(test1) alert(test2); } f(); alert(test1) alert(test2); </script> </head> <body /> </html>
well, the bug also exsists in Mozilla's JSRef, but can be passed by by using eval.call() or eval.apply() instead of window.eval().
also declaration of functions, a simple test case: window.eval('function test1() {}', 'JavaScript'); window.eval('test2 = new Function() {}', 'JavaScript'); alert(test1); alert(test2);
Thanks for the bug report! Which version(s) of Safari and/or WebKit have you tested recently? We're especially interested in Safari 3.0 beta as well as a Nightly WebKit build (http://nightly.webkit.org/).
<rdar://problem/4458636>
(In reply to comment #3) > Thanks for the bug report! Which version(s) of Safari and/or WebKit have you > tested recently? We're especially interested in Safari 3.0 beta as well as a > Nightly WebKit build (http://nightly.webkit.org/). > Test with Safari 2.0(419.3), Safari 3.0 Beta(502.10.1 for Mac & 502.11 for Win) and WebKit-SVN-r21955, all of them have this bug.
Is this a dupe of bug 11399?
(In reply to comment #6) > Is this a dupe of bug 11399? > It's about the same thing(window.eval), but not a duplicate bug. Bug #11399 means "calling context" is wrong, but we found that the variables are like to handled by a wrong way. read through ECMA-262 sec. 10.2.2, variables declared in eval() context don't have a {DontDelete} property, but only what declared by "var " are deleted after. As a ref: Our scripts sometimes need a way that declaring {DontDelete} variables in evaled codes, in Gecko's javascript engine, we use eval.apply().
(In reply to comment #2) > also declaration of functions, a simple test case: > > window.eval('function test1() {}', 'JavaScript'); > window.eval('test2 = new Function() {}', 'JavaScript'); This test case is flawed. The use of the Function constructor is illegal. It should be window.eval('test2 = new Function()'); In that case the result is that test1 will not be defined outside of f, but test2 will (confirmed with WebKit nightly build r26570). Is a fix planned before Safari 3.0?
(In reply to comment #8) > (In reply to comment #2) > > also declaration of functions, a simple test case: > > > > window.eval('function test1() {}', 'JavaScript'); > > window.eval('test2 = new Function() {}', 'JavaScript'); > > This test case is flawed. The use of the Function constructor is illegal. It > should be > window.eval('test2 = new Function()'); > > In that case the result is that test1 will not be defined outside of f, but > test2 will (confirmed with WebKit nightly build r26570). So are you saying this bug is already fixed with WebKit nightly build r26570? What about r26359? > Is a fix planned before Safari 3.0? It depends on whether this bug is already fixed or not in r26359.
It's hard to tell if this bug has been fixed or not. If it hasn't, it blocks bug 14868 because we need to get the semantics of variable declaration correct before we can optimize it. `var' statements inside `eval' statements are a specifically interesting case that we need to get right.
(In reply to comment #10) > It's hard to tell if this bug has been fixed or not. > > If it hasn't, it blocks bug 14868 because we need to get the semantics of > variable declaration correct before we can optimize it. `var' statements inside > `eval' statements are a specifically interesting case that we need to get > right. I believe this is in fact working now. The Inspector is a nice testcase for this. Just type the following in the Console: var a = "hi";<Enter> a<Enter> You will see the value "hi" printed. The Inspector uses window.eval for evaluation, so I think this works now. Geoff, do you think this is correct?
There seems to be some kind of misunderstanding, take a look at the original test case: function f() { window.eval('test1=1', 'JavaScript'); window.eval('var test2=2', 'JavaScript'); alert(test1); alert(test2); } f(); --------- By declaring either with or without "var", both of them is available in the context of function f() (thus two alert dialog with "1" and "2" showed). --------- alert(test1); alert(test2); --------- And then, after function f() ends, the test1 exsist, BUT test2 disappeared! This is different from what IE's execScript() and Gecko's eval() with syntax "window.eval(script);" does. (the other ways in Gecko such like "window.eval(script, lang);" "eval(script)" has the bug same as what described here, with even worse effects such as leading a crash. But they seems not going to resolve that, referenced as https://bugzilla.mozilla.org/show_bug.cgi?id=352045).
*** Bug 16677 has been marked as a duplicate of this bug. ***
This does not block bug 14868, because the variable lookup optimizations were landed long ago without resolving this.
Test case appears to work in Safari 6.0 - all vars appear to be preserved. Please reopen with more specific expected results if this still repros for you.