RESOLVED FIXED 123506
JavaScript parser bug 
https://bugs.webkit.org/show_bug.cgi?id=123506
Summary JavaScript parser bug
Mihai Bazon
Reported 2013-10-30 04:32:33 PDT
// fails with SyntaxError: Expected token ')' ( function(){ return this || eval('this'); }().x = "y" ); // fails with SyntaxError: Unexpected token '=' 1, function(){ return this || eval('this'); }().x = "y"; //// weird that we get different error messages //// The following all work. // place the function call inside parens ( (function(){ return this || eval('this'); }()).x = "y" ); 1, (function(){ return this || eval('this'); }()).x = "y"; // simplify the return expression, keep `then` ( function(){ return this; }().x = "y" ); 1, function(){ return this; }().x = "y"; // keep `eval` ( function(){ return eval('this'); }().x = "y" ); 1, function(){ return eval('this'); }().x = "y"; // place the return expression inside parens (!!) ( function(){ return ( this || eval('this') ); }().x = "y" ); 1, function(){ return ( this || eval('this') ); }().x = "y";
Attachments
Patch (15.42 KB, patch)
2013-10-31 21:56 PDT, Oliver Hunt 		mark.lam: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2013-10-31 09:42:18 PDT
<rdar://problem/15362517>
Oliver Hunt
Comment 2 2013-10-31 14:12:57 PDT
Alas shipping safari has really broken error messages, trunk is much much better. I suspect that the problem here is that we're not correctly resetting state after we finish parsing the function body
Oliver Hunt
Comment 3 2013-10-31 19:36:31 PDT
(In reply to comment #0) > // fails with SyntaxError: Expected token ')' > ( function(){ return this || eval('this'); }().x = "y" ); This is incorrectly propagating parser state out of the function body. > > // fails with SyntaxError: Unexpected token '=' > 1, function(){ return this || eval('this'); }().x = "y"; This is a correct failure. The error message is just really bad
Oliver Hunt
Comment 4 2013-10-31 21:56:33 PDT
Created attachment 215716 [details] Patch
Mark Lam
Comment 5 2013-10-31 22:08:15 PDT
Comment on attachment 215716 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=215716&action=review r=me with the spaces clean up. > Source/JavaScriptCore/parser/Parser.h:404 > - > + Remove these blank spaces.
Oliver Hunt
Comment 6 2013-10-31 22:12:10 PDT
Committed r158425: <http://trac.webkit.org/changeset/158425>
Mihai Bazon
Comment 7 2013-11-01 00:31:58 PDT
>> // fails with SyntaxError: Unexpected token '=' >> 1, function(){ return this || eval('this'); }().x = "y"; > This is a correct failure. The error message is just really bad Nope, it's valid code. It's just the assignment from the first line, in a sequence expression. All other engines parse it correctly, also JS-based parsers (UglifyJS [1], Acorn [2] and Esprima [3]). [1] https://github.com/mishoo/UglifyJS2 [2] https://github.com/marijnh/acorn [3] http://esprima.org/
Oliver Hunt
Comment 8 2013-11-01 01:00:09 PDT
(In reply to comment #7) > >> // fails with SyntaxError: Unexpected token '=' > >> 1, function(){ return this || eval('this'); }().x = "y"; > > > This is a correct failure. The error message is just really bad > Oh, whoops i missed the 1, at the beginning (i interpreted it as an enumerated list) anyhow, both cases are fixed
Note You need to log in before you can comment on or make changes to this bug.