The parser is failing to record the token location of new in new.target.
authormark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 28 Feb 2019 06:44:15 +0000 (06:44 +0000)
committermark.lam@apple.com <mark.lam@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Thu, 28 Feb 2019 06:44:15 +0000 (06:44 +0000)
https://bugs.webkit.org/show_bug.cgi?id=195127
<rdar://problem/39645578>

Reviewed by Yusuke Suzuki.

JSTests:

* stress/parser-should-record-token-location-of-new-dot-target.js: Added.

Source/JavaScriptCore:

Also adjust the token location for the following to be as shown:

    new.target
    ^
    super
    ^
    import.meta
    ^

* parser/Parser.cpp:
(JSC::Parser<LexerType>::parseMemberExpression):

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@242193 268f45cc-cd09-0410-ab3c-d52691b4dbfc

JSTests/ChangeLog
JSTests/stress/parser-should-record-token-location-of-new-dot-target.js [new file with mode: 0644]
Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/parser/Parser.cpp

index 1ba24d5..5f20112 100644 (file)
@@ -1,3 +1,13 @@
+2019-02-27  Mark Lam  <mark.lam@apple.com>
+
+        The parser is failing to record the token location of new in new.target.
+        https://bugs.webkit.org/show_bug.cgi?id=195127
+        <rdar://problem/39645578>
+
+        Reviewed by Yusuke Suzuki.
+
+        * stress/parser-should-record-token-location-of-new-dot-target.js: Added.
+
 2019-02-27  Yusuke Suzuki  <ysuzuki@apple.com>
 
         [JSC] mustHandleValues for dead bytecode locals should be ignored in DFG phases
diff --git a/JSTests/stress/parser-should-record-token-location-of-new-dot-target.js b/JSTests/stress/parser-should-record-token-location-of-new-dot-target.js
new file mode 100644 (file)
index 0000000..3acab2c
--- /dev/null
@@ -0,0 +1,8 @@
+//@ runDefault("--forceDebuggerBytecodeGeneration=true")
+
+// This test should not crash.
+
+function foo() {
+    if (new.target) {}
+}
++foo();
index 12621d3..a96f0ec 100644 (file)
@@ -1,3 +1,23 @@
+2019-02-27  Mark Lam  <mark.lam@apple.com>
+
+        The parser is failing to record the token location of new in new.target.
+        https://bugs.webkit.org/show_bug.cgi?id=195127
+        <rdar://problem/39645578>
+
+        Reviewed by Yusuke Suzuki.
+
+        Also adjust the token location for the following to be as shown:
+
+            new.target
+            ^
+            super
+            ^
+            import.meta
+            ^
+
+        * parser/Parser.cpp:
+        (JSC::Parser<LexerType>::parseMemberExpression):
+
 2019-02-27  Yusuke Suzuki  <ysuzuki@apple.com>
 
         [JSC] mustHandleValues for dead bytecode locals should be ignored in DFG phases
index d840a7f..ba01bfb 100644 (file)
@@ -1,7 +1,7 @@
 /*
  *  Copyright (C) 1999-2001 Harri Porten (porten@kde.org)
  *  Copyright (C) 2001 Peter Kelly (pmk@post.com)
- *  Copyright (C) 2003, 2006-2010, 2013, 2016 Apple Inc. All rights reserved.
+ *  Copyright (C) 2003-2019 Apple Inc. All rights reserved.
  *
  *  This library is free software; you can redistribute it and/or
  *  modify it under the terms of the GNU Library General Public
@@ -4674,11 +4674,13 @@ template <class TreeBuilder> TreeExpression Parser<LexerType>::parseMemberExpres
     JSTextPosition expressionStart = tokenStartPosition();
     int newCount = 0;
     JSTokenLocation startLocation = tokenLocation();
-    JSTokenLocation location;
+    JSTokenLocation lastNewTokenLocation;
     while (match(NEW)) {
+        lastNewTokenLocation = tokenLocation();
         next();
         newCount++;
     }
+    JSTokenLocation location = tokenLocation();
 
     bool baseIsSuper = match(SUPER);
     bool previousBaseWasSuper = false;
@@ -4696,7 +4698,8 @@ template <class TreeBuilder> TreeExpression Parser<LexerType>::parseMemberExpres
                 semanticFailIfFalse(!closestOrdinaryFunctionScope->isGlobalCodeScope() || closestOrdinaryFunctionScope->evalContextType() == EvalContextType::FunctionEvalContext, "new.target is not valid inside arrow functions in global code");
                 currentScope()->setInnerArrowFunctionUsesNewTarget();
             }
-            base = context.createNewTargetExpr(location);
+            ASSERT(lastNewTokenLocation.line);
+            base = context.createNewTargetExpr(lastNewTokenLocation);
             newCount--;
             next();
         } else {
@@ -4730,8 +4733,6 @@ template <class TreeBuilder> TreeExpression Parser<LexerType>::parseMemberExpres
         if (consume(DOT)) {
             if (matchContextualKeyword(m_vm->propertyNames->builtinNames().metaPublicName())) {
                 semanticFailIfFalse(m_scriptMode == JSParserScriptMode::Module, "import.meta is only valid inside modules");
-
-                JSTokenLocation location(tokenLocation());
                 base = context.createImportMetaExpr(location, createResolveAndUseVariable(context, &m_vm->propertyNames->metaPrivateName, false, expressionStart, location));
                 next();
             } else {