From 070096f30f84862442ca67083d9e3d00a8b96b3f Mon Sep 17 00:00:00 2001 From: Robert Fancsik Date: Wed, 15 Dec 2021 11:32:31 +0100 Subject: [PATCH] Fix arrow function this binding resolving if environment record is present (#4878) This patch fixes #4872 and fixes #4876. JerryScript-DCO-1.0-Signed-off-by: Robert Fancsik robert.fancsik@h-lab.eu --- .../ecma/operations/ecma-function-object.c | 7 ++++ jerry-core/ecma/operations/ecma-lex-env.c | 8 ++++- jerry-core/vm/opcodes.c | 11 +++--- jerry-core/vm/vm.c | 1 + .../es.next/regression-test-issue-4872.js | 35 ++++++++++++++++++ .../es.next/regression-test-issue-4876.js | 36 +++++++++++++++++++ 6 files changed, 90 insertions(+), 8 deletions(-) create mode 100644 tests/jerry/es.next/regression-test-issue-4872.js create mode 100644 tests/jerry/es.next/regression-test-issue-4876.js diff --git a/jerry-core/ecma/operations/ecma-function-object.c b/jerry-core/ecma/operations/ecma-function-object.c index 3a5c6faac..e4ee3c4ab 100644 --- a/jerry-core/ecma/operations/ecma-function-object.c +++ b/jerry-core/ecma/operations/ecma-function-object.c @@ -1159,6 +1159,13 @@ ecma_op_function_call_simple (ecma_object_t *func_obj_p, /**< Function object */ } this_binding = arrow_func_p->this_binding; + + if (JERRY_UNLIKELY (this_binding == ECMA_VALUE_UNINITIALIZED)) + { + ecma_environment_record_t *env_record_p = ecma_op_get_environment_record (scope_p); + JERRY_ASSERT (env_record_p); + this_binding = env_record_p->this_binding; + } break; } diff --git a/jerry-core/ecma/operations/ecma-lex-env.c b/jerry-core/ecma/operations/ecma-lex-env.c index 53890bcc1..ea1e8e297 100644 --- a/jerry-core/ecma/operations/ecma-lex-env.c +++ b/jerry-core/ecma/operations/ecma-lex-env.c @@ -579,9 +579,15 @@ ecma_op_get_environment_record (ecma_object_t *lex_env_p) /**< lexical environme } } - JERRY_ASSERT (lex_env_p->u2.outer_reference_cp != JMEM_CP_NULL); + if (lex_env_p->u2.outer_reference_cp == JMEM_CP_NULL) + { + break; + } + lex_env_p = ECMA_GET_NON_NULL_POINTER (ecma_object_t, lex_env_p->u2.outer_reference_cp); } + + return NULL; } /* ecma_op_get_environment_record */ /** diff --git a/jerry-core/vm/opcodes.c b/jerry-core/vm/opcodes.c index b8904e3b1..710c1552a 100644 --- a/jerry-core/vm/opcodes.c +++ b/jerry-core/vm/opcodes.c @@ -1959,14 +1959,11 @@ opfunc_form_super_reference (ecma_value_t **vm_stack_top_p, /**< current vm stac ecma_value_t prop_name, /**< property name to resolve */ uint8_t opcode) /**< current cbc opcode */ { - if (CBC_FUNCTION_GET_TYPE (frame_ctx_p->shared_p->bytecode_header_p->status_flags) == CBC_FUNCTION_CONSTRUCTOR) - { - ecma_environment_record_t *environment_record_p = ecma_op_get_environment_record (frame_ctx_p->lex_env_p); + ecma_environment_record_t *environment_record_p = ecma_op_get_environment_record (frame_ctx_p->lex_env_p); - if (!ecma_op_this_binding_is_initialized (environment_record_p)) - { - return ecma_raise_reference_error (ECMA_ERR_CALL_SUPER_CONSTRUCTOR_DERIVED_CLASS_BEFORE_THIS); - } + if (environment_record_p && !ecma_op_this_binding_is_initialized (environment_record_p)) + { + return ecma_raise_reference_error (ECMA_ERR_CALL_SUPER_CONSTRUCTOR_DERIVED_CLASS_BEFORE_THIS); } ecma_value_t parent = ecma_op_resolve_super_base (frame_ctx_p->lex_env_p); diff --git a/jerry-core/vm/vm.c b/jerry-core/vm/vm.c index a837c72fc..883043904 100644 --- a/jerry-core/vm/vm.c +++ b/jerry-core/vm/vm.c @@ -566,6 +566,7 @@ vm_super_call (vm_frame_ctx_t *frame_ctx_p) /**< frame context */ ecma_value_t completion_value; ecma_environment_record_t *environment_record_p = ecma_op_get_environment_record (frame_ctx_p->lex_env_p); + JERRY_ASSERT (environment_record_p); if (!ecma_is_constructor (func_value)) { diff --git a/tests/jerry/es.next/regression-test-issue-4872.js b/tests/jerry/es.next/regression-test-issue-4872.js new file mode 100644 index 000000000..99166ffb8 --- /dev/null +++ b/tests/jerry/es.next/regression-test-issue-4872.js @@ -0,0 +1,35 @@ +// Copyright JS Foundation and other contributors, http://js.foundation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +class M { + get foo() { + return this._x; + } + set foo(x) { + this._x = x; + } +} + +class T5 extends M { + constructor() { + (() => super.foo = 20)(); + } +} + +try { + new T5 + assert(false); +} catch (e) { + assert(e instanceof ReferenceError); +} diff --git a/tests/jerry/es.next/regression-test-issue-4876.js b/tests/jerry/es.next/regression-test-issue-4876.js new file mode 100644 index 000000000..17640b071 --- /dev/null +++ b/tests/jerry/es.next/regression-test-issue-4876.js @@ -0,0 +1,36 @@ +// Copyright JS Foundation and other contributors, http://js.foundation +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +class M { + constructor() { + this._x = 45; + } + + get foo() { + return this._x; + } +} + +class N extends M { + constructor(x = () => super.foo) { + super(); + assert(x() === 45); + } + + x(x = () => super.foo) { + return x(); + } +} + +assert(new N().x() === 45);