ChakraCore: Functions evaluated in strict mode in console does not prevent implicit variables from being created in Edge

Evaluating

(function(){"use strict";aa=233})()

in Edge causes a global variable aa to be created, instead of an error being thrown.

User agent:

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/64.0.3282.140 Safari/537.36 Edge/17.17134

About this issue

  • Original URL
  • State: open
  • Created 6 years ago
  • Comments: 24 (19 by maintainers)

Most upvoted comments

Here we go, this is the specific reason for this behavior:

https://github.com/Microsoft/ChakraCore/blob/master/lib/Runtime/Language/JavascriptOperators.cpp#L3073-L3106

None of this is specced out from what I understand, but at one point a decision was made that when console-eval-ing scripts it shouldn’t “accidentally” pollute the global object, so running x = 1 shouldn’t make global.x == 1. That’s what leaed to this “console scope” being added just above the global, and that’s where these undeclared variables are getting set.

@kfarnung has been looking at undoing some of this since there seems to be a consensus in the browser space that you do in fact pollute the global by assigning to things from inside debuggers, and it looks like the code I highlighted above has been removed in his branch, so with his changes it looks like this behavior will match intuition.

+2
MSLaguana on Sep 7, 2018

I think I would prefer it to pollute the global scope over the current behavior, myself. Ideally when eval’ing code in the debugger I expect it to work exactly as though the same code were inserted into the source at the point execution is paused—or at least as close to that behavior as possible.

+1
fatcerberus on Sep 7, 2018

What I don’t understand is that, normally in sloppy mode, any assignment to an undeclared variable automatically becomes global – but in this case it doesn’t. It instead seems to stop at the “near-global” scope you describe, which is bizarre.

+1
fatcerberus on Sep 6, 2018

Repro in Edge console:

> (function(){"use strict";aa=233})()
< undefined
> aa
< 233
> (Function('return this'))().aa
< undefined
+1
fatcerberus on May 10, 2018

@MSLaguana I can’t reproduce using ch.exe and pure JavaScript eval (not even indirect) which is very frustrating. Best I can tell the issue only manifests when one executes the code in the OP using JsDiagEvaluate.

+1
fatcerberus on May 10, 2018

@infinnie The e command in my SSj debugger uses JsDiagEvaluate and it triggers this bug, too.

+1
fatcerberus on May 10, 2018

I bet the issue is with JsDiagEvaluate, then.

+1
fatcerberus on May 10, 2018

@infinnie We’d like to see a repro scenario in the browser, if possible.

Running the following script in ch.exe:

(function(){'use strict';aa=233;})();
print(aa);

> ch test2.js
ReferenceError: Variable undefined in strict mode
   at Anonymous function (C:\Users\kfarnung\test2.js:1:26)
   at Global code (C:\Users\kfarnung\test2.js:1:2)

Which I believe is the expected behavior.

+1
kfarnung on May 10, 2018

The plot thickens. It appears this doesn’t actually create a global variable in the usual sense:

@/test.js:1 [anonymous function]
(ssj) e aa
= 233

@/test.js:1 [anonymous function]
(ssj) e global.aa
= "undefined"
+1
fatcerberus on May 8, 2018
Read more comments on GitHub
← ChakraCore: Function.prototype.call returns the function itself instead of the real return value
ChakraCore: ImmutableList undefined behavior →