-
aperez authored
The problem manifests itself when parsing manages to return something meaningful in the presence of a stack overflow. This happens because calling ParserBase::Next() will still return one valid token on stack overflow, before starting to return invalid tokens. Take the following input as example: a.map(v => v + 1); | | already next token parsed (which will be an invalid token (identifier) because of a stack overflow) The "v" may have been already parsed into a VariableProxy, then if a stack overflow occurs, next token will be an invalid token (instead of Token::ARROW), but the parser will return the VariableProxy. This always happens when lazy-parsing arrow functions, so the position in the input stream where the the arrow function code ends is known. This fix adds a check that ensures that parsing ended at the end position of the arrow function. BUG=465671 LOG=N Review URL: https://codereview.chromium.org/1023483003 Cr-Commit-Position: refs/heads/master@{#27325}3c3ce1bc
