Last Comment Bug 559438 - Decompiler bug with CONCATN
: Decompiler bug with CONCATN
Product: Core
Classification: Components
Component: JavaScript Engine (show other bugs)
: Other Branch
: All All
: -- normal (vote)
: ---
Assigned To: Jason Orendorff [:jorendorff]
: Jason Orendorff [:jorendorff]
: 620567 (view as bug list)
Depends on:
  Show dependency treegraph
Reported: 2010-04-14 14:43 PDT by Jason Orendorff [:jorendorff]
Modified: 2011-05-10 13:05 PDT (History)
6 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---

v1 (1.76 KB, patch)
2010-04-14 15:19 PDT, Jason Orendorff [:jorendorff]
shaver: review+
Details | Diff | Splinter Review
Demonstrates some failures (491 bytes, text/plain)
2011-05-10 06:26 PDT, Peter Wu
no flags Details

Description Jason Orendorff [:jorendorff] 2010-04-14 14:43:25 PDT
js> function f() { return "" + 2 + (i + 1); }
js> f
function f() {return "" + 2 + i + 1;}

Note the subtle change in meaning there.
Comment 1 Jason Orendorff [:jorendorff] 2010-04-14 14:57:36 PDT
hasenj, the contributor who originally reported this bug, spent days working with me to reduce it from a complex web application.

The initial bug was simply that the former code was mysteriously behaving like the latter. We suspected the interpreter, the tracer, and ultimately the parser before discovering in a marathon gdb session that the code being handed to the JS compiler was actually subtly different from the script on disk.

hasenj ultimately discovered that the application has module-loading code that takes functions, converts them to strings, and passes the strings back to Function by way of eval, or something.
Comment 2 Jason Orendorff [:jorendorff] 2010-04-14 15:19:58 PDT
Created attachment 439109 [details] [diff] [review]
Comment 3 Mike Shaver (:shaver -- probably not reading bugmail closely) 2010-04-14 15:21:51 PDT
Comment on attachment 439109 [details] [diff] [review]

My bad, I bet. r=shaver
Comment 4 Jeff Walden [:Waldo] (remove +bmo to email) 2010-04-14 15:28:29 PDT
There's either a decompilation or extensions directory the test should go in, no?
Comment 5 Mike Shaver (:shaver -- probably not reading bugmail closely) 2010-04-14 15:30:16 PDT
Why do we care?  We always have to search for them that way (else memorize JS and ECMA version history), and people who want to re-use our test suite can filter out whatever they don't want.  This bug affects web content, so they might well want to include it.
Comment 6 Jason Orendorff [:jorendorff] 2010-04-14 15:36:42 PDT

Waldo, r=me to move the test wherever you want, if shaver's argument in comment 5 doesn't satisfy you.

The test is a little different from most decompiler tests in that it's directly testing behavior.
Comment 7 Mike Shaver (:shaver -- probably not reading bugmail closely) 2010-04-14 15:46:01 PDT
Asserting that we want to fix this compat bug in the next 3.6 update.
Comment 9 fcp 2010-04-15 15:17:34 PDT
(In reply to comment #8)

> +function f(x) { return 1 + "" + (x + 1); }
> +reportCompare("12", f(1), "");
> +var g = eval(String(f));
> +reportCompare("12", f(1), "");
Shouldn’t f(1) on the last line be g(1)?
Comment 10 fcp 2010-04-15 15:21:37 PDT
(In reply to comment #9)
> Shouldn’t f(1) on the last line be g(1)?
Oops, never mind.  Now I see how the test works (the eval redefines the function f).
Comment 11 Jason Orendorff [:jorendorff] 2010-04-16 06:37:20 PDT
fcp: You're right. peterv noticed this yesterday too, and I changed the test.
Comment 13 Boris Zbarsky [:bz] (still a bit busy) 2010-12-20 18:19:42 PST
*** Bug 620567 has been marked as a duplicate of this bug. ***
Comment 14 Boris Zbarsky [:bz] (still a bit busy) 2010-12-20 18:20:50 PST
Jason, we should probably fix this on 1.9.2...  This is breaking greasemonkey users there, at least, plus whatever web app you were looking at, right?
Comment 15 christian 2010-12-27 10:10:34 PST
We'd like to take this for
Comment 16 Peter Wu 2011-05-10 06:26:29 PDT
Created attachment 531312 [details]
Demonstrates some failures

The bug still exists.

I can confirm this error on both 3.6.17 and 4.0.1 (tarball from running on Ubuntu 10.04.
Comment 17 Peter Wu 2011-05-10 13:05:46 PDT
I must have kept open the wrong window, 4.0.1 is fine, only 3.6.17 is affected (and possibly previous versions).

Note You need to log in before you can comment on or make changes to this bug.