Last Comment Bug 559438 - Decompiler bug with CONCATN
: Decompiler bug with CONCATN
Product: Core
Classification: Components
Component: JavaScript Engine (show other bugs)
: Other Branch
: All All
-- normal (vote)
: ---
Assigned To: Jason Orendorff [:jorendorff]
: Jason Orendorff [:jorendorff]
: 620567 (view as bug list)
Depends on:
  Show dependency treegraph
Reported: 2010-04-14 14:43 PDT by Jason Orendorff [:jorendorff]
Modified: 2011-05-10 13:05 PDT (History)
6 users (show)
See Also:
Crash Signature:
QA Whiteboard:
Iteration: ---
Points: ---
Has Regression Range: ---
Has STR: ---

v1 (1.76 KB, patch)
2010-04-14 15:19 PDT, Jason Orendorff [:jorendorff]
shaver: review+
Details | Diff | Splinter Review
Demonstrates some failures (491 bytes, text/plain)
2011-05-10 06:26 PDT, Peter Wu
no flags Details

Description User image Jason Orendorff [:jorendorff] 2010-04-14 14:43:25 PDT
js> function f() { return "" + 2 + (i + 1); }
js> f
function f() {return "" + 2 + i + 1;}

Note the subtle change in meaning there.
Comment 1 User image Jason Orendorff [:jorendorff] 2010-04-14 14:57:36 PDT
hasenj, the contributor who originally reported this bug, spent days working with me to reduce it from a complex web application.

The initial bug was simply that the former code was mysteriously behaving like the latter. We suspected the interpreter, the tracer, and ultimately the parser before discovering in a marathon gdb session that the code being handed to the JS compiler was actually subtly different from the script on disk.

hasenj ultimately discovered that the application has module-loading code that takes functions, converts them to strings, and passes the strings back to Function by way of eval, or something.
Comment 2 User image Jason Orendorff [:jorendorff] 2010-04-14 15:19:58 PDT
Created attachment 439109 [details] [diff] [review]
Comment 3 User image Mike Shaver (:shaver -- probably not reading bugmail closely) 2010-04-14 15:21:51 PDT
Comment on attachment 439109 [details] [diff] [review]

My bad, I bet. r=shaver
Comment 4 User image Jeff Walden [:Waldo] (remove +bmo to email) 2010-04-14 15:28:29 PDT
There's either a decompilation or extensions directory the test should go in, no?
Comment 5 User image Mike Shaver (:shaver -- probably not reading bugmail closely) 2010-04-14 15:30:16 PDT
Why do we care?  We always have to search for them that way (else memorize JS and ECMA version history), and people who want to re-use our test suite can filter out whatever they don't want.  This bug affects web content, so they might well want to include it.
Comment 6 User image Jason Orendorff [:jorendorff] 2010-04-14 15:36:42 PDT

Waldo, r=me to move the test wherever you want, if shaver's argument in comment 5 doesn't satisfy you.

The test is a little different from most decompiler tests in that it's directly testing behavior.
Comment 7 User image Mike Shaver (:shaver -- probably not reading bugmail closely) 2010-04-14 15:46:01 PDT
Asserting that we want to fix this compat bug in the next 3.6 update.
Comment 9 User image fcp 2010-04-15 15:17:34 PDT
(In reply to comment #8)

> +function f(x) { return 1 + "" + (x + 1); }
> +reportCompare("12", f(1), "");
> +var g = eval(String(f));
> +reportCompare("12", f(1), "");
Shouldn’t f(1) on the last line be g(1)?
Comment 10 User image fcp 2010-04-15 15:21:37 PDT
(In reply to comment #9)
> Shouldn’t f(1) on the last line be g(1)?
Oops, never mind.  Now I see how the test works (the eval redefines the function f).
Comment 11 User image Jason Orendorff [:jorendorff] 2010-04-16 06:37:20 PDT
fcp: You're right. peterv noticed this yesterday too, and I changed the test.
Comment 13 User image Boris Zbarsky [:bz] (still a bit busy) 2010-12-20 18:19:42 PST
*** Bug 620567 has been marked as a duplicate of this bug. ***
Comment 14 User image Boris Zbarsky [:bz] (still a bit busy) 2010-12-20 18:20:50 PST
Jason, we should probably fix this on 1.9.2...  This is breaking greasemonkey users there, at least, plus whatever web app you were looking at, right?
Comment 15 User image christian 2010-12-27 10:10:34 PST
We'd like to take this for
Comment 16 User image Peter Wu 2011-05-10 06:26:29 PDT
Created attachment 531312 [details]
Demonstrates some failures

The bug still exists.

I can confirm this error on both 3.6.17 and 4.0.1 (tarball from running on Ubuntu 10.04.
Comment 17 User image Peter Wu 2011-05-10 13:05:46 PDT
I must have kept open the wrong window, 4.0.1 is fine, only 3.6.17 is affected (and possibly previous versions).

Note You need to log in before you can comment on or make changes to this bug.