The default bug view has changed. See this FAQ.

OdinMonkey: (0 > (0x80000000 | 0)) is wrong

RESOLVED FIXED in mozilla24

Status

()

Core
JavaScript Engine
RESOLVED FIXED
4 years ago
4 years ago

People

(Reporter: Jesse Ruderman, Assigned: bbouvier)

Tracking

(Blocks: 2 bugs, {testcase})

Trunk
mozilla24
x86_64
Mac OS X
testcase
Points:
---
Dependency tree / graph
Bug Flags:
in-testsuite +

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(1 attachment)

(Reporter)

Description

4 years ago
function g()
{
  "use asm";
  function f()
  {
    return (0 > (0x80000000 | 0)) | 0;
  }
  return f;
}

print(g()());

asm.js result: 0
normal result: 1
(Assignee)

Comment 1

4 years ago
Created attachment 759513 [details] [diff] [review]
proposed fix + test case

Looking at the code showed that the constant 0 was directly put in the output register. This happened because the comparison was folded during GVN. The only single problem is that the comparison occurred on *unsigned* int32 values, hence the patch.
Assignee: general → bbouvier
Status: NEW → ASSIGNED
Attachment #759513 - Flags: review?(luke)

Comment 2

4 years ago
Comment on attachment 759513 [details] [diff] [review]
proposed fix + test case

D'oh!  Fixnums are both signed and unsigned... nice find and perfect fix!
Attachment #759513 - Flags: review?(luke) → review+
(Assignee)

Updated

4 years ago
Keywords: checkin-needed
https://hg.mozilla.org/integration/mozilla-inbound/rev/aa9a0b34bbd8
Flags: in-testsuite+
Keywords: checkin-needed
Backed out for test failures.
https://hg.mozilla.org/integration/mozilla-inbound/rev/8cf56f52e57c

https://tbpl.mozilla.org/php/getParsedLog.php?id=23901715&tree=Mozilla-Inbound
Going to go out on a limb that opt builds don't care for disassemble.
Whoops, I meant to backout bug 878495, not this one. Re-landed.
https://hg.mozilla.org/integration/mozilla-inbound/rev/5a6922661215
https://hg.mozilla.org/mozilla-central/rev/5a6922661215
Status: ASSIGNED → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla24
You need to log in before you can comment on or make changes to this bug.