Bug 161944

Summary: stringProtoFuncRepeatCharacter will return `null` when it should not
Product: WebKit Reporter: Saam Barati <saam>
Component: JavaScriptCoreAssignee: Saam Barati <saam>
Status: RESOLVED FIXED    
Severity: Normal CC: benjamin, commit-queue, fpizlo, ggaren, gskachkov, jfbastien, joepeck, keith_miller, mark.lam, msaboff, oliver, ticaiolima, ysuzuki
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
patch
ysuzuki: review+
patch none

Saam Barati
Reported 2016-09-13 19:49:37 PDT
It doesn't properly detect when an int is in double form. However, there is also a deeper problem, where it looks like numbers are being polluted into double form instead of staying in integer form, even though there is only one comparison on that number that needs it in double form. I'm looking at String.prototype.padStart. the @toLength builtin will cause the pollution. See this example: ``` function logLinesWithContext(n, context) { let start = n - context; let end = n + context; for (let x = start; x <= end; ++x) { let number = x.toString().padStart(3); // WHAT?! if (parseInt(number) != x) print(number); } } let numbers = [ 19,19,19,19,19,19,19,20,20,20,20,20,20,20,11,11,11,11,11,11,11,20,20,20,20, 20,20,20,15,15,15,15,15,15,15,21,21,21,21,21,21,21,19,19,19,19,19,19,19,20, 20,20,20,20,20,20,20,20,20,20,20,20,20,21,21,21,21,21,21,21,24,24,24,24,24, 24,24,25,25,25,25,25,25,25,11,11,11,11,11,11,11,25,25,25,25,25,25,25,15,15, 15,15,15,15,15,25,25,25,25,25,25,25,7,7,7,7,7,7,7,26,26,26,26,26,26,26,24, 24,24,24,24,24,24,25,25,25,25,25,25,25,11,11,11,11,11,11,11,25,25,25,25,25, 25,25,26,26,26,26,26,26,26,24,24,24,24,24,24,24,25,25,25,25,25,25,25,11,11, 11,11,11,11,11,12,12,12,12,12,12,12,25,25,25,25,25,25,25,15,15,15,15,15,15, 15,16,16,16,16,16,16,16,25,25,25,25,25,25,25,7,7,7,7,7,7,7,8,8,8,8,8,8,8, 26,26,26,26,26,26,26,24,24,24,24,24,24,24,25,25,25,25,25,25,25,11,11,11,11, 11,11,11,12,12,12,12,12,12,12,25,25,25,25,25,25,25,15,15,15,15,15,15,15,16, 16,16,16,16,16,16,25,25,25,25,25,25,25,7,7,7,7,7,7,7,8,8,8,8,8,8,8,26,26, 26,26,26,26,26,29,29,29,29,29,29,29,30,30,30,30,30,30,30,35,35,35,35,35,35, 35,29,29,29,29,29,29,29,30,30,30,30,30,30,30,11,11,11,11,11,11,11,33,33,33, 33,33,33,33,35,35,35,35,35,35,35,39,39,39,39,39,39,39,40,40,40,40,40,40,40, 11,11,11,11,11,11,11,40,40,40,40,40,40,40,40,40,40,40,40,40,40,15,15,15,15, 15,15,15,41,41,41,41,41,41,41,39,39,39,39,39,39,39,40,40,40,40,40,40,40,40, 40,40,40,40,40,40,40,40,40,40,40,40,40,41,41,41,41,41,41,41,45,45,45,45,45, 45,45,46,46,46,46,46,46,46,11,11,11,11,11,11,11,46,46,46,46,46,46,46,15,15, ]; for (let n of numbers) logLinesWithContext(n, 3); ``` It will start printing things because the result string is not an integer.
Attachments
patch (5.63 KB, patch)
2016-09-28 16:21 PDT, Saam Barati 		ysuzuki: review+
DetailsFormatted DiffDiff
patch (6.57 KB, patch)
2016-09-28 17:01 PDT, Saam Barati 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Saam Barati
Comment 1 2016-09-13 19:50:29 PDT
The bug also goes away when @toLength is not inlined into padStart.
Saam Barati
Comment 2 2016-09-28 16:21:38 PDT
Created attachment 290133 [details] patch
Yusuke Suzuki
Comment 3 2016-09-28 16:29:21 PDT
Comment on attachment 290133 [details] patch r=me
Saam Barati
Comment 4 2016-09-28 17:01:49 PDT
Created attachment 290145 [details] patch take 2. I removed the caller that expected the null result value and instead made protoFuncRepeatCharacter throw OOM when it will construct too long of a string.
Yusuke Suzuki
Comment 5 2016-09-28 17:04:52 PDT
Comment on attachment 290145 [details] patch r=me
WebKit Commit Bot
Comment 6 2016-09-28 18:31:25 PDT
Comment on attachment 290145 [details] patch Clearing flags on attachment: 290145 Committed r206573: <http://trac.webkit.org/changeset/206573>
WebKit Commit Bot
Comment 7 2016-09-28 18:31:30 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.