Bug 31901

Summary: Incorrect behaviour of jneq_null in the interpreter
Product: WebKit Reporter: Oliver Hunt <oliver>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: barraclough, eric
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: PC   
OS: OS X 10.5   
Attachments:
Description Flags
Patch barraclough: review+

Oliver Hunt
Reported 2009-11-25 21:46:21 PST
The interpreters implementation of op_jneq_null is incorrect when the value being compared is set to masquerade as undefined. The result is that if (document.all == null) { alert("PASS") } else { alert("FAIL") } Will fail.
Attachments
Patch (1.39 KB, patch)
2009-11-25 21:48 PST, Oliver Hunt 		barraclough: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Oliver Hunt
Comment 1 2009-11-25 21:48:05 PST
Created attachment 43894 [details] Patch
Eric Seidel (no email)
Comment 2 2009-11-25 21:53:56 PST
I'm sure Oliver will chase down the right people, but just in case.
Eric Seidel (no email)
Comment 3 2009-11-25 21:55:12 PST
Comment on attachment 43894 [details] Patch I would be happy to r+ this, as it sounds simple. Except w/o test result updates, it's difficult for me to see how it's correct.
Oliver Hunt
Comment 4 2009-11-25 21:58:02 PST
(In reply to comment #3) > (From update of attachment 43894 [details]) > I would be happy to r+ this, as it sounds simple. Except w/o test result > updates, it's difficult for me to see how it's correct. The interpreter currently fails tests due to this -- the issue is that the existing logic will always short circuit on the isUndefinedOrNull for any cell -- eg. the type where we actually have to do the masquerade check.
Eric Seidel (no email)
Comment 5 2009-11-25 22:46:05 PST
Yeah, I think my confusion is just that I was surprised there were no test expectation changes in your patch. That's all.
Oliver Hunt
Comment 6 2009-11-27 13:29:13 PST
Committed r51424
Note You need to log in before you can comment on or make changes to this bug.