RESOLVED FIXED 210860
[JSC] JSBigInt inc operation does not produce right HeapBigInt zero 
https://bugs.webkit.org/show_bug.cgi?id=210860
Summary [JSC] JSBigInt inc operation does not produce right HeapBigInt zero
Yusuke Suzuki
Reported 2020-04-22 08:56:27 PDT
I've crafted the custom build of JSC, and found this. Looking.
Attachments
Patch (3.82 KB, patch)
2020-04-22 09:24 PDT, Yusuke Suzuki 		mark.lam: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Yusuke Suzuki
Comment 1 2020-04-22 08:57:04 PDT
--useJIT=0 fails. This is C++ runtime bug.
Yusuke Suzuki
Comment 2 2020-04-22 08:57:11 PDT
(In reply to Yusuke Suzuki from comment #1) > --useJIT=0 fails. This is C++ runtime bug. Or LLInt.
Yusuke Suzuki
Comment 3 2020-04-22 09:24:42 PDT
Created attachment 397204 [details] Patch
Mark Lam
Comment 4 2020-04-22 09:29:10 PDT
Comment on attachment 397204 [details] Patch r=me
Robin Morisset
Comment 5 2020-04-22 10:03:37 PDT
Comment on attachment 397204 [details] Patch good catch. r=me as well.
Yusuke Suzuki
Comment 6 2020-04-22 11:06:47 PDT
EWS gets green (failures are known ones). Landing.
Yusuke Suzuki
Comment 7 2020-04-22 11:12:44 PDT
Committed r260522: <https://trac.webkit.org/changeset/260522>
Radar WebKit Bug Importer
Comment 8 2020-04-22 11:13:16 PDT
<rdar://problem/62197537>
Saam Barati
Comment 9 2020-04-22 12:38:47 PDT
Comment on attachment 397204 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=397204&action=review > Source/JavaScriptCore/runtime/JSCJSValue.cpp:315 > + out.print("BigInt[heap-allocated]: addr=", RawPointer(asCell()), ", length=", jsCast<JSBigInt*>(asCell())->length(), ", sign=", jsCast<JSBigInt*>(asCell())->sign()); nice. Maybe we could also just toString this?
Yusuke Suzuki
Comment 10 2020-04-22 17:12:41 PDT
Comment on attachment 397204 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=397204&action=review >> Source/JavaScriptCore/runtime/JSCJSValue.cpp:315 >> + out.print("BigInt[heap-allocated]: addr=", RawPointer(asCell()), ", length=", jsCast<JSBigInt*>(asCell())->length(), ", sign=", jsCast<JSBigInt*>(asCell())->sign()); > > nice. Maybe we could also just toString this? Sounds good. Let's extend it!
Note You need to log in before you can comment on or make changes to this bug.