Specifically, this is a 64-bit JIT bug, and is breaking v8-crypto.
Created attachment 27054 [details] The patch
Comment on attachment 27054 [details] The patch r=me Is this already covered by a regression test?
(In reply to comment #2) > (From update of attachment 27054 [details] [review]) > Is this already covered by a regression test? Darin, No, it's not covered, I was thinking about that. I could add a regression test to test specifically whether (10 == null), but in a way that feels a little restrictive, and implementation dependent. (this bug occurs since the encoding we happen to use for null happens to be 10, and that we were incorrectly cropping out the high 32-bits). This test would become redundant as soon as we changed the encoding we use for null. At minimum I think I should add a test the checks that null != N, where -255 <= N <= 255, (except, I'm guessing, for zero). But I'd like to try to think of something that feels a little more generic. We should probably also have similar tests for the boolean values, and possibly also for cases where the low 32bits of a double precision number will match an integer value. I'll think a bit more & submit something. cheers, G. Sending JavaScriptCore/ChangeLog Sending JavaScriptCore/jit/JIT.cpp Transmitting file data .. Committed revision 40279.