Note: There are a few cases of duplicates in user autocompletion which are being worked on.

wrong JS math in 64bit systems




JavaScript Engine
13 years ago
13 years ago


(Reporter: wolfiR, Assigned: wolfiR)


({fixed-aviary1.0, fixed1.7.5})

fixed-aviary1.0, fixed1.7.5
Bug Flags:
blocking-aviary1.0 +

Firefox Tracking Flags

(Not tracked)




(2 attachments)



13 years ago
User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8a3) Gecko/20040725
Build Identifier: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8a3) Gecko/20040725

use a 64bit build of mozilla (at least AMD64) under Linux and open the given URL.
All prices are zero. They are someway calculated as JavaScript code. So it seems
that the JS engine is not 64bit clean.

Reproducible: Always
Steps to Reproduce: URL with 64bit mozilla
2.look at the prices URL with 32bit mozilla
4.look at the prices again

Actual Results:  
with 64bit system all prices are 0

Expected Results:  
you should get the same prices
JS has been 64-bit clean for six+ years on many platforms, including DEC Alpha.
 You'll have to debug this more yourself, and say *exactly* what version and
brand of compiler you are using.

Assignee: general → mozilla
Ever confirmed: true
Summary: wrong JS math in 64bit systems → wrong JS math in 64bit systems

Comment 2

13 years ago
it's on SUSE Linux 9.1 for AMD64 using the compiler:
gcc (GCC) 3.3.3 (SUSE Linux)

If you tell me what else I could debug myself I will try it.
Perhaps I can try it on IA64 tomorrow.

Comment 3

13 years ago
cvs co mozilla/js/src
cd mozilla/js/src
make -f Makefile.ref
cd *.OBJ/


evaluate js here until you find your problem.

when you find the math that doesn't work, repeat the process on an i386 system.

Comment 4

13 years ago
I will see what I can do. But at this time I only get a compile error for this
and count 65 times:

warning: cast from pointer to integer of different size
warning: cast to pointer from integer of different size

I can really imagine that this can lead to wrong math-functions.
Wolfgang: what *error* do you get?  Can you give file and line for those
warnings (which I assume were not the error you mentioned)?


Comment 6

13 years ago
Created attachment 154618 [details]
build output from make -f Makefile.ref

Comment 7

13 years ago
that'd probably be Bug 249478

Comment 8

13 years ago
the build error is this bug.
But the main problem is that something is calculating wrong in JS.
And in general I count 333 build warnings about invalid casts on AMD64 for the
mozilla source. It seems AMD64 is a problematic platform if it comes to 
integer <-> pointer casts.

And sorry. I was unable to strip down a testcase because my HTML and JS 
experience is not good and the example URL has complicated contents.
So any news?

Comment 9

13 years ago
This should be easier to track down than "something is calculating wrong in JS"

[nicholas@entropy firefox]$ ./ ./xpcshell
js> Math.acos(1)
js> Math.acos(0.99)
[nicholas@entropy firefox]$ uname -a
Linux entropy 2.6.8-1.549smp #1 SMP Mon Sep 6 16:20:20 EDT 2004 x86_64 x86_64
x86_64 GNU/Linux

Comment 10

13 years ago
Looking at fdlibm.h, it appears that an architecture's endianness must be
explicitly specified, and big endian is assumed.

The fix is trivial, but that begs the question of why fdlibm is used in the
first place instead of the OS provided math library.
If your OS's math lib satisfies ECMA-262 Edition 3's requirements, then you can
dispense with fdlibm.  The js/tests suite may not be enough to verify that your
OS's math lib satisfies, however.


Comment 12

13 years ago
Created attachment 158276 [details] [diff] [review]
fix endian problems

This fixes the endian problems for AMD64, in a broken non-future proof manner.
As a bonus, VA_COPY is changed to the correct va_copy.
Comment on attachment 158276 [details] [diff] [review]
fix endian problems

I'm down with this.  Thanks for the diagnosis and patch.

I'd like this on both branches, as it's a serious porting fix for an important
Attachment #158276 - Flags: review+
Attachment #158276 - Flags: approval1.7.x?
Attachment #158276 - Flags: approval-aviary?
Comment on attachment 158276 [details] [diff] [review]
fix endian problems

Yeah, this should go into both branches.

Attachment #158276 - Flags: approval1.7.x?
Attachment #158276 - Flags: approval1.7.x+
Attachment #158276 - Flags: approval-aviary?
Attachment #158276 - Flags: approval-aviary+

Comment 15

13 years ago
Actually, a better fix would be to make fdlibm.h include jscpucfg.h/jsautocfg.h
and do
Has a fix for this been landed anywhere?  This needs to be fixed for 1.0 IMO
Flags: blocking-aviary1.0?
Comment 15 points the way, but I'm checking in the reviewed and approved patch
for the branches and trunk right now.

Last Resolved: 13 years ago
Flags: blocking-aviary1.0? → blocking-aviary1.0+
Keywords: fixed-aviary1.0, fixed1.7.x
Resolution: --- → FIXED

Comment 18

13 years ago
brendan, this busted: monkeypox, speedracer, and worms
I undid the jsprf.c change.  Nicholas, please file a separate bug and provide a
patch for it that doesn't break the ports tinderboxes broken by your jsprf.c
patch attached here.

*** Bug 257221 has been marked as a duplicate of this bug. ***
You need to log in before you can comment on or make changes to this bug.