Closed Bug 899936 Opened 6 years ago Closed 6 years ago

OdinMonkey: fix faulty floating point logic in ExtractNumericLiteral

Tracking

()

Status:

RESOLVED FIXED

Milestone:

mozilla25

People

(Reporter: luke, Assigned: luke)

Details

Attachments

(1 file)

fix and tests 6 years ago Luke Wagner [:luke] 5.63 KB, patch	mjrosenb : review+	Details \| Diff \| Splinter Review

Luke Wagner [:luke]

Assignee

Description

•

6 years ago

Attached patch fix and tests — Details — Splinter Review

The current integer-overflow handling in ExtractNumericLiteral casts doubles to int64 when the double can be inf, -inf, or outside the int64 range.  There are unit tests that would have caught this but all the platforms on tbpl apparently cast these extremal doubles to out-of-range int64 values so the correct result is produced (NumLit::OutOfRangeInt).  However, qemu and Marty's pandaboard expose the bug.  Thanks to marty for helping to track this down.

Attachment #783657 - Flags: review?(mrosenberg)

Marty Rosenberg [:mjrosenb]

Updated

•

6 years ago

Attachment #783657 - Flags: review?(mrosenberg) → review+

Luke Wagner [:luke]

Assignee

Comment 1

•

6 years ago

https://hg.mozilla.org/integration/mozilla-inbound/rev/3eef74151413

Ryan VanderMeulen [:RyanVM]

Comment 2

•

6 years ago

https://hg.mozilla.org/mozilla-central/rev/3eef74151413

Status: ASSIGNED → RESOLVED

Closed: 6 years ago

Flags: in-testsuite+

Resolution: --- → FIXED

Target Milestone: --- → mozilla25

You need to log in before you can comment on or make changes to this bug.

Bugzilla

OdinMonkey: fix faulty floating point logic in ExtractNumericLiteral

Categories

(Core :: JavaScript Engine, defect)

Tracking

()

People

(Reporter: luke, Assigned: luke)

References

Details

Crash Data

Security

(public)

User Story

Attachments

(1 file)

Description

Updated

Comment 1

Comment 2