[Webkit-unassigned] [Bug 67537] Implement a ProgressEvent constructor for JSC

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Tue Sep 6 13:33:34 PDT 2011


--- Comment #4 from Kentaro Hara <haraken at google.com>  2011-09-06 13:33:34 PST ---
(From update of attachment 106224)
View in context: https://bugs.webkit.org/attachment.cgi?id=106224&action=review

>> LayoutTests/fast/events/constructors/progress-event-constructor.html:46
>> +shouldBe("new ProgressEvent('eventType', { bubbles: true, cancelable: true, lengthComputable: true, loaded: 12345, total: 12345 }).total", "12345");
> It might makes sense to test the edge cases for loaded or total, that is, values  values in the range [0, 18446744073709551615] (unsigned long long range), NaN, negative values, non-numeric values, object literals with valueOf functions, etc.

Sam: Thank you, but one question. When we pass 18446744073709551615, what should the result be?

In the current implementation, 

    shouldBe("new ProgressEvent('eventType', { loaded: 18446744073709551615 }).loaded", "18446744073709551615");

results in

    FAIL new ProgressEvent('eventType', { loaded: 18446744073709551615 }).loaded should be 18446744073709552000. Was 0.

The reason why 'loaded' becomes 0 is as follows:
(1) "18446744073709551615" is passed to JSDictionary::convertValue(), and then to JSValue::toInteger().
(2) toNumber("18446744073709551615"), which is implemented in JSC, returns a double value 18446744073709551616.000000.
(3) JSDictionary::convertValue() does static_cast of 18446744073709551616.000000 into an unsigned long long value, resulting in 0.

I do not investigate the reason why "18446744073709551615" is evaluated as 18446744073709552000, but anyway this conversion is done in JSC code.

Do we need to fix the JSC code so that it returns the exact value for 64bit integers?

cf. Spec: ECMA-262, section 9.3 and 9.4 (http://www.ecma-international.org/publications/files/ECMA-ST/Ecma-262.pdf)

Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

More information about the webkit-unassigned mailing list