Return false in TryNumberToSize if there is a cast error

src/conversions-inl.h

Index: src/conversions-inl.h
diff --git a/src/conversions-inl.h b/src/conversions-inl.h
index 427a67d1097b717facd06be847bdc85e11a5e53c..24e1724c86dbea7f80b0bfd23be15be82a9f4b15 100644
--- a/src/conversions-inl.h
+++ b/src/conversions-inl.h
@@ -156,6 +156,11 @@ bool TryNumberToSize(Object* number, size_t* result) {
     double value = HeapNumber::cast(number)->value();
     if (value >= 0 && value <= std::numeric_limits<size_t>::max()) {

[ahaas, 2016/12/07 16:20:38]

The problem here is that if you compare a double with a size_t, the size_t is
cast implicitly to double, and if you cast std::numeric_limits<size_t>::max() to
double you get 0x10000000000000000. Knowing that, I think the solution here
should just be to write
if (value >= 0 && value <
static_cast<double>(std::numeric_limits<size_t>::max())) with "<" instead of
"<=", and with the static_cast to make this issue more obvious.

[qiuyi.zqy, 2016/12/07 18:13:36]

Done.

       *result = static_cast<size_t>(value);
+      // Cast error. Could happen when value is slightly larger than
+      // the limit of size_t but has a floating number precision loss.
+      if (value > 0 && *result == 0) {
+        return false;
+      }
       return true;
     } else {
       return false;