Issue 54903014: [EnforceRange] doesn't enforce range of a short

Issue 54903014: [EnforceRange] doesn't enforce range of a short (Closed)

Created:
7 years, 1 month ago by Inactive

Modified:
7 years, 1 month ago

Reviewers:
haraken, Nils Barth (inactive), arv (Not doing code reviews), eseidel

CC:
blink-reviews, kojih, arv+blink, jsbell+bindings_chromium.org, abarth-chromium, marja+watch_chromium.org, adamk+blink_chromium.org, Nate Chapin

Base URL:
svn://svn.chromium.org/blink/trunk

Visibility:
Public.

More Reviews

Description

[EnforceRange] doesn't enforce range of a short Handle Web IDL short / unsigned short types as per the specification: - http://www.w3.org/TR/WebIDL/#es-short - http://www.w3.org/TR/WebIDL/#es-unsigned-short Specifically, we used to treat short / unsigned short as 32bit integers, which was wrong. We now properly handle them as 16bit integers. This CL is based on WebKit r158521: http://trac.webkit.org/changeset/158521 R=haraken TEST=js/dom/webidl-type-mapping.html Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=161248

Patch Set 1 #

Patch Set 2 : Fix CL #

Patch Set 3 : Fix test failure #

Total comments: 1

Patch Set 4 : Extend layout test #

Total comments: 1

Created: 7 years, 1 month ago

Download [raw] [tar.bz2]

	Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+636 lines, -52 lines)			Patch
M	LayoutTests/fast/js/webidl-type-mapping.html	View	1 2 3	15 chunks	+136 lines, -0 lines	0 comments	Download
M	LayoutTests/fast/js/webidl-type-mapping-expected.txt	View	1 2 3	15 chunks	+271 lines, -0 lines	0 comments	Download
M	Source/bindings/scripts/code_generator_v8.pm	View	1 2	1 chunk	+8 lines, -4 lines	1 comment	Download
M	Source/bindings/scripts/unstable/v8_types.py	View		1 chunk	+2 lines, -2 lines	0 comments	Download
M	Source/bindings/tests/idls/TestObject.idl	View	1	2 chunks	+4 lines, -0 lines	0 comments	Download
M	Source/bindings/tests/results/V8TestObject.cpp	View	1	6 chunks	+96 lines, -2 lines	0 comments	Download
M	Source/bindings/tests/results/V8TestObjectPython.cpp	View	1	5 chunks	+5 lines, -5 lines	0 comments	Download
M	Source/bindings/v8/V8Binding.h	View		1 chunk	+26 lines, -0 lines	0 comments	Download
M	Source/bindings/v8/V8Binding.cpp	View	1 2	4 chunks	+70 lines, -20 lines	0 comments	Download
M	Source/core/testing/TypeConversions.h	View		2 chunks	+7 lines, -13 lines	0 comments	Download
M	Source/core/testing/TypeConversions.idl	View		1 chunk	+11 lines, -6 lines	0 comments	Download

Messages

Total messages: 11 (0 generated)

Expand Messages | Collapse Messages

Inactive

On 2013/11/03 23:52:42, Chris Dumez wrote: There appears to be a bug. I will investigate ...

7 years, 1 month ago (2013-11-04 00:23:46 UTC) #2

Inactive

https://codereview.chromium.org/54903014/diff/100001/Source/bindings/v8/V8Binding.cpp File Source/bindings/v8/V8Binding.cpp (right): https://codereview.chromium.org/54903014/diff/100001/Source/bindings/v8/V8Binding.cpp#newcode229 Source/bindings/v8/V8Binding.cpp:229: numberValue = numberValue < 0 ? -floor(fabs(numberValue)) : floor(fabs(numberValue)); ...

7 years, 1 month ago (2013-11-04 00:45:58 UTC) #3

eseidel

Is the issue that we didn't understand the "short" type, or that we just mistakenly ...

7 years, 1 month ago (2013-11-04 07:13:27 UTC) #5

eseidel

https://codereview.chromium.org/54903014/diff/150001/Source/bindings/scripts/code_generator_v8.pm File Source/bindings/scripts/code_generator_v8.pm (left): https://codereview.chromium.org/54903014/diff/150001/Source/bindings/scripts/code_generator_v8.pm#oldcode5372 Source/bindings/scripts/code_generator_v8.pm:5372: return "toInt32($value, $intConversion, ok)" if $type eq "long" or ...

7 years, 1 month ago (2013-11-04 07:14:13 UTC) #6

Inactive

On 2013/11/04 07:14:13, eseidel wrote: > https://codereview.chromium.org/54903014/diff/150001/Source/bindings/scripts/code_generator_v8.pm > File Source/bindings/scripts/code_generator_v8.pm (left): > > https://codereview.chromium.org/54903014/diff/150001/Source/bindings/scripts/code_generator_v8.pm#oldcode5372 > ...

7 years, 1 month ago (2013-11-04 12:51:13 UTC) #7

commit-bot: I haz the power

CQ is trying da patch. Follow status at https://chromium-status.appspot.com/cq/ch.dumez@samsung.com/54903014/150001

7 years, 1 month ago (2013-11-04 12:51:49 UTC) #8

Nils Barth (inactive)

7 years, 1 month ago (2013-11-05 01:51:44 UTC) #11

Message was sent while issue was closed.

On 2013/11/04 07:13:27, eseidel wrote:
> I assume we have asserts, etc. in the IDL parser
> to make sure we understand all types we encounter?

Technical detail:
the parser doesn't do *any* type-checking:
interface names are types, so any syntactically valid identifier
is potentially a type.

Type handling happens in the code generator: we handle built-in
types, and for other types we sometimes need to check that a type
is actually valid (namely when you need to  look up something in
an interface), but other times it just assumes it's a valid interface
and you'll get compile errors if you make a typo.

We mostly don't do semantic analysis, esp. verification - mistakes
usually yield obvious compile errors, and adding verification makes
the compiler *much* more complex (and probably slower) for little benefit,
though we do verify Extended Attributes, as these otherwise cause
silent errors (b/c inapplicable attributes are ignored) and have been a
source of bugs in the past.

Instead, we rely on the IDL being correct, which is verified by the
bindings actually working with the implementation.

We could add detailed verification in future, probably as a separate
test (e.g., presubmit) to avoid making the CG complex and slowing down
the compile, but for now this has been a low priority.

Expand Messages | Collapse Messages