JS function can't handle ints > 32 bits.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Drizzle |
Triaged
|
Medium
|
Unassigned |
Bug Description
try:
select js('arguments[0]', 1<<31), js('arguments[0]', 1<<32);
gives:
+------
| js('arguments[0]', 1<<31) | js('arguments[0]', 1<<32) |
+------
| 2147483648 | 0 |
+------
Expected was:
+------
| js('arguments[0]', 1<<31) | js('arguments[0]', 1<<32) |
+------
| 2147483648 | 4294967296 |
+------
The problem seems to be that js uses v8::Integer for all arguments of arg_type INTEGER_RESULT.
It should probably something like:
long long int_val = *((long long *)args->args[i]);
if (int_val >> 31) return v8::Number:
else return v8::Integer:
logic:
INTEGER_RESULT means a 64bit integer.
v8::Integer can only hold 32 bit integer.
INTEGER_RESULT >> 31 would truncate all bits of a 32 bit integer save for the sign bit.
If that sign bit is set, we would be dealing with a positive int in MySQL land which would become a negative int in v8 land.
And if any of the more significant bits would be set, then we would simply have an integer that cannot fit in a 32 bit integer at all.
So, if INTEGER_RESULT >> 31 is true (one or more bits set) it is out of range for a v8::Integer, and it should be represented by a v8::Number. In order to do that we should cast the long long value to a double since that's what the v8::Number wants to receive.
Changed in drizzle: | |
importance: | Undecided → Medium |
status: | New → Triaged |