Bug 185625
| Summary: | Array#indexOf not finding items in array like objects with .length >= 2 ** 32 | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Leo Balter <leo> |
| Component: | JavaScriptCore | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED DUPLICATE | ||
| Severity: | Normal | CC: | ashvayka, fpizlo, ysuzuki |
| Priority: | P2 | ||
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| See Also: | https://bugs.webkit.org/show_bug.cgi?id=164456 | ||
Leo Balter
This predates to ES5.1 where the Array were bound to a max length of 2 ** 32.
See https://es5.github.io/#x15.4.4.14
Test262:
test/built-ins/Array/prototype/indexOf/15.4.4.14-3-28.js
test/built-ins/Array/prototype/indexOf/15.4.4.14-3-29.js
Example:
```
var targetObj = {};
var obj = {
0: 42,
length: 2 ** 32 - 1
};
[].indexOf.call(obj, 42); // 0
obj.length = 2 ** 32
[].indexOf.call(obj, 42); // -1
```
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Alexey Shvayka
Thank you for detailed report, Leo.
Apart from Array.prototype.indexOf, other Array methods (mostly ones that are implemented in C++) are affected.
I am merging bug reports to fix all (observable) cases with a single patch.
*** This bug has been marked as a duplicate of bug 163417 ***