(In reply to Andreas Pehrson [:pehrsons] from comment #4) > Created attachment 9056517 [details] > Bug 1542685 - Avoid integer overflows by multiplying doubles. r?padenot > > SaferMultDiv(time, audioScale, videoScale) could easily result in overflow > because all three args are roughly equal, and SaferMultDiv would always do the > multiplication first. The worst-case is then multiplying an int64_t to another > int64_t that have very similar values. Since we represent time here in > microseconds, this would overflow after only 50 minutes. Not it cannot. SaferMultDiv can only overflow if the end result itself doesn't fit on 64 bits. Using double only means you lose accuracy as the mantissa is only 52 bits.
Bug 1542685 Comment 7 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
(In reply to Andreas Pehrson [:pehrsons] from comment #4) > Created attachment 9056517 [details] > Bug 1542685 - Avoid integer overflows by multiplying doubles. r?padenot > > SaferMultDiv(time, audioScale, videoScale) could easily result in overflow > because all three args are roughly equal, and SaferMultDiv would always do the > multiplication first. The worst-case is then multiplying an int64_t to another > int64_t that have very similar values. Since we represent time here in > microseconds, this would overflow after only 50 minutes. Not it cannot. And it doesnt' do the multiplication first, that's precisely the problem it's designed to avoid SaferMultDiv can only overflow if the end result itself doesn't fit on 64 bits. Using double only means you lose accuracy as the mantissa is only 52 bits.