I set a break point in `SizeComputationInput::InitOffsets` at https://searchfox.org/mozilla-central/rev/b847c844adf49013067281d3237e7ada24325a34/layout/generic/ReflowInput.cpp#2517, and see the following. ``` (rr) p mComputedPadding $23 = {mWritingMode = {mWritingMode = {bits = 39 '\''}}, mMargin = {<mozilla::gfx::BaseMargin<int, nsMargin>> = {top = 1073741823, right = 0, bottom = 1073741823, left = 0}, <No data fields>}} (rr) p mComputedBorderPadding $24 = {mWritingMode = {mWritingMode = {bits = 39 '\''}}, mMargin = {<mozilla::gfx::BaseMargin<int, nsMargin>> = {top = 1073742003, right = 120, bottom = 1073741943, left = 120}, <No data fields>}} (rr) p mComputedBorderPadding.BStartEnd(wm) $25 = -2147483350 ``` This is a integer overflow problem. A flex item has a very huge top & bottom padding values, which accidentally equal to our unconstrained sentinel value. As a result, the border & padding value in block axis overflows and become a negative. Any computation afterwards can go wrong ... Daniel, any idea to deal with this gracefully?
Bug 1730570 Comment 5 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
I set a break point in `SizeComputationInput::InitOffsets` at https://searchfox.org/mozilla-central/rev/b847c844adf49013067281d3237e7ada24325a34/layout/generic/ReflowInput.cpp#2517, and see the following. ``` (rr) p mComputedPadding $23 = {mWritingMode = {mWritingMode = {bits = 39 '\''}}, mMargin = {<mozilla::gfx::BaseMargin<int, nsMargin>> = {top = 1073741823, right = 0, bottom = 1073741823, left = 0}, <No data fields>}} (rr) p mComputedBorderPadding $24 = {mWritingMode = {mWritingMode = {bits = 39 '\''}}, mMargin = {<mozilla::gfx::BaseMargin<int, nsMargin>> = {top = 1073742003, right = 120, bottom = 1073741943, left = 120}, <No data fields>}} (rr) p mComputedBorderPadding.BStartEnd(wm) $25 = -2147483350 ``` This is a integer overflow problem. A flex item has a very huge top & bottom padding values, which accidentally equal to our unconstrained sentinel value. As a result, the border & padding value in block axis overflows and becomes negative. Any computation afterwards can go wrong ... Daniel, any idea to deal with this gracefully?