Closed
Bug 1074651
Opened 10 years ago
Closed 10 years ago
Assertion failure: "Expecting iteration duration >= 0" with CSS transition numeric overflow
Categories
(Core :: CSS Parsing and Computation, defect)
Tracking
()
RESOLVED
FIXED
mozilla35
People
(Reporter: jruderman, Assigned: birtles)
References
Details
(Keywords: assertion, testcase)
Attachments
(3 files, 1 obsolete file)
157 bytes,
text/html
|
Details | |
8.72 KB,
text/plain
|
Details | |
3.69 KB,
patch
|
Details | Diff | Splinter Review |
Assertion failure: aTiming.mIterationDuration >= zeroDuration (Expecting iteration duration >= 0), at dom/animation/Animation.cpp:97
Reporter | ||
Comment 1•10 years ago
|
||
Comment 2•10 years ago
|
||
Mmm. Fun integer overflow issues. :( In particular, BaseTimeDurationPlatformUtils::TicksFromMilliseconds should probably clamp out-of-range values to INT64_MIN and Forever() just like TimeDuration::FromMilliseconds tries to do with incoming infinite values.
Comment 3•10 years ago
|
||
Or we could fix this particular TimeDuration consumer, but I think the behavior of TimeDuration here is clearly bogus.
Assignee | ||
Comment 4•10 years ago
|
||
This seems to work for me. Something like std::min(std::max(result, INT64_MIN), INT64_MAX) would be more compact but, as I understand it, we'd end up resolving the type of the max template argument as 'double' then convert INT64_MAX to double and back to int64_t again before returning it in the overflow case. I'm not sure if that necessarily round-trips safely so I did it the long-way. Currently running through try: https://treeherder.mozilla.org/ui/#/jobs?repo=try&revision=76598669b058 This does, however, mean that we might end up with Forever values in places where we weren't expecting them. Animation code, however, should handle this particular case now using the StickyTimeDuration class added in bug 1039924. http://hg.mozilla.org/mozilla-central/file/6c824fbb73e8/dom/animation/Animation.cpp#l226
Attachment #8497956 -
Flags: review?(bzbarsky)
Assignee | ||
Updated•10 years ago
|
Assignee: nobody → birtles
Status: NEW → ASSIGNED
Comment 5•10 years ago
|
||
Comment on attachment 8497956 [details] [diff] [review] Detect integer overflow in BaseTimeDuration::TicksFromMilliseconds This seems reasonable, yeah.
Attachment #8497956 -
Flags: review?(bzbarsky) → review+
Assignee | ||
Comment 6•10 years ago
|
||
Oops, forgot to include the crash test. Coming up.
Assignee | ||
Comment 7•10 years ago
|
||
Now with crashtest. https://treeherder.mozilla.org/ui/#/jobs?repo=try&revision=0ad580198d88
Assignee | ||
Updated•10 years ago
|
Attachment #8497956 -
Attachment is obsolete: true
Assignee | ||
Comment 8•10 years ago
|
||
https://hg.mozilla.org/integration/mozilla-inbound/rev/79ea9a38b446
Comment 9•10 years ago
|
||
https://hg.mozilla.org/mozilla-central/rev/79ea9a38b446
Status: ASSIGNED → RESOLVED
Closed: 10 years ago
Flags: in-testsuite+
Resolution: --- → FIXED
Target Milestone: --- → mozilla35
You need to log in
before you can comment on or make changes to this bug.
Description
•