Closed Bug 373875 Opened 17 years ago Closed 5 years ago

Large heights are serialized using exponential notation

Categories

(Core :: CSS Parsing and Computation, defect, P4)

Product:
Core
Component:
CSS Parsing and Computation
Type:
defect

Tracking

()

Status:
RESOLVED WORKSFORME

People

(Reporter: jruderman, Assigned: dbaron)

References

(Depends on 1 open bug)

Details

(Keywords: testcase)

Attachments

(2 files, 1 obsolete file)

testcase
208 bytes, text/html
Details
Simple test case for the css large height issue.
248 bytes, text/html
Details
Attached file testcase 
The markup in the testcase has "18000000px" as the div's height, but when I ask for the style attribute, I get "1.8e+7px".  That doesn't work as input to the CSS parser.

This bug made it difficult to reduce bug 373868, because serializing the DOM made the bug go away.
Diagnosed it with GDB.  Here's the problem:

At nsCSSDeclaration.cpp:464, there's a call to AppendFloat, which receives a float value of 18000000 and appends the string "1.8e+7". So AppendFloat is the culprit.

Drilling down, the AppendFloat implementation is in the file xpcom/string/src/nsStringObsolete.cpp.  There are two implementations of the function -- one that takes a float, and one that takes a double, and they both are simply wrappers to Modified_cnvtf() (defined in the same file), with the double version having higher precision. (the third argument = precison)

One hack-ish fix is to simply cast the float to a double in the call to AppendFloat at nsCSSDeclaration.cpp:464.  This fixes jesse's test case, but it breaks if you use an even larger number, like 18000000000000000px.  It seems like it just comes down to the size of the input number vs. the 3rd argument passed to Modified_cnvtf() (which is a measure of precision).
Assignee: dbaron → nobody
QA Contact: ian → style-system
Attached patch patch (obsolete) — Splinter Review 
Here's the simple fix, which just makes us use a double rather than a float so that things that fit in 32-bit integers round-trip correctly.  We probably ought to switch to storing integers at some point, but this removes the practical problems with not doing so.

We probably also ought to ensure we never serialize to scientific notation...
Attachment #354092 - Flags: superreview?(bzbarsky)
Attachment #354092 - Flags: review?(bzbarsky)
Assignee: nobody → dbaron
Status: NEW → ASSIGNED
OS: Mac OS X → All
Priority: -- → P4
Hardware: x86 → All
Attachment #354092 - Flags: superreview?(bzbarsky)
Attachment #354092 - Flags: review?(bzbarsky)
Comment on attachment 354092 [details] [diff] [review]
patch

Actually, I should put this on a separate bug; it's really unrelated.
Is there a time table to fix this issue? We are running up against this bug because we are using a JS library that is creating a "grid" widget with a scroll
bar.  The library tries to size the scroll bar appropriately based on the
number of entries in the data store.

The library sets the height of the scroll bar widget to be 40671324px which
firefox then converts to 4.06713e+7px
No, but it's worth knowing that somebody actually hit it in the real world; it actually somewhat surprises me.
Why does that surprise you?

If this won't be fixed, do you have any recommendations for ways to work around this issue?
This problem is present also in our project (I think we are using the same grid library). There is a plan to resolve it?
This bug gets in my way pretty often :(
Blocks: innerhtml-roundtrip
Note that the original testcase no longer shows the bug because we've changed what getAttribute("style") does, but the bug still exists when the serialization code is triggered.
In addition to annoying me, this bug sometimes prevents my DOM fuzzer from making new testcases based on existing crashtests.
I seem to recall hearing about someone -- Anthony Jones, I think? -- speaking about cleaning this up recently.
Is there an update on this bug?

Moreover, if the value (incorrectly) uses scientific notation, will the value returned will be in 'standard' form? Is that within the scope of this bug?
I do not have an update. I expect values that exceed the precision would contine to be represented as strings in e notation.
Sunil, I don't think we will make our CSS parser handle exponential notation as input, because that would be against the spec.
I am running into this bug and Firefox doesn't accept the style as valid (assigning to style.height). Is there any known work-around to this?
I guess this is no longer a problem now that bug 964529 is resolved. (As long as you're not exporting the serialized CSS to another browser.)
Unfortunately in our 'crazy' use case, that's exactly what we do, export it from Firefox to another browser, hence fix 964529 is not sufficient. Will still prefer the returned value to not have scientific notation.
Is this bug not resolved yet? I got the same issue on the current latest FF 44.0.2 Will add an attachment for testing.
Simple test case  for the CSS large height issue which is still happening in Mozilla Firefox 44.0.2 - the latest stable release.

This issue was created 12 years ago. Please take notice.

This seems to work, probably fixed by the style system rewrite in FF57?

Still broken on my FF67.0.2

What do you see broken? I don't see any exponential serialization in the attached test-cases, could you attach a new one?

They're rendered as height: 0px

It's not clear to me how that's related to this bug. That looks like a different bug (bug 1518433 in particular).

This bug looks fixed to me.

Status: ASSIGNED → RESOLVED
Closed: 5 years ago
Resolution: --- → WORKSFORME

Okay, then yes, this bug is indeed fixed.

You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: