Closed Bug 398181 Opened 18 years ago Closed 18 years ago

"ASSERTION: Doing nscoord addition with values > nscoord_MAX" with inline-block, percentage margin

Categories

(Core :: Layout, defect)

Product:
Core
Component:
Layout
Platform:
x86
All
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: jruderman, Assigned: dholbert)

References

Details

(Keywords: assertion, testcase)

Attachments

(3 files)

testcase
184 bytes, text/html
Details
fix (trivial)
2.50 KB, patch
roc
: review+
roc
: superreview+
roc
: approval1.9+
Details | Diff | Splinter Review
testcase2 (using float)
225 bytes, text/html
Details
Attached file testcase
Loading the testcase triggers lots of assertions, starting with: ###!!! ASSERTION: Doing nscoord addition with values > nscoord_MAX: 'a < nscoord_MAX && b < nscoord_MAX', file ../../dist/include/gfx/nsCoord.h, line 151 ###!!! ASSERTION: nscoord addition will reach or pass nscoord_MAX: '(PRInt64)a + (PRInt64)b < (PRInt64)nscoord_MAX', file ../../dist/include/gfx/nsCoord.h, line 153
Attached patch fix (trivial)Splinter Review
Adding NSCoordSaturatingAdd call in nsTextFrameThebes.cpp fixes first assertion. Adding NSCoordSaturatingSubtract call in nsFrame.cpp fixes second assertion. (The only other change -- the added NSCoordSaturatingAdd call in nsFrame.cpp -- doesn't actually affect this bug's testcase. The change is preventative, because currentLine could be nscoord_MAX there, and we shouldn't add directly to it.)
Attachment #283069 - Flags: review?(dbaron)
Attachment #283069 - Flags: approval1.9?
Per jesse's suggestion, I made this testcase that depends on the preemptive change in this bug's fix. (which was mentioned parenthetically in my last comment, at nsFrame.cpp:2869: - currentLine += floats_done; + currentLine = NSCoordSaturatingAdd(currentLine, floats_done); After applying my patch's other two changes, but skipping the preemptive change, I get these assertions when loading testcase2: ###!!! ASSERTION: Doing nscoord subtraction with values > nscoord_MAX: 'a < nscoord_MAX && b < nscoord_MAX', file ../../dist/include/gfx/nsCoord.h, line 208 ###!!! ASSERTION: nscoord subtraction will reach or pass nscoord_MAX: '(PRInt64)a - (PRInt64)b < (PRInt64)nscoord_MAX', file ../../dist/include/gfx/nsCoord.h, line 210 (I think we're hitting these in the added call to NSCoordSaturatingSubtract at nsFrame.cpp:2874) After adding the third change, those assertions go away.
Status: NEW → ASSIGNED
Assignee: nobody → dholbert
Status: ASSIGNED → NEW
Status: NEW → ASSIGNED
OS: Mac OS X → All
Attachment #283069 - Flags: superreview+
Attachment #283069 - Flags: review?(dbaron)
Attachment #283069 - Flags: review+
Attachment #283069 - Flags: approval1.9?
Attachment #283069 - Flags: approval1.9+
Checking in nsTextFrameThebes.cpp; /cvsroot/mozilla/layout/generic/nsTextFrameThebes.cpp,v <-- nsTextFrameThebes.cpp new revision: 3.128; previous revision: 3.127 done Checking in nsFrame.cpp; /cvsroot/mozilla/layout/generic/nsFrame.cpp,v <-- nsFrame.cpp new revision: 3.766; previous revision: 3.765 done
Status: ASSIGNED → RESOLVED
Closed: 18 years ago
Flags: in-testsuite?
Resolution: --- → FIXED
Crashtests checked in.
Flags: in-testsuite? → in-testsuite+
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: