[Webkit-unassigned] [Bug 85303] Tests overflow LayoutUnits in rendering code
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue May 1 14:00:27 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=85303
--- Comment #6 from Levi Weintraub <leviw at chromium.org> 2012-05-01 14:00:26 PST ---
(In reply to comment #5)
> So should callers of these functions be checking for overflow then? before hitting these asserts?
That's the question. There's a common pattern present in rendering code now whereby two positive numbers are added together, and the result is maxed with zero to account for overflow. This sends a strong message to the Web Dev by often collapsing the size of an element that's grown too large, which is good, but most of the tests triggering these assertions are the result of former crashes when we didn't do this right.
It seems like it may be better to sanitize inputs earlier so we don't rely on error-prone values, but given how values are multiplied and added together throughout the rendering code, this isn't always easy or obvious.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list