Bug 664955 - "ASSERTION: parser should have rejected negative length". r=bz
authorarno renevier <arno@renevier.net>
Mon, 04 Jul 2011 20:13:20 +0200
changeset 72278 7281d9de99eb9dc123043a20e3c40857bddcfeb7
parent 72277 128d2f9f7ac38e9dbef776d6787f0025a201500a
child 72289 ca5dd1bd60f3030d39d9b4946506a5bd13cf189c
push id20687
push userdgottwald@mozilla.com
push dateMon, 04 Jul 2011 18:14:03 +0000
treeherdermozilla-central@7281d9de99eb [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbz
bugs664955
milestone7.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 664955 - "ASSERTION: parser should have rejected negative length". r=bz
layout/style/nsRuleNode.cpp
layout/style/nsStyleUtil.cpp
layout/style/test/Makefile.in
layout/style/test/test_bug664955.html
--- a/layout/style/nsRuleNode.cpp
+++ b/layout/style/nsRuleNode.cpp
@@ -2530,17 +2530,18 @@ nsRuleNode::SetFontSize(nsPresContext* a
       // for scriptlevel changes. A scriptlevel change between us and the parent
       // is simply ignored.
       nscoord parentSize =
         nsStyleFont::UnZoomText(aPresContext, aParentSize);
 
       if (NS_STYLE_FONT_SIZE_LARGER == value) {
         *aSize = nsStyleUtil::FindNextLargerFontSize(parentSize,
                          baseSize, scaleFactor, aPresContext, eFontSize_CSS);
-        NS_ASSERTION(*aSize > parentSize,
+
+        NS_ASSERTION(*aSize >= parentSize,
                      "FindNextLargerFontSize failed");
       }
       else {
         *aSize = nsStyleUtil::FindNextSmallerFontSize(parentSize,
                          baseSize, scaleFactor, aPresContext, eFontSize_CSS);
         NS_ASSERTION(*aSize < parentSize ||
                      parentSize <= nsPresContext::CSSPixelsToAppUnits(1),
                      "FindNextSmallerFontSize failed");
--- a/layout/style/nsStyleUtil.cpp
+++ b/layout/style/nsStyleUtil.cpp
@@ -293,16 +293,17 @@ nscoord nsStyleUtil::FindNextSmallerFont
 nscoord nsStyleUtil::FindNextLargerFontSize(nscoord aFontSize, PRInt32 aBasePointSize, 
                                             float aScalingFactor, nsPresContext* aPresContext,
                                             nsFontSizeType aFontSizeType)
 {
   PRInt32 index;
   PRInt32 indexMin;
   PRInt32 indexMax;
   float relativePosition;
+  nscoord adjustment;
   nscoord largerSize;
   nscoord indexFontSize = aFontSize; // XXX initialize to quell a spurious gcc3.2 warning
   nscoord smallestIndexFontSize;
   nscoord largestIndexFontSize;
   nscoord smallerIndexFontSize;
   nscoord largerIndexFontSize;
 
   nscoord onePx = nsPresContext::CSSPixelsToAppUnits(1);
@@ -326,32 +327,33 @@ nscoord nsStyleUtil::FindNextLargerFontS
           break;
       }
       // set up points beyond table for interpolation purposes
       if (indexFontSize == smallestIndexFontSize) {
         smallerIndexFontSize = indexFontSize - onePx;
         largerIndexFontSize = CalcFontPointSize(index+1, aBasePointSize, aScalingFactor, aPresContext, aFontSizeType);
       } else if (indexFontSize == largestIndexFontSize) {
         smallerIndexFontSize = CalcFontPointSize(index-1, aBasePointSize, aScalingFactor, aPresContext, aFontSizeType);
-        largerIndexFontSize = NSToCoordRound(float(largestIndexFontSize) * 1.5);
+        largerIndexFontSize = NSCoordSaturatingMultiply(largestIndexFontSize, 1.5);
       } else {
         smallerIndexFontSize = CalcFontPointSize(index-1, aBasePointSize, aScalingFactor, aPresContext, aFontSizeType);
         largerIndexFontSize = CalcFontPointSize(index+1, aBasePointSize, aScalingFactor, aPresContext, aFontSizeType);
       }
       // compute the relative position of the parent size between the two closest indexed sizes
       relativePosition = float(aFontSize - smallerIndexFontSize) / float(indexFontSize - smallerIndexFontSize);
       // set the new size to have the same relative position between the next largest two indexed sizes
-      largerSize = indexFontSize + NSToCoordRound(relativePosition * (largerIndexFontSize - indexFontSize));      
+      adjustment = NSCoordSaturatingNonnegativeMultiply(largerIndexFontSize - indexFontSize, relativePosition);
+      largerSize = NSCoordSaturatingAdd(indexFontSize, adjustment);
     }
     else {  // larger than HTML table, increase by 50%
-      largerSize = NSToCoordRound(float(aFontSize) * 1.5);
+      largerSize = NSCoordSaturatingMultiply(aFontSize, 1.5);
     }
   }
   else { // smaller than HTML table, increase by 1px
-    largerSize = aFontSize + onePx; 
+    largerSize = NSCoordSaturatingAdd(aFontSize, onePx);
   }
   return largerSize;
 }
 
 //------------------------------------------------------------------------------
 //
 //------------------------------------------------------------------------------
 
--- a/layout/style/test/Makefile.in
+++ b/layout/style/test/Makefile.in
@@ -122,16 +122,17 @@ GARBAGE += css_properties.js
 		test_bug517224.html \
 		test_bug524175.html \
 		test_bug534804.html \
 		test_bug573255.html \
 		test_bug580685.html \
 		test_bug635286.html \
 		test_bug652486.html \
 		test_bug657143.html \
+		test_bug664955.html \
 		test_bug667520.html \
 		test_cascade.html \
 		test_compute_data_with_start_struct.html \
 		test_computed_style.html \
 		test_computed_style_no_pseudo.html \
 		test_css_cross_domain.html \
 		test_css_eof_handling.html \
 		test_descriptor_storage.html \
new file mode 100644
--- /dev/null
+++ b/layout/style/test/test_bug664955.html
@@ -0,0 +1,37 @@
+<!DOCTYPE HTML>
+<html>
+<!--
+https://bugzilla.mozilla.org/show_bug.cgi?id=664955
+-->
+<head>
+  <title>Test for Bug 664955</title>
+  <script type="text/javascript" src="/MochiKit/MochiKit.js"></script>
+  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+</head>
+<body>
+<a target="_blank" href="https://bugzilla.mozilla.org/show_bug.cgi?id=664955">Mozilla Bug 664955</a>
+<p id="display" style="font-size: 10000000000px"> <!-- must be superior to nscoord_MAX * 60 --> 
+<span id="larger" style="font-size: larger">
+<span id="larger-again" style="font-size: larger">
+</span>
+</span>
+</p>
+<div id="content" style="display: none">
+
+</div>
+<pre id="test">
+<script class="testbody" type="text/javascript">
+/** Test for Bug 664955 **/
+var parentSize = document.defaultView.getComputedStyle($('display'), "").fontSize;
+var largerSize = document.defaultView.getComputedStyle($('larger'), "").fontSize;
+var largerAgainSize = document.defaultView.getComputedStyle($('larger-again'), "").fontSize;
+
+is(parentSize, largerSize, "font size is larger than max font size");
+is(parentSize, largerAgainSize, "font size is larger than max font size");
+
+</script>
+</pre>
+</body>
+</html>
+