Bug 1202556 - Detect underflow in TimeStamp addition/subtraction operators; r=froydnj
authorBrian Birtles <birtles@gmail.com>
Mon, 14 Sep 2015 09:47:09 +0900
changeset 294858 820f227f2a409fb4b28e40cdd3542723937bd15b
parent 294857 25662880e67a3d39f453fc3c527b3f669e030427
child 294859 c02f4d8cbb0563ad2e930cb68f9452bd0fe0b1a5
push id5245
push userraliiev@mozilla.com
push dateThu, 29 Oct 2015 11:30:51 +0000
treeherdermozilla-beta@dac831dc1bd0 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersfroydnj
bugs1202556
milestone43.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1202556 - Detect underflow in TimeStamp addition/subtraction operators; r=froydnj
mozglue/misc/TimeStamp.h
--- a/mozglue/misc/TimeStamp.h
+++ b/mozglue/misc/TimeStamp.h
@@ -499,23 +499,37 @@ public:
   {
     TimeStamp result = *this;
     result -= aOther;
     return result;
   }
   TimeStamp& operator+=(const TimeDuration& aOther)
   {
     MOZ_ASSERT(!IsNull(), "Cannot compute with a null value");
-    mValue += aOther.mValue;
+    TimeStampValue value = mValue + aOther.mValue;
+    // Check for underflow.
+    // (We don't check for overflow because it's not obvious what the error
+    //  behavior should be in that case.)
+    if (aOther.mValue < 0 && value > mValue) {
+      value = 0;
+    }
+    mValue = value;
     return *this;
   }
   TimeStamp& operator-=(const TimeDuration& aOther)
   {
     MOZ_ASSERT(!IsNull(), "Cannot compute with a null value");
-    mValue -= aOther.mValue;
+    TimeStampValue value = mValue - aOther.mValue;
+    // Check for underflow.
+    // (We don't check for overflow because it's not obvious what the error
+    //  behavior should be in that case.)
+    if (aOther.mValue > 0 && value > mValue) {
+      value = 0;
+    }
+    mValue = value;
     return *this;
   }
 
   bool operator<(const TimeStamp& aOther) const
   {
     MOZ_ASSERT(!IsNull(), "Cannot compute with a null value");
     MOZ_ASSERT(!aOther.IsNull(), "Cannot compute with aOther null value");
     return mValue < aOther.mValue;