[Webkit-unassigned] [Bug 139289] New: Crash when setting '-webkit-box-shadow' CSS property to 'calc(50px + 1em) calc(50px + 1em) calc(50px + 1em)'
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Dec 4 21:23:21 PST 2014
https://bugs.webkit.org/show_bug.cgi?id=139289
Bug ID: 139289
Summary: Crash when setting '-webkit-box-shadow' CSS property
to 'calc(50px + 1em) calc(50px + 1em) calc(50px +
1em)'
Classification: Unclassified
Product: WebKit
Version: 528+ (Nightly build)
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: CSS
Assignee: webkit-unassigned at lists.webkit.org
Reporter: cdumez at apple.com
Blocks: 138778
Crash when setting '-webkit-box-shadow' CSS property to 'calc(50px + 1em) calc(50px + 1em) calc(50px + 1em)'.
Backtrace:
ASSERTION FAILED: !m_parsedCalculation
0 com.apple.JavaScriptCore 0x000000010df4534a WTFCrash + 42
1 com.apple.WebCore 0x000000010f884feb WebCore::CSSParser::parseCalculation(WebCore::CSSParserValue&, WebCore::CalculationPermittedValueRange) + 235 (CSSParser.cpp:9989)
2 com.apple.WebCore 0x000000010f884c49 WebCore::CSSParser::validCalculationUnit(WebCore::CSSParserValue&, WebCore::CSSParser::Units, WebCore::CSSParser::ReleaseParsedCalcValueCondition) + 105 (CSSParser.cpp:1588)
3 com.apple.WebCore 0x000000010f8850de WebCore::CSSParser::validUnit(WebCore::CSSParserValue&, WebCore::CSSParser::Units, WebCore::CSSParserMode, WebCore::CSSParser::ReleaseParsedCalcValueCondition) + 78 (CSSParser.cpp:1640)
4 com.apple.WebCore 0x000000010f895b78 WebCore::CSSParser::parseShadow(WebCore::CSSParserValueList&, WebCore::CSSPropertyID) + 408 (CSSParser.cpp:7259)
5 com.apple.WebCore 0x000000010f88883a WebCore::CSSParser::parseValue(WebCore::CSSPropertyID, bool) + 12394 (CSSParser.cpp:2407)
6 com.apple.WebCore 0x000000010f851363 cssyyparse(WebCore::CSSParser*) + 2771 (.CSSGrammar.y:389)
7 com.apple.WebCore 0x000000010f882a5e WebCore::CSSParser::parseValue(WebCore::MutableStyleProperties*, WebCore::CSSPropertyID, WTF::String const&, bool, WebCore::StyleSheetContents*) + 110 (CSSParser.cpp:1314)
8 com.apple.WebCore 0x000000010f881c97 WebCore::CSSParser::parseValue(WebCore::MutableStyleProperties*, WebCore::CSSPropertyID, WTF::String const&, bool, WebCore::CSSParserMode, WebCore::StyleSheetContents*) + 471 (CSSParser.cpp:1302)
9 com.apple.WebCore 0x0000000111131d6f WebCore::MutableStyleProperties::setProperty(WebCore::CSSPropertyID, WTF::String const&, bool, WebCore::StyleSheetContents*) + 159 (StyleProperties.cpp:682)
10 com.apple.WebCore 0x0000000110b1055b WebCore::PropertySetCSSStyleDeclaration::setPropertyInternal(WebCore::CSSPropertyID, WTF::String const&, bool, int&) + 171 (PropertySetCSSStyleDeclaration.cpp:265)
11 com.apple.WebCore 0x0000000110305038 WebCore::JSCSSStyleDeclaration::putDelegate(JSC::ExecState*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) + 392 (JSCSSStyleDeclarationCustom.cpp:343)
12 com.apple.WebCore 0x00000001103001e9 WebCore::JSCSSStyleDeclaration::put(JSC::JSCell*, JSC::ExecState*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) + 329 (JSCSSStyleDeclaration.cpp:284)
13 com.apple.JavaScriptCore 0x000000010d90dd12 JSC::JSValue::put(JSC::ExecState*, JSC::PropertyName, JSC::JSValue, JSC::PutPropertySlot&) + 210
14 com.apple.JavaScriptCore 0x000000010d8e2026 void JSC::DFG::operationPutByValInternal<false, false>(JSC::ExecState*, long long, long long, long long) + 678
15 com.apple.JavaScriptCore 0x000000010d8e1d6b operationPutByValNonStrict + 75
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20141205/ced9f01a/attachment-0002.html>
More information about the webkit-unassigned
mailing list