[Webkit-unassigned] [Bug 176151] New: Crash in WebCore::CalculationValue::evaluate

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Aug 30 21:45:25 PDT 2017 

https://bugs.webkit.org/show_bug.cgi?id=176151

            Bug ID: 176151
           Summary: Crash in WebCore::CalculationValue::evaluate
           Product: WebKit
           Version: Other
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: CSS
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: mcatanzaro at igalia.com

Created attachment 319446

  --> https://bugs.webkit.org/attachment.cgi?id=319446&action=review

Backtrace

Crash in WebCore::CalculationValue::evaluate:

Truncated backtrace:
Thread no. 1 (10 frames)
 #0 std::unique_ptr<WebCore::CalcExpressionNode, std::default_delete<WebCore::CalcExpressionNode> >::get at /usr/include/c++/6.3.1/bits/unique_ptr.h:308
 #1 std::unique_ptr<WebCore::CalcExpressionNode, std::default_delete<WebCore::CalcExpressionNode> >::operator-> at /usr/include/c++/6.3.1/bits/unique_ptr.h:302
 #2 WebCore::CalculationValue::evaluate at /usr/src/debug/webkitgtk-2.16.3/Source/WebCore/platform/CalculationValue.cpp:56
 #3 WebCore::Length::nonNanCalculatedValue at /usr/src/debug/webkitgtk-2.16.3/Source/WebCore/platform/Length.cpp:276
 #4 WebCore::floatValueForLength at /usr/src/debug/webkitgtk-2.16.3/Source/WebCore/css/LengthFunctions.cpp:105
 #5 WebCore::TranslateTransformOperation::y at /usr/src/debug/webkitgtk-2.16.3/Source/WebCore/platform/graphics/transforms/TranslateTransformOperation.h:53
 #6 WebCore::TranslateTransformOperation::apply at /usr/src/debug/webkitgtk-2.16.3/Source/WebCore/platform/graphics/transforms/TranslateTransformOperation.h:70
 #7 WebCore::RenderStyle::applyTransform at /usr/src/debug/webkitgtk-2.16.3/Source/WebCore/rendering/style/RenderStyle.cpp:1140
 #8 WebCore::RenderLayerBacking::updateTransform at /usr/src/debug/webkitgtk-2.16.3/Source/WebCore/rendering/RenderLayerBacking.cpp:363
 #9 WebCore::RenderLayerBacking::updateGeometry at /usr/src/debug/webkitgtk-2.16.3/Source/WebCore/rendering/RenderLayerBacking.cpp:843

I have only one report of this crash, so it's probably low priority. Better backtrace attached.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20170831/d30ecbf3/attachment-0001.html>

More information about the webkit-unassigned mailing list