Bug 138782

Summary: Crash when setting 'flex-shrink' CSS property to a calculated value
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: CSSAssignee: Nobody <webkit-unassigned>
Status: RESOLVED DUPLICATE    
Severity: Normal    
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 138778    

Description Chris Dumez 2014-11-16 16:15:05 PST 
Crash when setting 'flex-shrink' CSS property to a calculated value, e.g. 'calc(2 * 3)'.

Backtrace:
SHOULD NEVER BE REACHED
/Users/chris/WebKit/OpenSource/Source/WebCore/css/CSSPrimitiveValueMappings.h(123) : float WebCore::CSSPrimitiveValue::operator float() const
1   0x1113e2770 WTFCrash
2   0x1145cc6be WebCore::CSSPrimitiveValue::operator float<float>() const
3   0x1145c41ee WebCore::StyleBuilderFunctions::applyValueFlexShrink(WebCore::StyleResolver&, WebCore::CSSValue&)
4   0x1145bc35c WebCore::StyleBuilder::applyProperty(WebCore::CSSPropertyID, WebCore::StyleResolver&, WebCore::CSSValue&, bool, bool)
5   0x114604f03 WebCore::StyleResolver::applyProperty(WebCore::CSSPropertyID, WebCore::CSSValue*)
6   0x1146127e7 WebCore::StyleResolver::CascadedProperties::Property::apply(WebCore::StyleResolver&)
7   0x1146049ea WebCore::StyleResolver::applyCascadedProperties(WebCore::StyleResolver::CascadedProperties&, int, int)
8   0x114603137 WebCore::StyleResolver::applyMatchedProperties(WebCore::StyleResolver::MatchResult const&, WebCore::Element const*, WebCore::StyleResolver::ShouldUseMatchedPropertiesCache)
9   0x114600dc3 WebCore::StyleResolver::styleForElement(WebCore::Element*, WebCore::RenderStyle*, WebCore::StyleSharingBehavior, WebCore::RuleMatchingBehavior, WebCore::RenderRegion const*)
10  0x114632513 WebCore::Style::styleForElement(WebCore::Element&, WebCore::RenderStyle&)
11  0x114630482 WebCore::Style::resolveLocal(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
12  0x11462debd WebCore::Style::resolveTree(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
13  0x11462e11b WebCore::Style::resolveTree(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
14  0x11462e11b WebCore::Style::resolveTree(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
15  0x11462dd78 WebCore::Style::resolveTree(WebCore::Document&, WebCore::Style::Change)
16  0x112eb6516 WebCore::Document::recalcStyle(WebCore::Style::Change)
17  0x112eb26ff WebCore::Document::updateStyleIfNeeded()
18  0x112eac9e9 WebCore::Document::styleRecalcTimerFired(WebCore::Timer&)
Comment 1 Chris Dumez 2014-11-18 16:18:09 PST 

*** This bug has been marked as a duplicate of bug 138783 ***