Bug 138784

Summary: Crash when setting 'transition-delay' CSS property to a calculated value
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: CSSAssignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: benjamin, commit-queue, darin, kling, koivisto, sam
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 138778    
Attachments:
Description Flags
Patch none

Description Chris Dumez 2014-11-16 16:42:46 PST 
Crash when setting 'transition-delay' CSS property to a calculated value, e.g. 'calc(300ms/2)':
SHOULD NEVER BE REACHED
/Users/chris/WebKit/OpenSource/Source/WebCore/css/CSSPrimitiveValue.h(270) : T WebCore::CSSPrimitiveValue::computeTime() [T = double, timeUnit = 0]
1   0x10e447770 WTFCrash
2   0x10fe3f544 double WebCore::CSSPrimitiveValue::computeTime<double, (WebCore::CSSPrimitiveValue::TimeUnit)0>()
3   0x10fe3c6f7 WebCore::CSSToStyleMap::mapAnimationDelay(WebCore::Animation*, WebCore::CSSValue&)
4   0x10fed02f4 WebCore::ApplyPropertyAnimation<double, &(WebCore::Animation::delay() const), &(WebCore::Animation::setDelay(double)), &(WebCore::Animation::isDelaySet() const), &(WebCore::Animation::clearDelay()), &(WebCore::Animation::initialAnimationDelay()), &(WebCore::CSSToStyleMap::mapAnimationDelay(WebCore::Animation*, WebCore::CSSValue&)), &(WebCore::RenderStyle::accessTransitions()), &(WebCore::RenderStyle::transitions() const)>::map(WebCore::StyleResolver*, WebCore::Animation&, WebCore::CSSValue&)
5   0x10fed01a1 WebCore::ApplyPropertyAnimation<double, &(WebCore::Animation::delay() const), &(WebCore::Animation::setDelay(double)), &(WebCore::Animation::isDelaySet() const), &(WebCore::Animation::clearDelay()), &(WebCore::Animation::initialAnimationDelay()), &(WebCore::CSSToStyleMap::mapAnimationDelay(WebCore::Animation*, WebCore::CSSValue&)), &(WebCore::RenderStyle::accessTransitions()), &(WebCore::RenderStyle::transitions() const)>::applyValue(WebCore::CSSPropertyID, WebCore::StyleResolver*, WebCore::CSSValue*)
6   0x111680aab WebCore::PropertyHandler::applyValue(WebCore::CSSPropertyID, WebCore::StyleResolver*, WebCore::CSSValue*) const
7   0x111670eb8 WebCore::StyleResolver::applyProperty(WebCore::CSSPropertyID, WebCore::CSSValue*)
8   0x11167e7e7 WebCore::StyleResolver::CascadedProperties::Property::apply(WebCore::StyleResolver&)
9   0x1116709ea WebCore::StyleResolver::applyCascadedProperties(WebCore::StyleResolver::CascadedProperties&, int, int)
10  0x11166f137 WebCore::StyleResolver::applyMatchedProperties(WebCore::StyleResolver::MatchResult const&, WebCore::Element const*, WebCore::StyleResolver::ShouldUseMatchedPropertiesCache)
11  0x11166cdc3 WebCore::StyleResolver::styleForElement(WebCore::Element*, WebCore::RenderStyle*, WebCore::StyleSharingBehavior, WebCore::RuleMatchingBehavior, WebCore::RenderRegion const*)
12  0x11169e513 WebCore::Style::styleForElement(WebCore::Element&, WebCore::RenderStyle&)
13  0x11169c482 WebCore::Style::resolveLocal(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
14  0x111699ebd WebCore::Style::resolveTree(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
15  0x11169a11b WebCore::Style::resolveTree(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
16  0x11169a11b WebCore::Style::resolveTree(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
17  0x111699d78 WebCore::Style::resolveTree(WebCore::Document&, WebCore::Style::Change)
18  0x10ff22516 WebCore::Document::recalcStyle(WebCore::Style::Change)
19  0x10ff1e6ff WebCore::Document::updateStyleIfNeeded()
20  0x10ff189e9 WebCore::Document::styleRecalcTimerFired(WebCore::Timer&)
Comment 1 Chris Dumez 2014-11-20 10:49:35 PST 
Created attachment 241962 [details]
Patch
Comment 2 WebKit Commit Bot 2014-11-21 11:48:15 PST 
Comment on attachment 241962 [details]
Patch

Clearing flags on attachment: 241962

Committed r176458: <http://trac.webkit.org/changeset/176458>
Comment 3 WebKit Commit Bot 2014-11-21 11:48:19 PST 
All reviewed patches have been landed.  Closing bug.