Bug 138785

Summary: Crash when setting '-webkit-filter' CSS property to 'saturate(2)'
Product: WebKit Reporter: Chris Dumez <cdumez>
Component: CSSAssignee: Nobody <webkit-unassigned>
Status: RESOLVED WORKSFORME    
Severity: Normal    
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 138778    

Description Chris Dumez 2014-11-16 16:46:12 PST 
Crash when setting '-webkit-filter' CSS property to 'saturate(2)':
ASSERTION FAILED: !filterOperations.size() || !preserves3D()
/Users/chris/WebKit/OpenSource/Source/WebCore/platform/graphics/ca/GraphicsLayerCA.cpp(673) : virtual bool WebCore::GraphicsLayerCA::setFilters(const WebCore::FilterOperations &)
1   0x112ac8770 WTFCrash
2   0x1149cc236 WebCore::GraphicsLayerCA::setFilters(WebCore::FilterOperations const&)
3   0x11584d598 WebCore::RenderLayerBacking::updateFilters(WebCore::RenderStyle const&)
4   0x11584e309 WebCore::RenderLayerBacking::updateGeometry()
5   0x115867b91 WebCore::RenderLayerCompositor::layerStyleChanged(WebCore::RenderLayer&, WebCore::RenderStyle const*)
6   0x115836554 WebCore::RenderLayer::styleChanged(WebCore::StyleDifference, WebCore::RenderStyle const*)
7   0x115884484 WebCore::RenderLayerModelObject::styleDidChange(WebCore::StyleDifference, WebCore::RenderStyle const*)
8   0x115743f66 WebCore::RenderBox::styleDidChange(WebCore::StyleDifference, WebCore::RenderStyle const*)
9   0x1156d5ce7 WebCore::RenderBlock::styleDidChange(WebCore::StyleDifference, WebCore::RenderStyle const*)
10  0x11571a633 WebCore::RenderBlockFlow::styleDidChange(WebCore::StyleDifference, WebCore::RenderStyle const*)
11  0x11579e36a WebCore::RenderElement::setStyle(WTF::PassRef<WebCore::RenderStyle>)
12  0x115d1a7ce WebCore::RenderElement::setAnimatableStyle(WTF::PassRef<WebCore::RenderStyle>)
13  0x115d1766d WebCore::Style::resolveLocal(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
14  0x115d14ebd WebCore::Style::resolveTree(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
15  0x115d1511b WebCore::Style::resolveTree(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
16  0x115d1511b WebCore::Style::resolveTree(WebCore::Element&, WebCore::RenderStyle&, WebCore::Style::RenderTreePosition&, WebCore::Style::Change)
17  0x115d14d78 WebCore::Style::resolveTree(WebCore::Document&, WebCore::Style::Change)
18  0x11459d516 WebCore::Document::recalcStyle(WebCore::Style::Change)
19  0x1145996ff WebCore::Document::updateStyleIfNeeded()
20  0x1145939e9 WebCore::Document::styleRecalcTimerFired(WebCore::Timer&)
Comment 1 Chris Dumez 2014-11-16 17:03:20 PST 
Cannot reproduce. It must happen only when another CSS property has already been set.