Bug 135605 - ASSERTION FAILED: !m_parsedCalculation in WebCore::CSSParser::parseValue
Summary: ASSERTION FAILED: !m_parsedCalculation in WebCore::CSSParser::parseValue
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: CSS (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Renata Hodovan
URL:
Keywords:
Depends on:
Blocks: 116980
  Show dependency treegraph
 
Reported: 2014-08-05 06:03 PDT by Renata Hodovan
Modified: 2014-08-05 09:46 PDT (History)
3 users (show)

See Also:

Attachments
Test case (186 bytes, text/html)
2014-08-05 06:03 PDT, Renata Hodovan 		no flags Details
Proposed patch (4.30 KB, patch)
2014-08-05 06:09 PDT, Renata Hodovan 		no flags Details | Formatted Diff | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Renata Hodovan 2014-08-05 06:03:20 PDT 
Created attachment 236026 [details]
Test case

The failing test:

<style>
* {
  -webkit-transition:cubic-bezier(0,0,calc(0),calc(0));
}
</style>

Backtrace:


ASSERTION FAILED: !m_parsedCalculation
../../Source/WebCore/css/CSSParser.cpp(9849) : bool WebCore::CSSParser::parseCalculation(WebCore::CSSParserValue*, WebCore::CalculationPermittedValueRange)


Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0x7fff96cc6700 (LWP 7904)]
0x00007ffff30185e8 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:329
329    *(int *)(uintptr_t)0xbbadbeef = 0;
(gdb) bt
#0  0x00007ffff30185e8 in WTFCrash () at ../../Source/WTF/wtf/Assertions.cpp:329
#1  0x00007ffff33d2560 in WebCore::CSSParser::parseCalculation (this=0x7fffffffbf00, value=0x7f7cc0, range=WebCore::CalculationRangeAll)
    at ../../Source/WebCore/css/CSSParser.cpp:9849
#2  0x00007ffff33b1db0 in WebCore::CSSParser::validCalculationUnit (this=0x7fffffffbf00, value=0x7f7cc0, unitflags=WebCore::CSSParser::FNumber,
    releaseCalc=WebCore::CSSParser::DoNotReleaseParsedCalcValue) at ../../Source/WebCore/css/CSSParser.cpp:1571
#3  0x00007ffff33b1ffc in WebCore::CSSParser::validUnit (this=0x7fffffffbf00, value=0x7f7cc0, unitflags=WebCore::CSSParser::FNumber,
    cssParserMode=WebCore::CSSQuirksMode, releaseCalc=WebCore::CSSParser::DoNotReleaseParsedCalcValue) at ../../Source/WebCore/css/CSSParser.cpp:1623
#4  0x00007ffff33db328 in WebCore::CSSParser::validUnit (this=0x7fffffffbf00, value=0x7f7cc0, unitflags=WebCore::CSSParser::FNumber,
    releaseCalc=WebCore::CSSParser::DoNotReleaseParsedCalcValue) at ../../Source/WebCore/css/CSSParser.h:629
#5  0x00007ffff33be453 in WebCore::CSSParser::parseCubicBezierTimingFunctionValue (this=0x7fffffffbf00, args=@0x7fffffff9f18: 0x8ab970,
    result=@0x7fffffff9f38: 6.9533558066231601e-310) at ../../Source/WebCore/css/CSSParser.cpp:4546
#6  0x00007ffff33be905 in WebCore::CSSParser::parseAnimationTimingFunction (this=0x7fffffffbf00) at ../../Source/WebCore/css/CSSParser.cpp:4620
#7  0x00007ffff33bee9d in WebCore::CSSParser::parseAnimationProperty (this=0x7fffffffbf00, propId=WebCore::CSSPropertyWebkitTransitionTimingFunction,
    result=..., context=...) at ../../Source/WebCore/css/CSSParser.cpp:4698
#8  0x00007ffff33b8e12 in WebCore::CSSParser::parseTransitionShorthand (this=0x7fffffffbf00, propId=WebCore::CSSPropertyWebkitTransition, important=false)
    at ../../Source/WebCore/css/CSSParser.cpp:3414
#9  0x00007ffff33b65a7 in WebCore::CSSParser::parseValue (this=0x7fffffffbf00, propId=WebCore::CSSPropertyWebkitTransition, important=false)
    at ../../Source/WebCore/css/CSSParser.cpp:2859
#10 0x00007ffff42efc1d in cssyyparse (parser=0x7fffffffbf00) at /home/renifuzz/data/REPOS/webkit/WebKitBuild/Debug/DerivedSources/WebCore/CSSGrammar.y:1137
#11 0x00007ffff33ae8de in WebCore::CSSParser::parseSheet (this=0x7fffffffbf00, sheet=0x86cca0, string=..., startLineNumber=0, ruleSourceDataResult=0x0,
    logErrors=true) at ../../Source/WebCore/css/CSSParser.cpp:440
#12 0x00007ffff34d96a7 in WebCore::StyleSheetContents::parseStringAtLine (this=0x86cca0, sheetText=..., startLineNumber=0, createdByParser=true)
    at ../../Source/WebCore/css/StyleSheetContents.cpp:326
#13 0x00007ffff35bd77a in WebCore::InlineStyleSheetOwner::createSheet (this=0x86d0c8, element=..., text=...)
    at ../../Source/WebCore/dom/InlineStyleSheetOwner.cpp:147
#14 0x00007ffff35bd232 in WebCore::InlineStyleSheetOwner::createSheetFromTextContents (this=0x86d0c8, element=...)
    at ../../Source/WebCore/dom/InlineStyleSheetOwner.cpp:97
#15 0x00007ffff35bd1ef in WebCore::InlineStyleSheetOwner::finishParsingChildren (this=0x86d0c8, element=...)
    at ../../Source/WebCore/dom/InlineStyleSheetOwner.cpp:91
#16 0x00007ffff37ab07f in WebCore::HTMLStyleElement::finishParsingChildren (this=0x86d060) at ../../Source/WebCore/html/HTMLStyleElement.cpp:90
#17 0x00007ffff3848f3e in WebCore::HTMLElementStack::popCommon (this=0x872fc8) at ../../Source/WebCore/html/parser/HTMLElementStack.cpp:578
#18 0x00007ffff3847962 in WebCore::HTMLElementStack::pop (this=0x872fc8) at ../../Source/WebCore/html/parser/HTMLElementStack.cpp:214
#19 0x00007ffff3870feb in WebCore::HTMLTreeBuilder::processEndTag (this=0x872f90, token=0x7fffffffd350)
    at ../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:2179
#20 0x00007ffff38677e2 in WebCore::HTMLTreeBuilder::processToken (this=0x872f90, token=0x7fffffffd350)
    at ../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:386
#21 0x00007ffff38675f4 in WebCore::HTMLTreeBuilder::constructTree (this=0x872f90, token=0x7fffffffd350)
    at ../../Source/WebCore/html/parser/HTMLTreeBuilder.cpp:354
#22 0x00007ffff384110c in WebCore::HTMLDocumentParser::constructTreeFromHTMLToken (this=0x8ba8f0, rawToken=...)
    at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:356
#23 0x00007ffff3840d4f in WebCore::HTMLDocumentParser::pumpTokenizer (this=0x8ba8f0, mode=WebCore::HTMLDocumentParser::AllowYield)
    at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:309
#24 0x00007ffff3840545 in WebCore::HTMLDocumentParser::pumpTokenizerIfPossible (this=0x8ba8f0, mode=WebCore::HTMLDocumentParser::AllowYield)
    at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:189
#25 0x00007ffff38416d7 in WebCore::HTMLDocumentParser::append (this=0x8ba8f0, inputSource=...) at ../../Source/WebCore/html/parser/HTMLDocumentParser.cpp:440
#26 0x00007ffff3533a4f in WebCore::DecodedDataDocumentParser::flush (this=0x8ba8f0, writer=...) at ../../Source/WebCore/dom/DecodedDataDocumentParser.cpp:60
#27 0x00007ffff399082b in WebCore::DocumentWriter::end (this=0xac5440) at ../../Source/WebCore/loader/DocumentWriter.cpp:247
#28 0x00007ffff397d8bb in WebCore::DocumentLoader::finishedLoading (this=0xac53a0, finishTime=0) at ../../Source/WebCore/loader/DocumentLoader.cpp:441
#29 0x00007ffff397d624 in WebCore::DocumentLoader::notifyFinished (this=0xac53a0, resource=0x8c4220) at ../../Source/WebCore/loader/DocumentLoader.cpp:375
#30 0x00007ffff3a23eb9 in WebCore::CachedResource::checkNotify (this=0x8c4220) at ../../Source/WebCore/loader/cache/CachedResource.cpp:334
#31 0x00007ffff3a23fa0 in WebCore::CachedResource::finishLoading (this=0x8c4220) at ../../Source/WebCore/loader/cache/CachedResource.cpp:350
#32 0x00007ffff3a20f5a in WebCore::CachedRawResource::finishLoading (this=0x8c4220, data=0x6f09a0)
    at ../../Source/WebCore/loader/cache/CachedRawResource.cpp:98
#33 0x00007ffff39d7bfa in WebCore::SubresourceLoader::didFinishLoading (this=0x7cfab0, finishTime=0) at ../../Source/WebCore/loader/SubresourceLoader.cpp:310
---Type <return> to continue, or q <return> to quit---
#34 0x00007ffff39d40e7 in WebCore::ResourceLoader::didFinishLoading (this=0x7cfab0, finishTime=0) at ../../Source/WebCore/loader/ResourceLoader.cpp:517
#35 0x00007ffff42968cb in WebCore::readCallback (asyncResult=0x8b9a10, data=0x8b7fd0)
    at ../../Source/WebCore/platform/network/soup/ResourceHandleSoup.cpp:1302
#36 0x00007fffec1d92aa in async_ready_callback_wrapper (source_object=0xa469b0, res=0x8b9a10, user_data=0x8b7fd0) at ginputstream.c:519
#37 0x00007fffec1f8cab in g_task_return_now (task=0x8b9a10) at gtask.c:1108
#38 0x00007fffec1f8cc9 in complete_in_idle_cb (task=0x8b9a10) at gtask.c:1117
#39 0x00007fffeb46a296 in g_main_dispatch (context=0x678310) at gmain.c:3065
#40 g_main_context_dispatch (context=context@entry=0x678310) at gmain.c:3641
#41 0x00007fffeb46a5e8 in g_main_context_iterate (context=0x678310, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at gmain.c:3712
#42 0x00007fffeb46a9ea in g_main_loop_run (loop=0x70fb50) at gmain.c:3906
#43 0x00007ffff3069576 in WTF::RunLoop::run () at ../../Source/WTF/wtf/gtk/RunLoopGtk.cpp:59
#44 0x00007ffff2fa2a00 in WebKit::ChildProcessMain<WebKit::WebProcess, WebKit::WebProcessMain> (argc=2, argv=0x7fffffffdb98)
    at ../../Source/WebKit2/Shared/unix/ChildProcessMain.h:61
#45 0x00007ffff2fa2865 in WebKit::WebProcessMainUnix (argc=2, argv=0x7fffffffdb98) at ../../Source/WebKit2/WebProcess/gtk/WebProcessMainGtk.cpp:73
#46 0x000000000040085d in main (argc=2, argv=0x7fffffffdb98) at ../../Source/WebKit2/WebProcess/EntryPoint/unix/WebProcessMain.cpp:32
Comment 1 Renata Hodovan 2014-08-05 06:09:25 PDT 
Created attachment 236027 [details]
Proposed patch
Comment 2 Andreas Kling 2014-08-05 09:12:11 PDT 
Comment on attachment 236027 [details]
Proposed patch

r=me
Comment 3 WebKit Commit Bot 2014-08-05 09:46:39 PDT 
Comment on attachment 236027 [details]
Proposed patch

Clearing flags on attachment: 236027

Committed r172033: <http://trac.webkit.org/changeset/172033>
Comment 4 WebKit Commit Bot 2014-08-05 09:46:41 PDT 
All reviewed patches have been landed.  Closing bug.