| Summary: | [ Win EWS] js/dfg-int16array.html is a flaky crash under WebCore::LayoutIntegration::LineLayout::constructContent | ||||||
|---|---|---|---|---|---|---|---|
| Product: | WebKit | Reporter: | Robert Jenner <jenner> | ||||
| Component: | Layout and Rendering | Assignee: | Nobody <webkit-unassigned> | ||||
| Status: | NEW --- | ||||||
| Severity: | Normal | CC: | ayumi_kojima, bfulgham, ehutchison, simon.fraser, webkit-bot-watchers-bugzilla, webkit-bug-importer, zalan | ||||
| Priority: | P2 | Keywords: | InRadar | ||||
| Version: | WebKit Nightly Build | ||||||
| Hardware: | Unspecified | ||||||
| OS: | Unspecified | ||||||
| See Also: | https://bugs.webkit.org/show_bug.cgi?id=229626 | ||||||
| Attachments: |
|
||||||
|
Description
Robert Jenner
2021-08-26 17:27:21 PDT
Created attachment 436592 [details]
Full crashlog from windows EWS
Set expectations to [ Pass Crash ] for Windows here: https://trac.webkit.org/changeset/281675/webkit Frame[00] Triage Symbol: [WTF!abort+0x35]
Frame[01] Triage Symbol: [WTF!WTF::fastMalloc+0x18]
Frame[02] Triage Symbol: [WebKit!WebCore::LayoutIntegration::LineLayout::constructContent+0x1c0]
Frame[03] Triage Symbol: [WebKit!WebCore::LayoutIntegration::LineLayout::layout+0x14f]
Frame[04] Triage Symbol: [WebKit!WebCore::RenderBlockFlow::layoutModernLines+0x347]
Frame[05] Triage Symbol: [WebKit!WebCore::RenderBlockFlow::layoutBlock+0x380]
Frame[06] Triage Symbol: [WebKit!WebCore::RenderBlock::layout+0x80]
Frame[07] Triage Symbol: [WebKit!WebCore::RenderBlockFlow::layoutBlockChild+0x292]
Frame[08] Triage Symbol: [WebKit!WebCore::RenderBlockFlow::layoutBlockChildren+0x508]
Frame[09] Triage Symbol: [WebKit!WebCore::RenderBlockFlow::layoutBlock+0x43f]
Frame[0a] Triage Symbol: [WebKit!WebCore::RenderBlock::layout+0x80]
Frame[0b] Triage Symbol: [WebKit!WebCore::RenderBlockFlow::layoutBlockChild+0x292]
Frame[0c] Triage Symbol: [WebKit!WebCore::RenderBlockFlow::layoutBlockChildren+0x508]
Frame[0d] Triage Symbol: [WebKit!WebCore::RenderBlockFlow::layoutBlock+0x43f]
Frame[0e] Triage Symbol: [WebKit!WebCore::RenderBlock::layout+0x80]
Frame[0f] Triage Symbol: [WebKit!WebCore::RenderBlockFlow::layoutBlockChild+0x292]
Frame[10] Triage Symbol: [WebKit!WebCore::RenderBlockFlow::layoutBlockChildren+0x508]
Frame[11] Triage Symbol: [WebKit!WebCore::RenderBlockFlow::layoutBlock+0x43f]
Frame[12] Triage Symbol: [WebKit!WebCore::RenderBlock::layout+0x80]
Frame[13] Triage Symbol: [WebKit!WebCore::RenderView::layout+0x2ed]
Frame[14] Triage Symbol: [WebKit!WebCore::FrameViewLayoutContext::layout+0x5bf]
Frame[15] Triage Symbol: [WebKit!WebCore::Document::implicitClose+0x35d]
Frame[16] Triage Symbol: [WebKit!WebCore::FrameLoader::checkCompleted+0x13f]
Frame[17] Triage Symbol: [WebKit!WebCore::CachedResourceLoader::loadDone+0x80]
Frame[18] Triage Symbol: [WebKit!WebCore::SubresourceLoader::notifyDone+0x55]
Frame[19] Triage Symbol: [WebKit!WebCore::SubresourceLoader::didFinishLoading+0x163]
Frame[1a] Triage Symbol: [WebKit!<lambda_e7e2d454785dfeaf6199132ec807941c>::operator+0xec]
Frame[1b] Triage Symbol: [WTF!WTF::RunLoop::performWork+0x23f]
Two other affected tests: https://trac.webkit.org/changeset/281719/webkit *** Bug 229626 has been marked as a duplicate of this bug. *** js/dfg-uint8array.html is also crashing on Win EWS and has not appeared on OpenSource. History: https://results.webkit.org/?platform=ios&platform=mac&suite=layout-tests&test=js%2Fdfg-uint8array.html Crash Log: https://ews-build.s3-us-west-2.amazonaws.com/Windows-EWS/r438375-105128/js/dfg-uint8array-crash-log.txt Marked expectations: https://trac.webkit.org/changeset/282614/webkit js/dfg-int32array-overflow-values.html also affected: History: https://results.webkit.org/?suite=layout-tests&test=js/dfg-int32array-overflow-values.html Crash Log: https://ews-build.s3-us-west-2.amazonaws.com/Windows-EWS/r438420-105169/js/dfg-int32array-overflow-values-crash-log.txt Update test expectations: http://trac.webkit.org/changeset/282695/webkit js/dfg-int8array.html https://results.webkit.org/?suite=layout-tests&test=js/dfg-int8array.html also affected: History: https://results.webkit.org/?suite=layout-tests&test=js/dfg-int8array.html Crash Log: https://ews-build.s3-us-west-2.amazonaws.com/Windows-EWS/r438688-105450/js/dfg-int8array-crash-log.txt Update test expectations: https://trac.webkit.org/changeset/282772/webkit js/dfg-uint32array-overflow-values.html is affected. History: https://results.webkit.org/?suite=layout-tests&test=js/dfg-uint32array-overflow-values.html Results: https://ews-build.s3-us-west-2.amazonaws.com/Windows-EWS/r438649-105405/results.html Crash Log: https://ews-build.s3-us-west-2.amazonaws.com/Windows-EWS/r438649-105405/js/dfg-uint32array-overflow-values-crash-log.txt Update test expectations: https://trac.webkit.org/changeset/282781/webkit js/dfg-uint8clampedarray.html is a flaky crash on Win EWS History: https://results.webkit.org/?suite=layout-tests&test=js/dfg-uint8clampedarray.html https://ews-build.webkit.org/#/builders/10/builds/105957 Updated test expectations at https://trac.webkit.org/changeset/282892/webkit js/dfg-float64array.html History: https://results.webkit.org/?suite=layout-tests&test=js/dfg-float64array.html Results: https://ews-build.webkit.org/#/builders/10/builds/106064, https://build.webkit.org/results/Apple-Win-10-Release-Tests/r282870%20(2511)/results.html STDIO: 11:53:48.723 5595 worker/11 worker/11 js/dfg-float64array.html crashed, (no stderr) 11:53:48.725 5595 [26997/29873] js/dfg-float64array.html failed unexpectedly (DumpRenderTree crashed [pid=8348]) 11:53:48.726 5595 worker/11 killing driver 11:53:48.726 5595 worker/11 js/dfg-float64array.html failed: 11:53:48.726 5595 worker/11 DumpRenderTree crashed [pid=8348] Updated test expectations at https://trac.webkit.org/changeset/283015/webkit |