Created attachment 442506 [details] Crash Log js/function-apply-aliased.html is a flaky crash on Windows EWS. History: https://results.webkit.org/?suite=layout-tests&test=js/function-apply-aliased.html Build: https://ews-build.webkit.org/#/builders/10/builds/111461 Results: https://ews-build.s3-us-west-2.amazonaws.com/Windows-EWS/r442462-111461-rerun/results.html Crash Log (attached): https://ews-build.s3-us-west-2.amazonaws.com/Windows-EWS/r442462-111461-rerun/js/function-apply-aliased-crash-log.txt ******************************************************************************* * * * Exception Analysis * * * ******************************************************************************* *** WARNING: Unable to verify checksum for C:\cygwin\home\buildbot\worker\Windows-EWS\build\WebKitBuild\Release\bin64\WebKit.dll *** WARNING: Unable to verify checksum for C:\cygwin\home\buildbot\worker\Windows-EWS\build\WebKitBuild\Release\bin64\DumpRenderTreeLib.dll *** WARNING: Unable to verify checksum for C:\cygwin\home\buildbot\worker\Windows-EWS\build\WebKitBuild\Release\bin64\DumpRenderTree.exe *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - *** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - *** WARNING: Unable to verify checksum for C:\cygwin\home\buildbot\worker\Windows-EWS\build\WebKitBuild\Release\bin64\WTF.dll KEY_VALUES_STRING: 1 STACKHASH_ANALYSIS: 1 TIMELINE_ANALYSIS: 1 Timeline: !analyze.Start Name: <blank> Time: 2021-10-26T16:21:19.567Z Diff: 432 mSec Timeline: Dump.Current Name: <blank> Time: 2021-10-26T16:21:20.0Z Diff: 0 mSec Timeline: Process.Start Name: <blank> Time: 2021-10-26T16:16:29.0Z Diff: 291000 mSec Timeline: OS.Boot Name: <blank> Time: 2021-09-23T22:50:19.0Z Diff: -1467106296 mSec DUMP_CLASS: 2 DUMP_QUALIFIER: 0 FAULTING_IP: JavaScriptCore!abort+35 [minkernel\crts\ucrt\src\appcrt\startup\abort.cpp @ 77] 00007ffd`61597add cd29 int 29h EXCEPTION_RECORD: (.exr -1) .exr -1 ExceptionAddress: 00007ffd61597add (JavaScriptCore!abort+0x0000000000000035) ExceptionCode: c0000409 (Security check failure or stack buffer overrun) ExceptionFlags: 00000001 NumberParameters: 1 Parameter[0]: 0000000000000007 Subcode: 0x7 FAST_FAIL_FATAL_APP_EXIT FAULTING_THREAD: 00001aa4 ERROR_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application. EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - The system detected an overrun of a stack-based buffer in this application. This overrun could potentially allow a malicious user to gain control of this application. EXCEPTION_CODE_STR: c0000409 EXCEPTION_PARAMETER1: 0000000000000007
<rdar://problem/84670472>
Updated test expectations at https://trac.webkit.org/changeset/284879/webkit
We're crashing here: void* CompleteSubspace::allocateSlow(VM& vm, size_t size, GCDeferralContext* deferralContext, AllocationFailureMode failureMode) { void* result = tryAllocateSlow(vm, size, deferralContext); if (failureMode == AllocationFailureMode::Assert) RELEASE_ASSERT(result); // <========= line 116 return result; } i.e. we're just running out fo memory / the system is low on memory. This is not a security issue.