[Webkit-unassigned] [Bug 206665] New: REGRESSION: (r254969) css3/shapes/shape-outside/values/shape-outside-ellipse-004.html is crashing
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Thu Jan 23 08:52:28 PST 2020
https://bugs.webkit.org/show_bug.cgi?id=206665
Bug ID: 206665
Summary: REGRESSION: (r254969)
css3/shapes/shape-outside/values/shape-outside-ellipse
-004.html is crashing
Product: WebKit
Version: WebKit Nightly Build
Hardware: Unspecified
OS: Unspecified
Status: NEW
Severity: Normal
Priority: P2
Component: CSS
Assignee: webkit-unassigned at lists.webkit.org
Reporter: jacob_uphoff at apple.com
css3/shapes/shape-outside/values/shape-outside-ellipse-004.html is crashing and this started on commit 254969
I did not try to reproduce the crash. It is happening on debug with wk1 and wk2 on macOS and iOS.
History:
https://results.webkit.org/?suite=layout-tests&test=css3%2Fshapes%2Fshape-outside%2Fvalues%2Fshape-outside-ellipse-004.html
Crasher:
No crash log found for com.apple.WebKit.WebContent.Development:19258.
stdout:
stderr:
ASSERTION FAILED: bits < (1ULL << maxBits)
/Volumes/Data/slave/ios-simulator-13-debug/build/Source/JavaScriptCore/bytecode/Operands.h(79) : uint64_t JSC::Operand::asBits() const
1 0x3e4f76be9 WTFCrash
2 0x3e61777fb WTFCrashWithInfo(int, char const*, char const*, int)
3 0x3e57137ee JSC::Operand::asBits() const
4 0x3e572eac1 JSC::DFG::OpInfo::OpInfo(JSC::Operand)
5 0x3e572ea2d JSC::DFG::OpInfo::OpInfo(JSC::Operand)
6 0x3e5752b67 JSC::DFG::ByteCodeParser::setDirect(JSC::Operand, JSC::DFG::Node*, JSC::DFG::ByteCodeParser::SetMode)
7 0x3e579b4d8 JSC::DFG::ByteCodeParser::handleVarargsInlining(JSC::DFG::Node*, JSC::VirtualRegister, JSC::CallLinkStatus const&, int, JSC::VirtualRegister, JSC::VirtualRegister, unsigned int, JSC::DFG::NodeType, JSC::InlineCallFrame::Kind)::$_3::operator()(JSC::CodeBlock*) const
8 0x3e5751b3a void JSC::DFG::ByteCodeParser::inlineCall<JSC::DFG::ByteCodeParser::handleVarargsInlining(JSC::DFG::Node*, JSC::VirtualRegister, JSC::CallLinkStatus const&, int, JSC::VirtualRegister, JSC::VirtualRegister, unsigned int, JSC::DFG::NodeType, JSC::InlineCallFrame::Kind)::$_3>(JSC::DFG::Node*, JSC::VirtualRegister, JSC::CallVariant, int, int, JSC::InlineCallFrame::Kind, JSC::DFG::BasicBlock*, JSC::DFG::ByteCodeParser::handleVarargsInlining(JSC::DFG::Node*, JSC::VirtualRegister, JSC::CallLinkStatus const&, int, JSC::VirtualRegister, JSC::VirtualRegister, unsigned int, JSC::DFG::NodeType, JSC::InlineCallFrame::Kind)::$_3 const&)
9 0x3e5751815 JSC::DFG::ByteCodeParser::handleVarargsInlining(JSC::DFG::Node*, JSC::VirtualRegister, JSC::CallLinkStatus const&, int, JSC::VirtualRegister, JSC::VirtualRegister, unsigned int, JSC::DFG::NodeType, JSC::InlineCallFrame::Kind)
10 0x3e57748dc JSC::DFG::ByteCodeParser::Terminality JSC::DFG::ByteCodeParser::handleVarargsCall<JSC::OpCallVarargs>(JSC::Instruction const*, JSC::DFG::NodeType, JSC::CallMode)
11 0x3e5768b93 JSC::DFG::ByteCodeParser::parseBlock(unsigned int)
12 0x3e5778ba4 JSC::DFG::ByteCodeParser::parseCodeBlock()
13 0x3e57792b0 JSC::DFG::ByteCodeParser::parse()
14 0x3e577a7bb JSC::DFG::parse(JSC::DFG::Graph&)
15 0x3e59f4af8 JSC::DFG::Plan::compileInThreadImpl()
16 0x3e59f4298 JSC::DFG::Plan::compileInThread(JSC::DFG::ThreadData*)
17 0x3e5b3a8c0 JSC::DFG::Worklist::ThreadBody::work()
18 0x3e4f8d139 WTF::AutomaticThread::start(WTF::AbstractLocker const&)::$_0::operator()() const
19 0x3e4f8cd29 WTF::Detail::CallableWrapper<WTF::AutomaticThread::start(WTF::AbstractLocker const&)::$_0, void>::call()
20 0x3e4fa10aa WTF::Function<void ()>::operator()() const
21 0x3e504a610 WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*)
22 0x3e5056795 WTF::wtfThreadEntryPoint(void*)
23 0x10e8cad76 _pthread_start
24 0x10e8c75d7 thread_start
LEAK: 1 WebPageProxy
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20200123/c20f38b4/attachment-0001.htm>
More information about the webkit-unassigned
mailing list