Bug 260827

imported/w3c/web-platform-tests/css/geometry/DOMMatrix-001.html

This test is a constant crash on all platforms.

HISTORY:

https://results.webkit.org/?suite=layout-tests&test=imported%2Fw3c%2Fweb-platform-tests%2Fcss%2Fgeometry%2FDOMMatrix-001.html

CRASH LOG (sample):

ASSERTION FAILED: style()
css/CSSToLengthConversionData.cpp(68) : const WebCore::FontCascade &WebCore::CSSToLengthConversionData::fontCascadeForFontUnits() const
1   0x3435f41a9 WTFCrash
2   0x3e25f591b WTFCrashWithInfo(int, char const*, char const*, int)
3   0x3e6036901 WebCore::CSSToLengthConversionData::fontCascadeForFontUnits() const
4   0x3e5fe9697 WebCore::CSSPrimitiveValue::computeNonCalcLengthDouble(WebCore::CSSToLengthConversionData const&, WebCore::CSSUnitType, double)
5   0x3e5fe91eb WebCore::CSSPrimitiveValue::computeLengthDouble(WebCore::CSSToLengthConversionData const&) const
6   0x3e5fe953d double WebCore::CSSPrimitiveValue::computeLength<double>(WebCore::CSSToLengthConversionData const&) const
...

CRASH LOG (full) LINK:

https://build.webkit.org/results/Apple-Monterey-Debug-WK2-Tests/267321@main%20(8526)/imported/w3c/web-platform-tests/css/geometry/DOMMatrix-001-crash-log.txt

REPRODUCIBILITY:

I was able to reproduce this bug on macOS Ventura 13.5 (22G74/arm64) using the following command:

run-webkit-tests --verbose imported/w3c/web-platform-tests/css/geometry/DOMMatrix-001.html

REGRESSION:

I was able to bisect a regression point. This test reproduced at 267321@main, but it did not reproduce at 267320@main. Changes at 267321@main appear to be directly related to this error, and are likely what caused the failure.