296773 2025-07-31 15:30:56 -0700 Having `"app_badge": 1` in Declarative Web Push payload causes crash 2025-08-26 08:23:05 -0700 1 1 1 Unclassified WebKit New Bugs Safari 26 Unspecified Unspecified RESOLVED MOVED https://bugs.webkit.org/show_bug.cgi?id=296770 InRadar P2 Normal --- 1 krosylight webkit-unassigned willian oldest_to_newest 2133738 0 krosylight 2025-07-31 15:30:56 -0700 ```json { "web_push": 8030, "notification": { "title": "Webkit.org — Meet Declarative Web Push", "lang": "en-US", "dir": "ltr", "body": "Send push notifications without JavaScript or service worker!", "navigate": "https://webkit.org/blog/16535/meet-declarative-web-push/", "silent": false, "app_badge": "1" } } ``` First of all `app_badge` should actually be the top level member instead of from `notification`. (See also bug 296770.) Anyway: 1. Open https://mozilla-services.github.io/WebPushDataTestPage/?restricted 2. Subscribe, encrypt, add VAPID with an email address 3. Copypaste the generated curl command to terminal Doing so shows a notification and then causes crash: ``` Application Specific Backtrace 0: 0 CoreFoundation 0x0000000196b86ca0 __exceptionPreprocess + 176 1 libobjc.A.dylib 0x000000019664ab90 objc_exception_throw + 88 2 Foundation 0x0000000198109d74 -[NSVariableExpression isEqual:] + 0 3 Foundation 0x0000000198109c64 +[NSBundle bundleWithURL:] + 32 4 Safari 0x00000001c9760e30 -[AppController websiteDataStore:workerOrigin:updatedAppBadge:] + 264 5 WebKit 0x00000001bd7d7a88 _ZN22WebsiteDataStoreClient21workerUpdatedAppBadgeERKN7WebCore18SecurityOriginDataENSt3__18optionalIyEE + 212 6 WebKit 0x00000001bdd8dfc4 _ZZN6WebKit16WebsiteDataStore18processPushMessageEONS_14WebPushMessageEON3WTF17CompletionHandlerIFvbEEEEN3$_0clEbONSt3__18optionalIN7WebCore19NotificationPayloadEEE + 496 7 WebKit 0x00000001bdd8dc54 _ZN6WebKit16WebsiteDataStore18processPushMessageEONS_14WebPushMessageEON3WTF17CompletionHandlerIFvbEEE + 312 8 WebKit 0x00000001bd7c43c0 -[WKWebsiteDataStore(WKPrivate) _processPushMessage:completionHandler:] + 120 9 Safari 0x00000001c975fcc4 -[AppController _processPushMessages:inDataStore:completionHandler:] + 308 10 Safari 0x00000001c975fb40 __61-[AppController _fetchAndProcessPushesWithCompletionHandler:]_block_invoke + 132 11 WebKit 0x00000001bd7d93d0 _ZN3WTF6Detail15CallableWrapperIZ57-[WKWebsiteDataStore(WKPrivate) _getPendingPushMessages:]E5$_151vJRKNS_6VectorIN6WebKit14WebPushMessageELm0ENS_15CrashOnOverflowELm16ENS_10FastMallocEEEEE4callESA_ + 228 12 WebKit 0x00000001bdd68a30 _ZN3WTF6Detail15CallableWrapperIZN3IPC10Connection31makeAsyncReplyCompletionHandlerIN8Messages14NetworkProcess22GetPendingPushMessagesENS_17CompletionHandlerIFvRKNS_6VectorIN6WebKit14WebPushMessageELm0ENS_15CrashOnOverflowELm16ENS_10FastMallocEEEEEEEENS8_IFvPNS2_7DecoderEEEEOT0_NS_19ThreadLikeAssertionEEUlSK_E_vJSK_EE4callESK_ + 112 13 WebKit 0x00000001bdbbb238 _ZN3WTF6Detail15CallableWrapperIZN6WebKit21AuxiliaryProcessProxy11sendMessageEONS_9UniqueRefIN3IPC7EncoderEEENS_9OptionSetINS5_10SendOptionEEENSt3__18optionalINS5_27ConnectionAsyncReplyHandlerEEENS3_35ShouldStartProcessThrottlerActivityEE3$_1vJPNS5_7DecoderEEE4callESJ_ + 64 14 WebKit 0x00000001be25251c _ZN3IPC10Connection15dispatchMessageEN3WTF9UniqueRefINS_7DecoderEEE + 436 15 WebKit 0x00000001be255e24 _ZN3WTF6Detail15CallableWrapperIZN3IPC10Connection22enqueueIncomingMessageENS_9UniqueRefINS2_7DecoderEEEE3$_2vJEE4callEv + 132 16 JavaScriptCore 0x00000001b58d424c _ZN3WTF7RunLoop11performWorkEv + 524 17 JavaScriptCore 0x00000001b58d50e8 _ZN3WTF7RunLoop11performWorkEPv + 36 18 CoreFoundation 0x0000000196b15cd4 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28 19 CoreFoundation 0x0000000196b15c68 __CFRunLoopDoSource0 + 172 20 CoreFoundation 0x0000000196b159d4 __CFRunLoopDoSources0 + 232 21 CoreFoundation 0x0000000196b14628 __CFRunLoopRun + 840 22 CoreFoundation 0x0000000196b13c58 CFRunLoopRunSpecific + 572 23 HIToolbox 0x00000001a25a827c ``` 2134043 1 ap 2025-08-02 11:50:37 -0700 Thank you for the report! I'm not 100% certain, but from the stack trace, this seems more likely to be a Safari issue, not a WebKit one. For now I'll mark this as MOVED, and will let the Safari team know. rdar://133736557 2138821 2 ap 2025-08-26 08:23:05 -0700 *** Bug 297907 has been marked as a duplicate of this bug. ***