Bug 180481

Summary: REGRESSION (r225537): Crash in WebCore::SWServerWorker::setHasPendingEvents(bool) + 68
Product: WebKit Reporter: Ryan Haddad <ryanhaddad>
Component: New BugsAssignee: youenn fablet <youennf>
Status: RESOLVED FIXED    
Severity: Normal CC: beidson, cdumez, commit-queue, jlewis3, lforschler, webkit-bug-importer, youennf
Priority: P2 Keywords: InRadar
Version: Other   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=180261
Attachments:
Description Flags
Crash log
none
Patch none

Ryan Haddad
Reported 2017-12-06 10:24:35 PST
Created attachment 328582 [details] Crash log This crash was seen with imported/w3c/web-platform-tests/service-workers/service-worker/invalid-header.https.html Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x000000010aaccbd4 WebCore::SWServerWorker::setHasPendingEvents(bool) + 68 (SWServerWorker.cpp:145) 1 com.apple.WebKit 0x00000001087d77d7 void IPC::handleMessage<Messages::WebSWServerToContextConnection::SetServiceWorkerHasPendingEvents, WebKit::WebSWServerToContextConnection, void (WebCore::SWServerToContextConnection::*)(WTF::ObjectIdentifier<WebCore::ServiceWorkerIdentifierType>, bool)>(IPC::Decoder&, WebKit::WebSWServerToContextConnection*, void (WebCore::SWServerToContextConnection::*)(WTF::ObjectIdentifier<WebCore::ServiceWorkerIdentifierType>, bool)) + 77 (HandleMessage.h:127) 2 com.apple.WebKit 0x00000001084f92ab IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 119 (Connection.cpp:930) 3 com.apple.WebKit 0x00000001084fbdea IPC::Connection::dispatchOneMessage() + 176 (Connection.cpp:959) 4 com.apple.JavaScriptCore 0x000000010dd94e6f WTF::RunLoop::performWork() + 175 (RunLoop.cpp:106) 5 com.apple.JavaScriptCore 0x000000010dd950a2 WTF::RunLoop::performWork(void*) + 34 (RunLoopCF.cpp:39) 6 com.apple.CoreFoundation 0x00007fff87ec23e1 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 7 com.apple.CoreFoundation 0x00007fff87ea365c __CFRunLoopDoSources0 + 556 8 com.apple.CoreFoundation 0x00007fff87ea2b46 __CFRunLoopRun + 934 9 com.apple.CoreFoundation 0x00007fff87ea2544 CFRunLoopRunSpecific + 420 10 com.apple.Foundation 0x00007fff898d3252 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 277 11 com.apple.Foundation 0x00007fff898d312a -[NSRunLoop(NSRunLoop) run] + 76 12 libxpc.dylib 0x00007fff9dcc689b _xpc_objc_main + 731 13 libxpc.dylib 0x00007fff9dcc52e4 xpc_main + 494 14 com.apple.WebKit.Storage 0x00000001084a869a main + 490 (XPCServiceMain.mm:122) 15 libdyld.dylib 0x00007fff9da6d235 start + 1 https://build.webkit.org/results/Apple%20Sierra%20Release%20WK2%20(Tests)/r225573%20(6188)/results.html
Attachments
Crash log (49.20 KB, text/plain)
2017-12-06 10:24 PST, Ryan Haddad 		no flags
Details
Patch (1.59 KB, patch)
2017-12-06 10:38 PST, youenn fablet 		no flags
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Ryan Haddad
Comment 1 2017-12-06 10:25:59 PST
Similar crash seen with imported/w3c/web-platform-tests/service-workers/service-worker/fetch-event.https.html here: https://build.webkit.org/results/Apple%20High%20Sierra%20Release%20WK2%20(Tests)/r225573%20(1574)/results.html Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.WebCore 0x0000000107871f7d WebCore::SWServerWorker::setHasPendingEvents(bool) + 77 (SWServerRegistration.h:58) 1 com.apple.WebKit 0x0000000105522423 void IPC::handleMessage<Messages::WebSWServerToContextConnection::SetServiceWorkerHasPendingEvents, WebKit::WebSWServerToContextConnection, void (WebCore::SWServerToContextConnection::*)(WTF::ObjectIdentifier<WebCore::ServiceWorkerIdentifierType>, bool)>(IPC::Decoder&, WebKit::WebSWServerToContextConnection*, void (WebCore::SWServerToContextConnection::*)(WTF::ObjectIdentifier<WebCore::ServiceWorkerIdentifierType>, bool)) + 77 (HandleMessage.h:127) 2 com.apple.WebKit 0x0000000105242ddd IPC::Connection::dispatchMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >) + 119 (Connection.cpp:930) 3 com.apple.WebKit 0x0000000105245916 IPC::Connection::dispatchOneMessage() + 176 (Connection.cpp:959) 4 com.apple.JavaScriptCore 0x000000010abc73b8 WTF::RunLoop::performWork() + 376 (RunLoop.cpp:123) 5 com.apple.JavaScriptCore 0x000000010abc7522 WTF::RunLoop::performWork(void*) + 34 (RunLoopCF.cpp:39) 6 com.apple.CoreFoundation 0x00007fff306bf711 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 17 7 com.apple.CoreFoundation 0x00007fff3077739c __CFRunLoopDoSource0 + 108 8 com.apple.CoreFoundation 0x00007fff306a2700 __CFRunLoopDoSources0 + 208 9 com.apple.CoreFoundation 0x00007fff306a1b7d __CFRunLoopRun + 1293 10 com.apple.CoreFoundation 0x00007fff306a13d7 CFRunLoopRunSpecific + 487 11 com.apple.Foundation 0x00007fff3279bb76 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 277 12 com.apple.Foundation 0x00007fff3279ba4e -[NSRunLoop(NSRunLoop) run] + 76 13 libxpc.dylib 0x00007fff58263403 _xpc_objc_main + 536 14 libxpc.dylib 0x00007fff58262082 xpc_main + 417 15 com.apple.WebKit.Storage 0x00000001051f36a1 main + 490 16 libdyld.dylib 0x00007fff57f96115 start + 1
Ryan Haddad
Comment 2 2017-12-06 10:27:28 PST
Probably due to https://trac.webkit.org/changeset/225537/webkit
Ryan Haddad
Comment 3 2017-12-06 10:32:01 PST
Found a crash on a debug bot: ASSERTION FAILED: registration /Volumes/Data/slave/highsierra-debug/build/Source/WebCore/workers/service/server/SWServerWorker.cpp(144) : void WebCore::SWServerWorker::setHasPendingEvents(bool) https://build.webkit.org/results/Apple%20El%20Capitan%20Debug%20WK2%20(Tests)/r225572%20(4486)/results.html
youenn fablet
Comment 4 2017-12-06 10:35:31 PST
Thanks Ryan, I will fix it shortly by adding an if null check. We might want to do future refactoring to improve on those issues. I would expect a SWServerWorker to have a related registration but there is no such guarantee right now.
youenn fablet
Comment 5 2017-12-06 10:38:47 PST
Created attachment 328587 [details] Patch
WebKit Commit Bot
Comment 6 2017-12-06 11:01:02 PST
Comment on attachment 328587 [details] Patch Clearing flags on attachment: 328587 Committed r225581: <https://trac.webkit.org/changeset/225581>
WebKit Commit Bot
Comment 7 2017-12-06 11:01:04 PST
All reviewed patches have been landed. Closing bug.
youenn fablet
Comment 8 2017-12-06 13:58:49 PST
*** Bug 180501 has been marked as a duplicate of this bug. ***
Radar WebKit Bug Importer
Comment 9 2017-12-06 16:21:55 PST
<rdar://problem/35895842>
Radar WebKit Bug Importer
Comment 10 2017-12-06 16:21:57 PST
<rdar://problem/35895844>
Note You need to log in before you can comment on or make changes to this bug.