Bug 224059

Summary: REGRESSION(r275267): [GTK][WPE] 12 new crashes on service-workers layout tests
Product: WebKit Reporter: Carlos Alberto Lopez Perez <clopez>
Component: Service WorkersAssignee: Chris Dumez <cdumez>
Status: RESOLVED FIXED    
Severity: Normal CC: benjamin, bugs-noreply, cdumez, cgarcia, cmarcelo, ews-watchlist, ggaren, mcatanzaro, webkit-bug-importer, zdobersek
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=223808
Attachments:
Description Flags
full crash log with threads for GTK debug for test imported/w3c/web-platform-tests/service-workers/service-worker/claim-not-using-registration.https.html
none
Patch
none
Patch none

Carlos Alberto Lopez Perez
Reported 2021-04-01 11:22:39 PDT
Created attachment 424915 [details] full crash log with threads for GTK debug for test imported/w3c/web-platform-tests/service-workers/service-worker/claim-not-using-registration.https.html It seems r275267 has caused a regression and now this 11 tests crash on GTK and WPE: Regressions: Unexpected crashes (11) imported/w3c/web-platform-tests/service-workers/service-worker/claim-affect-other-registration.https.html [ Crash ] imported/w3c/web-platform-tests/service-workers/service-worker/claim-not-using-registration.https.html [ Crash ] imported/w3c/web-platform-tests/service-workers/service-worker/claim-using-registration.https.html [ Crash ] imported/w3c/web-platform-tests/service-workers/service-worker/controller-with-no-fetch-event-handler.https.html [ Crash ] imported/w3c/web-platform-tests/service-workers/service-worker/registration-schedule-job.https.html [ Crash ] imported/w3c/web-platform-tests/service-workers/service-worker/registration-script.https.html [ Crash ] imported/w3c/web-platform-tests/service-workers/service-worker/registration-updateviacache.https.html [ Crash ] imported/w3c/web-platform-tests/service-workers/service-worker/skip-waiting-installed.https.html [ Crash ] imported/w3c/web-platform-tests/service-workers/service-worker/update-import-scripts.https.html [ Crash ] imported/w3c/web-platform-tests/service-workers/service-worker/update-recovery.https.html [ Crash ] imported/w3c/web-platform-tests/service-workers/service-worker/update-result.https.html [ Crash ] The crash log is this (for the thread crashing): Thread 1 (Thread 0x7fd6a97fa700 (LWP 2300)): #0 g_logv (log_domain=0x7fd7060d9998 "GLib-GIO", log_level=G_LOG_LEVEL_CRITICAL, format=<optimized out>, args=<optimized out>) at ../glib/gmessages.c:1413 #1 0x00007fd705e45973 in g_log (log_domain=log_domain@entry=0x7fd7060d9998 "GLib-GIO", log_level=log_level@entry=G_LOG_LEVEL_CRITICAL, format=format@entry=0x7fd705e9dad0 "%s: assertion '%s' failed") at ../glib/gmessages.c:1451 #2 0x00007fd705e4619d in g_return_if_fail_warning (log_domain=log_domain@entry=0x7fd7060d9998 "GLib-GIO", pretty_function=pretty_function@entry=0x7fd7060e8920 <__func__.31> "g_output_stream_write_all", expression=expression@entry=0x7fd7060db607 "buffer != NULL") at ../glib/gmessages.c:2883 #3 0x00007fd706019aba in g_output_stream_write_all (stream=0x7fd68c02e170 [GLocalFileOutputStream], buffer=0x0, count=0, bytes_written=0x7fd6a97f6240, cancellable=0x0, error=0x0) at ../gio/goutputstream.c:296 #4 0x00007fd709f15429 in WTF::FileSystemImpl::writeToFile(_GFileIOStream*, char const*, int) (handle=0x7fd68c001a00, data=0x0, length=0) at ../../Source/WTF/wtf/glib/FileSystemGlib.cpp:411 #5 0x00007fd711bcf74b in operator()(uint8_t const*, size_t) const (__closure=0x7fd702f9dae8, data=0x0, size=0) at ../../Source/WebCore/workers/service/server/SWScriptStorage.cpp:102 #6 0x00007fd711be366b in WTF::Detail::CallableWrapper<WebCore::SWScriptStorage::store(const WebCore::ServiceWorkerRegistrationKey&, const WTF::URL&, const WebCore::SharedBuffer&)::<lambda(const uint8_t*, size_t)>, bool, unsigned char const*, long unsigned int>::call(const unsigned char *, unsigned long) (this=0x7fd702f9dae0, in#0=0x0, in#1=0) at WTF/Headers/wtf/Function.h:52 #7 0x00007fd70dc8e65a in WTF::Function<bool (unsigned char const*, unsigned long)>::operator()(unsigned char const*, unsigned long) const (this=0x7fd6a97f63c0, in#0=0x0, in#1=0) at WTF/Headers/wtf/Function.h:83 #8 0x00007fd711bcf70a in operator()(const WTF::Function<bool(unsigned char const*, long unsigned int)> &) const (__closure=0x7fd6a97f63a8, writeData=...) at ../../Source/WebCore/workers/service/server/SWScriptStorage.cpp:92 #9 0x00007fd711bcf930 in WebCore::SWScriptStorage::store(WebCore::ServiceWorkerRegistrationKey const&, WTF::URL const&, WebCore::SharedBuffer const&) (this=0x7fd702f9d980, registrationKey=..., scriptURL=..., script=...) at ../../Source/WebCore/workers/service/server/SWScriptStorage.cpp:101 #10 0x00007fd711bccfb3 in WebCore::RegistrationDatabase::doPushChanges(WTF::Vector<WebCore::ServiceWorkerContextData, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&, WTF::Vector<WebCore::ServiceWorkerRegistrationKey, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc> const&) (this=0x7fd702ff70c0, updatedRegistrations=..., removedRegistrations=...) at ../../Source/WebCore/workers/service/server/RegistrationDatabase.cpp:468 #11 0x00007fd711bcbe91 in operator()() (__closure=0x7fd702f10d78) at ../../Source/WebCore/workers/service/server/RegistrationDatabase.cpp:370 #12 0x00007fd711be3710 in WTF::Detail::CallableWrapper<WebCore::RegistrationDatabase::schedulePushChanges(WTF::Vector<WebCore::ServiceWorkerContextData>&&, WTF::Vector<WebCore::ServiceWorkerRegistrationKey>&&, WebCore::RegistrationDatabase::ShouldRetry, WTF::CompletionHandler<void()>&&)::<lambda()>, void>::call(void) (this=0x7fd702f10d70) at WTF/Headers/wtf/Function.h:52 #13 0x00007fd70d36097b in WTF::Function<void ()>::operator()() const (this=0x7fd6a83fa4a8) at WTF/Headers/wtf/Function.h:83 #14 0x00007fd711bcab5a in operator()() (__closure=0x7fd6a83fa4a0) at ../../Source/WebCore/workers/service/server/RegistrationDatabase.cpp:188 #15 0x00007fd711be3790 in WTF::Detail::CallableWrapper<WebCore::RegistrationDatabase::postTaskToWorkQueue(WTF::Function<void()>&&)::<lambda()>, void>::call(void) (this=0x7fd6a83fa498) at WTF/Headers/wtf/Function.h:52 #16 0x00007fd708eed2b1 in WTF::Function<void ()>::operator()() const (this=0x7fd6a83fa4c0) at WTF/Headers/wtf/Function.h:83 #17 0x00007fd709f10aac in operator()() const (__closure=0x7fd6a83fa4b8) at ../../Source/WTF/wtf/generic/WorkQueueGeneric.cpp:71 #18 0x00007fd709f1296a in WTF::Detail::CallableWrapper<WTF::WorkQueue::dispatch(WTF::Function<void()>&&)::<lambda()>, void>::call(void) (this=0x7fd6a83fa4b0) at ../../Source/WTF/wtf/Function.h:52 #19 0x00007fd708eed2b1 in WTF::Function<void ()>::operator()() const (this=0x7fd6a97f9940) at WTF/Headers/wtf/Function.h:83 #20 0x00007fd709e76805 in WTF::RunLoop::performWork() (this=0x7fd702f9c000) at ../../Source/WTF/wtf/RunLoop.cpp:133 #21 0x00007fd709f183fa in operator()(gpointer) const (__closure=0x0, userData=0x7fd702f9c000) at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:80 #22 0x00007fd709f1841e in _FUN(gpointer) () at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:82 #23 0x00007fd709f1838d in operator()(GSource*, GSourceFunc, gpointer) const (__closure=0x0, source=0x7fd68c003a50, callback=0x7fd709f18401 <_FUN(gpointer)>, userData=0x7fd702f9c000) at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:53 #24 0x00007fd709f183db in _FUN(GSource*, GSourceFunc, gpointer) () at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:56 #25 0x00007fd705e3ddbf in g_main_dispatch (context=0x7fd68c000b60) at ../glib/gmain.c:3337 #26 g_main_context_dispatch (context=0x7fd68c000b60) at ../glib/gmain.c:4055 #27 0x00007fd705e3e168 in g_main_context_iterate (context=0x7fd68c000b60, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4131 #28 0x00007fd705e3e483 in g_main_loop_run (loop=0x7fd68c003a30) at ../glib/gmain.c:4329 #29 0x00007fd709f18998 in WTF::RunLoop::run() () at ../../Source/WTF/wtf/glib/RunLoopGLib.cpp:108 #30 0x00007fd709f108f2 in operator()() const (__closure=0x7fd702ff65a8) at ../../Source/WTF/wtf/generic/WorkQueueGeneric.cpp:51 #31 0x00007fd709f129aa in WTF::Detail::CallableWrapper<WTF::WorkQueue::platformInitialize(char const*, WTF::WorkQueue::Type, WTF::WorkQueue::QOS)::<lambda()>, void>::call(void) (this=0x7fd702ff65a0) at ../../Source/WTF/wtf/Function.h:52 #32 0x00007fd708eed2b1 in WTF::Function<void ()>::operator()() const (this=0x7fd6a97f9c30) at WTF/Headers/wtf/Function.h:83 #33 0x00007fd709e7c47f in WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) (newThreadContext=0x7fd702ff4690) at ../../Source/WTF/wtf/Threading.cpp:181 #34 0x00007fd709f2398d in WTF::wtfThreadEntryPoint(void*) (context=0x7fd702ff4690) at ../../Source/WTF/wtf/posix/ThreadingPOSIX.cpp:241 #35 0x00007fd705dcc4d2 in start_thread (arg=<optimized out>) at pthread_create.c:477 #36 0x00007fd7058ba323 in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:95 I'm attaching the full crash log with threads
Attachments
full crash log with threads for GTK debug for test imported/w3c/web-platform-tests/service-workers/service-worker/claim-not-using-registration.https.html (35.84 KB, text/plain)
2021-04-01 11:22 PDT, Carlos Alberto Lopez Perez 		no flags
Details
Patch (1.95 KB, patch)
2021-04-01 11:52 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (1.58 KB, patch)
2021-04-01 11:57 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Carlos Alberto Lopez Perez
Comment 1 2021-04-01 11:28:20 PDT
And it have made also crash the test http/wpt/service-workers/clone-opaque-being-loaded-response.html (same backtrace)
Chris Dumez
Comment 2 2021-04-01 11:30:22 PDT
Sadly, the issue is not obvious to me. I don't see what's different about the glib port here, expect that it is using a different version of FileSystem::writeToFile(). I will likely need help from someone able to run the glib port to debug this.
Chris Dumez
Comment 3 2021-04-01 11:47:46 PDT
I think this means the buffer that is being passed to g_output_stream_write_all() is nullptr, which I guess is possible if the bufferSize is 0.
Chris Dumez
Comment 4 2021-04-01 11:52:20 PDT
Created attachment 424919 [details] Patch
Chris Dumez
Comment 5 2021-04-01 11:53:14 PDT
I have not been able to validate my fix but I *think* this is what the glib port implementation of fileSystem::writeToFile() did not like.
Chris Dumez
Comment 6 2021-04-01 11:54:05 PDT
Comment on attachment 424919 [details] Patch Have another idea.
Chris Dumez
Comment 7 2021-04-01 11:57:52 PDT
Created attachment 424921 [details] Patch
Carlos Alberto Lopez Perez
Comment 8 2021-04-01 13:39:18 PDT
Comment on attachment 424921 [details] Patch Tested! It fixes the issue! thanks :)
Chris Dumez
Comment 9 2021-04-01 13:40:51 PDT
Comment on attachment 424921 [details] Patch Great, thanks for validating the fix.
EWS
Comment 10 2021-04-01 13:59:20 PDT
Committed r275379: <https://commits.webkit.org/r275379> All reviewed patches have been landed. Closing bug and clearing flags on attachment 424921 [details].
Radar WebKit Bug Importer
Comment 11 2021-04-01 14:00:42 PDT
<rdar://problem/76120318>
Note You need to log in before you can comment on or make changes to this bug.