Bug 225801

Summary:	[WinCairo][PlayStation] ASSERT(data) fails in DocumentLoader::dataReceived on http/wpt/misc/last-modified-parsing.html
Product:	WebKit	Reporter:	Fujii Hironori <Hironori.Fujii>
Component:	Frames	Assignee:	Fujii Hironori <Hironori.Fujii>
Status:	NEW ---
Severity:	Normal	CC:	achristensen, ap, cdumez, cgambrell, jbedard, webkit-bug-importer, youennf
Priority:	P2	Keywords:	InRadar
Version:	WebKit Nightly Build
Hardware:	Unspecified
OS:	Unspecified
See Also:	https://bugs.webkit.org/show_bug.cgi?id=232448

Description Fujii Hironori 2021-05-13 23:40:17 PDT

ASSERT(data) fails in DocumentLoader::dataReceived

WinCairo Debug r277448.

1. Invoke "python.exe .\Tools\Scripts\run-webkit-httpd" as Admin
2. Start WinCairo Debug MiniBrowser
   .\WebKitBuild\Debug\bin64\MiniBrowser.exe
3. Open http://localhost:8800/WebKit/misc/last-modified-parsing.html
4. Reload
5. Crash

Callstack:

WTF.dll!WTFCrash() Line 305	C++
WebKit2.dll!WTFCrashWithInfo(int __formal, const char * __formal, const char * __formal, int __formal) Line 696	C++
WebKit2.dll!WebCore::DocumentLoader::dataReceived(const char * data, int length) Line 1260	C++
WebKit2.dll!WebCore::DocumentLoader::dataReceived(WebCore::CachedResource & resource, const char * data, int length) Line 1251	C++
WebKit2.dll!WebCore::CachedRawResource::didAddClient::__l2::void <lambda>(WebCore::ResourceRequest &&)::__l2::<lambda>() Line 172	C++
WebKit2.dll!WTF::Detail::CallableWrapper<void <lambda>(void),void>::call() Line 52	C++
WebKit2.dll!WTF::Function<void __cdecl(void)>::operator()() Line 84	C++
WebKit2.dll!WTF::CompletionHandler<void __cdecl(void)>::operator()() Line 67	C++
WebKit2.dll!WebCore::DocumentLoader::responseReceived::__l2::<lambda>(WebCore::PolicyAction policy, WebCore::PolicyCheckIdentifier responseIdentifier) Line 951	C++
WebKit2.dll!WTF::Detail::CallableWrapper<void <lambda>(WebCore::PolicyAction, WebCore::PolicyCheckIdentifier),void,enum WebCore::PolicyAction,WebCore::PolicyCheckIdentifier>::call(WebCore::PolicyAction <in_0>, WebCore::PolicyCheckIdentifier <in_1>) Line 52	C++
WebKit2.dll!WTF::Function<void __cdecl(enum WebCore::PolicyAction,WebCore::PolicyCheckIdentifier)>::operator()(WebCore::PolicyAction <in_0>, WebCore::PolicyCheckIdentifier <in_1>) Line 84	C++
WebKit2.dll!WebKit::WebFrame::didReceivePolicyDecision(unsigned __int64 listenerID, WebKit::PolicyDecision && policyDecision) Line 288	C++
WebKit2.dll!WebKit::WebPage::didReceivePolicyDecision(WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType> frameID, unsigned __int64 listenerID, WebKit::PolicyDecision && policyDecision, const WebKit::SandboxExtension::HandleArray & networkExtensionsHandles) Line 3499	C++
WebKit2.dll!IPC::callMemberFunctionImpl<WebKit::WebPage,void (__cdecl WebKit::WebPage::*)(WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>,unsigned __int64,WebKit::PolicyDecision &&,WebKit::SandboxExtension::HandleArray const &),std::tuple<WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>,unsigned __int64,WebKit::PolicyDecision,WebKit::SandboxExtension::HandleArray>,0,1,2,3>(WebKit::WebPage * object, void(WebKit::WebPage::*)(WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>, unsigned __int64, WebKit::PolicyDecision &&, const WebKit::SandboxExtension::HandleArray &) function, std::tuple<WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>,unsigned __int64,WebKit::PolicyDecision,WebKit::SandboxExtension::HandleArray> && args, std::integer_sequence<unsigned __int64,0,1,2,3> __formal) Line 44	C++
WebKit2.dll!IPC::callMemberFunction<WebKit::WebPage,void (__cdecl WebKit::WebPage::*)(WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>,unsigned __int64,WebKit::PolicyDecision &&,WebKit::SandboxExtension::HandleArray const &),std::tuple<WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>,unsigned __int64,WebKit::PolicyDecision,WebKit::SandboxExtension::HandleArray>,std::integer_sequence<unsigned __int64,0,1,2,3>>(std::tuple<WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>,unsigned __int64,WebKit::PolicyDecision,WebKit::SandboxExtension::HandleArray> && args, WebKit::WebPage * object, void(WebKit::WebPage::*)(WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>, unsigned __int64, WebKit::PolicyDecision &&, const WebKit::SandboxExtension::HandleArray &) function) Line 50	C++
WebKit2.dll!IPC::handleMessage<Messages::WebPage::DidReceivePolicyDecision,WebKit::WebPage,void (__cdecl WebKit::WebPage::*)(WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>,unsigned __int64,WebKit::PolicyDecision &&,WebKit::SandboxExtension::HandleArray const &)>(IPC::Decoder & decoder, WebKit::WebPage * object, void(WebKit::WebPage::*)(WTF::ObjectIdentifier<enum WebCore::FrameIdentifierType>, unsigned __int64, WebKit::PolicyDecision &&, const WebKit::SandboxExtension::HandleArray &) function) Line 120	C++
WebKit2.dll!WebKit::WebPage::didReceiveWebPageMessage(IPC::Connection & connection, IPC::Decoder & decoder) Line 3284	C++
WebKit2.dll!WebKit::WebPage::didReceiveMessage(IPC::Connection & connection, IPC::Decoder & decoder) Line 4946	C++
WebKit2.dll!IPC::MessageReceiverMap::dispatchMessage(IPC::Connection & connection, IPC::Decoder & decoder) Line 130	C++
WebKit2.dll!WebKit::WebProcess::didReceiveMessage(IPC::Connection & connection, IPC::Decoder & decoder) Line 852	C++
WebKit2.dll!IPC::Connection::dispatchMessage(IPC::Decoder & decoder) Line 1052	C++
WebKit2.dll!IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder,std::default_delete<IPC::Decoder>> message) Line 1098	C++
WebKit2.dll!IPC::Connection::dispatchOneIncomingMessage() Line 1166	C++
WebKit2.dll!IPC::Connection::enqueueIncomingMessage::__l2::<lambda>() Line 1021	C++
WebKit2.dll!WTF::Detail::CallableWrapper<void <lambda>(void),void>::call() Line 52	C++
WTF.dll!WTF::Function<void __cdecl(void)>::operator()() Line 84	C++
WTF.dll!WTF::RunLoop::performWork() Line 134	C++
WTF.dll!WTF::RunLoop::wndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 57	C++
WTF.dll!WTF::RunLoop::RunLoopWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 39	C++
[External Code]	
WTF.dll!WTF::RunLoop::run() Line 74	C++
WebKit2.dll!WebKit::AuxiliaryProcessMainBase<WebKit::WebProcess,1>::run(int argc, char * * argv) Line 71	C++
WebKit2.dll!WebKit::AuxiliaryProcessMain<WebKit::WebProcessMainWin>(int argc, char * * argv) Line 97	C++
WebKit2.dll!WebKit::WebProcessMain(int argc, char * * argv) Line 58	C++
WebKitWebProcess.exe!main(int argc, char * * argv) Line 35	C++
[External Code]

Comment 1 Alexey Proskuryakov 2021-05-17 13:59:09 PDT

While this is obviously hitting a bug (probably in the WinCairo port), the issue was probably unnecessarily triggered by a rewrite of this test, and can be worked around in some way.

Comment 2 Fujii Hironori 2021-05-17 14:30:11 PDT

(In reply to Alexey Proskuryakov from comment #1)
> While this is obviously hitting a bug (probably in the WinCairo port), the
> issue was probably unnecessarily triggered by a rewrite of this test, and
> can be worked around in some way.

No, http/wpt/misc/last-modified-parsing.html doesn't trigger this assertion failure. You need to manually reloading the test content to reproduce it.
I found this assertion failure while debugging http/wpt/misc/last-modified-parsing.html test failure of Windows ports (Bug 209455).

r277408 updated AppleWin's TestExpectations, but WinCairo's.
That was the reason I noticed and looked into the test failure.

Comment 3 Radar WebKit Bug Importer 2021-05-20 23:41:16 PDT

<rdar://problem/78297185>

Comment 4 Chris Dumez 2021-06-14 14:06:45 PDT

Doesn't reproduce on macOS.

Comment 5 Fujii Hironori 2021-06-14 17:46:48 PDT

Thank you for the checking.

WebResourceLoader::didReceiveResource checks data size is not zero, but WebResourceLoader::didReceiveData doesn't.
https://github.com/WebKit/WebKit/blob/448d79ba91dea24fa503667995b4189733898f07/Source/WebKit/WebProcess/Network/WebResourceLoader.cpp#L313,L314

WinCairo and PlayStation ports seem the only port disabling ENABLE_SHAREABLE_RESOURCE.
They should consider enabling it.