Bug 237165

Summary: [ BigSur+ Debug wk2 EWS ] imported/w3c/web-platform-tests/html/webappapis/dynamic-markup-insertion/opening-the-input-stream/quirks.window.html is a flaky crash
Product: WebKit Reporter: Robert Jenner <jenner>
Component: Tools / TestsAssignee: Robert Jenner <jenner>
Status: RESOLVED FIXED    
Severity: Normal CC: cdumez, sihui_liu, webkit-bot-watchers-bugzilla, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch
none
Patch for landing none

Robert Jenner
Reported 2022-02-24 15:35:32 PST
imported/w3c/web-platform-tests/html/webappapis/dynamic-markup-insertion/opening-the-input-stream/quirks.window.html is a flaky crash on BigSur and Monterey Debug, and BigSur Debug EWS. HISTORY: https://results.webkit.org/?suite=layout-tests&test=imported%2Fw3c%2Fweb-platform-tests%2Fhtml%2Fwebappapis%2Fdynamic-markup-insertion%2Fopening-the-input-stream%2Fquirks.window.html EWS LINK: https://ews-build.webkit.org/#/builders/60/builds/24851 STDERR TEXT: No crash log found for com.apple.WebKit.Networking.Development:52671. stdout: stderr: 3 0x103f798ec WebKit::StorageAreaBase::addListener(WTF::ObjectIdentifier<IPC::Connection::UniqueIDType>, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>) 4 0x103f25850 WebKit::LocalStorageManager::connectToLocalStorageArea(WTF::ObjectIdentifier<IPC::Connection::UniqueIDType>, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WebCore::ClientOrigin const&, WTF::Ref<WTF::WorkQueue, WTF::RawPtrTraits<WTF::WorkQueue> >&&) 5 0x103f70b94 WebKit::NetworkStorageManager::connectToStorageArea(IPC::Connection&, WebCore::StorageType, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WTF::ObjectIdentifier<WebKit::StorageNamespaceIdentifierType>, WebCore::ClientOrigin const&, WTF::CompletionHandler<void (WTF::ObjectIdentifier<WebKit::StorageAreaIdentifierType>, WTF::HashMap<WTF::String, WTF::String, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTableTraits>, unsigned long long)>&&) 6 0x103213034 void IPC::callMemberFunctionImpl<WebKit::NetworkStorageManager, void (WebKit::NetworkStorageManager::*)(IPC::Connection&, WebCore::StorageType, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WTF::ObjectIdentifier<WebKit::StorageNamespaceIdentifierType>, WebCore::ClientOrigin const&, WTF::CompletionHandler<void (WTF::ObjectIdentifier<WebKit::StorageAreaIdentifierType>, WTF::HashMap<WTF::String, WTF::String, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTableTraits>, unsigned long long)>&&), void (WTF::ObjectIdentifier<WebKit::StorageAreaIdentifierType> const&, WTF::HashMap<WTF::String, WTF::String, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTableTraits> const&, unsigned long long), std::__1::tuple<WebCore::StorageType, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WTF::ObjectIdentifier<WebKit::StorageNamespaceIdentifierType>, WebCore::ClientOrigin>, 0ul, 1ul, 2ul, 3ul>(IPC::Connection&, WebKit::NetworkStorageManager*, void (WebKit::NetworkStorageManager::*)(IPC::Connection&, WebCore::StorageType, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WTF::ObjectIdentifier<WebKit::StorageNamespaceIdentifierType>, WebCore::ClientOrigin const&, WTF::CompletionHandler<void (WTF::ObjectIdentifier<WebKit::StorageAreaIdentifierType>, WTF::HashMap<WTF::String, WTF::String, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTableTraits>, unsigned long long)>&&), WTF::CompletionHandler<void (WTF::ObjectIdentifier<WebKit::StorageAreaIdentifierType> const&, WTF::HashMap<WTF::String, WTF::String, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTableTraits> const&, unsigned long long)>&&, std::__1::tuple<WebCore::StorageType, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WTF::ObjectIdentifier<WebKit::StorageNamespaceIdentifierType>, WebCore::ClientOrigin>&&, std::__1::integer_sequence<unsigned long, 0ul, 1ul, 2ul, 3ul>) 7 0x10320ecc4 void IPC::callMemberFunction<WebKit::NetworkStorageManager, void (WebKit::NetworkStorageManager::*)(IPC::Connection&, WebCore::StorageType, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WTF::ObjectIdentifier<WebKit::StorageNamespaceIdentifierType>, WebCore::ClientOrigin const&, WTF::CompletionHandler<void (WTF::ObjectIdentifier<WebKit::StorageAreaIdentifierType>, WTF::HashMap<WTF::String, WTF::String, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTableTraits>, unsigned long long)>&&), void (WTF::ObjectIdentifier<WebKit::StorageAreaIdentifierType> const&, WTF::HashMap<WTF::String, WTF::String, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTableTraits> const&, unsigned long long), std::__1::tuple<WebCore::StorageType, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WTF::ObjectIdentifier<WebKit::StorageNamespaceIdentifierType>, WebCore::ClientOrigin>, std::__1::integer_sequence<unsigned long, 0ul, 1ul, 2ul, 3ul> >(IPC::Connection&, std::__1::tuple<WebCore::StorageType, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WTF::ObjectIdentifier<WebKit::StorageNamespaceIdentifierType>, WebCore::ClientOrigin>&&, WTF::CompletionHandler<void (WTF::ObjectIdentifier<WebKit::StorageAreaIdentifierType> const&, WTF::HashMap<WTF::String, WTF::String, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTableTraits> const&, unsigned long long)>&&, WebKit::NetworkStorageManager*, void (WebKit::NetworkStorageManager::*)(IPC::Connection&, WebCore::StorageType, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WTF::ObjectIdentifier<WebKit::StorageNamespaceIdentifierType>, WebCore::ClientOrigin const&, WTF::CompletionHandler<void (WTF::ObjectIdentifier<WebKit::StorageAreaIdentifierType>, WTF::HashMap<WTF::String, WTF::String, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTableTraits>, unsigned long long)>&&)) 8 0x1031eb7a4 void IPC::handleMessageAsyncWantsConnection<Messages::NetworkStorageManager::ConnectToStorageArea, WebKit::NetworkStorageManager, void (WebKit::NetworkStorageManager::*)(IPC::Connection&, WebCore::StorageType, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WTF::ObjectIdentifier<WebKit::StorageNamespaceIdentifierType>, WebCore::ClientOrigin const&, WTF::CompletionHandler<void (WTF::ObjectIdentifier<WebKit::StorageAreaIdentifierType>, WTF::HashMap<WTF::String, WTF::String, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTableTraits>, unsigned long long)>&&)>(IPC::Connection&, IPC::Decoder&, WebKit::NetworkStorageManager*, void (WebKit::NetworkStorageManager::*)(IPC::Connection&, WebCore::StorageType, WTF::ObjectIdentifier<WebKit::StorageAreaMapIdentifierType>, WTF::ObjectIdentifier<WebKit::StorageNamespaceIdentifierType>, WebCore::ClientOrigin const&, WTF::CompletionHandler<void (WTF::ObjectIdentifier<WebKit::StorageAreaIdentifierType>, WTF::HashMap<WTF::String, WTF::String, WTF::DefaultHash<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTraits<WTF::String>, WTF::HashTableTraits>, unsigned long long)>&&)) 9 0x1031e9374 WebKit::NetworkStorageManager::didReceiveMessage(IPC::Connection&, IPC::Decoder&) 10 0x1040218e0 IPC::Connection::dispatchMessageReceiverMessage(IPC::MessageReceiver&, std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >&&) 11 0x10402ae58 IPC::WorkQueueMessageReceiverQueue::enqueueMessage(IPC::Connection&, std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >&&)::'lambda'()::operator()() 12 0x10402ab9c WTF::Detail::CallableWrapper<IPC::WorkQueueMessageReceiverQueue::enqueueMessage(IPC::Connection&, std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >&&)::'lambda'(), void>::call() 13 0x13d922e14 WTF::Function<void ()>::operator()() const 14 0x13d9eaec8 WTF::SuspendableWorkQueue::dispatch(WTF::Function<void ()>&&)::$_1::operator()() const 15 0x13d9eadcc WTF::Detail::CallableWrapper<WTF::SuspendableWorkQueue::dispatch(WTF::Function<void ()>&&)::$_1, void>::call() 16 0x13d922e14 WTF::Function<void ()>::operator()() const 17 0x13da63190 WTF::(anonymous namespace)::DispatchWorkItem::operator()() 18 0x13da6148c void WTF::dispatchWorkItem<WTF::(anonymous namespace)::DispatchWorkItem>(void*) 19 0x19a5cbec0 _dispatch_client_callout 20 0x19a5d36a8 _dispatch_lane_serial_drain 21 0x19a5d42a4 _dispatch_lane_invoke 22 0x19a5deb74 _dispatch_workloop_worker_thread 23 0x19a77789c _pthread_wqthread 24 0x19a7765d4 start_wqthread LEAK: 1 WebPageProxy
Attachments
Patch (16.41 KB, patch)
2022-03-21 12:00 PDT, Sihui Liu 		no flags
DetailsFormatted DiffDiff
Patch for landing (16.55 KB, patch)
2022-03-23 16:10 PDT, Sihui Liu 		no flags
DetailsFormatted DiffDiff
Show Obsolete (1) View All Add attachment proposed patch, testcase, etc.
Robert Jenner
Comment 1 2022-02-24 15:45:42 PST
Since this was having a negative impact on EWS, I have marked the expectations here as [ Pass Crash ] while I am investigating this: https://trac.webkit.org/changeset/290472/webkit
Radar WebKit Bug Importer
Comment 2 2022-02-24 15:46:01 PST
<rdar://problem/89443602>
Robert Jenner
Comment 3 2022-03-14 14:29:03 PDT
The crash is pretty flaky. It happens more on Big Sur than it does on Monterey, but I have seen it in Monterey's history. I have attempted to reproduce it on both Big Sur and Monterey, as well as on Intel and Apple Silicon platforms, and I have been unable to reproduce it, even with --force (since I have set an expectation for the test) and up-to 10000 iterations.
Sihui Liu
Comment 4 2022-03-21 12:00:45 PDT
Created attachment 455259 [details] Patch
Chris Dumez
Comment 5 2022-03-23 14:41:34 PDT
Comment on attachment 455259 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=455259&action=review > Source/WebKit/NetworkProcess/storage/NetworkStorageManager.cpp:786 > + if (!m_localOriginStorageManagers.contains(origin)) double hash map look up here.. > Source/WebKit/NetworkProcess/storage/NetworkStorageManager.cpp:790 > + auto manager = m_localOriginStorageManagers.get(origin); .. and here. This is unnecessarily inefficient. > Source/WebKit/WebProcess/WebStorage/StorageAreaMap.cpp:327 > +StorageType StorageAreaMap::computeStorageType() can this be const? > Source/WebKit/WebProcess/WebStorage/StorageAreaMap.cpp:336 > +WebCore::ClientOrigin StorageAreaMap::clientOrigin() Can this be const?
Chris Dumez
Comment 6 2022-03-23 15:27:47 PDT
Comment on attachment 455259 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=455259&action=review r=me with changes. > Source/WebKit/WebProcess/WebStorage/StorageAreaMap.cpp:360 > auto completionHandler = [this, weakThis = WeakPtr { *this }, weakConnection = WeakPtr { ipcConnection }](auto remoteAreaIdentifier, auto items, auto messageIdentifier) mutable { Seems to be capturing the ipcConnection unnecessarily now.
Sihui Liu
Comment 7 2022-03-23 16:10:19 PDT
Comment on attachment 455259 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=455259&action=review >> Source/WebKit/NetworkProcess/storage/NetworkStorageManager.cpp:786 >> + if (!m_localOriginStorageManagers.contains(origin)) > > double hash map look up here.. Will use find() instead. >> Source/WebKit/WebProcess/WebStorage/StorageAreaMap.cpp:327 >> +StorageType StorageAreaMap::computeStorageType() > > can this be const? Sure. >> Source/WebKit/WebProcess/WebStorage/StorageAreaMap.cpp:336 >> +WebCore::ClientOrigin StorageAreaMap::clientOrigin() > > Can this be const? Sure. >> Source/WebKit/WebProcess/WebStorage/StorageAreaMap.cpp:360 >> auto completionHandler = [this, weakThis = WeakPtr { *this }, weakConnection = WeakPtr { ipcConnection }](auto remoteAreaIdentifier, auto items, auto messageIdentifier) mutable { > > Seems to be capturing the ipcConnection unnecessarily now. Will remove.
Sihui Liu
Comment 8 2022-03-23 16:10:26 PDT
Created attachment 455576 [details] Patch for landing
EWS
Comment 9 2022-03-23 18:26:23 PDT
Committed r291778 (248806@main): <https://commits.webkit.org/248806@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 455576 [details].
Robert Jenner
Comment 10 2022-05-20 18:03:57 PDT
Re-opening for pull request https://github.com/WebKit/WebKit/pull/872
EWS
Comment 11 2022-05-20 18:07:43 PDT
Test gardening commit r294603 (250829@main): <https://commits.webkit.org/250829@main> Reviewed commits have been landed. Closing PR #872 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.