Bug 283596
| Summary: | REGRESSION(286883@main): ASSERT NOT REACHED in WebCore::toResourceLoadPriority(CFURLRequestPriority) | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Marta Darbinyan <darbinyan> |
| Component: | New Bugs | Assignee: | Nobody <webkit-unassigned> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | pvarangot, rniwa, webkit-bot-watchers-bugzilla, webkit-bug-importer |
| Priority: | P2 | Keywords: | InRadar |
| Version: | WebKit Nightly Build | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
Marta Darbinyan
The following test is constant crash on Sequoia Debug and appear as false-positive failure in EWS.
ipc/create-connection-and-send-async.html
The regression range points to 286883@main.
286883@main - Fail
286884@main - Pass
Error:
stderr:
SHOULD NEVER BE REACHED
/Volumes/Data/worker/Apple-Sequoia-Debug-Build/build/Source/WebCore/platform/network/cf/ResourceRequestCFNet.h(53) : ResourceLoadPriority WebCore::toResourceLoadPriority(CFURLRequestPriority)
1 0x146343578 WebCore::toResourceLoadPriority(long)
2 0x146342fd4 WebCore::ResourceRequest::doUpdateResourceRequest()
3 0x1499d60c4 WebCore::ResourceRequestBase::updateResourceRequest(WebCore::HTTPBodyUpdatePolicy) const
4 0x1499d643c WebCore::ResourceRequestBase::setIsAppInitiated(bool)
5 0x146341c60 WebCore::ResourceRequest::ResourceRequest(WebCore::ResourceRequestPlatformData&&, WTF::String const&, bool)
6 0x146341e28 WebCore::ResourceRequest::ResourceRequest(WebCore::ResourceRequestPlatformData&&, WTF::String const&, bool)
7 0x14634270c WebCore::ResourceRequest::fromResourceRequestData(std::__1::variant<WebCore::ResourceRequestBase::RequestData, WebCore::ResourceRequestPlatformData>, WTF::String const&, bool)
8 0x12da72d40 IPC::ArgumentCoder<WebCore::ResourceRequest, void>::decode(IPC::Decoder&)
9 0x12d9c0010 std::__1::optional<WebCore::ResourceRequest> IPC::Decoder::decode<WebCore::ResourceRequest>()
10 0x12e6e41f0 std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::ArgumentCoder<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>, void>::decode<IPC::Decoder, WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>(IPC::Decoder&, std::__1::optional<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>&&)
11 0x12e6e4174 std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::ArgumentCoder<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>, void>::decode<IPC::Decoder>(IPC::Decoder&)
12 0x12e6e3f24 std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::Decoder::decode<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>>()
13 0x12e6e0728 void IPC::handleMessageAsync<Messages::RemoteMediaResourceManager::RedirectReceived, IPC::Connection, WebKit::RemoteMediaResourceManager, WebKit::RemoteMediaResourceManager, void (WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)>(IPC::Connection&, IPC::Decoder&, WebKit::RemoteMediaResourceManager*, void (WebKit::RemoteMediaResourceManager::*)(WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&))
History:
https://results.webkit.org/?suite=layout-tests&test=ipc%2Fcreate-connection-and-send-async.html&version_name=Sequoia&style=debug
Test result:
https://build.webkit.org/#/builders/1226/builds/355
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Radar WebKit Bug Importer
<rdar://problem/140442183>
EWS
Test gardening commit 286986@main (0b284a600aaf): <https://commits.webkit.org/286986@main>
Reviewed commits have been landed. Closing PR #37053 and removing active labels.
Ryan Haddad
Skipping this test moved the crash to another test, so I think it is actually cased by a preceding test.
The blamed change added `ipc/cfnetwork-crashes-with-string-to-string-http-headers.html`, and if I run that test right before `ipc/create-connection-and-send-async.html` it reproduces the crash.
EWS
Test gardening commit 287072@main (7a37f4c40a89): <https://commits.webkit.org/287072@main>
Reviewed commits have been landed. Closing PR #37134 and removing active labels.
Ryosuke Niwa
Hm... I can't reproduce this issue at 288456@main on Sequoia:
./Tools/Scripts/run-webkit-tests --debug --no-build --no-show-results --expect-pass ipc/cfnetwork-crashes-with-string-to-string-http-headers.html ipc/create-connection-and-send-async.html --iterations 50 --exit-after-n-crashes-or-timeouts 1
But we can probably fix the test: ipc/cfnetwork-crashes-with-string-to-string-http-headers.html. It specifies requestPriority of 89. We probably just need to sanitize this value in CoreIPCNSURLRequest::toID(). Right now, it allows any value but we should only permit: -1 through 4 based on the assertion in toResourceLoadPriority.
Full stack trace:
SHOULD NEVER BE REACHED
/Volumes/Data/worker/Apple-Sequoia-Debug-Build/build/Source/WebCore/platform/network/cf/ResourceRequestCFNet.h(53) : ResourceLoadPriority WebCore::toResourceLoadPriority(CFURLRequestPriority)
1 0x186ac53d8 WebCore::toResourceLoadPriority(long)
2 0x186ac4c90 WebCore::ResourceRequest::doUpdateResourceRequest()
3 0x18a011aa6 WebCore::ResourceRequestBase::updateResourceRequest(WebCore::HTTPBodyUpdatePolicy) const
4 0x18a011e13 WebCore::ResourceRequestBase::setIsAppInitiated(bool)
5 0x186ac359c WebCore::ResourceRequest::ResourceRequest(WebCore::ResourceRequestPlatformData&&, WTF::String const&, bool)
6 0x186ac3744 WebCore::ResourceRequest::ResourceRequest(WebCore::ResourceRequestPlatformData&&, WTF::String const&, bool)
7 0x186ac4242 WebCore::ResourceRequest::fromResourceRequestData(std::__1::variant<WebCore::ResourceRequestBase::RequestData, WebCore::ResourceRequestPlatformData>, WTF::String const&, bool)
8 0x12d6d32f1 IPC::ArgumentCoder<WebCore::ResourceRequest, void>::decode(IPC::Decoder&)
9 0x12d61a5fc std::__1::optional<WebCore::ResourceRequest> IPC::Decoder::decode<WebCore::ResourceRequest>()
10 0x12e2fd714 std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::ArgumentCoder<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>, void>::decode<IPC::Decoder, WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>(IPC::Decoder&, std::__1::optional<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>&&)
11 0x12e2fd697 std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::ArgumentCoder<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>, void>::decode<IPC::Decoder>(IPC::Decoder&)
12 0x12e2fd46c std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::Decoder::decode<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>>()
13 0x12e2f981f void IPC::handleMessageAsync<Messages::RemoteMediaResourceManager::RedirectReceived, IPC::Connection, WebKit::RemoteMediaResourceManager, WebKit::RemoteMediaResourceManager, void (WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)>(IPC::Connection&, IPC::Decoder&, WebKit::RemoteMediaResourceManager*, void (WebKit::RemoteMediaResourceManager::*)(WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&))
14 0x12e2f92a3 WebKit::RemoteMediaResourceManager::didReceiveMessage(IPC::Connection&, IPC::Decoder&)
15 0x12e99c89c WebKit::GPUConnectionToWebProcess::dispatchMessage(IPC::Connection&, IPC::Decoder&)
16 0x12e83dad0 WebKit::GPUConnectionToWebProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&)
17 0x13155e1ce IPC::Connection::dispatchMessage(IPC::Decoder&)
18 0x13155e5c5 IPC::Connection::dispatchMessage(WTF::UniqueRef<IPC::Decoder>)
19 0x13155e92b IPC::Connection::dispatchOneIncomingMessage()
20 0x13158195d IPC::Connection::enqueueIncomingMessage(WTF::UniqueRef<IPC::Decoder>)::$_2::operator()() const
21 0x1315818c9 WTF::Detail::CallableWrapper<IPC::Connection::enqueueIncomingMessage(WTF::UniqueRef<IPC::Decoder>)::$_2, void>::call()
22 0x104b86937 WTF::Function<void ()>::operator()() const
23 0x104c45d2e WTF::RunLoop::performWork()
24 0x104c4a0ce WTF::RunLoop::performWork(void*)
25 0x7ff81a46eb0f __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__
26 0x7ff81a46eab1 __CFRunLoopDoSource0
27 0x7ff81a46e884 __CFRunLoopDoSources0
28 0x7ff81a46d51c __CFRunLoopRun
29 0x7ff81a46cb6c CFRunLoopRunSpecific
30 0x7ff81b492e59 -[NSRunLoop(NSRunLoop) runMode:beforeDate:]
31 0x7ff81b513197 -[NSRunLoop(NSRunLoop) run]
com.apple.WebKit.GPU.Development terminated (pid 35772) for reason: crash
LEAK: 1 WebPageProxy
EWS
Committed 289501@main (3a885897a634): <https://commits.webkit.org/289501@main>
Reviewed commits have been landed. Closing PR #39406 and removing active labels.