RESOLVED FIXED196548
[ Mac Debug ] TestWebKitAPI.ProcessSwap.ReuseSuspendedProcessForRegularNavigationRetainBundlePage is a flaky crash 
https://bugs.webkit.org/show_bug.cgi?id=196548
Summary [ Mac Debug ] TestWebKitAPI.ProcessSwap.ReuseSuspendedProcessForRegularNaviga...
Shawn Roberts
Reported 2019-04-03 11:37:21 PDT
The following API test is a flaky crash on Mojave Debug TestWebKitAPI.ProcessSwap.ReuseSuspendedProcessForRegularNavigationRetainBundlePage Probable cause: Flaky failures have been observed in on Mojave Debug queues for its entire available history https://build.webkit.org/builders/Apple%20Mojave%20Debug%20WK2%20%28Tests%29?numbuilds=200 Test was added in https://trac.webkit.org/changeset/241306/webkit Local testing with current revision and r241306 yield the same crash logs. Took about 15 tries to get it to crash locally. Reproduced with: run-api-tests TestWebKitAPI.ProcessSwap.ReuseSuspendedProcessForRegularNavigationRetainBundlePage --debug Will attach full crash log to radar. Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 com.apple.JavaScriptCore 0x00000001020a1d00 WTFCrash + 16 1 com.apple.WebKit 0x0000000107235bcb WTFCrashWithInfo(int, char const*, char const*, int) + 27 2 com.apple.WebKit 0x0000000107972cc7 WebKit::FrameLoadState::didFailProvisionalLoad() + 103 3 com.apple.WebKit 0x0000000107aa9199 WebKit::WebFrameProxy::didFailProvisionalLoad() + 25 4 com.apple.WebKit 0x0000000107998aa9 WebKit::ProvisionalPageProxy::didFailProvisionalLoadForFrame(unsigned long long, WebCore::SecurityOriginData const&, unsigned long long, WTF::String const&, WebCore::ResourceError const&, WebKit::UserData const&) + 393 5 com.apple.WebKit 0x00000001079aef12 void IPC::callMemberFunctionImpl<WebKit::ProvisionalPageProxy, void (WebKit::ProvisionalPageProxy::*)(unsigned long long, WebCore::SecurityOriginData const&, unsigned long long, WTF::String const&, WebCore::ResourceError const&, WebKit::UserData const&), std::__1::tuple<unsigned long long, WebCore::SecurityOriginData, unsigned long long, WTF::String, WebCore::ResourceError, WebKit::UserData>, 0ul, 1ul, 2ul, 3ul, 4ul, 5ul>(WebKit::ProvisionalPageProxy*, void (WebKit::ProvisionalPageProxy::*)(unsigned long long, WebCore::SecurityOriginData const&, unsigned long long, WTF::String const&, WebCore::ResourceError const&, WebKit::UserData const&), std::__1::tuple<unsigned long long, WebCore::SecurityOriginData, unsigned long long, WTF::String, WebCore::ResourceError, WebKit::UserData>&&, std::__1::integer_sequence<unsigned long, 0ul, 1ul, 2ul, 3ul, 4ul, 5ul>) + 434
Attachments
Patch (10.83 KB, patch)
2019-04-12 12:52 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (10.18 KB, patch)
2019-04-13 18:22 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Patch (10.19 KB, patch)
2019-04-13 18:55 PDT, Chris Dumez 		no flags
DetailsFormatted DiffDiff
Show Obsolete (2) View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2019-04-03 11:55:13 PDT
<rdar://problem/49567254>
Alex Christensen
Comment 2 2019-04-03 14:50:40 PDT
ASSERTION FAILED: m_state == State::Provisional
Alex Christensen
Comment 3 2019-04-03 15:01:39 PDT
m_state is State::Finished. I'm also hitting the ASSERT_NOT_REACHED() under if (fromItem->url() != pageLoadState().url()). I bet we need to do something like https://trac.webkit.org/changeset/243767/webkit but for didFailProvisionalLoadForFrame
Alex Christensen
Comment 4 2019-04-03 15:37:03 PDT
That didn't fix it.
Alex Christensen
Comment 5 2019-04-03 15:48:06 PDT
FrameLoadState::didFinishLoad is being called before FrameLoadState::didFailProvisionalLoad...
Alex Christensen
Comment 6 2019-04-04 12:21:30 PDT
It looks like didStartProvisionalLoad is not being called before didFailProvisionalLoadForFrame on a frame that has already completed a load. It's hard to debug though because even adding logs makes it not reproduce.
Chris Dumez
Comment 7 2019-04-12 12:52:33 PDT
Created attachment 367341 [details] Patch
Chris Dumez
Comment 8 2019-04-12 14:36:44 PDT
Comment on attachment 367341 [details] Patch I have a follow-up plan to see if we can avoid having to ignore leftover IPC explicitly. This will likely require some significant refactoring though so I think we should land this first.
Darin Adler
Comment 9 2019-04-13 08:26:50 PDT
Comment on attachment 367341 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=367341&action=review > Source/WebKit/UIProcess/ProvisionalPageProxy.cpp:217 > + // If the previous provisional load used an existing process, we may receive leftover IPC for a previous navigation, which we need to ignore. > + if (!m_mainFrame || m_mainFrame->frameID() != frameID) > + return; See below. Could have an overload that takes just a frame ID and not a navigation ID. > Source/WebKit/UIProcess/ProvisionalPageProxy.cpp:226 > + // If the previous provisional load used an existing process, we may receive leftover IPC for a previous navigation, which we need to ignore. > + if (navigationID != m_navigationID || !m_mainFrame || m_mainFrame->frameID() != frameID) > return; With this idiom repeated so many times, I suggest adding a named member function that takes navigationID and frameID as arguments. A bonus is that the function’s name can help document and so we won’t have such repetitive comments either. > Source/WebKit/UIProcess/ProvisionalPageProxy.cpp:347 > + if (!isMainFrame || (m_mainFrame && m_mainFrame->frameID() != frameID) || navigationID != m_navigationID) { I think we can even refactor this one to use the new helper.
Darin Adler
Comment 10 2019-04-13 08:27:25 PDT
Comment on attachment 367341 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=367341&action=review >> Source/WebKit/UIProcess/ProvisionalPageProxy.cpp:226 >> return; > > With this idiom repeated so many times, I suggest adding a named member function that takes navigationID and frameID as arguments. A bonus is that the function’s name can help document and so we won’t have such repetitive comments either. Seems fine to land without my suggested refinement, but I think it’s better for the long term.
Chris Dumez
Comment 11 2019-04-13 18:22:30 PDT
Created attachment 367398 [details] Patch
Chris Dumez
Comment 12 2019-04-13 18:55:47 PDT
Created attachment 367399 [details] Patch
WebKit Commit Bot
Comment 13 2019-04-13 21:22:39 PDT
Comment on attachment 367399 [details] Patch Clearing flags on attachment: 367399 Committed r244243: <https://trac.webkit.org/changeset/244243>
WebKit Commit Bot
Comment 14 2019-04-13 21:22:41 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.