RESOLVED FIXED 215662
IPC message can't be decoded due to uninitialized NavigationActionData member variables with the latest MSVC 
https://bugs.webkit.org/show_bug.cgi?id=215662
Summary IPC message can't be decoded due to uninitialized NavigationActionData member...
Fujii Hironori
Reported 2020-08-19 14:29:32 PDT
[WinCairo][MSVC] Release builds crash in WebKit::AuxiliaryProcess::didReceiveInvalidMessage since Visual Studio 2019 16.7.1 WinCairo, trunk@265891, Release build, WK2 I tested with Visual Studio 2019 16.7.1. > WTF.dll!WTFCrash() Line 295 C++ > WebKit2.dll!WebKit::AuxiliaryProcess::didReceiveInvalidMessage(IPC::Connection & __formal, IPC::MessageName messageName) Line 249 C++ > WebKit2.dll!IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder,std::default_delete<IPC::Decoder>> message) Line 1086 C++ > [Inline Frame] WebKit2.dll!IPC::Connection::dispatchOneIncomingMessage() Line 1139 C++ > [Inline Frame] WebKit2.dll!IPC::Connection::enqueueIncomingMessage::__l2::<lambda_e6394cea93af10ae0ef008ad9586ad3e>::operator()() Line 978 C++ > WebKit2.dll!WTF::Detail::CallableWrapper<<lambda_e6394cea93af10ae0ef008ad9586ad3e>,void>::call() Line 52 C++ > [Inline Frame] WTF.dll!WTF::Function<void __cdecl(void)>::operator()() Line 83 C++ > WTF.dll!WTF::RunLoop::performWork() Line 124 C++ > [Inline Frame] WTF.dll!WTF::RunLoop::wndProc(HWND__ *) Line 56 C++ > WTF.dll!WTF::RunLoop::RunLoopWndProc(HWND__ * hWnd, unsigned int message, unsigned __int64 wParam, __int64 lParam) Line 39 C++ > user32.dll!UserCallWinProcCheckWow() Unknown > user32.dll!DispatchMessageWorker() Unknown > WTF.dll!WTF::RunLoop::run() Line 73 C++ > WebKit2.dll!WebKit::AuxiliaryProcessMain<WebKit::WebProcess,WebKit::WebProcessMainWin>(int argc, char * * argv) Line 71 C++ > WebKitWebProcess.exe!main(int argc, char * * argv) Line 35 C++ > [Inline Frame] WebKitWebProcess.exe!invoke_main() Line 78 C++ > WebKitWebProcess.exe!__scrt_common_main_seh() Line 288 C++ > kernel32.dll!BaseThreadInitThunk() Unknown > ntdll.dll!RtlUserThreadStart() Unknown Debug builds don't reproduce the crash. VS 2019 16.7.2 doesn't reproduce the crash
Attachments
Patch to avoid encoding/decoding WebCore::LockHistory (932 bytes, patch)
2020-08-19 17:41 PDT, Fujii Hironori 		no flags
DetailsFormatted DiffDiff
WIP patch (1.38 KB, patch)
2020-08-19 18:23 PDT, Fujii Hironori 		no flags
DetailsFormatted DiffDiff
reproducer (300 bytes, text/plain)
2020-08-19 20:17 PDT, Fujii Hironori 		no flags
Details
Patch (2.77 KB, patch)
2020-08-19 21:07 PDT, Fujii Hironori 		no flags
DetailsFormatted DiffDiff
Patch for landing (2.79 KB, patch)
2020-08-19 21:15 PDT, Fujii Hironori 		no flags
DetailsFormatted DiffDiff
Show Obsolete (3) View All Add attachment proposed patch, testcase, etc.
Fujii Hironori
Comment 1 2020-08-19 14:33:46 PDT
Oops. (In reply to Fujii Hironori from comment #0) > I tested with Visual Studio 2019 16.7.1. I'm using Visual Studio 2019 16.7.2. Steph reported 16.7.1 also crashes. > VS 2019 16.7.2 doesn't reproduce the crash This is also wrong. VS 2019 16.6.5. doesn't reproduce the crash
Fujii Hironori
Comment 2 2020-08-19 14:41:27 PDT
TestWebKit.exe can reproduce the WebKitWebProcess.exe crash. But, not 100%. PS C:\home\webkit\gc> .\WebKitBuild\Release\bin64\TestWebKit.exe --gtest_filter=WebKit.AboutBlankLoad Received invalid message: 'WebPage_LoadRequest' 1 00007FFCC6585093 2 00007FFCC657645E 3 00007FFCC65755DF 4 00007FFD0CB7F881 5 00007FFD0CBD31CC 6 00007FFD1F2C5C7D 7 00007FFD1F2C5672 8 00007FFD0CBD350B 9 00007FFCC63D8A8C 10 00007FF798E6100A 11 00007FF798E61204 12 00007FFD1E367BD4 13 00007FFD2030CE51 PS C:\home\webkit\gc> .\WebKitBuild\Release\bin64\TestWebKit.exe --gtest_filter=WebKit.AboutBlankLoad **PASS** WebKit.AboutBlankLoad
Fujii Hironori
Comment 3 2020-08-19 17:41:33 PDT
Created attachment 406896 [details] Patch to avoid encoding/decoding WebCore::LockHistory WinCairo MiniBrowser works with this patch . It seens that The latest MSVC can't encode/decode WebCore::LockHistory.
Fujii Hironori
Comment 4 2020-08-19 18:23:28 PDT
Created attachment 406898 [details] WIP patch
Fujii Hironori
Comment 5 2020-08-19 20:17:10 PDT
Created attachment 406905 [details] reproducer
Fujii Hironori
Comment 7 2020-08-19 21:07:10 PDT
Created attachment 406912 [details] Patch
Darin Adler
Comment 8 2020-08-19 21:09:15 PDT
Comment on attachment 406912 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=406912&action=review > Source/WebKit/Shared/NavigationActionData.h:50 > + uint64_t userGestureTokenIdentifier { }; This will work, but a little surprised you didn’t write { 0 } instead.
Fujii Hironori
Comment 9 2020-08-19 21:15:11 PDT
Created attachment 406913 [details] Patch for landing Thank you for the review. Fixed.
Fujii Hironori
Comment 10 2020-08-19 22:30:04 PDT
Comment on attachment 406913 [details] Patch for landing Clearing flags on attachment: 406913 Committed r265935: <https://trac.webkit.org/changeset/265935>
Fujii Hironori
Comment 11 2020-08-19 22:30:08 PDT
All reviewed patches have been landed. Closing bug.
Note You need to log in before you can comment on or make changes to this bug.