http/wpt/preload/change-link-rel-attribute.html is flakey crashing on BigSur wk2 Debug on Apple Silicon only. HISTORY: https://results.webkit.org/?suite=layout-tests&test=http%2Fwpt%2Fpreload%2Fchange-link-rel-attribute.html CRASH TEXT: Thread 20 Crashed:: WebCore: Worker 0 com.apple.JavaScriptCore 0x0000000132b512cc WTFCrash + 20 (Assertions.cpp:305) 1 com.apple.WebCore 0x000000011292e830 WTFCrashWithInfo(int, char const*, char const*, int) + 32 (Assertions.h:671) 2 com.apple.WebCore 0x0000000114ff0eb0 WebCore::SubtleCrypto::unwrapKey(JSC::JSGlobalObject&, WebCore::CryptoKeyFormat, WebCore::BufferSource&&, WebCore::CryptoKey&, WTF::Variant<JSC::Strong<JSC::JSObject, (JSC::ShouldStrongDestructorGrabLock)0>, WTF::String>&&, WTF::Variant<JSC::Strong<JSC::JSObject, (JSC::ShouldStrongDestructorGrabLock)0>, WTF::String>&&, bool, WTF::Vector<WebCore::CryptoKeyUsage, 0ul, WTF::CrashOnOverflow, 16ul, WTF::FastMalloc>&&, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&) + 292 (SubtleCrypto.cpp:1071) 3 com.apple.WebCore 0x00000001139b7fac WebCore::jsSubtleCryptoPrototypeFunction_unwrapKeyBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSSubtleCrypto*, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&)::'lambda'()::operator()() const + 304 (JSSubtleCrypto.cpp:586) 4 com.apple.WebCore 0x00000001139b7aa8 JSC::JSValue WebCore::toJS<WebCore::IDLPromise<WebCore::IDLInterface<WebCore::CryptoKey> >, WebCore::jsSubtleCryptoPrototypeFunction_unwrapKeyBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSSubtleCrypto*, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&)::'lambda'()>(JSC::JSGlobalObject&, WebCore::JSDOMGlobalObject&, JSC::ThrowScope&, WebCore::jsSubtleCryptoPrototypeFunction_unwrapKeyBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSSubtleCrypto*, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&)::'lambda'()&&) + 36 (JSDOMConvertBase.h:195) 5 com.apple.WebCore 0x00000001139b7914 WebCore::jsSubtleCryptoPrototypeFunction_unwrapKeyBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSSubtleCrypto*, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&) + 2404 (JSSubtleCrypto.cpp:586) 6 com.apple.WebCore 0x00000001139b6f9c long long WebCore::IDLOperationReturningPromise<WebCore::JSSubtleCrypto>::call<&(WebCore::jsSubtleCryptoPrototypeFunction_unwrapKeyBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSSubtleCrypto*, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&)), (WebCore::CastedThisErrorBehavior)2>(JSC::JSGlobalObject&, JSC::CallFrame&, char const*)::'lambda'(JSC::JSGlobalObject&, JSC::CallFrame&, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&)::operator()(JSC::JSGlobalObject&, JSC::CallFrame&, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&) const + 492 (JSDOMOperationReturningPromise.h:52) 7 com.apple.WebCore 0x00000001139b6c80 JSC::JSValue WebCore::callPromiseFunction<long long WebCore::IDLOperationReturningPromise<WebCore::JSSubtleCrypto>::call<&(WebCore::jsSubtleCryptoPrototypeFunction_unwrapKeyBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSSubtleCrypto*, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&)), (WebCore::CastedThisErrorBehavior)2>(JSC::JSGlobalObject&, JSC::CallFrame&, char const*)::'lambda'(JSC::JSGlobalObject&, JSC::CallFrame&, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&)>(JSC::JSGlobalObject&, JSC::CallFrame&, &(WebCore::jsSubtleCryptoPrototypeFunction_unwrapKeyBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSSubtleCrypto*, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&))) + 352 (JSDOMPromiseDeferred.h:337) 8 com.apple.WebCore 0x00000001139b6b08 long long WebCore::IDLOperationReturningPromise<WebCore::JSSubtleCrypto>::call<&(WebCore::jsSubtleCryptoPrototypeFunction_unwrapKeyBody(JSC::JSGlobalObject*, JSC::CallFrame*, WebCore::JSSubtleCrypto*, WTF::Ref<WebCore::DeferredPromise, WTF::RawPtrTraits<WebCore::DeferredPromise> >&&)), (WebCore::CastedThisErrorBehavior)2>(JSC::JSGlobalObject&, JSC::CallFrame&, char const*) + 48 (JSDOMOperationReturningPromise.h:41) 9 com.apple.WebCore 0x00000001139aa4fc WebCore::jsSubtleCryptoPrototypeFunction_unwrapKey(JSC::JSGlobalObject*, JSC::CallFrame*) + 40 (JSSubtleCrypto.cpp:591) 10 ??? 0x00000002800414dc 0 + 10737685724 11 ??? 0x00000002800052dc 0 + 10737439452 12 com.apple.JavaScriptCore 0x00000001330bf8c8 llint_entry + 145912 13 com.apple.JavaScriptCore 0x000000013309bbe8 vmEntryToJavaScript + 264 14 com.apple.JavaScriptCore 0x0000000133f5b364 JSC::JITCode::execute(JSC::VM*, JSC::ProtoCallFrame*) + 212 (JITCodeInlines.h:42) 15 com.apple.JavaScriptCore 0x0000000133f5b994 JSC::Interpreter::executeCall(JSC::JSGlobalObject*, JSC::JSObject*, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 1392 (Interpreter.cpp:902) 16 com.apple.JavaScriptCore 0x00000001342e90d4 JSC::call(JSC::JSGlobalObject*, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 236 (CallData.cpp:57) 17 com.apple.JavaScriptCore 0x00000001342e93c4 JSC::profiledCall(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::JSValue, JSC::CallData const&, JSC::JSValue, JSC::ArgList const&) + 132 (CallData.cpp:78) 18 com.apple.JavaScriptCore 0x0000000134581764 JSC::JSMicrotask::run(JSC::JSGlobalObject*) + 524 (JSMicrotask.cpp:93) 19 com.apple.WebCore 0x0000000114def058 WebCore::JSExecState::runTask(JSC::JSGlobalObject*, JSC::Microtask&) + 64 (JSExecState.h:91) 20 com.apple.WebCore 0x0000000114df6654 WebCore::JSMicrotaskCallback::call() + 216 (JSMicrotaskCallback.h:46) 21 com.apple.WebCore 0x0000000114ef2e64 WebCore::JSWorkerGlobalScopeBase::queueMicrotaskToEventLoop(JSC::JSGlobalObject&, WTF::Ref<JSC::Microtask, WTF::RawPtrTraits<JSC::Microtask> >&&)::$_0::operator()() + 28 (JSWorkerGlobalScopeBase.cpp:150) 22 com.apple.WebCore 0x0000000114ef2d60 WTF::Detail::CallableWrapper<WebCore::JSWorkerGlobalScopeBase::queueMicrotaskToEventLoop(JSC::JSGlobalObject&, WTF::Ref<JSC::Microtask, WTF::RawPtrTraits<JSC::Microtask> >&&)::$_0, void>::call() + 28 (Function.h:52) 23 com.apple.WebCore 0x0000000114db04ec WTF::Function<void ()>::operator()() const + 124 (Function.h:83) 24 com.apple.WebCore 0x000000011558c364 WebCore::EventLoopFunctionDispatchTask::execute() + 28 (EventLoop.cpp:159) 25 com.apple.WebCore 0x00000001155d807c WebCore::MicrotaskQueue::performMicrotaskCheckpoint() + 344 (Microtasks.cpp:64) 26 com.apple.WebCore 0x0000000115580dac WebCore::EventLoop::performMicrotaskCheckpoint() + 40 (EventLoop.cpp:51) 27 com.apple.WebCore 0x0000000115582340 WebCore::EventLoopTaskGroup::performMicrotaskCheckpoint() + 60 (EventLoop.cpp:180) 28 com.apple.WebCore 0x0000000114d92890 WebCore::JSExecState::didLeaveScriptContext(JSC::JSGlobalObject*) + 64 (JSExecState.cpp:42) 29 com.apple.WebCore 0x0000000114da348c WebCore::JSExecState::~JSExecState() + 220 (JSExecState.h:143) 30 com.apple.WebCore 0x0000000114e60e80 WebCore::JSExecState::~JSExecState() + 32 (JSExecState.h:132) 31 com.apple.WebCore 0x0000000114e3fca4 WebCore::JSExecState::profiledEvaluate(JSC::JSGlobalObject*, JSC::ProfilingReason, JSC::SourceCode const&, JSC::JSValue, WTF::NakedPtr<JSC::Exception>&) + 100 (JSExecState.h:80) 32 com.apple.WebCore 0x000000011771730c WebCore::WorkerOrWorkletScriptController::evaluate(WebCore::ScriptSourceCode const&, WTF::NakedPtr<JSC::Exception>&, WTF::String*) + 200 (WorkerOrWorkletScriptController.cpp:231) 33 com.apple.WebCore 0x000000011771f658 WebCore::WorkerOrWorkletScriptController::evaluate(WebCore::ScriptSourceCode const&, WTF::String*) + 104 (WorkerOrWorkletScriptController.cpp:209) 34 com.apple.WebCore 0x0000000117765314 WebCore::WorkerThread::evaluateScriptIfNecessary(WTF::String&) + 268 (WorkerThread.cpp:132) 35 com.apple.WebCore 0x0000000117722d34 WebCore::WorkerOrWorkletThread::workerOrWorkletThread() + 364 (WorkerOrWorkletThread.cpp:139) 36 com.apple.WebCore 0x0000000117775bd8 WebCore::WorkerThread::createThread()::$_0::operator()() const + 28 (WorkerThread.cpp:109) 37 com.apple.WebCore 0x0000000117775b54 WTF::Detail::CallableWrapper<WebCore::WorkerThread::createThread()::$_0, void>::call() + 28 (Function.h:52) 38 com.apple.JavaScriptCore 0x0000000132b796a0 WTF::Function<void ()>::operator()() const + 124 (Function.h:83) 39 com.apple.JavaScriptCore 0x0000000132c3cdc0 WTF::Thread::entryPoint(WTF::Thread::NewThreadContext*) + 388 (Threading.cpp:183) 40 com.apple.JavaScriptCore 0x0000000132c4b340 WTF::wtfThreadEntryPoint(void*) + 24 (ThreadingPOSIX.cpp:241) 41 libsystem_pthread.dylib 0x0000000195abe06c _pthread_start + 320 42 libsystem_pthread.dylib 0x0000000195ab8da0 thread_start + 8
Created attachment 426624 [details] Full crashlog Attaching full crashlog to bug.
Crash appears to be very flakey, and has only occurred four times. The first occurrence was at r276315. Crashes only occur on Apple Silicon Macs, and as such I cannot reproduce the crash because I do not have access to said system. I have gone ahead and updated the test expectations to Pass Crash here: https://trac.webkit.org/changeset/276337/webkit
<rdar://problem/76928843>
This test doesn't use WebCrypto, so this comes from one of preceding tests, as the worker thread continues to run after navigation.
I took a look at the list of tests that runs before this one. http/wpt/crypto/ tests run directly before and may have something to do with it. I have been unable to reproduce this though today.
Test run just before changelink-rel-attribute.html is http/wpt/crypto/unwrap-rsa-key-crash.any.worker.html, which exercises that code path.
Looking at the code, the debug assert is: ASSERT(unwrapParamsOrException.exception().code() != ExistingExceptionError); After calling normalizeCryptoAlgorithmParameters. normalizeCryptoAlgorithmParameters can return ExistingExceptionError if a dictionary conversion fails, which is possible, say parameters are bad or maybe worker is being terminated.
Created attachment 427742 [details] Patch
*** Bug 225315 has been marked as a duplicate of this bug. ***
Ping review
Comment on attachment 427742 [details] Patch Seems reasonable to me.
Committed r277718 (237897@main): <https://commits.webkit.org/237897@main> All reviewed patches have been landed. Closing bug and clearing flags on attachment 427742 [details].
Prior test expectations have been removed here: https://trac.webkit.org/changeset/277764/webkit