RESOLVED FIXED283596
REGRESSION(286883@main): ASSERT NOT REACHED in WebCore::toResourceLoadPriority(CFURLRequestPriority) 
https://bugs.webkit.org/show_bug.cgi?id=283596
Summary REGRESSION(286883@main): ASSERT NOT REACHED in WebCore::toResourceLoadPriorit...
Marta Darbinyan
Reported 2024-11-22 14:55:33 PST
The following test is constant crash on Sequoia Debug and appear as false-positive failure in EWS. ipc/create-connection-and-send-async.html The regression range points to 286883@main. 286883@main - Fail 286884@main - Pass Error: stderr: SHOULD NEVER BE REACHED /Volumes/Data/worker/Apple-Sequoia-Debug-Build/build/Source/WebCore/platform/network/cf/ResourceRequestCFNet.h(53) : ResourceLoadPriority WebCore::toResourceLoadPriority(CFURLRequestPriority) 1 0x146343578 WebCore::toResourceLoadPriority(long) 2 0x146342fd4 WebCore::ResourceRequest::doUpdateResourceRequest() 3 0x1499d60c4 WebCore::ResourceRequestBase::updateResourceRequest(WebCore::HTTPBodyUpdatePolicy) const 4 0x1499d643c WebCore::ResourceRequestBase::setIsAppInitiated(bool) 5 0x146341c60 WebCore::ResourceRequest::ResourceRequest(WebCore::ResourceRequestPlatformData&&, WTF::String const&, bool) 6 0x146341e28 WebCore::ResourceRequest::ResourceRequest(WebCore::ResourceRequestPlatformData&&, WTF::String const&, bool) 7 0x14634270c WebCore::ResourceRequest::fromResourceRequestData(std::__1::variant<WebCore::ResourceRequestBase::RequestData, WebCore::ResourceRequestPlatformData>, WTF::String const&, bool) 8 0x12da72d40 IPC::ArgumentCoder<WebCore::ResourceRequest, void>::decode(IPC::Decoder&) 9 0x12d9c0010 std::__1::optional<WebCore::ResourceRequest> IPC::Decoder::decode<WebCore::ResourceRequest>() 10 0x12e6e41f0 std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::ArgumentCoder<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>, void>::decode<IPC::Decoder, WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>(IPC::Decoder&, std::__1::optional<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>&&) 11 0x12e6e4174 std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::ArgumentCoder<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>, void>::decode<IPC::Decoder>(IPC::Decoder&) 12 0x12e6e3f24 std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::Decoder::decode<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>>() 13 0x12e6e0728 void IPC::handleMessageAsync<Messages::RemoteMediaResourceManager::RedirectReceived, IPC::Connection, WebKit::RemoteMediaResourceManager, WebKit::RemoteMediaResourceManager, void (WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)>(IPC::Connection&, IPC::Decoder&, WebKit::RemoteMediaResourceManager*, void (WebKit::RemoteMediaResourceManager::*)(WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)) History: https://results.webkit.org/?suite=layout-tests&test=ipc%2Fcreate-connection-and-send-async.html&version_name=Sequoia&style=debug Test result: https://build.webkit.org/#/builders/1226/builds/355
Attachments
Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2024-11-22 14:57:20 PST
<rdar://problem/140442183>
EWS
Comment 2 2024-11-22 15:16:00 PST
Test gardening commit 286986@main (0b284a600aaf): <https://commits.webkit.org/286986@main> Reviewed commits have been landed. Closing PR #37053 and removing active labels.
Ryan Haddad
Comment 3 2024-11-25 13:49:45 PST
Skipping this test moved the crash to another test, so I think it is actually cased by a preceding test. The blamed change added `ipc/cfnetwork-crashes-with-string-to-string-http-headers.html`, and if I run that test right before `ipc/create-connection-and-send-async.html` it reproduces the crash.
EWS
Comment 4 2024-11-25 14:00:14 PST
Test gardening commit 287072@main (7a37f4c40a89): <https://commits.webkit.org/287072@main> Reviewed commits have been landed. Closing PR #37134 and removing active labels.
Ryosuke Niwa
Comment 5 2025-01-06 00:56:48 PST
Hm... I can't reproduce this issue at 288456@main on Sequoia: ./Tools/Scripts/run-webkit-tests --debug --no-build --no-show-results --expect-pass ipc/cfnetwork-crashes-with-string-to-string-http-headers.html ipc/create-connection-and-send-async.html --iterations 50 --exit-after-n-crashes-or-timeouts 1 But we can probably fix the test: ipc/cfnetwork-crashes-with-string-to-string-http-headers.html. It specifies requestPriority of 89. We probably just need to sanitize this value in CoreIPCNSURLRequest::toID(). Right now, it allows any value but we should only permit: -1 through 4 based on the assertion in toResourceLoadPriority. Full stack trace: SHOULD NEVER BE REACHED /Volumes/Data/worker/Apple-Sequoia-Debug-Build/build/Source/WebCore/platform/network/cf/ResourceRequestCFNet.h(53) : ResourceLoadPriority WebCore::toResourceLoadPriority(CFURLRequestPriority) 1 0x186ac53d8 WebCore::toResourceLoadPriority(long) 2 0x186ac4c90 WebCore::ResourceRequest::doUpdateResourceRequest() 3 0x18a011aa6 WebCore::ResourceRequestBase::updateResourceRequest(WebCore::HTTPBodyUpdatePolicy) const 4 0x18a011e13 WebCore::ResourceRequestBase::setIsAppInitiated(bool) 5 0x186ac359c WebCore::ResourceRequest::ResourceRequest(WebCore::ResourceRequestPlatformData&&, WTF::String const&, bool) 6 0x186ac3744 WebCore::ResourceRequest::ResourceRequest(WebCore::ResourceRequestPlatformData&&, WTF::String const&, bool) 7 0x186ac4242 WebCore::ResourceRequest::fromResourceRequestData(std::__1::variant<WebCore::ResourceRequestBase::RequestData, WebCore::ResourceRequestPlatformData>, WTF::String const&, bool) 8 0x12d6d32f1 IPC::ArgumentCoder<WebCore::ResourceRequest, void>::decode(IPC::Decoder&) 9 0x12d61a5fc std::__1::optional<WebCore::ResourceRequest> IPC::Decoder::decode<WebCore::ResourceRequest>() 10 0x12e2fd714 std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::ArgumentCoder<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>, void>::decode<IPC::Decoder, WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>(IPC::Decoder&, std::__1::optional<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>>&&) 11 0x12e2fd697 std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::ArgumentCoder<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>, void>::decode<IPC::Decoder>(IPC::Decoder&) 12 0x12e2fd46c std::__1::optional<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>> IPC::Decoder::decode<std::__1::tuple<WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest, WebCore::ResourceResponse>>() 13 0x12e2f981f void IPC::handleMessageAsync<Messages::RemoteMediaResourceManager::RedirectReceived, IPC::Connection, WebKit::RemoteMediaResourceManager, WebKit::RemoteMediaResourceManager, void (WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)>(IPC::Connection&, IPC::Decoder&, WebKit::RemoteMediaResourceManager*, void (WebKit::RemoteMediaResourceManager::*)(WTF::ObjectIdentifierGeneric<WebKit::RemoteMediaResourceIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long long>, unsigned long long>, WebCore::ResourceRequest&&, WebCore::ResourceResponse const&, WTF::CompletionHandler<void (WebCore::ResourceRequest&&)>&&)) 14 0x12e2f92a3 WebKit::RemoteMediaResourceManager::didReceiveMessage(IPC::Connection&, IPC::Decoder&) 15 0x12e99c89c WebKit::GPUConnectionToWebProcess::dispatchMessage(IPC::Connection&, IPC::Decoder&) 16 0x12e83dad0 WebKit::GPUConnectionToWebProcess::didReceiveMessage(IPC::Connection&, IPC::Decoder&) 17 0x13155e1ce IPC::Connection::dispatchMessage(IPC::Decoder&) 18 0x13155e5c5 IPC::Connection::dispatchMessage(WTF::UniqueRef<IPC::Decoder>) 19 0x13155e92b IPC::Connection::dispatchOneIncomingMessage() 20 0x13158195d IPC::Connection::enqueueIncomingMessage(WTF::UniqueRef<IPC::Decoder>)::$_2::operator()() const 21 0x1315818c9 WTF::Detail::CallableWrapper<IPC::Connection::enqueueIncomingMessage(WTF::UniqueRef<IPC::Decoder>)::$_2, void>::call() 22 0x104b86937 WTF::Function<void ()>::operator()() const 23 0x104c45d2e WTF::RunLoop::performWork() 24 0x104c4a0ce WTF::RunLoop::performWork(void*) 25 0x7ff81a46eb0f __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ 26 0x7ff81a46eab1 __CFRunLoopDoSource0 27 0x7ff81a46e884 __CFRunLoopDoSources0 28 0x7ff81a46d51c __CFRunLoopRun 29 0x7ff81a46cb6c CFRunLoopRunSpecific 30 0x7ff81b492e59 -[NSRunLoop(NSRunLoop) runMode:beforeDate:] 31 0x7ff81b513197 -[NSRunLoop(NSRunLoop) run] com.apple.WebKit.GPU.Development terminated (pid 35772) for reason: crash LEAK: 1 WebPageProxy
EWS
Comment 6 2025-01-29 08:48:03 PST
Committed 289501@main (3a885897a634): <https://commits.webkit.org/289501@main> Reviewed commits have been landed. Closing PR #39406 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.