Bug 209743

Summary:

Debug crash: ASSERTION FAILED: m_ongoingFetches.contains(task.fetchIdentifier())

Product:

WebKit

Reporter:

Alicia Boya García <aboya>

Component:

WebKitGTK

Assignee:

youenn fablet <youennf>

Status:

RESOLVED FIXED

Severity:

Normal

CC:

bugs-noreply, cdumez, darin, youennf

Priority:

Version:

WebKit Nightly Build

Hardware:

Unspecified

OS:

Unspecified

Attachments:

Description	Flags
Patch	none
Patch for landing	none

Description Alicia Boya García 2020-03-30 08:18:10 PDT

When loading https://twitter.com/search?q=%23video&src=typed_query on WebKit r258984 in Debug, one of many random crashes:

GLib-GIO-Message: 16:42:20.412: Using the 'memory' GSettings backend.  Your settings will not be saved or shared with other applications.
CONSOLE ERROR Unrecognized Content-Security-Policy directive 'manifest-src'.

CONSOLE ERROR Unrecognized Content-Security-Policy directive 'worker-src'.

UNIMPLEMENTED: 
../../Source/WebKit/WebProcess/WebCoreSupport/WebFrameLoaderClient.cpp(1336) : virtual bool WebKit::WebFrameLoaderClient::canShowMIMEType(const WTF::String&) const
ERROR: Failed to terminate service worker with identifier 9, killing the service worker process
../../Source/WebCore/workers/service/context/SWContextManager.cpp(167) : void WebCore::SWContextManager::serviceWorkerFailedToTerminate(WebCore::ServiceWorkerIdentifier)
SHOULD NEVER BE REACHED
../../Source/WebCore/workers/service/context/SWContextManager.cpp(168) : void WebCore::SWContextManager::serviceWorkerFailedToTerminate(WebCore::ServiceWorkerIdentifier)
1   0x7fa356199e5f WTFCrash
2   0x7fa362d05f7c WTF::CrashOnOverflow::overflowed()
3   0x7fa36681b4e4 /webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xed254e4) [0x7fa36681b4e4]
4   0x7fa36681b50a WebCore::SWContextManager::ServiceWorkerTerminationRequest::ServiceWorkerTerminationRequest(WebCore::SWContextManager&, WTF::ObjectIdentifier<WebCore::ServiceWorkerIdentifierType>, WTF::Seconds)
5   0x7fa366837cb8 /webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xed41cb8) [0x7fa366837cb8]
6   0x7fa362d3d751 WTF::Function<void ()>::operator()() const
7   0x7fa3631d2116 WebCore::Timer::fired()
8   0x7fa365d5fa99 WebCore::ThreadTimers::sharedTimerFiredInternal()
9   0x7fa365d5f4ed /webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xe2694ed) [0x7fa365d5f4ed]
10  0x7fa365d624aa /webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xe26c4aa) [0x7fa365d624aa]
11  0x7fa362d3d751 WTF::Function<void ()>::operator()() const
12  0x7fa365d352d4 WebCore::MainThreadSharedTimer::fired()
13  0x7fa365d3cda2 WTF::RunLoop::Timer<WebCore::MainThreadSharedTimer>::fired()
14  0x7fa35624399f /webkit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18(+0x384999f) [0x7fa35624399f]
15  0x7fa3562439f7 /webkit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18(+0x38499f7) [0x7fa3562439f7]
16  0x7fa3562430ba /webkit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18(+0x38490ba) [0x7fa3562430ba]
17  0x7fa3562430ea /webkit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18(+0x38490ea) [0x7fa3562430ea]
18  0x7fa34f8ae92f g_main_context_dispatch
19  0x7fa34f8aecc0 /webkit/WebKitBuild/DependenciesGTK/Root/lib/libglib-2.0.so.0(+0x4ccc0) [0x7fa34f8aecc0]
20  0x7fa34f8aefd3 g_main_loop_run
21  0x7fa356243605 WTF::RunLoop::run()
22  0x7fa363d339dc int WebKit::AuxiliaryProcessMain<WebKit::WebProcess, WebKit::WebProcessMainGtk>(int, char**)
23  0x7fa363d32dc9 WebKit::WebProcessMain(int, char**)
24  0x400c45 /webkit/WebKitBuild/Debug/bin/WebKitWebProcess() [0x400c45]
25  0x7fa34e80e1a3 __libc_start_main
26  0x400b1e /webkit/WebKitBuild/Debug/bin/WebKitWebProcess() [0x400b1e]
ERROR: 0x7fce82680000 - [fetchIdentifier=13] ServiceWorkerFetchTask::didFail: (error.domain=WebKitInternal, error.code=0)
../../Source/WebKit/NetworkProcess/ServiceWorker/ServiceWorkerFetchTask.cpp(196) : void WebKit::ServiceWorkerFetchTask::didFail(const WebCore::ResourceError&)
ERROR: 0x7fce400f3000 - [pageProxyID=5, webPageID=6, frameID=3, resourceID=1, isMainResource=1, destination=2, isSynchronous=0] NetworkResourceLoader::didFailLoading: (wasServiceWorkerLoad=1, isTimeout=0, isCancellation=0, isAccessControl=0, errorCode=0)
../../Source/WebKit/NetworkProcess/NetworkResourceLoader.cpp(742) : virtual void WebKit::NetworkResourceLoader::didFailLoading(const WebCore::ResourceError&)
ASSERTION FAILED: m_ongoingFetches.contains(task.fetchIdentifier())
../../Source/WebKit/NetworkProcess/ServiceWorker/WebSWServerToContextConnection.cpp(158) : void WebKit::WebSWServerToContextConnection::unregisterFetch(WebKit::ServiceWorkerFetchTask&)
UNIMPLEMENTED: 
../../Source/WebKit/UIProcess/API/gtk/PageClientImpl.cpp(338) : virtual void WebKit::PageClientImpl::closeFullScreenManager()
1   0x7fce8b3f9e5f WTFCrash
2   0x7fce97f65f7c WTF::CrashOnOverflow::overflowed()
3   0x7fce98524726 WebKit::WebSWServerToContextConnection::unregisterFetch(WebKit::ServiceWorkerFetchTask&)
4   0x7fce98505c70 WebKit::ServiceWorkerFetchTask::~ServiceWorkerFetchTask()
5   0x7fce984b4396 std::default_delete<WebKit::ServiceWorkerFetchTask>::operator()(WebKit::ServiceWorkerFetchTask*) const
6   0x7fce984a5116 std::unique_ptr<WebKit::ServiceWorkerFetchTask, std::default_delete<WebKit::ServiceWorkerFetchTask> >::~unique_ptr()
7   0x7fce9846e82a WebKit::NetworkResourceLoader::~NetworkResourceLoader()
8   0x7fce9846e9da WebKit::NetworkResourceLoader::~NetworkResourceLoader()
9   0x7fce9807f8f9 std::default_delete<WebKit::NetworkResourceLoader>::operator()(WebKit::NetworkResourceLoader*) const
10  0x7fce9807f6d1 WTF::RefCounted<WebKit::NetworkResourceLoader, std::default_delete<WebKit::NetworkResourceLoader> >::deref() const
11  0x7fce9843fe4f void WTF::derefIfNotNull<WebKit::NetworkResourceLoader>(WebKit::NetworkResourceLoader*)
12  0x7fce98437cc5 WTF::RefPtr<WebKit::NetworkResourceLoader, WTF::DumbPtrTraits<WebKit::NetworkResourceLoader> >::~RefPtr()
13  0x7fce9846c523 WebKit::NetworkResourceLoadMap::remove(unsigned long)
14  0x7fce98420f45 WebKit::NetworkConnectionToWebProcess::didCleanupResourceLoader(WebKit::NetworkResourceLoader&)
15  0x7fce98470105 WebKit::NetworkResourceLoader::cleanup(WebKit::NetworkResourceLoader::LoadResult)
16  0x7fce98472430 WebKit::NetworkResourceLoader::didFailLoading(WebCore::ResourceError const&)
17  0x7fce98506558 WebKit::ServiceWorkerFetchTask::didFail(WebCore::ResourceError const&)
18  0x7fce98505df5 WebKit::ServiceWorkerFetchTask::contextClosed()
19  0x7fce98523ec0 WebKit::WebSWServerToContextConnection::~WebSWServerToContextConnection()
20  0x7fce98524038 WebKit::WebSWServerToContextConnection::~WebSWServerToContextConnection()
21  0x7fce9843f7a6 std::default_delete<WebKit::WebSWServerToContextConnection>::operator()(WebKit::WebSWServerToContextConnection*) const
22  0x7fce984402b1 std::unique_ptr<WebKit::WebSWServerToContextConnection, std::default_delete<WebKit::WebSWServerToContextConnection> >::reset(WebKit::WebSWServerToContextConnection*)
23  0x7fce9843812d std::unique_ptr<WebKit::WebSWServerToContextConnection, std::default_delete<WebKit::WebSWServerToContextConnection> >::operator=(decltype(nullptr))
24  0x7fce98421e09 WebKit::NetworkConnectionToWebProcess::didClose(IPC::Connection&)
25  0x7fce9866ef96 /webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xb918f96) [0x7fce9866ef96]
26  0x7fce98675ae6 /webkit/WebKitBuild/Debug/lib/libwebkit2gtk-4.0.so.37(+0xb91fae6) [0x7fce98675ae6]
27  0x7fce97f9d751 WTF::Function<void ()>::operator()() const
28  0x7fce8b429fed WTF::RunLoop::performWork()
29  0x7fce8b4a3108 /webkit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18(+0x3849108) [0x7fce8b4a3108]
30  0x7fce8b4a312c /webkit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18(+0x384912c) [0x7fce8b4a312c]
31  0x7fce8b4a30ba /webkit/WebKitBuild/Debug/lib/libjavascriptcoregtk-4.0.so.18(+0x38490ba) [0x7fce8b4a30ba]

Comment 1 youenn fablet 2020-03-31 00:21:51 PDT

Created attachment 395020 [details]
Patch

Comment 2 Darin Adler 2020-03-31 12:37:27 PDT

Comment on attachment 395020 [details]
Patch

View in context: https://bugs.webkit.org/attachment.cgi?id=395020&action=review

> Source/WebKit/ChangeLog:3
> +        Debug crash: ASSERTION FAILED: m_ongoingFetches.contains(task.fetchIdentifier())

Is this a crash during regression tests? If not, can we add a test that triggers it?

Comment 3 youenn fablet 2020-03-31 13:20:10 PDT

(In reply to Darin Adler from comment #2)
> Comment on attachment 395020 [details]
> Patch
> 
> View in context:
> https://bugs.webkit.org/attachment.cgi?id=395020&action=review
> 
> > Source/WebKit/ChangeLog:3
> > +        Debug crash: ASSERTION FAILED: m_ongoingFetches.contains(task.fetchIdentifier())
> 
> Is this a crash during regression tests? If not, can we add a test that
> triggers it?

This happens when the service worker process crashes, as exemplified by GTK crash log.
We might be able to repro that with testRunner.terminateServiceWorkers using a separate service worker process.

Comment 4 youenn fablet 2020-04-02 04:03:40 PDT

Created attachment 395259 [details]
Patch for landing

Comment 5 EWS 2020-04-02 05:07:52 PDT

Committed r259384: <https://trac.webkit.org/changeset/259384>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 395259 [details].