[Webkit-unassigned] [Bug 251187] New: [ BigSur+ & iOS wk2 Debug ] imported/w3c/web-platform-tests/fetch/api/redirect/redirect-back-to-original-origin.any.html is a flaky crash.

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Jan 25 17:13:29 PST 2023 

https://bugs.webkit.org/show_bug.cgi?id=251187

            Bug ID: 251187
           Summary: [ BigSur+ & iOS wk2 Debug ]
                    imported/w3c/web-platform-tests/fetch/api/redirect/red
                    irect-back-to-original-origin.any.html is a flaky
                    crash.
           Product: WebKit
           Version: Safari Technology Preview
          Hardware: Unspecified
                OS: Unspecified
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: New Bugs
          Assignee: webkit-unassigned at lists.webkit.org
          Reporter: bharris9 at apple.com

Created attachment 464660

  --> https://bugs.webkit.org/attachment.cgi?id=464660&action=review

Crash Log

imported/w3c/web-platform-tests/fetch/api/redirect/redirect-back-to-original-origin.any.html 

is a flaky crash on iOS 16 Debug as well as Big Sur and later macOS WebKit 2 Debug platforms. 

HISTORY:

https://results.webkit.org/?suite=layout-tests&test=imported%2Fw3c%2Fweb-platform-tests%2Ffetch%2Fapi%2Fredirect%2Fredirect-back-to-original-origin.any.html&limit=50000


Crash Log will be attached. 


Test is flaky and I was not able to replicate on iOS or macOS. I attempted to reproduce on iOS and macOS as follows:

run-webkit-test --iOS-simulator imported/w3c/web-platform-tests/fetch/api/redirect/redirect-back-to-original-origin.any.html --iterations 100 --force
run-webkit-test imported/w3c/web-platform-tests/fetch/api/redirect/redirect-back-to-original-origin.any.html --iterations 100 --force


Crash Log Text:

stderr:
ASSERTION FAILED: m_normalWorld->hasOneRef()
bindings/js/WebCoreJSClientData.cpp(140) : virtual WebCore::JSVMClientData::~JSVMClientData()
1   0x14670d094 WTFCrash
2   0x10867c170 WTFCrashWithInfo(int, char const*, char const*, int)
3   0x10b0bce4c WebCore::JSVMClientData::~JSVMClientData()
4   0x10b0bd1a8 WebCore::JSVMClientData::~JSVMClientData()
5   0x10b0bd1d4 WebCore::JSVMClientData::~JSVMClientData()
6   0x14882bdb4 JSC::VM::~VM()
7   0x14882d1f0 JSC::VM::~VM()
8   0x146f9131c WTF::ThreadSafeRefCounted<JSC::VM, (WTF::DestructionThread)0>::deref() const::'lambda'()::operator()() const
9   0x148858058 WTF::ThreadSafeRefCounted<JSC::VM, (WTF::DestructionThread)0>::deref() const
10  0x148858004 WTF::DefaultRefDerefTraits<JSC::VM>::derefIfNotNull(JSC::VM*)
11  0x14882d6ec WTF::RefPtr<JSC::VM, WTF::RawPtrTraits<JSC::VM>, WTF::DefaultRefDerefTraits<JSC::VM> >::operator=(std::nullptr_t)
12  0x148538240 JSC::JSLockHolder::~JSLockHolder()
13  0x1485382b0 JSC::JSLockHolder::~JSLockHolder()
14  0x10df9cb4c WebCore::WorkerOrWorkletScriptController::~WorkerOrWorkletScriptController()
15  0x10df9cbf0 WebCore::WorkerOrWorkletScriptController::~WorkerOrWorkletScriptController()
16  0x10dfcaf54 std::__1::default_delete<WebCore::WorkerOrWorkletScriptController>::operator()(WebCore::WorkerOrWorkletScriptController*) const
17  0x10dfcaed0 std::__1::unique_ptr<WebCore::WorkerOrWorkletScriptController, std::__1::default_delete<WebCore::WorkerOrWorkletScriptController> >::reset(WebCore::WorkerOrWorkletScriptController*)
18  0x10df9c2c0 std::__1::unique_ptr<WebCore::WorkerOrWorkletScriptController, std::__1::default_delete<WebCore::WorkerOrWorkletScriptController> >::operator=(std::nullptr_t)
19  0x10df9c290 WebCore::WorkerOrWorkletGlobalScope::clearScript()
20  0x10dff34fc WebCore::WorkerOrWorkletThread::stop(WTF::Function<void ()>&&)::$_6::operator()(WebCore::ScriptExecutionContext&) const::'lambda'(WebCore::ScriptExecutionContext&)::operator()(WebCore::ScriptExecutionContext&) const
21  0x10dff349c WTF::Detail::CallableWrapper<WebCore::WorkerOrWorkletThread::stop(WTF::Function<void ()>&&)::$_6::operator()(WebCore::ScriptExecutionContext&) const::'lambda'(WebCore::ScriptExecutionContext&), void, WebCore::ScriptExecutionContext&>::call(WebCore::ScriptExecutionContext&)
22  0x10ac404f0 WTF::Function<void (WebCore::ScriptExecutionContext&)>::operator()(WebCore::ScriptExecutionContext&) const
23  0x10ac2b2b8 WebCore::ScriptExecutionContext::Task::performTask(WebCore::ScriptExecutionContext&)
24  0x10dfd6a50 WebCore::WorkerDedicatedRunLoop::Task::performTask(WebCore::WorkerOrWorkletGlobalScope*)
25  0x10dfd61f0 WebCore::WorkerDedicatedRunLoop::runCleanupTasks(WebCore::WorkerOrWorkletGlobalScope*)
26  0x10dfd45c0 WebCore::WorkerDedicatedRunLoop::run(WebCore::WorkerOrWorkletGlobalScope*)
27  0x10dfd4528 WebCore::WorkerOrWorkletThread::runEventLoop()
28  0x10e088780 WebCore::ServiceWorkerThread::runEventLoop()
29  0x10dfd48c4 WebCore::WorkerOrWorkletThread::workerOrWorkletThread()
30  0x10e001f34 WebCore::WorkerThread::createThread()::$_17::operator()() const
31  0x10e001eb8 WTF::Detail::CallableWrapper<WebCore::WorkerThread::createThread()::$_17, void>::call()
com.apple.WebKit.WebContent.Development terminated (pid 1464) for reason: crash
LEAK: 1 WebPageProxy

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20230126/96fb73cd/attachment-0001.htm>

More information about the webkit-unassigned mailing list