Bug 303677

Summary: [GLIB] Some tests are flaky crashing in soup_session_get_feature during clearCredentials
Product: WebKit Reporter: Lauro Moura <lmoura>
Component: Service WorkersAssignee: Nobody <webkit-unassigned>
Status: NEW    
Severity: Normal CC: fujii.hironori, youennf
Priority: P2    
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
See Also: https://bugs.webkit.org/show_bug.cgi?id=304236
Bug Depends on: 303678    
Bug Blocks:    

Lauro Moura
Reported 2025-12-05 19:37:47 PST
imported/w3c/web-platform-tests/workers/constructors/SharedWorker/empty-name.html First occurrence: 304017@main https://build.webkit.org/results/WPE-Linux-64-bit-Release-Tests/304017@main%20(24152)/results.html Last good: 304014@main Commits in range: 304017@main (ac8dd1f33398) [threaded-animations] add testing functions to inspect remote timelines https://bugs.webkit.org/show_bug.cgi?id=303625 rdar://problem/165912596 304016@main (27a74ff8ea3e) Optimize SVGTextLayoutAttributesBuilder rotation attribute handling https://bugs.webkit.org/show_bug.cgi?id=303279 rdar://165585366 304015@main (0f0653d9eddc) Reland: Inspector agents should use CheckedRef for InspectorEnvironment references. https://bugs.webkit.org/show_bug.cgi?id=302416 rdar://165006365 GTK-Release passed for 304016, though. Maybe some race condition related to the Inspector agents changes? Unfortunately, could not reproduce locally. Trace: Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1". Core was generated by `/home/buildbot-worker/WPE-Linux-64-bit-Release-Tests/build/WebKitBuild/WPE/Rele'. Program terminated with signal SIGSEGV, Segmentation fault. #0 0x00007efc0839b661 in soup_session_get_feature (session=<optimized out>, feature_type=94369687182896) at ../../../../../jhbuild/checkout/libsoup/libsoup/soup-session.c:2230 2230 if (G_TYPE_CHECK_INSTANCE_TYPE (feature, feature_type)) [Current thread is 1 (Thread 0x7efc00c835c0 (LWP 1238187))] <snip> Thread 1 (Thread 0x7efc00c835c0 (LWP 1238187)): #0 0x00007efc0839b661 in soup_session_get_feature (session=<optimized out>, feature_type=Python Exception <class 'gdb.error'>: No type named TypeNode. ) at ../../../../../jhbuild/checkout/libsoup/libsoup/soup-session.c:2230 #1 0x00007efc0a937337 in WebKit::NetworkSessionSoup::clearCredentials(WTF::WallTime) () at /home/buildbot-worker/WPE-Linux-64-bit-Release-Build/build/WebKitBuild/WPE/Release/lib/libWPEWebKit-2.0.so.1 #2 0x00007efc0a7f21d3 in WebKit::NetworkProcess::deleteWebsiteDataImpl(PAL::SessionID, WTF::OptionSet<WebKit::WebsiteDataType, (WTF::ConcurrencyTag)0>, WTF::WallTime, WTF::CompletionHandler<void ()>&&) () at /home/buildbot-worker/WPE-Linux-64-bit-Release-Build/build/WebKitBuild/WPE/Release/lib/libWPEWebKit-2.0.so.1 #3 0x00007efc0a7fd961 in WebKit::NetworkProcess::performDeleteWebsiteDataTask(WTF::ObjectIdentifierGeneric<WebKit::NetworkProcess::TaskIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long>, WebKit::NetworkProcess::TaskTrigger) () at /home/buildbot-worker/WPE-Linux-64-bit-Release-Build/build/WebKitBuild/WPE/Release/lib/libWPEWebKit-2.0.so.1 #4 0x00007efc0cb9eb13 in WTF::Detail::CallableWrapper<WTF::RunLoop::dispatchAfter(WTF::Seconds, WTF::Function<void ()>&&)::{lambda()#1}, void>::call() () at /home/buildbot-worker/WPE-Linux-64-bit-Release-Build/build/WebKitBuild/WPE/Release/lib/libWPEWebKit-2.0.so.1 #5 0x00007efc0cc88da1 in WTF::RunLoop::TimerBase::TimerBase(WTF::Ref<WTF::RunLoop, WTF::RawPtrTraits<WTF::RunLoop>, WTF::DefaultRefDerefTraits<WTF::RunLoop> >&&, WTF::ASCIILiteral)::{lambda(void*)#1}::_FUN(void*) () at /home/buildbot-worker/WPE-Linux-64-bit-Release-Build/build/WebKitBuild/WPE/Release/lib/libWPEWebKit-2.0.so.1 #6 0x00007efc0cc8c59d in WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::_FUN(_GSource*, int (*)(void*), void*) () at /home/buildbot-worker/WPE-Linux-64-bit-Release-Build/build/WebKitBuild/WPE/Release/lib/libWPEWebKit-2.0.so.1 #7 0x00007efc0740649e in ??? () at /lib/x86_64-linux-gnu/libglib-2.0.so.0 #8 0x00007efc07406710 in g_main_context_dispatch () at /lib/x86_64-linux-gnu/libglib-2.0.so.0 #9 0x00007efc0cc8ab07 in WTF::RunLoop::runGLibMainLoopIteration(WTF::RunLoop::MayBlock) () at /home/buildbot-worker/WPE-Linux-64-bit-Release-Build/build/WebKitBuild/WPE/Release/lib/libWPEWebKit-2.0.so.1 #10 0x00007efc0cc8af12 in WTF::RunLoop::run() () at /home/buildbot-worker/WPE-Linux-64-bit-Release-Build/build/WebKitBuild/WPE/Release/lib/libWPEWebKit-2.0.so.1 #11 0x00007efc0a92c48b in int WebKit::AuxiliaryProcessMain<WebKit::NetworkProcessMainSoup>(int, char**) () at /home/buildbot-worker/WPE-Linux-64-bit-Release-Build/build/WebKitBuild/WPE/Release/lib/libWPEWebKit-2.0.so.1 #12 0x00007efc083fa1ca in __libc_start_call_main (main=main@entry=0x55d3ed6c2800 <main>, argc=argc@entry=3, argv=argv@entry=0x7ffd43d66538) at ../sysdeps/nptl/libc_start_call_main.h:58 #13 0x00007efc083fa28b in __libc_start_main_impl (main=0x55d3ed6c2800 <main>, argc=3, argv=0x7ffd43d66538, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffd43d66528) at ../csu/libc-start.c:360 #14 0x000055d3ed6c2735 in _start ()
Attachments
Add attachment proposed patch, testcase, etc.
Lauro Moura
Comment 1 2025-12-05 19:57:18 PST
The crash is indeed a flaky one, and not exclusive of that test: imported/w3c/web-platform-tests/fetch/data-urls/base64.any.html crashed with a very similar trace in: - https://build.webkit.org/results/WPE-Linux-64-bit-Release-Tests/304005@main%20(24149)/results.html - https://build.webkit.org/results/GTK-Linux-64-bit-Release-Tests/303945@main%20(22382)/results.html
Lauro Moura
Comment 2 2025-12-05 20:08:45 PST
Gardening commit: https://commits.webkit.org/304034@main
Fujii Hironori
Comment 3 2026-01-24 01:20:14 PST
I got the following SEGV for my GTK ASan build of 306136@main. http/tests/cache/disk-cache/speculative-validation/cacheable-redirect.html ==113836==ERROR: AddressSanitizer: SEGV on unknown address 0x0000000088df (pc 0x7f918cf44d31 bp 0x50300001e370 sp 0x7fffebec2840 T0) ==113836==The signal is caused by a READ memory access. #0 0x7f918cf44d31 in soup_session_get_feature /var/tmp/jhbuild/build/libsoup/../../../../../jhbuild/checkout/libsoup/libsoup/soup-session.c:2290:7 #1 0x7f919ff15602 in WebKit::NetworkSessionSoup::clearCredentials(WTF::WallTime) UnifiedSource-72468c22-11.cpp #2 0x7f919fb76044 in WebKit::NetworkProcess::deleteWebsiteDataImpl(PAL::SessionID, WTF::OptionSet<WebKit::WebsiteDataType, (WTF::ConcurrencyTag)0>, WTF::WallTime, WTF::CompletionHandler<void ()>&&) UnifiedSource-72468c22-2.cpp #3 0x7f919fb7550e in WebKit::NetworkProcess::performDeleteWebsiteDataTask(WTF::ObjectIdentifierGeneric<WebKit::NetworkProcess::TaskIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long>, WebKit::NetworkProcess::TaskTrigger) UnifiedSource-72468c22-2.cpp #4 0x7f919fbc3140 in WTF::Detail::CallableWrapper<WebKit::NetworkProcess::deleteWebsiteData(PAL::SessionID, WTF::OptionSet<WebKit::WebsiteDataType, (WTF::ConcurrencyTag)0>, WTF::WallTime, WTF::HashSet<WTF::ObjectIdentifierGeneric<WebCore::ProcessIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long>, WTF::DefaultHash<WTF::ObjectIdentifierGeneric<WebCore::ProcessIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long>>, WTF::HashTraits<WTF::ObjectIdentifierGeneric<WebCore::ProcessIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long>>, WTF::HashTableTraits, (WTF::ShouldValidateKey)1> const&, WTF::CompletionHandler<void ()>&&)::$_0, void>::call() UnifiedSource-72468c22-2.cpp #5 0x7f919fab5a18 in WTF::Ref<WTF::CallbackAggregatorOnThread<(WTF::DestructionThread)0>, WTF::RawPtrTraits<WTF::CallbackAggregatorOnThread<(WTF::DestructionThread)0>>, WTF::DefaultRefDerefTraits<WTF::CallbackAggregatorOnThread<(WTF::DestructionThread)0>>>::~Ref() UnifiedSource-72468c22-1.cpp #6 0x7f919fbc37de in WTF::Detail::CallableWrapper<WebKit::NetworkProcess::deleteWebsiteData(PAL::SessionID, WTF::OptionSet<WebKit::WebsiteDataType, (WTF::ConcurrencyTag)0>, WTF::WallTime, WTF::HashSet<WTF::ObjectIdentifierGeneric<WebCore::ProcessIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long>, WTF::DefaultHash<WTF::ObjectIdentifierGeneric<WebCore::ProcessIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long>>, WTF::HashTraits<WTF::ObjectIdentifierGeneric<WebCore::ProcessIdentifierType, WTF::ObjectIdentifierMainThreadAccessTraits<unsigned long>, unsigned long>>, WTF::HashTableTraits, (WTF::ShouldValidateKey)1> const&, WTF::CompletionHandler<void ()>&&)::$_2, void>::~CallableWrapper() UnifiedSource-72468c22-2.cpp #7 0x7f919fb48a3d in WebKit::NetworkProcess::removeNetworkConnectionToWebProcess(WebKit::NetworkConnectionToWebProcess&) UnifiedSource-72468c22-2.cpp #8 0x7f919fac9aaa in WebKit::NetworkConnectionToWebProcess::didClose(IPC::Connection&) UnifiedSource-72468c22-1.cpp #9 0x7f919faca08c in non-virtual thunk to WebKit::NetworkConnectionToWebProcess::didClose(IPC::Connection&) UnifiedSource-72468c22-1.cpp #10 0x7f91a00d180b in WTF::Detail::CallableWrapper<IPC::Connection::dispatchDidCloseAndInvalidate()::$_0, void>::call() UnifiedSource-123a7f2f-1.cpp #11 0x7f91988e1749 in WTF::RunLoop::performWork() RunLoop.cpp #12 0x7f9198cab048 in WTF::RunLoop::RunLoop()::$_0::__invoke(void*) RunLoopGLib.cpp #13 0x7f9198ca59e0 in WTF::RunLoop::$_3::__invoke(_GSource*, int (*)(void*), void*) RunLoopGLib.cpp #14 0x7f919942e40d (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x5d40d) (BuildId: 94bfd21331c311d3199726de93a2656d07c22b33) #15 0x7f919942e67f in g_main_context_dispatch (/lib/x86_64-linux-gnu/libglib-2.0.so.0+0x5d67f) (BuildId: 94bfd21331c311d3199726de93a2656d07c22b33) #16 0x7f9198ca6b47 in WTF::RunLoop::runGLibMainLoopIteration(WTF::RunLoop::MayBlock) RunLoopGLib.cpp #17 0x7f9198ca79a1 in WTF::RunLoop::run() (/sdk/webkit/WebKitBuild/GTK/Release/lib/libjavascriptcoregtk-6.0.so.1+0x62a79a1) (BuildId: 12207f79ebe3102c) #18 0x7f919fef97e9 in WebKit::NetworkProcessMain(int, char**) (/sdk/webkit/WebKitBuild/GTK/Release/lib/libwebkitgtk-6.0.so.4+0x56f97e9) (BuildId: 446d1bd84ef1be34) #19 0x55ea29f1f948 in main NetworkProcessMain.cpp #20 0x7f91901b51c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16 #21 0x7f91901b528a in __libc_start_main csu/../csu/libc-start.c:360:3 #22 0x55ea29e4fd44 in _start (/sdk/webkit/WebKitBuild/GTK/Release/bin/WebKitNetworkProcess+0x62d44) (BuildId: f92c3631832e666b)
Note You need to log in before you can comment on or make changes to this bug.