Changeset 245901 in webkit

Timestamp:

May 30, 2019 12:52:57 PM (5 years ago)

Author:

david_quesada@apple.com

Message:

REGRESSION (r245756) [Mac] 2 TestWebKitAPI.DownloadProgress* and TestWebKitAPI._WKDownload.DownloadMonitorCancel are flaky timeouts
​https://bugs.webkit.org/show_bug.cgi?id=198298
rdar://problem/51182393

Reviewed by Alexey Proskuryakov.

Source/WebKit:

When canceling a download, there has always been a race condition between:

(A) the execution of Download::didCancel() within the block passed to

-[NSURLSessionDownloadTask cancelByProducingResumeData:] within
Download::platformCancelNetworkLoad(), and

(B) the invocation of -[WKNetworkSessionDelegate URLSession:task:didCompleteWithError:]

If A happens before B, the block calls didCancel() on the download, which reports the
cancellation to the UI process and tears down the download. When B happens, WKNetworkSessionDelegate
gracefully handles the fact that the Download has been removed from the map, and nothing
else happens. Life is good.

If B happens before A, -URLSession:task:didCompleteWithError: invokes Download::didFail(),
which reports a download failure (*not* a cancellation) to the UI process and tears down
the Download and DownloadProxy. On release builds, this can leave the tests waiting for a
cancellation until they time out. When A happens, the block calls Download::didCancel().
This messages the UI process, which results in a debug assertion failure from an unhandled
message since the DownloadProxy was torn down when the failure was reported. Meanwhile,
the network process hits a debug assertion in DownloadManager::downloadFinished() when
trying to remove the Download *again*.

r245756 made the bad case (B before A) more likely by adding a delay before didCancel()
is called.

Make this race condition impossible by eliminating the didCancel() from the cancellation
block, and instead relying on -URLSession:task:didCompleteWithError: to report the
download as canceled. This also effectively coalesces calls to platformCancelNetworkLoad(),
which, if called multiple times before CFNetwork reports that the download was canceled,
could cause multiple calls to didCancel(), resulting in the same assertion failures seen
in the B-before-A case.

No new tests, as recreating this race condition in the test scenario would require
additional machinery, and is no longer even possible since we don't depend on the calling
of the cancellation handler in order to report the Download as canceled.

• NetworkProcess/Downloads/Download.cpp:

(WebKit::Download::cancel):

• NetworkProcess/Downloads/Download.h:

(WebKit::Download::wasCanceled const):

• NetworkProcess/Downloads/cocoa/DownloadCocoa.mm:

(WebKit::Download::platformCancelNetworkLoad):

• NetworkProcess/cocoa/NetworkSessionCocoa.mm:

(-[WKNetworkSessionDelegate URLSession:task:didCompleteWithError:]):

Tools:

Re-enable _WKDownload.DownloadMonitorCancel, which should no longer time out with this fix.

• TestWebKitAPI/Tests/WebKitCocoa/Download.mm:

(TestWebKitAPI::TEST):

Location:

trunk

Files:

• Source/WebKit/ChangeLog (modified) (1 diff)
• Source/WebKit/NetworkProcess/Downloads/Download.cpp (modified) (1 diff)
• Source/WebKit/NetworkProcess/Downloads/Download.h (modified) (2 diffs)
• Source/WebKit/NetworkProcess/Downloads/cocoa/DownloadCocoa.mm (modified) (1 diff)
• Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm (modified) (1 diff)
• Tools/ChangeLog (modified) (1 diff)
• Tools/TestWebKitAPI/Tests/WebKitCocoa/Download.mm (modified) (1 diff)

trunk/Source/WebKit/ChangeLog

@@ +1 @@
+2019-05-30  David Quesada  <david_quesada@apple.com>
+
+        REGRESSION (r245756) [Mac] 2 TestWebKitAPI.DownloadProgress* and TestWebKitAPI._WKDownload.DownloadMonitorCancel are flaky timeouts
+        https://bugs.webkit.org/show_bug.cgi?id=198298
+        rdar://problem/51182393
+
+        Reviewed by Alexey Proskuryakov.
+
+        When canceling a download, there has always been a race condition between:
+
+         (A) the execution of Download::didCancel() within the block passed to
+             -[NSURLSessionDownloadTask cancelByProducingResumeData:] within
+             Download::platformCancelNetworkLoad(), and
+
+         (B) the invocation of -[WKNetworkSessionDelegate URLSession:task:didCompleteWithError:]
+
+        If A happens before B, the block calls didCancel() on the download, which reports the
+        cancellation to the UI process and tears down the download. When B happens, WKNetworkSessionDelegate
+        gracefully handles the fact that the Download has been removed from the map, and nothing
+        else happens. Life is good.
+
+        If B happens before A, -URLSession:task:didCompleteWithError: invokes Download::didFail(),
+        which reports a download failure (*not* a cancellation) to the UI process and tears down
+        the Download and DownloadProxy. On release builds, this can leave the tests waiting for a
+        cancellation until they time out. When A happens, the block calls Download::didCancel().
+        This messages the UI process, which results in a debug assertion failure from an unhandled
+        message since the DownloadProxy was torn down when the failure was reported. Meanwhile,
+        the network process hits a debug assertion in DownloadManager::downloadFinished() when
+        trying to remove the Download *again*.
+
+        r245756 made the bad case (B before A) more likely by adding a delay before didCancel()
+        is called.
+
+        Make this race condition impossible by eliminating the didCancel() from the cancellation
+        block, and instead relying on -URLSession:task:didCompleteWithError: to report the
+        download as canceled. This also effectively coalesces calls to platformCancelNetworkLoad(),
+        which, if called multiple times before CFNetwork reports that the download was canceled,
+        could cause multiple calls to didCancel(), resulting in the same assertion failures seen
+        in the B-before-A case.
+
+        No new tests, as recreating this race condition in the test scenario would require
+        additional machinery, and is no longer even possible since we don't depend on the calling
+        of the cancellation handler in order to report the Download as canceled.
+
+        * NetworkProcess/Downloads/Download.cpp:
+        (WebKit::Download::cancel):
+        * NetworkProcess/Downloads/Download.h:
+        (WebKit::Download::wasCanceled const):
+        * NetworkProcess/Downloads/cocoa/DownloadCocoa.mm:
+        (WebKit::Download::platformCancelNetworkLoad):
+        * NetworkProcess/cocoa/NetworkSessionCocoa.mm:
+        (-[WKNetworkSessionDelegate URLSession:task:didCompleteWithError:]):
+
 2019-05-30  Chris Dumez  <cdumez@apple.com>
 

trunk/Source/WebKit/NetworkProcess/Downloads/Download.cpp

@@ -87 +87 @@
 void Download::cancel()
 {
+    m_wasCanceled = true;
     if (m_download) {
         m_download->cancel();

trunk/Source/WebKit/NetworkProcess/Downloads/Download.h

@@ -93 +93 @@
 
     bool isAlwaysOnLoggingAllowed() const;
+    bool wasCanceled() const { return m_wasCanceled; }
 
     void applicationDidEnterBackground() { m_monitor.applicationDidEnterBackground(); }
@@ -120 +121 @@
     PAL::SessionID m_sessionID;
     String m_suggestedName;
+    bool m_wasCanceled { false };
     bool m_hasReceivedData { false };
     DownloadMonitor m_monitor { *this };

trunk/Source/WebKit/NetworkProcess/Downloads/cocoa/DownloadCocoa.mm

@@ -81 +81 @@
 {
     ASSERT(m_downloadTask);
+
+    // The download's resume data is accessed in the network session delegate
+    // method -URLSession:task:didCompleteWithError: instead of inside this block,
+    // to avoid race conditions between the two. Calling -cancel is not sufficient
+    // here because CFNetwork won't provide the resume data unless we ask for it.
     [m_downloadTask cancelByProducingResumeData:^(NSData *resumeData) {
-        callOnMainThread([this, resumeData = retainPtr(resumeData)] {
-            if (resumeData && resumeData.get().bytes && resumeData.get().length)
-                didCancel(IPC::DataReference(reinterpret_cast<const uint8_t*>(resumeData.get().bytes), resumeData.get().length));
-            else
-                didCancel({ });
-        });
+        UNUSED_PARAM(resumeData);
     }];
 }

trunk/Source/WebKit/NetworkProcess/cocoa/NetworkSessionCocoa.mm

@@ -624 +624 @@
                 NSData *resumeData = nil;
                 if (id userInfo = error.userInfo) {
-                    if ([userInfo isKindOfClass:[NSDictionary class]])
+                    if ([userInfo isKindOfClass:[NSDictionary class]]) {
                         resumeData = userInfo[@"NSURLSessionDownloadTaskResumeData"];
+                        if (resumeData && ![resumeData isKindOfClass:[NSData class]]) {
+                            RELEASE_LOG(NetworkSession, "Download task %llu finished with resume data of wrong class: %s", (unsigned long long)task.taskIdentifier, NSStringFromClass([resumeData class]).UTF8String);
+                            ASSERT_NOT_REACHED();
+                            resumeData = nil;
+                        }
+                    }
                 }
-                
-                if (resumeData && [resumeData isKindOfClass:[NSData class]])
-                    download->didFail(error, { static_cast<const uint8_t*>(resumeData.bytes), resumeData.length });
+
+                auto resumeDataReference = resumeData ? IPC::DataReference { static_cast<const uint8_t*>(resumeData.bytes), resumeData.length } : IPC::DataReference { };
+
+                if (download->wasCanceled())
+                    download->didCancel(resumeDataReference);
                 else
-                    download->didFail(error, { });
+                    download->didFail(error, resumeDataReference);
             }
         }

trunk/Tools/ChangeLog

@@ +1 @@
+2019-05-30  David Quesada  <david_quesada@apple.com>
+
+        REGRESSION (r245756) [Mac] 2 TestWebKitAPI.DownloadProgress* and TestWebKitAPI._WKDownload.DownloadMonitorCancel are flaky timeouts
+        https://bugs.webkit.org/show_bug.cgi?id=198298
+        rdar://problem/51182393
+
+        Reviewed by Alexey Proskuryakov.
+
+        Re-enable _WKDownload.DownloadMonitorCancel, which should no longer time out with this fix.
+
+        * TestWebKitAPI/Tests/WebKitCocoa/Download.mm:
+        (TestWebKitAPI::TEST):
+
 2019-05-30  Truitt Savell  <tsavell@apple.com>
 

trunk/Tools/TestWebKitAPI/Tests/WebKitCocoa/Download.mm

@@ -880 +880 @@
 }
 
-TEST(_WKDownload, DISABLED_DownloadMonitorCancel)
+TEST(_WKDownload, DownloadMonitorCancel)
 {
     downloadAtRate(0.5, 120); // Should cancel in ~0.5 seconds