Bug 255788

Summary: REGRESSION (263108@main): [ Ventura debug ] ASSERTION FAILED: WTF::WeakPtr<WebKit::RemoteScrollingCoordinatorProxy, WTF::DefaultWeakPtrImpl>::operator->() const
Product: WebKit Reporter: Karl Rackler <rackler>
Component: New BugsAssignee: Wenson Hsieh <wenson_hsieh>
Status: RESOLVED FIXED    
Severity: Normal CC: webkit-bot-watchers-bugzilla, webkit-bug-importer, wenson_hsieh
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   

Description Karl Rackler 2023-04-21 08:15:12 PDT 
Description:
tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-async-overflow.html is a consistent crash

The test was consistently passing until range https://commits.webkit.org/compare/263108@main...263104@main.  The assertion references changes like setNodeScrollSnapInProgress made in https://commits.webkit.org/263108@main, making it the likely culprit.

This issue can be reproduced using command:
run-webkit-tests --exit-after-n-failures 1 --exit-after-n-crashes-or-timeouts 1 --iterations 1 --no-retry-failures --use-gpu-process --remote-layer-tree  tiled-drawing/scrolling/scroll-snap/scroll-snap-mandatory-async-overflow.html

History:
https://results.webkit.org/?suite=layout-tests&test=tiled-drawing%2Fscrolling%2Fscroll-snap%2Fscroll-snap-mandatory-async-overflow.html&flavor=gpuprocess

Crash Log:
No crash log found for WebKitTestRunner:72968.

stdout:

stderr:
ASSERTION FAILED: !m_impl || !m_shouldEnableAssertions || m_impl->wasConstructedOnMainThread() == isMainThread()
/Volumes/Data/worker/Apple-Ventura-Debug-Build/build/WebKitBuild/Debug/usr/local/include/wtf/WeakPtr.h(139) : T *WTF::WeakPtr<WebKit::RemoteScrollingCoordinatorProxy>::operator->() const [T = WebKit::RemoteScrollingCoordinatorProxy, WeakPtrImpl = WTF::DefaultWeakPtrImpl]
1   0x12114f919 WTFCrash
2   0x15389cb8b WTFCrashWithInfo(int, char const*, char const*, int)
3   0x15568e41a WTF::WeakPtr<WebKit::RemoteScrollingCoordinatorProxy, WTF::DefaultWeakPtrImpl>::operator->() const
4   0x15568e7f1 WebKit::RemoteScrollingTree::scrollingTreeNodeDidBeginScrollSnapping(unsigned long long)
5   0x12e4e54fa WebCore::ScrollingTree::setNodeScrollSnapInProgress(unsigned long long, bool)
6   0x12e502302 WebCore::ScrollingTreeScrollingNode::setScrollSnapInProgress(bool)
7   0x12e508c22 WebCore::ThreadedScrollingTreeScrollingNodeDelegate::willStartScrollSnapAnimation()
8   0x12e57db30 WebCore::ScrollingEffectsController::startScrollSnapAnimation()
9   0x12c4610c9 WebCore::ScrollingEffectsController::processWheelEventForScrollSnap(WebCore::PlatformWheelEvent const&)
10  0x12c460407 WebCore::ScrollingEffectsController::handleWheelEvent(WebCore::PlatformWheelEvent const&)
11  0x12ba70589 WebCore::ScrollingTreeScrollingNodeDelegateMac::handleWheelEvent(WebCore::PlatformWheelEvent const&)
12  0x12ba74d87 WebCore::ScrollingTreeOverflowScrollingNodeMac::handleWheelEvent(WebCore::PlatformWheelEvent const&, WebCore::EventTargeting)
13  0x12e4e0da1 WebCore::ScrollingTree::handleWheelEvent(WebCore::PlatformWheelEvent const&, WTF::OptionSet<WebCore::WheelEventProcessingSteps>)::$_3::operator()() const
14  0x12e4e0a40 WebCore::ScrollingTree::handleWheelEvent(WebCore::PlatformWheelEvent const&, WTF::OptionSet<WebCore::WheelEventProcessingSteps>)
15  0x1556908fa WebKit::RemoteLayerTreeEventDispatcher::internalHandleWheelEvent(WebCore::PlatformWheelEvent const&, WTF::OptionSet<WebCore::WheelEventProcessingSteps>)
16  0x155690483 WebKit::RemoteLayerTreeEventDispatcher::scrollingThreadHandleWheelEvent(WebKit::WebWheelEvent const&, WebCore::RectEdges<bool>)
17  0x1556a82d8 WebKit::RemoteLayerTreeEventDispatcher::handleWheelEvent(WebKit::WebWheelEvent const&, WebCore::RectEdges<bool>)::$_10::operator()() const
18  0x1556a8209 WTF::Detail::CallableWrapper<WebKit::RemoteLayerTreeEventDispatcher::handleWheelEvent(WebKit::WebWheelEvent const&, WebCore::RectEdges<bool>)::$_10, void>::call()
19  0x12117a4b2 WTF::Function<void ()>::operator()() const
20  0x121210afe WTF::RunLoop::performWork()
21  0x121214aee WTF::RunLoop::performWork(void*)
22  0x7ff816c20b78 __CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__
23  0x7ff816c20b27 __CFRunLoopDoSource0
24  0x7ff816c20901 __CFRunLoopDoSources0
25  0x7ff816c1f57b __CFRunLoopRun
26  0x7ff816c1eb60 CFRunLoopRunSpecific
27  0x7ff816ca37aa CFRunLoopRun
28  0x121214fa6 WTF::RunLoop::run()
29  0x121212744 WTF::RunLoop::create(char const*, WTF::ThreadType, WTF::Thread::QOS)::$_1::operator()() const
30  0x1212126e9 WTF::Detail::CallableWrapper<WTF::RunLoop::create(char const*, WTF::ThreadType, WTF::Thread::QOS)::$_1, void>::call()
31  0x12117a4b2 WTF::Function<void ()>::operator()() const
Comment 1 Radar WebKit Bug Importer 2023-04-21 08:15:37 PDT 
<rdar://problem/108369779>
Comment 2 Karl Rackler 2023-04-21 08:27:07 PDT 
I have marked this test as skip while this issue is investigated.
Comment 3 EWS 2023-04-21 08:33:41 PDT 
Test gardening commit 263243@main (b187d5215988): <https://commits.webkit.org/263243@main>

Reviewed commits have been landed. Closing PR #13032 and removing active labels.
Comment 4 Wenson Hsieh 2023-04-21 10:00:10 PDT 
Pull request: https://github.com/WebKit/WebKit/pull/13037
Comment 5 EWS 2023-04-21 17:55:12 PDT 
Committed 263271@main (f56f38532d22): <https://commits.webkit.org/263271@main>

Reviewed commits have been landed. Closing PR #13037 and removing active labels.