Bug 213228

Summary: [WPE] Flaky crashes in ScrollingTreeFrameScrollingNodeNicosia::repositionScrollingLayers
Product: WebKit Reporter: Diego Pino <dpino>
Component: New BugsAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: bugs-noreply, lmoura, webkit-bug-importer, zan
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
fast/viewport/scroll-delegates-switch-on-page-with-no-composition-mode-asserts.html crash log from r271587 none

Description Diego Pino 2020-06-15 20:56:14 PDT 
The test started to crash regularly since:

r261613                       NOERROR
[r261614-r261615]             UNKNOWN
r261616                       CRASH (Expected: PASS)

Among the range r261616 seems like a likely cause for the regression.

Crash-log: https://build.webkit.org/results/WPE%20Linux%2064-bit%20Release%20(Tests)/r263069%20(18619)/fast/viewport/viewport-1-crash-log.txt

Thread 1 (Thread 0x7f5e5ded5100 (LWP 7264)):
#0  0x00007f5e6663fa35 in WebCore::ScrollingTreeFrameScrollingNodeNicosia::repositionScrollingLayers() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#1  0x00007f5e6663af13 in WebCore::ScrollingTreeScrollingNode::applyLayerPositions() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#2  0x00007f5e66634403 in WebCore::ScrollingTree::applyLayerPositionsRecursive(WebCore::ScrollingTreeNode&) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#3  0x00007f5e66634474 in WebCore::ScrollingTree::applyLayerPositions() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#4  0x00007f5e665920f5 in WebCore::Page::finalizeRenderingUpdate(WTF::OptionSet<WebCore::FinalizeRenderingUpdateFlags>) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#5  0x00007f5e6516f315 in WebKit::CompositingCoordinator::flushPendingLayerChanges() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#6  0x00007f5e651704e0 in WebKit::LayerTreeHost::layerFlushTimerFired() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#7  0x00007f5e651707e8 in WebKit::LayerTreeHost::renderNextFrame(bool) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#8  0x00007f5e685fda84 in WTF::RunLoop::TimerBase::TimerBase(WTF::RunLoop&)::{lambda(void*)#1}::_FUN(void*) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#9  0x00007f5e5f49fc3e in g_main_dispatch (context=0x55e351060310) at ../glib/gmain.c:3309
#10 0x00007f5e5f49fc3e in g_main_context_dispatch (context=context@entry=0x55e351060310) at ../glib/gmain.c:3974
#11 0x00007f5e5f49fff0 in g_main_context_iterate (context=0x55e351060310, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4047
#12 0x00007f5e5f4a02e3 in g_main_loop_run (loop=0x55e351060400) at ../glib/gmain.c:4241
#13 0x00007f5e685fdec0 in WTF::RunLoop::run() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#14 0x00007f5e65182067 in WebKit::WebProcessMain(int, char**) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#15 0x00007f5e5ed46183 in __libc_start_main (main=0x55e350cbaad0 <main>, argc=4, argv=0x7ffe21684458, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7ffe21684448) at ../csu/libc-start.c:308
#16 0x000055e350cbab5e in _start () at ../sysdeps/x86_64/start.S:120
Comment 1 Lauro Moura 2021-01-18 18:37:26 PST 
Original test crashing:

fast/viewport/viewport-1.html

Another test with pretty similar trace:

fast/viewport/scroll-delegates-switch-on-page-with-no-composition-mode-asserts.html

The latter is crashing at a very similar code path (although from a slight different middle of the stack, maybe due to refactors since June?). Full stack attached.

First known crash started in r261854

Thread 1 (Thread 0x7ff5afa2e9c0 (LWP 55)):
#0  0x00007ff5b85af6f5 in WebCore::ScrollingTreeFrameScrollingNodeNicosia::repositionScrollingLayers() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#1  0x00007ff5b85ac86d in WebCore::ScrollingTreeScrollingNode::applyLayerPositions() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#2  0x00007ff5b85a37bf in WebCore::ScrollingTree::applyLayerPositionsRecursive(WebCore::ScrollingTreeNode&) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#3  0x00007ff5b85a3a24 in WebCore::ScrollingTree::applyLayerPositions() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#4  0x00007ff5b851bb65 in WebCore::Page::finalizeRenderingUpdate(WTF::OptionSet<WebCore::FinalizeRenderingUpdateFlags>) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3                    #5  0x00007ff5b6ec651d in WebKit::WebPage::finalizeRenderingUpdate(WTF::OptionSet<WebCore::FinalizeRenderingUpdateFlags>) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3                  #6  0x00007ff5b6ef4c46 in WebKit::CompositingCoordinator::flushPendingLayerChanges() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3                                                       #7  0x00007ff5b6ef5fe0 in WebKit::LayerTreeHost::forceRepaint() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3                                                                            #8  0x00007ff4fc8fb817 in WTR::InjectedBundlePage::dump() () at /app/webkit/WebKitBuild/Release/lib/libTestRunnerInjectedBundle.so
#9  0x00007ff5b6e06939 in WebKit::InjectedBundlePageLoaderClient::didFinishLoadForFrame(WebKit::WebPage&, WebKit::WebFrame&, WTF::RefPtr<API::Object, WTF::RawPtrTraits<API::Object>, WTF::DefaultRefDerefT
raits<API::Object> >&) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#10 0x00007ff5b6e9a4ae in WebKit::WebFrameLoaderClient::dispatchDidFinishLoad() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#11 0x00007ff5b83eb508 in WebCore::FrameLoader::checkLoadCompleteForThisFrame() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#12 0x00007ff5b83eb8ca in WebCore::FrameLoader::checkLoadComplete() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#13 0x00007ff5b83af210 in WebCore::DocumentLoader::finishedLoading() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#14 0x00007ff5b8467813 in WebCore::CachedResource::checkNotify(WebCore::NetworkLoadMetrics const&) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#15 0x00007ff5b846fdc0 in WebCore::CachedRawResource::finishLoading(WebCore::SharedBuffer*, WebCore::NetworkLoadMetrics const&) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#16 0x00007ff5b84370b0 in WebCore::SubresourceLoader::didFinishLoading(WebCore::NetworkLoadMetrics const&) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#17 0x00007ff5b6934ecd in void IPC::handleMessage<Messages::WebResourceLoader::DidFinishResourceLoad, WebKit::WebResourceLoader, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)>(I
PC::Decoder&, WebKit::WebResourceLoader*, void (WebKit::WebResourceLoader::*)(WebCore::NetworkLoadMetrics const&)) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#18 0x00007ff5b692e784 in WebKit::WebResourceLoader::didReceiveWebResourceLoaderMessage(IPC::Connection&, IPC::Decoder&) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#19 0x00007ff5b6b311d5 in IPC::Connection::dispatchMessage(std::unique_ptr<IPC::Decoder, std::default_delete<IPC::Decoder> >) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#20 0x00007ff5b6b3199f in IPC::Connection::dispatchOneIncomingMessage() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#21 0x00007ff5ba7fd4d8 in WTF::RunLoop::performWork() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#22 0x00007ff5ba869f59 in WTF::RunLoop::RunLoop()::{lambda(void*)#1}::_FUN(void*) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#23 0x00007ff5ba86a90f in WTF::RunLoop::{lambda(_GSource*, int (*)(void*), void*)#1}::_FUN(_GSource*, int (*)(void*), void*) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#24 0x00007ff5b3fc518f in g_main_dispatch (context=0x5636feecaac0) at ../glib/gmain.c:3325
#25 g_main_context_dispatch (context=0x5636feecaac0) at ../glib/gmain.c:4043
#26 0x00007ff5b3fc5538 in g_main_context_iterate (context=0x5636feecaac0, block=block@entry=1, dispatch=dispatch@entry=1, self=<optimized out>) at ../glib/gmain.c:4119
#27 0x00007ff5b3fc5853 in g_main_loop_run (loop=0x5636feecfdb0) at ../glib/gmain.c:4317
#28 0x00007ff5ba86aa58 in WTF::RunLoop::run() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#29 0x00007ff5b6efb78c in WebKit::WebProcessMain(int, char**) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-1.0.so.3
#30 0x00007ff5b382c022 in __libc_start_main (main=0x5636fdb92780 <main>, argc=4, argv=0x7fffb583a4c8, init=<optimized out>, fini=<optimized out>, rtld_fini=<optimized out>, stack_end=0x7fffb583a4b8) at .
./csu/libc-start.c:308
#31 0x00005636fdb927be in _start () at ../sysdeps/x86_64/start.S:120
Comment 2 Lauro Moura 2021-01-18 18:38:13 PST 
Created attachment 417857 [details]
fast/viewport/scroll-delegates-switch-on-page-with-no-composition-mode-asserts.html crash log from r271587
Comment 3 Vitaly Dyackhov 2024-02-05 08:34:10 PST 
Pull request: https://github.com/WebKit/WebKit/pull/23859
Comment 4 EWS 2024-03-18 09:19:13 PDT 
Committed 276274@main (35eac7110bda): <https://commits.webkit.org/276274@main>

Reviewed commits have been landed. Closing PR #23859 and removing active labels.
Comment 5 Radar WebKit Bug Importer 2024-03-18 09:20:16 PDT 
<rdar://problem/124950744>