Bug 268492

Summary: [iOS 17.4] Crash in -[WKScrollingNodeScrollViewDelegate actingParentScrollViewForScrollView:]
Product: WebKit Reporter: Ali Juma <ajuma>
Component: ScrollingAssignee: Wenson Hsieh <wenson_hsieh>
Status: RESOLVED FIXED    
Severity: Normal CC: simon.fraser, thorton, webkit-bug-importer, wenson_hsieh
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Crashlog none

Ali Juma
Reported 2024-01-31 13:10:51 PST
Chrome for iOS is getting reports of a new crash in iOS 17.4, in -[WKScrollingNodeScrollViewDelegate actingParentScrollViewForScrollView:]. It looks like we might have a null _scrollingTreeNodeDelegate. Here's the crash stack: Exception info: EXC_BAD_ACCESS / KERN_INVALID_ADDRESS @0x00000036 0x00000001ae924040 (WebCore + 0x0000000001eec040) WebCore::ScrollingTreeScrollingNodeDelegate::scrollingTree() const 0x00000001afc2c5ec (WebKit + 0x005dd5ec) -[WKScrollingNodeScrollViewDelegate actingParentScrollViewForScrollView:] 0x000000019bec5e4c (UIKitCore + 0x0001ee4c) _UIGestureOwnerIsEffectivelyDescendantOfOwner 0x000000019bec5dd8 (UIKitCore + 0x0001edd8) -[UIGestureRecognizer _affectedByGesture:] 0x000000019bec5c1c (UIKitCore + 0x0001ec1c) -[UIGestureRecognizer _isExcludedByExcludable:] 0x000000019bec55fc (UIKitCore + 0x0001e5fc) _UIExclusionMatrixPerformExclusion 0x000000019bec32fc (UIKitCore + 0x0001c2fc) _UIGestureEnvironmentUpdate 0x0000000199c64d38 (CoreFoundation + 0x00035d38) __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ 0x0000000199c63734 (CoreFoundation + 0x00034734) __CFRunLoopDoObservers 0x0000000199c62e4c (CoreFoundation + 0x00033e4c) __CFRunLoopRun 0x0000000199c62964 (CoreFoundation + 0x00033964) CFRunLoopRunSpecific 0x00000001dec164dc (GraphicsServices + 0x000034dc) GSEventRunModal 0x000000019c0d2bf8 (UIKitCore + 0x0022bbf8) -[UIApplication _run] 0x000000019c0d2234 (UIKitCore + 0x0022b234) UIApplicationMain 0x000000010491ead0 (Chrome -chrome_exe_main.mm:72) (anonymous namespace)::RunUIApplicationMain(int, char**) 0x000000010491ead0 (Chrome -chrome_exe_main.mm:128) ChromeMain 0x000000010491eb40 (Chrome -chrome_exe_main.mm:135) main 0x00000001bdda8d80 (dyld + 0x00005d80) start
Attachments
Crashlog (26.83 KB, text/plain)
2024-01-31 16:17 PST, Ali Juma 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2024-01-31 14:02:43 PST
<rdar://problem/122041538>
Ali Juma
Comment 2 2024-01-31 16:17:00 PST
Created attachment 469639 [details] Crashlog
Wenson Hsieh
Comment 3 2024-01-31 20:17:15 PST
Pull request: https://github.com/WebKit/WebKit/pull/23648
EWS
Comment 4 2024-02-01 15:22:49 PST
Committed 273946@main (d29efacb92f3): <https://commits.webkit.org/273946@main> Reviewed commits have been landed. Closing PR #23648 and removing active labels.
Note You need to log in before you can comment on or make changes to this bug.