Bug 251247 - ASSERTION FAILED: m_element in WebFullScreenManager::setAnimatingFullScreen
Summary: ASSERTION FAILED: m_element in WebFullScreenManager::setAnimatingFullScreen
Status: RESOLVED FIXED
Alias: None
Product: WebKit
Classification: Unclassified
Component: Media (show other bugs)
Version: WebKit Nightly Build
Hardware: Unspecified Unspecified
: P2 Normal
Assignee: Jean-Yves Avenard [:jya]
URL:
Keywords: InRadar
: 248093 (view as bug list)
Depends on:
Blocks:
 
Reported: 2023-01-26 21:45 PST by Jean-Yves Avenard [:jya]
Modified: 2023-01-27 16:09 PST (History)
2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jean-Yves Avenard [:jya] 2023-01-26 21:45:44 PST 
STR:

- In a debug build, open https://talk.objc.io/episodes/S01E338-attributed-string-builder-part-2
- Press play button to start playback
- In the bottom right corner of the video, press the button to go into full screen
- Press Esc key

Assertion on `ASSERT(m_element)` in void WebFullScreenManager::setAnimatingFullScreen(bool animating) 
https://searchfox.org/wubkat/rev/b66d5e5ea816cde25864cad0e14941127e725181/Source/WebKit/WebProcess/FullScreen/WebFullScreenManager.cpp#327

```
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0xbbadbeef)
    frame #0: 0x0000000131c3f2f0 JavaScriptCore`::WTFCrash() at Assertions.cpp:327:35
    frame #1: 0x0000000115bafd04 WebKit`WTFCrashWithInfo((null)=326, (null)="/Users/jyavenard/Work/webkit/OpenSource/Source/WebKit/WebProcess/FullScreen/WebFullScreenManager.cpp", (null)="void WebKit::WebFullScreenManager::setAnimatingFullScreen(bool)", (null)=3680) at Assertions.h:754:5
  * frame #2: 0x0000000117a6e490 WebKit`WebKit::WebFullScreenManager::setAnimatingFullScreen(this=0x000000016852e880, animating=false) at WebFullScreenManager.cpp:326:5
    frame #3: 0x000000011825df5c WebKit`auto void IPC::callMemberFunction<WebKit::WebFullScreenManager, WebKit::WebFullScreenManager, void (bool), std::__1::tuple<bool> >(this=0x000000016d9e9950, args=0x000000016d9e99f6)(bool), std::__1::tuple<bool>&&)::'lambda'(auto&&...)::operator()<bool>(auto&&...) const at HandleMessage.h:136:13
    frame #4: 0x000000011825de8c WebKit`decltype(__f=0x000000016d9e9950, __args=0x000000016d9e99f6)(std::declval<bool>())) std::__1::__invoke[abi:v15006]<void IPC::callMemberFunction<WebKit::WebFullScreenManager, WebKit::WebFullScreenManager, void (bool), std::__1::tuple<bool> >(WebKit::WebFullScreenManager*, void (WebKit::WebFullScreenManager::*)(bool), std::__1::tuple<bool>&&)::'lambda'(auto&&...), bool>(WebKit::WebFullScreenManager&&, bool&&) at invoke.h:394:23
    frame #5: 0x000000011825de5c WebKit`decltype(__f=0x000000016d9e9950, __t=size=1, (null)=__tuple_indices<0UL> @ 0x000000016d9e990f) std::__1::__apply_tuple_impl[abi:v15006]<void IPC::callMemberFunction<WebKit::WebFullScreenManager, WebKit::WebFullScreenManager, void (bool), std::__1::tuple<bool> >(WebKit::WebFullScreenManager*, void (WebKit::WebFullScreenManager::*)(bool), std::__1::tuple<bool>&&)::'lambda'(auto&&...), std::__1::tuple<bool>, 0ul>(WebKit::WebFullScreenManager&&, WebKit::WebFullScreenManager&&, std::__1::__tuple_indices<0ul>) at tuple:1789:1
    frame #6: 0x000000011825de1c WebKit`decltype(__f=0x000000016d9e9950, __t=size=1) std::__1::apply[abi:v15006]<void IPC::callMemberFunction<WebKit::WebFullScreenManager, WebKit::WebFullScreenManager, void (bool), std::__1::tuple<bool> >(WebKit::WebFullScreenManager*, void (WebKit::WebFullScreenManager::*)(bool), std::__1::tuple<bool>&&)::'lambda'(auto&&...), std::__1::tuple<bool> >(WebKit::WebFullScreenManager&&, WebKit::WebFullScreenManager&&) at tuple:1798:1
    frame #7: 0x000000011825ddec WebKit`void IPC::callMemberFunction<WebKit::WebFullScreenManager, WebKit::WebFullScreenManager, void (bool), std::__1::tuple<bool> >(object=0x000000016852e880, function=0c e4 a6 17 01 80 13 db 00 00 00 00 00 00 00 00, tuple=size=1)(bool), std::__1::tuple<bool>&&) at HandleMessage.h:134:5
    frame #8: 0x000000011825caf0 WebKit`void IPC::handleMessage<Messages::WebFullScreenManager::SetAnimatingFullScreen, WebKit::WebFullScreenManager, WebKit::WebFullScreenManager, void (bool)>(connection=0x000000010503ca50, decoder=0x00000001055ae2a0, object=0x000000016852e880, function=0c e4 a6 17 01 80 13 db 00 00 00 00 00 00 00 00)(bool)) at HandleMessage.h:230:5
    frame #9: 0x000000011825c1dc WebKit`WebKit::WebFullScreenManager::didReceiveWebFullScreenManagerMessage(this=0x000000016852e880, connection=0x000000010503ca50, decoder=0x00000001055ae2a0) at WebFullScreenManagerMessageReceiver.cpp:58:16
    frame #10: 0x0000000117a6cb6c WebKit`WebKit::WebFullScreenManager::didReceiveMessage(this=0x000000016852e880, connection=0x000000010503ca50, decoder=0x00000001055ae2a0) at WebFullScreenManager.cpp:133:5
    frame #11: 0x00000001182c8778 WebKit`WebKit::WebPage::didReceiveMessage(this=0x000000010980b208, connection=0x000000010503ca50, decoder=0x00000001055ae2a0) at WebPage.cpp:5458:30
    frame #12: 0x0000000118866060 WebKit`IPC::MessageReceiverMap::dispatchMessage(this=0x00000001050409c8, connection=0x000000010503ca50, decoder=0x00000001055ae2a0) at MessageReceiverMap.cpp:129:26
    frame #13: 0x00000001179e92d8 WebKit`WebKit::WebProcess::didReceiveMessage(this=0x0000000105040990, connection=0x000000010503ca50, decoder=0x00000001055ae2a0) at WebProcess.cpp:933:30
    frame #14: 0x0000000118839f24 WebKit`IPC::Connection::dispatchMessage(this=0x000000010503ca50, decoder=0x00000001055ae2a0) at Connection.cpp:1197:15
    frame #15: 0x000000011883a3e4 WebKit`IPC::Connection::dispatchMessage(this=0x000000010503ca50, message=IPC::Decoder @ 0x00000001055ae2a0) at Connection.cpp:1245:9
    frame #16: 0x000000011883a758 WebKit`IPC::Connection::dispatchOneIncomingMessage(this=0x000000010503ca50) at Connection.cpp:1310:5
    frame #17: 0x00000001188585ec WebKit`IPC::Connection::enqueueIncomingMessage(this=0x00000001054841d8)::$_17::operator()() const at Connection.cpp:1159:28
    frame #18: 0x000000011885852c WebKit`WTF::Detail::CallableWrapper<IPC::Connection::enqueueIncomingMessage(std::__1::unique_ptr<IPC::Decoder, std::__1::default_delete<IPC::Decoder> >)::$_17, void>::call(this=0x00000001054841d0) at Function.h:53:39
    frame #19: 0x0000000131c68290 JavaScriptCore`WTF::Function<void ()>::operator(this=0x000000016d9e9fa0)() const at Function.h:82:35
    frame #20: 0x0000000131d009f0 JavaScriptCore`WTF::RunLoop::performWork(this=0x0000000105010100) at RunLoop.cpp:147:9
    frame #21: 0x0000000131d05038 JavaScriptCore`WTF::RunLoop::performWork(context=0x0000000105010100) at RunLoopCF.cpp:46:37
    frame #22: 0x000000019b8f69f8 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_A_SOURCE0_PERFORM_FUNCTION__ + 28
    frame #23: 0x000000019b8f698c CoreFoundation`__CFRunLoopDoSource0 + 176
    frame #24: 0x000000019b8f66fc CoreFoundation`__CFRunLoopDoSources0 + 244
    frame #25: 0x000000019b8f5304 CoreFoundation`__CFRunLoopRun + 828
    frame #26: 0x000000019b8f4874 CoreFoundation`CFRunLoopRunSpecific + 612
    frame #27: 0x000000019c868f0c Foundation`-[NSRunLoop(NSRunLoop) runMode:beforeDate:] + 212
    frame #28: 0x000000019c8e18cc Foundation`-[NSRunLoop(NSRunLoop) run] + 64
    frame #29: 0x000000019b566594 libxpc.dylib`_xpc_objc_main + 860
    frame #30: 0x000000019b565eb4 libxpc.dylib`xpc_main + 108
    frame #31: 0x00000001167e5a4c WebKit`WebKit::XPCServiceMain((null)=1, (null)=0x000000016d9eb468) at XPCServiceMain.mm:207:5
    frame #32: 0x000000011880a834 WebKit`WKXPCServiceMain(argc=1, argv=0x000000016d9eb468) at WKMain.mm:35:12
    frame #33: 0x0000000102417f9c com.apple.WebKit.WebContent.Development`main(argc=1, argv=0x000000016d9eb468) at AuxiliaryProcessMain.cpp:30:12
    frame #34: 0x000000019b4bff28 dyld`start + 2236
(lldb) 
```
Comment 1 Radar WebKit Bug Importer 2023-01-26 21:46:26 PST 
<rdar://problem/104728830>
Comment 2 Jean-Yves Avenard [:jya] 2023-01-26 21:56:57 PST 
In WKFullScreenWindowController finishedExitFullScreenAnimationAndExitImmediately, 

we have:
```
    // These messages must be sent after the swap or flashing will occur during forceRepaint:
    [self _manager]->didExitFullScreen();
    [self _manager]->setAnimatingFullScreen(false);
```

which calls via IPC:
WebFullScreenManager::didExitFullScreen() which will call `WebFullScreenManager ::clearElement();` which sets m_element to nullptr
followed by
WebFullScreenManager::setAnimatingFullScreen() which asserts that m_element isn't null.


This is a regression from bug 247991
Comment 3 Jean-Yves Avenard [:jya] 2023-01-26 23:00:43 PST 
Pull request: https://github.com/WebKit/WebKit/pull/9208
Comment 4 Ryan Haddad 2023-01-27 14:41:48 PST 
*** Bug 248093 has been marked as a duplicate of this bug. ***
Comment 5 EWS 2023-01-27 16:09:33 PST 
Committed 259513@main (4bbaaeffdd01): <https://commits.webkit.org/259513@main>

Reviewed commits have been landed. Closing PR #9208 and removing active labels.