Bug 229301

Summary: Release assert in ScriptController::canExecuteScripts via WebCore::WebSocket::didReceiveMessage
Product: WebKit Reporter: Patrick Angle <pangle>
Component: Web InspectorAssignee: Patrick Angle <pangle>
Severity: Normal CC: cdumez, ews-watchlist, hi, inspector-bugzilla-changes, rniwa, toyoshim, webkit-bug-importer, yutak
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: All   
OS: All   
Description Flags
Patch v1.0
Patch v1.1 - Added test coverage none

Description Patrick Angle 2021-08-19 11:23:53 PDT
Steps to reproduce:
1. Go to http://socketo.me/demo
2. Enter a test account name, like Test1
3. Click the General Join button above the navy rectangle.
4. In another browser (or another window) go to the same page, enter a second test username, and join the same General room.
5. Have each “user” send a message and confirm it arrives in the other session.
6. Open Web Inspector in the first session and type debugger in the console to pause execution.
7. From the second session, send another message.
8. From the first session, resume script execution from Web Inspector.
9. The web content process crashes with a release security assert in WebCore::ScriptController::canExecuteScripts.
Comment 1 Patrick Angle 2021-08-19 11:24:02 PDT
Comment 2 Patrick Angle 2021-08-19 12:24:19 PDT
Created attachment 435894 [details]
Patch v1.0
Comment 3 Ryosuke Niwa 2021-08-19 12:35:03 PDT
Comment on attachment 435894 [details]
Patch v1.0

View in context: https://bugs.webkit.org/attachment.cgi?id=435894&action=review

> Source/WebCore/ChangeLog:12
> +

Can we add a test?
Comment 4 Patrick Angle 2021-08-19 14:13:25 PDT
Created attachment 435903 [details]
Patch v1.1 - Added test coverage
Comment 5 EWS 2021-08-20 10:31:44 PDT
Committed r281323 (240740@main): <https://commits.webkit.org/240740@main>

All reviewed patches have been landed. Closing bug and clearing flags on attachment 435903 [details].