Bug 256297

Summary: Assert that LocalFrameView::didLayout doesn't execute any author scripts
Product: WebKit Reporter: Ryosuke Niwa <rniwa>
Component: Layout and RenderingAssignee: Ryosuke Niwa <rniwa>
Status: RESOLVED FIXED    
Severity: Normal CC: bfulgham, simon.fraser, webkit-bug-importer, zalan
Priority: P2 Keywords: InRadar
Version: WebKit Local Build   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 256296    

Ryosuke Niwa
Reported 2023-05-03 22:50:51 PDT
LocalFrameView::didLayout shouldn't execute any arbitrary scripts. Assert this by instantiating ScriptDisallowedScope::InMainThread.
Attachments
Add attachment proposed patch, testcase, etc.
Ryosuke Niwa
Comment 1 2023-05-03 22:53:48 PDT
Pull request: https://github.com/WebKit/WebKit/pull/13436
Ryosuke Niwa
Comment 2 2023-05-04 00:17:11 PDT
Hm... this doesn't work because of this call stack: Thread 1 (Thread 0x7fe05659c9c0 (LWP 149845)): #0 0x00007fe060bd4ece in WTFCrash () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #1 0x00007fe0622b90ba in WebCore::Document::updateStyleIfNeeded() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #2 0x00007fe062a064f0 in WebCore::LocalFrameViewLayoutContext::performLayout() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #3 0x00007fe062a06b49 in WebCore::LocalFrameViewLayoutContext::layout() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #4 0x00007fe062a0882c in non-virtual thunk to WebCore::LocalFrameView::updateContentsSize() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #5 0x00007fe062b3ae47 in WebCore::ScrollView::updateScrollbars(WebCore::IntPoint const&) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #6 0x00007fe0629e38fa in WebCore::LocalFrameView::didLayout(WTF::WeakPtr<WebCore::RenderElement, WTF::DefaultWeakPtrImpl>) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #7 0x00007fe062a0677c in WebCore::LocalFrameViewLayoutContext::performLayout() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #8 0x00007fe062a06b49 in WebCore::LocalFrameViewLayoutContext::layout() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #9 0x00007fe062a0882c in non-virtual thunk to WebCore::LocalFrameView::updateContentsSize() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #10 0x00007fe062b3ae47 in WebCore::ScrollView::updateScrollbars(WebCore::IntPoint const&) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #11 0x00007fe062b3b144 in WebCore::ScrollView::setContentsSize(WebCore::IntSize const&) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #12 0x00007fe0629fb140 in WebCore::LocalFrameView::setContentsSize(WebCore::IntSize const&) () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #13 0x00007fe0629fb3cb in WebCore::LocalFrameView::adjustViewSize() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #14 0x00007fe062a0699f in WebCore::LocalFrameViewLayoutContext::performLayout() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1 #15 0x00007fe062a06b49 in WebCore::LocalFrameViewLayoutContext::layout() () at /app/webkit/WebKitBuild/Release/lib/libWPEWebKit-2.0.so.1
Ryosuke Niwa
Comment 3 2023-05-04 22:57:02 PDT
Pull request: https://github.com/WebKit/WebKit/pull/13484
EWS
Comment 4 2023-05-05 11:29:29 PDT
Committed 263727@main (43fc954cc78d): <https://commits.webkit.org/263727@main> Reviewed commits have been landed. Closing PR #13436 and removing active labels.
Radar WebKit Bug Importer
Comment 5 2023-05-05 11:30:20 PDT
<rdar://problem/108958387>
Note You need to log in before you can comment on or make changes to this bug.