Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LibWeb: Another crash on Acid3 in Navigable::get_session_history_entries() #21374

Closed
awesomekling opened this issue Oct 8, 2023 · 0 comments · Fixed by #21382
Closed

LibWeb: Another crash on Acid3 in Navigable::get_session_history_entries() #21374

awesomekling opened this issue Oct 8, 2023 · 0 comments · Fixed by #21382
Labels
bug Something isn't working has-repro We have a way to reproduce this bug. regression

Comments

@awesomekling
Copy link
Collaborator

Another variant of #21364?

To trigger the crash, load this HTML and reload the page:

<!doctype html><body><script>
    let iframe = document.createElement('iframe');
    let p = document.createElement('p');
    p.appendChild(iframe);
    document.body.appendChild(p);
 </script>

Crash:

VERIFICATION FAILED: false at /home/kling/src/serenity/Userland/Libraries/LibWeb/HTML/Navigable.cpp:382
/home/kling/src/serenity/Build/lagom/lib/liblagom-core.so.0(ak_verification_failed+0x97) [0x7fcd8bba8687]
/home/kling/src/serenity/Build/lagom/lib/liblagom-web.so.0 Web::HTML::Navigable::get_session_history_entries() const 0x4b1) [0x7fcd8b22a6e1]
/home/kling/src/serenity/Build/lagom/lib/liblagom-web.so.0 Web::HTML::Navigable::get_the_target_history_entry(int) const 0x8) [0x7fcd8b22a1c8]
/home/kling/src/serenity/Build/lagom/lib/liblagom-web.so.0 Web::HTML::TraversableNavigable::get_all_navigables_whose_current_session_history_entry_will_change_or_reload(int) const 0x117) [0x7fcd8b2ab197]
/home/kling/src/serenity/Build/lagom/lib/liblagom-web.so.0 Web::HTML::TraversableNavigable::apply_the_history_step(int, AK::Optional<Web::HTML::SourceSnapshotParams>) 0xa2) [0x7fcd8b2ab472]
/home/kling/src/serenity/Build/lagom/lib/liblagom-web.so.0 Web::HTML::TraversableNavigable::update_for_navigable_creation_or_destruction() 0x24) [0x7fcd8b2ac5a4]
/home/kling/src/serenity/Build/lagom/lib/liblagom-web.so.0(+0x8ae672) [0x7fcd8b2ae672]
/home/kling/src/serenity/Build/lagom/lib/liblagom-core.so.0(+0x6c999) [0x7fcd8bb89999]
/home/kling/src/serenity/Build/lagom/lib/liblagom-core.so.0 Core::EventReceiver::dispatch_event(Core::Event&, Core::EventReceiver*) 0x75) [0x7fcd8bb88f15]
/home/kling/src/serenity/Build/lagom/bin/WebContent(+0xf023e) [0x55b26510323e]
/lib/x86_64-linux-gnu/libQt6Core.so.6(+0x172326) [0x7fcd8bd72326]
/lib/x86_64-linux-gnu/libQt6Core.so.6 QTimer::timeout(QTimer::QPrivateSignal) 0x3e) [0x7fcd8bd7678e]
/lib/x86_64-linux-gnu/libQt6Core.so.6 QObject::event(QEvent*) 0x1de) [0x7fcd8bd64c7e]
/lib/x86_64-linux-gnu/libQt6Core.so.6 QCoreApplication::notifyInternal2(QObject*, QEvent*) 0xf5) [0x7fcd8bd27825]
/lib/x86_64-linux-gnu/libQt6Core.so.6 QTimerInfoList::activateTimers() 0x309) [0x7fcd8be623c9]
/lib/x86_64-linux-gnu/libQt6Core.so.6(+0x317374) [0x7fcd8bf17374]
/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_dispatch+0x2ad) [0x7fcd8971449d]
/lib/x86_64-linux-gnu/libglib-2.0.so.0(+0xb6178) [0x7fcd8976f178]
/lib/x86_64-linux-gnu/libglib-2.0.so.0(g_main_context_iteration+0x30) [0x7fcd897131b0]
/lib/x86_64-linux-gnu/libQt6Core.so.6 QEventDispatcherGlib::processEvents(QFlags<QEventLoop::ProcessEventsFlag>) 0x70) [0x7fcd8bf14f20]
/lib/x86_64-linux-gnu/libQt6Core.so.6 QEventLoop::exec(QFlags<QEventLoop::ProcessEventsFlag>) 0x2ba) [0x7fcd8bd319aa]
/home/kling/src/serenity/Build/lagom/lib/liblagom-core.so.0 Core::EventLoop::exec() 0x23) [0x7fcd8bb823c3]
/home/kling/src/serenity/Build/lagom/bin/WebContent(+0xf9a9b) [0x55b26510ca9b]
/home/kling/src/serenity/Build/lagom/bin/WebContent(+0xfaf12) [0x55b26510df12]
/lib/x86_64-linux-gnu/libc.so.6(+0x23a90) [0x7fcd89823a90]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0x89) [0x7fcd89823b49]
/home/kling/src/serenity/Build/lagom/bin/WebContent(+0x6cfa5) [0x55b26507ffa5]
@awesomekling awesomekling added bug Something isn't working regression has-repro We have a way to reproduce this bug. labels Oct 8, 2023
kalenikaliaksandr added a commit to kalenikaliaksandr/serenity that referenced this issue Oct 8, 2023
@kalenikaliaksandr
LibWeb: Create navigables only for "connected" iframes
9d1e497 
Navigable should be created for an iframe only if its root is the
document after insertion.

Fixes SerenityOS#21374
@kalenikaliaksandr kalenikaliaksandr mentioned this issue Oct 8, 2023
Merged
kalenikaliaksandr added a commit to kalenikaliaksandr/serenity that referenced this issue Oct 8, 2023
@kalenikaliaksandr
LibWeb: Create navigables only for iframe in a document tree
106a72f 
Navigable should be created for an iframe only, if after insertion, its
root is the document.

Fixes SerenityOS#21374
awesomekling pushed a commit that referenced this issue Oct 8, 2023
@kalenikaliaksandr @awesomekling
LibWeb: Create navigables only for iframe in a document tree
b0d75ef 
Navigable should be created for an iframe only, if after insertion, its
root is the document.

Fixes #21374
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working has-repro We have a way to reproduce this bug. regression
Projects
No open projects
Ladybird
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

LibWeb: Create navigables only for iframe in a document tree kalenikaliaksandr/serenity
1 participant
@awesomekling