[webkit-changes] [WebKit/WebKit] be5406: (REGRESSION 271082@main) Ruby with continuation in...

Sun, 30 Jun 2024 07:53:49 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: be5406c2d004eb0f09d399102036df0ceb599257
      
https://github.com/WebKit/WebKit/commit/be5406c2d004eb0f09d399102036df0ceb599257
  Author: Alan Baradlay <[email protected]>
  Date:   2024-06-30 (Sun, 30 Jun 2024)

  Changed paths:
    M LayoutTests/TestExpectations
    A LayoutTests/fast/ruby/ruby-with-continuation-crash-expected.txt
    A LayoutTests/fast/ruby/ruby-with-continuation-crash.html
    M Source/WebCore/rendering/updating/RenderTreeBuilder.cpp

  Log Message:
  -----------
  (REGRESSION 271082@main) Ruby with continuation inside crashes on reload
https://bugs.webkit.org/show_bug.cgi?id=276009
<rdar://130757314>

Reviewed by Antti Koivisto.

RenderTreeUpdater gets confused with ruby and continuation and tells 
RenderTreeBuilder
to insert a renderer where the parent and the beforeChild are in different 
subtrees (continuation pre and post blocks).

1. Such unexpected input leads to an "adjusted" beforeChild where the 
beforeChild renderer ends up being the RenderView.
    while (beforeChild && beforeChild->parent() && beforeChild->parent() != 
&parent)
        beforeChild = beforeChild->parent();
2. With beforeChild being the RenderView, RenderElement::attachRendererInternal 
adds it to this unexpected place
which later leads to release assert at teardown (e.g. reload).

While this patch does not fix the root cause, it hardens 
RenderTreeBuilder::attachToRenderElementInternal to never ever
use RenderView as sibling.

* LayoutTests/TestExpectations:
* LayoutTests/fast/ruby/ruby-with-continuation-crash-expected.txt: Added.
* LayoutTests/fast/ruby/ruby-with-continuation-crash.html: Added.
* Source/WebCore/rendering/updating/RenderTreeBuilder.cpp:
(WebCore::RenderTreeBuilder::attachToRenderElementInternal):

Canonical link: https://commits.webkit.org/280510@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
[email protected]
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to