Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: f55db8dff653899cde7cb96a7b5cc205b1d65c62
https://github.com/WebKit/WebKit/commit/f55db8dff653899cde7cb96a7b5cc205b1d65c62
Author: Nipun Shukla <[email protected]>
Date: 2026-04-28 (Tue, 28 Apr 2026)
Changed paths:
A
LayoutTests/fast/js-promise/js-promise-self-perpetuating-inside-detached-iframe-expected.txt
A
LayoutTests/fast/js-promise/js-promise-self-perpetuating-inside-detached-iframe.html
M Source/JavaScriptCore/runtime/JSGlobalObject.cpp
M Source/JavaScriptCore/runtime/JSGlobalObject.h
M Source/JavaScriptCore/runtime/MicrotaskQueue.h
M Source/JavaScriptCore/runtime/MicrotaskQueueInlines.h
M Source/WebCore/page/LocalFrame.cpp
Log Message:
-----------
After spending some time on a page, web content hangs forcing page reload -
cnn.com, yahoo.com
https://bugs.webkit.org/show_bug.cgi?id=312438
rdar://174443020
Reviewed by Yusuke Suzuki.
This is a speculative fix for an issue with hanging on cnn.com. Due to
the nature of the issue, it is hard to explicitly confirm that this
completely resolves the problem. The cause seems to be that ad frames
on navigated-away-from documents have DOMTimer tasks that fire in a
window where the document is no longer fully active but its
EventLoopTaskGroup has not yet been marked as ReadyToStop. These timer
callbacks trigger self-perpetuating microtask chains that cause the
microtask drain to hang indefinitely.
JSGlobalObject::queueMicrotask was not checking whether the queueing
realm's associated document is still fully active, allowing detached
realms to keep enqueueing microtasks indefinitely. This change adds that
check, dropping a microtask when the realm's document is no longer fully
active and the active script's realm is detached. The walk skips
engine-internal frames so thatvmachinery delivering microtasks across
realms is not misidentified. LocalFrame::frameWasDisconnectedFromOwner
marks each per-world JSDOMWindow wrapper as no longer fully active
when the frame detaches.
Test: fast/js-promise/js-promise-self-perpetuating-inside-detached-iframe.html
*
LayoutTests/fast/js-promise/js-promise-self-perpetuating-inside-detached-iframe-expected.txt:
Added.
*
LayoutTests/fast/js-promise/js-promise-self-perpetuating-inside-detached-iframe.html:
Added.
* Source/JavaScriptCore/runtime/JSGlobalObject.cpp:
(JSC::incumbentRealmIs):
(JSC::JSGlobalObject::queueMicrotask):
* Source/JavaScriptCore/runtime/JSGlobalObject.h:
(JSC::JSGlobalObject::setAssociatedContextIsFullyActive):
* Source/JavaScriptCore/runtime/MicrotaskQueue.h:
(JSC::MicrotaskQueue::isPerformingMicrotaskCheckpoint const):
* Source/JavaScriptCore/runtime/MicrotaskQueueInlines.h:
(JSC::MicrotaskQueue::performMicrotaskCheckpoint):
* Source/WebCore/page/LocalFrame.cpp:
(WebCore::LocalFrame::frameWasDisconnectedFromOwner const):
Canonical link: https://commits.webkit.org/312205@main
To unsubscribe from these emails, change your notification settings at
https://github.com/WebKit/WebKit/settings/notifications
