Skip to content

fix: re-entrancy issues in webContents.loadurl("") #48004

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Aug 11, 2025
Merged

fix: re-entrancy issues in webContents.loadurl("") #48004

merged 1 commit into from
Aug 11, 2025
+54 −2

Conversation

codebytere
Copy link
Member

@codebytere codebytere commented Aug 8, 2025
edited
Loading

Description of Change

Closes #40809

This fixes a crash possible when calling webContents.loadurl("") from a failed call's catch handler. Essentially, a re-entrant navigation triggered from the did-start-navigation event causes the in-flight NavigationRequest to be destroyed before Chromium marks it safe, tripping the is_safe_to_delete_ DCHECK here.

Fix this by monitoring potential re-entrancy sites and failing if we try to call loadURL again at a dangerous time.

Checklist

Release Notes

Notes: Fixed a crash possible when calling webContents.loadurl("") from a failed webContents.loadurl("") call's catch handler.

@electron-cation electron-cation bot added the new-pr 🌱 PR opened recently label Aug 8, 2025
@codebytere codebytere requested a review from deepak1556 August 8, 2025 10:52
@codebytere codebytere added semver/patch backwards-compatible bug fixes target/36-x-y PR should also be added to the "36-x-y" branch. target/37-x-y PR should also be added to the "37-x-y" branch. target/38-x-y PR should also be added to the "38-x-y" branch. labels Aug 8, 2025
@codebytere codebytere marked this pull request as ready for review August 8, 2025 10:53
@codebytere codebytere requested a review from jkleinsc August 8, 2025 10:53
dsanders11
dsanders11 reviewed Aug 8, 2025
View reviewed changes
Copy link
Member

@dsanders11 dsanders11 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this an edge case we could craft a test case for?

deepak1556
deepak1556 approved these changes Aug 9, 2025
View reviewed changes
Copy link
Member

@deepak1556 deepak1556 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM on the implementation

@codebytere
Copy link
Member Author

@dsanders11 added two more cases I think should cover it!

@electron-cation electron-cation bot removed the new-pr 🌱 PR opened recently label Aug 9, 2025
@codebytere codebytere requested a review from dsanders11 August 10, 2025 19:50
@jkleinsc jkleinsc merged commit afb0ee4 into main Aug 11, 2025
102 of 104 checks passed
@jkleinsc jkleinsc deleted the fix-reentrancy-wc branch August 11, 2025 15:20
@release-clerk
Copy link

release-clerk bot commented Aug 11, 2025

Release Notes Persisted

Fixed a crash possible when calling webContents.loadurl("") from a failed webContents.loadurl("") call's catch handler.

This was referenced Aug 11, 2025
Merged
Merged
@trop
Copy link
Contributor

trop bot commented Aug 11, 2025

I have automatically backported this PR to "38-x-y", please check out #48043

@trop trop bot mentioned this pull request Aug 11, 2025
Merged
@trop trop bot removed the target/38-x-y PR should also be added to the "38-x-y" branch. label Aug 11, 2025
@trop
Copy link
Contributor

trop bot commented Aug 11, 2025

I have automatically backported this PR to "36-x-y", please check out #48044

@trop
Copy link
Contributor

trop bot commented Aug 11, 2025

I have automatically backported this PR to "37-x-y", please check out #48045

@trop trop bot added merged/38-x-y PR was merged to the "38-x-y" branch. merged/36-x-y PR was merged to the "36-x-y" branch. merged/37-x-y PR was merged to the "37-x-y" branch. and removed target/36-x-y PR should also be added to the "36-x-y" branch. target/37-x-y PR should also be added to the "37-x-y" branch. in-flight/38-x-y in-flight/36-x-y in-flight/37-x-y labels Aug 11, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jkleinsc jkleinsc jkleinsc approved these changes

@deepak1556 deepak1556 deepak1556 approved these changes

@dsanders11 dsanders11 Awaiting requested review from dsanders11

Assignees
No one assigned
Labels
merged/36-x-y PR was merged to the "36-x-y" branch. merged/37-x-y PR was merged to the "37-x-y" branch. merged/38-x-y PR was merged to the "38-x-y" branch. semver/patch backwards-compatible bug fixes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug]: Electron app will crash when loadURL or loadFile is called again
4 participants
@codebytere @jkleinsc @deepak1556 @dsanders11