[webkit-changes] [WebKit/WebKit] 125503: Regression(284012 at main) Crash under DNSResolveQueu...
Chris Dumez
noreply at github.com
Mon Oct 7 12:02:20 PDT 2024
Branch: refs/heads/main
Home: https://github.com/WebKit/WebKit
Commit: 1255032f575457a3a8453c04f7d0f76ac291c253
https://github.com/WebKit/WebKit/commit/1255032f575457a3a8453c04f7d0f76ac291c253
Author: Chris Dumez <cdumez at apple.com>
Date: 2024-10-07 (Mon, 07 Oct 2024)
Changed paths:
M Source/WebCore/platform/network/cf/DNSResolveQueueCFNet.cpp
Log Message:
-----------
Regression(284012 at main) Crash under DNSResolveQueueCFNet::performDNSLookup()
https://bugs.webkit.org/show_bug.cgi?id=280987
rdar://137067072
Reviewed by Per Arne Vollan.
284012 at main introduced a timeout timer for DNS resolution in DNSResolveQueueCFNet::performDNSLookup().
When the timer would fire, it would cancel the DNS resolution by calling `nw_resolver_cancel()` and
THEN call the DNS resolution completion handler.
The issue is that the timer itself is owned by the block passed to nw_resolver_set_update_handler().
When calling `nw_resolver_cancel()`, this block would get destroyed, which in turns would destroy
the timeout timer and thus its lambda. Then, the timer lambda would try to call the completion
handler after it's already been deallocated.
* Source/WebCore/platform/network/cf/DNSResolveQueueCFNet.cpp:
(WebCore::DNSResolveQueueCFNet::performDNSLookup):
Canonical link: https://commits.webkit.org/284776@main
To unsubscribe from these emails, change your notification settings at https://github.com/WebKit/WebKit/settings/notifications
More information about the webkit-changes
mailing list