[webkit-reviews] review denied: [Bug 179037] Crash in: com.apple.WebKit: WebKit::CacheStorage::Caches::initializeSize(WTF::Function<void (std::optional<WebCore::DOMCacheEngine::Error>&&)>&&) + 30 (CacheStorageEngineCaches.cpp:163) : [Attachment 325408] Patch
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Oct 30 19:10:16 PDT 2017
Chris Dumez <cdumez at apple.com> has denied review:
Bug 179037: Crash in: com.apple.WebKit:
WebKit::CacheStorage::Caches::initializeSize(WTF::Function<void
(std::optional<WebCore::DOMCacheEngine::Error>&&)>&&) + 30
(CacheStorageEngineCaches.cpp:163)
https://bugs.webkit.org/show_bug.cgi?id=179037
Attachment 325408: Patch
https://bugs.webkit.org/attachment.cgi?id=325408&action=review
--- Comment #5 from Chris Dumez <cdumez at apple.com> ---
Comment on attachment 325408
--> https://bugs.webkit.org/attachment.cgi?id=325408
Patch
View in context: https://bugs.webkit.org/attachment.cgi?id=325408&action=review
>> Source/WebKit/NetworkProcess/cache/CacheStorageEngineCaches.cpp:136
>> + storeOrigin([protectedThis = makeRef(*this), this, callback =
WTFMove(callback)] (std::optional<Error>&& error) mutable {
>
> Why don't you need the same in readCachesFromDisk() below?
You initialized m_storage above, but what if somebody calls
clearMemoryRepresentation() before your lambda gets called? Your lambda uses
m_storage without null checking it and the crash log show it is dereferencing
null.
More information about the webkit-reviews
mailing list