[Webkit-unassigned] [Bug 171195] Crash in WebKit: WebKit::GenericCallback<API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&>::invalidate(WebKit::CallbackBase::Error)

bugzilla-daemon at webkit.org bugzilla-daemon at webkit.org
Wed Dec 6 11:20:00 PST 2017


Evgeny Mironov <e.mironov at activevideo.com> changed:

           What    |Removed                     |Added
                 CC|                            |e.mironov at activevideo.com

--- Comment #3 from Evgeny Mironov <e.mironov at activevideo.com> ---
I guess the problem has been introduced in the https://trac.webkit.org/changeset/213777/webkit when the type of the GenericCallback:: m_callback was changed from CallbackFunction to std::optional<CallbackFunction>. After type changing the checking like "if (!m_callback) return;" checks only whether the m_callback is set but not if it can be called.
As a solution, the constructor can be updated to set m_callback only if provided callback can be called:
    GenericCallback(CallbackFunction&& callback, const ProcessThrottler::BackgroundActivityToken& activityToken)
        : CallbackBase(type(), activityToken)
        , m_callback(std::nullopt)
        if (callback)
            m_callback = WTFMove(callback);

In this case it's enough to check if the m_callback is set.

You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20171206/eeed943b/attachment.html>

More information about the webkit-unassigned mailing list