[Webkit-unassigned] [Bug 280605] REGRESSION(284171 at main): [GTK] build link error, startup crash
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Mon Sep 30 15:53:34 PDT 2024
https://bugs.webkit.org/show_bug.cgi?id=280605
--- Comment #6 from Jim Mason <jmason at ibinx.com> ---
Created attachment 472745
--> https://bugs.webkit.org/attachment.cgi?id=472745&action=review
regression-284418-fix.patch
(In reply to Michael Catanzaro from comment #5)
> The stack traces don't have enough detail to guess what's wrong.
You are becoming cynical in your dotage ;-)
We see at the top of the backtrace a lambda function called by `WebCore::SystemSettings::updateSettings`. The lambda was installed by `webkitWebViewBaseCreateWebPage`.
The problem is, in the lambda, capture of the variable `webkitWebViewBase` is by reference. This seems to be the source of the crash. The variable will have gone out of scope when the lambda runs. The variable is a pointer; we really want to capture the pointer, not the temporal location that holds the pointer. If I change the capture to be by-value (hence, the pointer), the crash disappears.
I have attached the patch I used to clear both problems. However, there could well be other similar issues lurking in 284171 at main; I suggest a review of the full commit just to be certain.
--
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-unassigned/attachments/20240930/fb3a8418/attachment.htm>
More information about the webkit-unassigned
mailing list