Summary: | Crash in WebKit: WebKit::GenericCallback<API::SerializedScriptValue*, bool, WebCore::ExceptionDetails const&>::invalidate(WebKit::CallbackBase::Error) | ||||||
---|---|---|---|---|---|---|---|
Product: | WebKit | Reporter: | Stefan Arentz <stefan> | ||||
Component: | WebKit2 | Assignee: | Nobody <webkit-unassigned> | ||||
Status: | NEW --- | ||||||
Severity: | Normal | CC: | ap, beidson, e.mironov | ||||
Priority: | P2 | ||||||
Version: | Other | ||||||
Hardware: | Unspecified | ||||||
OS: | Unspecified | ||||||
See Also: | https://bugs.webkit.org/show_bug.cgi?id=171196 | ||||||
Attachments: |
|
Description
Stefan Arentz
2017-04-23 06:00:57 PDT
Created attachment 307933 [details]
Crashes
This seems like the same issue as bug 171196. I guess the problem has been introduced in the https://trac.webkit.org/changeset/213777/webkit when the type of the GenericCallback:: m_callback was changed from CallbackFunction to std::optional<CallbackFunction>. After type changing the checking like "if (!m_callback) return;" checks only whether the m_callback is set but not if it can be called. As a solution, the constructor can be updated to set m_callback only if provided callback can be called: GenericCallback(CallbackFunction&& callback, const ProcessThrottler::BackgroundActivityToken& activityToken) : CallbackBase(type(), activityToken) , m_callback(std::nullopt) { if (callback) m_callback = WTFMove(callback); } In this case it's enough to check if the m_callback is set. |