From 3caac65cc80f6daeeacb3aac6a29d15bde788c4b Mon Sep 17 00:00:00 2001
From: Sviatoslav Peleshko <speles@mail.ua>
Date: Sun, 6 Feb 2022 15:59:31 +0200
Subject: [PATCH] CrashReporter: Capture backtrace progress callback's
 arguments by value

Previously we captured them by reference, but when the deferred code
finally runs from an event loop, the references may be stale.
In that case, value and max of the progressbar are set with random
numbers.
If we were especially unlucky, the `frame_count` turned into a negative
int, and would crash at `VERIFY(min <= max)`.
---
 Userland/Applications/CrashReporter/main.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Userland/Applications/CrashReporter/main.cpp b/Userland/Applications/CrashReporter/main.cpp
index 33e31325a2..ac3766c5c2 100644
--- a/Userland/Applications/CrashReporter/main.cpp
+++ b/Userland/Applications/CrashReporter/main.cpp
@@ -277,7 +277,7 @@ ErrorOr<int> serenity_main(Main::Arguments arguments)
             coredump->for_each_thread_info([&](auto& thread_info) {
                 results.thread_backtraces.append(build_backtrace(*coredump, thread_info, thread_index, [&](size_t frame_index, size_t frame_count) {
                     Core::EventLoop::with_main_locked([&](auto& main) {
-                        main->deferred_invoke([&] {
+                        main->deferred_invoke([&, frame_index, frame_count] {
                             window->set_progress(100.0f * (float)(frame_index + 1) / (float)frame_count);
                             progressbar.set_value(frame_index + 1);
                             progressbar.set_max(frame_count);