DescriptionInvoke WorkerScriptLoader's m_finishedCallback callback safely.
WorkerScriptLoader instance could be deleted in the midst of running a
member method. Here is a bad scenario that could cause a crash.
1. didFail() client method would be called in the midst of processing
ThreadableLoader::create(), e.g. for forbidden cross origin requests.
2. didFail() invokes m_finishedCallback via notifyFinished().
3. m_finishedCallback could delete WorkerScriptLoader instance.
4. members could be touched after the destruction.
This patch changes the class to postpone the callback invocation until
ThreadableLoader::create() returns, and to do nothing after invoking the
callback.
Also this patch stop using |m_finishing| that's vague.
The flag is used only to check if the callback needs invocation.
BUG=504685
Committed: https://src.chromium.org/viewvc/blink?view=rev&revision=198200
Patch Set 1 #
Total comments: 10
Patch Set 2 : (rebase) #Patch Set 3 : review #3 #
Total comments: 8
Patch Set 4 : review #7 and notify* #
Messages
Total messages: 13 (3 generated)
|