TCPEngineTransport uses PostTask unsafely. |
|||
Issue descriptionTCPEngineTransport::Connect() uses PostTask to complete asynchronously in the case of the underlying TCP Accept() call completely synchronously, but posts the completion-callback directly as the task. This means that tearing down the Transport may still leave the completion callback in-flight, which callers would not typically expect to be the case.
,
Nov 18 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/58b2a9cbdd3184364a2fd9173c95e2a907296b77 commit 58b2a9cbdd3184364a2fd9173c95e2a907296b77 Author: kmarshall <kmarshall@chromium.org> Date: Fri Nov 18 19:24:59 2016 Fix potential teardown race conditions with TCPEngineTransport's PostTasks. * Use a weak pointer to ensure that TCPEngineTransport is alive when we invoke the completion callback on sync connection completion. * Replace use Unretained() with a weak pointer on async connection completion. R=wez@chromium.org BUG= 663970 Review-Url: https://codereview.chromium.org/2511773003 Cr-Commit-Position: refs/heads/master@{#433260} [modify] https://crrev.com/58b2a9cbdd3184364a2fd9173c95e2a907296b77/blimp/net/tcp_engine_transport.cc [modify] https://crrev.com/58b2a9cbdd3184364a2fd9173c95e2a907296b77/blimp/net/tcp_engine_transport.h
,
Nov 18 2016
,
Dec 9 2016
|
|||
►
Sign in to add a comment |
|||
Comment 1 by kmarshall@chromium.org
, Nov 14 2016