From 41941aeb109feafb2f7008ded0c4ffc12ab91da0 Mon Sep 17 00:00:00 2001 From: Andreas Kling Date: Sat, 23 Dec 2023 20:50:23 +0100 Subject: [PATCH] LibWeb: Don't access SharedImageRequest::m_document in destructor It's not safe to access m_document here since GC may have deleted it by the time we're being deleted. Instead, move this to a finalize() override, since those are guaranteed to be called while both objects are still alive. --- Userland/Libraries/LibWeb/HTML/SharedImageRequest.cpp | 5 ++++- Userland/Libraries/LibWeb/HTML/SharedImageRequest.h | 9 +++++---- 2 files changed, 9 insertions(+), 5 deletions(-) diff --git a/Userland/Libraries/LibWeb/HTML/SharedImageRequest.cpp b/Userland/Libraries/LibWeb/HTML/SharedImageRequest.cpp index 1f5b8f7b2f..f61ee48b6c 100644 --- a/Userland/Libraries/LibWeb/HTML/SharedImageRequest.cpp +++ b/Userland/Libraries/LibWeb/HTML/SharedImageRequest.cpp @@ -40,8 +40,11 @@ SharedImageRequest::SharedImageRequest(JS::NonnullGCPtr page, AK::URL url, { } -SharedImageRequest::~SharedImageRequest() +SharedImageRequest::~SharedImageRequest() = default; + +void SharedImageRequest::finalize() { + Base::finalize(); auto& shared_image_requests = m_document->shared_image_requests(); shared_image_requests.remove(m_url); } diff --git a/Userland/Libraries/LibWeb/HTML/SharedImageRequest.h b/Userland/Libraries/LibWeb/HTML/SharedImageRequest.h index 79c8eac871..d4fae41754 100644 --- a/Userland/Libraries/LibWeb/HTML/SharedImageRequest.h +++ b/Userland/Libraries/LibWeb/HTML/SharedImageRequest.h @@ -17,14 +17,14 @@ namespace Web::HTML { -class SharedImageRequest : public JS::Cell { +class SharedImageRequest final : public JS::Cell { JS_CELL(ImageRequest, JS::Cell); JS_DECLARE_ALLOCATOR(SharedImageRequest); public: [[nodiscard]] static JS::NonnullGCPtr get_or_create(JS::Realm&, JS::NonnullGCPtr, AK::URL const&); - ~SharedImageRequest(); + virtual ~SharedImageRequest() override; AK::URL const& url() const { return m_url; } @@ -40,11 +40,12 @@ public: bool is_fetching() const; bool needs_fetching() const; - virtual void visit_edges(JS::Cell::Visitor&) override; - private: explicit SharedImageRequest(JS::NonnullGCPtr, AK::URL, JS::NonnullGCPtr); + virtual void finalize() override; + virtual void visit_edges(JS::Cell::Visitor&) override; + void handle_successful_fetch(AK::URL const&, StringView mime_type, ByteBuffer data); void handle_failed_fetch();