RGBCube/serenity
1
Fork 0
mirror of https://github.com/RGBCube/serenity synced 2025-07-26 15:17:45 +00:00
Code Issues Activity Actions

AK: Fix crash during teardown of self-owning objects

Browse source 
We now null out smart pointers *before* calling unref on the pointee.
This ensures that the same smart pointer can't be used to acquire a new
reference to the pointee after its destruction has begun.

I ran into this when destroying a non-empty IntrusiveList of RefPtrs,
but the problem was more general so this fixes it for all of RefPtr,
NonnullRefPtr, OwnPtr and NonnullOwnPtr.
This commit is contained in:
Andreas Kling 2023-04-21 13:36:32 +02:00
parent 66bd7cdb28
commit b7e847e58b
10 changed files with 102 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

6
Tests/AK/TestIntrusiveList.cpp
View file

@ -155,3 +155,9 @@ TEST_CASE(intrusive_nonnull_ref_ptr_intrusive)
EXPECT(nonnull_ref_list.is_empty());
}
TEST_CASE(destroy_nonempty_intrusive_list)
{
IntrusiveNonnullRefPtrList nonnull_ref_list;
nonnull_ref_list.append(adopt_ref(*new IntrusiveNonnullRefPtrItem));
}