From 0e45c0bb500b98c80466bcd4c4570f017a34e750 Mon Sep 17 00:00:00 2001 From: Andy Locascio Date: Fri, 20 Dec 2019 10:54:32 -0800 Subject: [PATCH 1/2] fix: reset next/prev pointers for life-monitored nodes --- .../api/context_bridge/render_frame_context_bridge_store.cc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/shell/renderer/api/context_bridge/render_frame_context_bridge_store.cc b/shell/renderer/api/context_bridge/render_frame_context_bridge_store.cc index eb826bac75360..2fa048c7d47c9 100644 --- a/shell/renderer/api/context_bridge/render_frame_context_bridge_store.cc +++ b/shell/renderer/api/context_bridge/render_frame_context_bridge_store.cc @@ -47,9 +47,11 @@ class CachedProxyLifeMonitor final : public ObjectLifeMonitor { } if (node_->prev) { node_->prev->next = node_->next; + node_->prev = nullptr; } if (node_->next) { node_->next->prev = node_->prev; + node_->next = nullptr; } if (!node_->prev && !node_->next) { // Must be a single length linked list From 26fde5cfa9cf18e8878cc7ca8b52ab8d3eaef2fc Mon Sep 17 00:00:00 2001 From: Andy Locascio Date: Fri, 20 Dec 2019 11:17:03 -0800 Subject: [PATCH 2/2] fix: don't double-delete nodes in a linked list --- .../api/context_bridge/render_frame_context_bridge_store.cc | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/shell/renderer/api/context_bridge/render_frame_context_bridge_store.cc b/shell/renderer/api/context_bridge/render_frame_context_bridge_store.cc index 2fa048c7d47c9..16e14a3c15d50 100644 --- a/shell/renderer/api/context_bridge/render_frame_context_bridge_store.cc +++ b/shell/renderer/api/context_bridge/render_frame_context_bridge_store.cc @@ -78,11 +78,7 @@ WeakGlobalPairNode::WeakGlobalPairNode(WeakGlobalPair pair) { this->pair = std::move(pair); } -WeakGlobalPairNode::~WeakGlobalPairNode() { - if (next) { - delete next; - } -} +WeakGlobalPairNode::~WeakGlobalPairNode() {} RenderFramePersistenceStore::RenderFramePersistenceStore( content::RenderFrame* render_frame)