-
tzik authored
ModelLoader is a ref counted type, and its first reference used to be taken in its constructor through base::BindOnce. The reference was passed to a task runner, and released after the task has run. However, if the PostTask failed or the posted task ran soon before the construction had completed, the ModelLoader instance can be destroyed before another reference is made on the original sequence. So, `new ModelLoader` can return a stale pointer. This CL adds a static constructor to ModelLoader, and makes the first reference on the original sequence before passing a reference to the other sequence. Bug: 866456 Change-Id: I4d3c954ca39b7187fbd651c498e17273024c9968 Reviewed-on: https://chromium-review.googlesource.com/1151173 Commit-Queue: Taiju Tsuiki <tzik@chromium.org> Reviewed-by:
Scott Violet <sky@chromium.org> Cr-Commit-Position: refs/heads/master@{#578537}
1d5d38a7
