Bug 280073
| Summary: | REGRESSION(283414@main): [WPE][GTK] File descriptor leak if process launch is canceled immediately | ||
|---|---|---|---|
| Product: | WebKit | Reporter: | Michael Catanzaro <mcatanzaro> |
| Component: | WebKitGTK | Assignee: | Michael Catanzaro <mcatanzaro> |
| Status: | RESOLVED FIXED | ||
| Severity: | Normal | CC: | bugs-noreply, mcatanzaro |
| Priority: | P2 | ||
| Version: | Other | ||
| Hardware: | PC | ||
| OS: | Linux | ||
| See Also: |
https://bugs.webkit.org/show_bug.cgi?id=280061 https://bugs.webkit.org/show_bug.cgi?id=280237 |
||
Michael Catanzaro
Since 283414@main, if the ProcessLauncher is destroyed before received a reply from its pid socket, the server end of the socket is leaked. The bug is here in ProcessLauncherGLib.cpp's ProcessLauncher::launchProcess:
m_socketMonitor.start(pidSocket.get(), G_IO_IN, RunLoop::main(), [protectedThis = Ref { *this }, this, pidSocket, serverSocket = WTFMove(webkitSocketPair.server)](GIOCondition condition) -> gboolean {
That code moves ownership of the socket to the lambda function, without resource-acquisition-is-initialization semantics. If the socket monitor is destroyed before executing the callback, the socket is leaked. Using UnixFileDescriptor like we're supposed to would have prevented this, but I was overconfident because the code seemed simple.
See also: bug #280061
| Attachments | ||
|---|---|---|
| Add attachment proposed patch, testcase, etc. |
Michael Catanzaro
Pull request: https://github.com/WebKit/WebKit/pull/34089
Michael Catanzaro
Follow up: bug #280237
EWS
Committed 284159@main (7dd6aeafdd8e): <https://commits.webkit.org/284159@main>
Reviewed commits have been landed. Closing PR #34089 and removing active labels.