Title: [280420] trunk/Source/WebKit
- Revision
- 280420
- Author
- you...@apple.com
- Date
- 2021-07-29 04:21:26 -0700 (Thu, 29 Jul 2021)
Log Message
NetworkRTCUDPSocketCocoaConnections nw_listener_set_state_changed_handler callback should hold a reference to its listener
https://bugs.webkit.org/show_bug.cgi?id=228551
<rdar://81137047>
Reviewed by Alex Christensen.
nw_listener is not guaranteed to stay valid when calling the state change callback.
We need to hold a reference to the listener in the callback.
To prevent memory leaks, the callback will clear its listener reference when entering cancelled state.
The cancelled state is guaranteed to happen when calling cancel in the listener, which happens when closing the socket.
Covered by existing tests.
* NetworkProcess/webrtc/NetworkRTCUDPSocketCocoa.mm:
(WebKit::NetworkRTCUDPSocketCocoaConnections::NetworkRTCUDPSocketCocoaConnections):
Modified Paths
Diff
Modified: trunk/Source/WebKit/ChangeLog (280419 => 280420)
--- trunk/Source/WebKit/ChangeLog 2021-07-29 11:03:52 UTC (rev 280419)
+++ trunk/Source/WebKit/ChangeLog 2021-07-29 11:21:26 UTC (rev 280420)
@@ -1,3 +1,20 @@
+2021-07-29 Youenn Fablet <you...@apple.com>
+
+ NetworkRTCUDPSocketCocoaConnections nw_listener_set_state_changed_handler callback should hold a reference to its listener
+ https://bugs.webkit.org/show_bug.cgi?id=228551
+ <rdar://81137047>
+
+ Reviewed by Alex Christensen.
+
+ nw_listener is not guaranteed to stay valid when calling the state change callback.
+ We need to hold a reference to the listener in the callback.
+ To prevent memory leaks, the callback will clear its listener reference when entering cancelled state.
+ The cancelled state is guaranteed to happen when calling cancel in the listener, which happens when closing the socket.
+ Covered by existing tests.
+
+ * NetworkProcess/webrtc/NetworkRTCUDPSocketCocoa.mm:
+ (WebKit::NetworkRTCUDPSocketCocoaConnections::NetworkRTCUDPSocketCocoaConnections):
+
2021-07-29 Adrian Perez de Castro <ape...@igalia.com>
Non-unified build fixes, late July 2021 edition
Modified: trunk/Source/WebKit/NetworkProcess/webrtc/NetworkRTCUDPSocketCocoa.mm (280419 => 280420)
--- trunk/Source/WebKit/NetworkProcess/webrtc/NetworkRTCUDPSocketCocoa.mm 2021-07-29 11:03:52 UTC (rev 280419)
+++ trunk/Source/WebKit/NetworkProcess/webrtc/NetworkRTCUDPSocketCocoa.mm 2021-07-29 11:21:26 UTC (rev 280420)
@@ -174,13 +174,14 @@
m_nwListener = adoptNS(nw_listener_create(parameters.get()));
nw_listener_set_queue(m_nwListener.get(), udpSocketQueue());
- nw_listener_set_state_changed_handler(m_nwListener.get(), makeBlockPtr([nwListener = m_nwListener.get(), connection = m_connection.copyRef(), protectedRTCProvider = makeRef(rtcProvider), identifier = m_identifier](nw_listener_state_t state, nw_error_t error) mutable {
+ // The callback holds a reference to the nw_listener and we clear it when going in nw_listener_state_cancelled state, which is triggered when closing the socket.
+ nw_listener_set_state_changed_handler(m_nwListener.get(), makeBlockPtr([nwListener = m_nwListener, connection = m_connection.copyRef(), protectedRTCProvider = makeRef(rtcProvider), identifier = m_identifier](nw_listener_state_t state, nw_error_t error) mutable {
switch (state) {
case nw_listener_state_invalid:
case nw_listener_state_waiting:
break;
case nw_listener_state_ready:
- protectedRTCProvider->doSocketTaskOnRTCNetworkThread(identifier, [port = nw_listener_get_port(nwListener)](auto& socket) mutable {
+ protectedRTCProvider->doSocketTaskOnRTCNetworkThread(identifier, [port = nw_listener_get_port(nwListener.get())](auto& socket) mutable {
auto& udpSocket = static_cast<NetworkRTCUDPSocketCocoa&>(socket);
udpSocket.setListeningPort(port);
});
@@ -193,6 +194,7 @@
connection->send(Messages::LibWebRTCNetwork::SignalClose(identifier, -1), 0);
break;
case nw_listener_state_cancelled:
+ nwListener.clear();
break;
}
}).get());
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes
