8000 fix: do not leak IPC or context bridge promises by MarshallOfSound · Pull Request #23321 · electron/electron · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

fix: do not leak IPC or context bridge promises #23321

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Apr 29, 2020
Merged

fix: do not leak IPC or context bridge promises #23321

merged 1 commit into from
Apr 29, 2020

Conversation

MarshallOfSound
Copy link
Member

This fixes three main memory leaks to do with our promise helper mostly:

  • IPCRenderer would hold pending promises for invoke calls even after the render frame was removed, those promises had a strong ref to the Context so the context was never freed
  • contextBridge proxy promise had a similar issue with heap allocating the promise, if it was never resolved or rejected it would never be released, thus never releasing the strong ref to Context
  • And a final leak again in the proxy promise impl where we passed strong global of source and destination context into the then and catch functions, if the promise was left pending the globals would not be freed. These have been converted to weak refs.

Notes: Fixed memory leaks in sandbox mode when using contextBridge with promises or ipcRenderer.invoke

@electron-cation electron-cation bot added the new-pr 🌱 PR opened recently label Apr 28, 2020
nornagon
nornagon reviewed Apr 28, 2020
View reviewed changes
shell/renderer/api/electron_api_context_bridge.cc
Comment on lines +207 to +211
v8::Global<v8::Context> global_then_destination_context(
destination_context->GetIsolate(), destination_context);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is redundant with the promise's context right? Should we expose a reference to the promise helper's context?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think the promise should expose it's context, I'd rather the promise didn't hold a context at all 😆

shell/renderer/api/electron_api_context_bridge.cc
auto then_cb = base::BindOnce(
[](gin_helper::Promise<v8::Local<v8::Value>>* proxied_promise,
[](std::shared_ptr<gin_helper::Promise<v8::Local<v8::Value>>>
proxied_promise,
v8::Isolate* isolate,
v8::Global<v8::Context> global_source_context,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The source context should be the current context when then_cb is invoked right?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's making some assumptions about which context the promise was called from which isn't always gonna be the main world, E.g. an iframe could call it

shell/renderer/api/electron_api_ipc_renderer.cc
Comment on lines +63 to +68
void WillReleaseScriptContext(v8::Local<v8::Context> context,
int32_t world_id) override {
if (weak_context_.IsEmpty() ||
weak_context_.Get(context->GetIsolate()) == context)
electron_browser_ptr_.reset();
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we make the promise helper's context reference weak, is this still needed?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maybe, not sure, and it's probably more safe / correct to free this at the right time anyway

@electron-cation electron-cation bot removed the new-pr 🌱 PR opened recently label Apr 29, 2020
@MarshallOfSound MarshallOfSound merged commit 075472d into master Apr 29, 2020
@release-clerk
Copy link
release-clerk bot commented Apr 29, 2020

Release Notes Persisted

Fixed memory leaks in sandbox mode when using contextBridge with promises or ipcRenderer.invoke

@trop
Copy link
Contributor
trop bot commented Apr 29, 2020

I was unable to backport this PR to "7-2-x" cleanly;
you will need to perform this backport manually.

@trop
Copy link
Contributor
trop bot commented Apr 29, 2020

I was unable to backport this PR to "8-x-y" cleanly;
you will need to perform this backport manually.

@trop trop bot mentioned this pull request Apr 29, 2020
Merged
@trop
Copy link
Contributor
trop bot commented Apr 29, 2020

I have automatically backported this PR to "9-x-y", please check out #23338

@MarshallOfSound MarshallOfSound deleted the no-leaks-plz branch April 29, 2020 22:53
MarshallOfSound added a commit that referenced this pull request Apr 29, 2020
@MarshallOfSound
fix: do not leak IPC or context bridge promises (#23321)
ec7ffc8
@MarshallOfSound MarshallOfSound mentioned this pull request Apr 29, 2020
Merged
@trop
Copy link
Contributor
trop bot commented Apr 29, 2020

@MarshallOfSound has manually backported this PR to "8-x-y", please check out #23339

MarshallOfSound added a commit that referenced this pull request Apr 29, 2020
@MarshallOfSound
fix: do not leak IPC or context bridge promises (#23321)
6c42b90
MarshallOfSound added a commit that referenced this pull request Apr 29, 2020
@MarshallOfSound
fix: do not leak IPC or context bridge promises (#23321)
a266142
MarshallOfSound added a commit that referenced this pull request Apr 30, 2020
@MarshallOfSound
fix: do not leak IPC or context bridge promises (#23321) (#23339)
479fc57
@nornagon nornagon mentioned this pull request Jun 2, 2020
Merged
6 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nornagon nornagon nornagon approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@MarshallOfSound @nornagon
0