Fix context leak in tests #5377
Conversation
|
|
openrefactorymunawar
force-pushed
the
munahaf-patch-1
branch
from
21951b3
to
49ac41e
Compare
host/taskpoller.go
Outdated
| @@ -454,7 +454,8 @@ func (p *TaskPoller) PollAndProcessActivityTaskWithID(dropTask bool) error { | |||
| } | |||
|
|
|||
| func createContext() context.Context { | |||
| ctx, _ := context.WithTimeout(context.Background(), 90*time.Second) | |||
| ctx, cancel := context.WithTimeout(context.Background(), 90*time.Second) | |||
| defer cancel() | |||
There was a problem hiding this comment.
the context will be cancelled immediately after this function returns. We should also return cancel and let caller to call cancel.
BTW, this code is only used in our integration test. It's not good but it's ok.
There was a problem hiding this comment.
If you run "go vet" over your code, it should point out mistakes of this kind. For example:
https://go.dev/play/p/1zlF7qFbzhY
There was a problem hiding this comment.
hey @adonovan, the proper fix would be to return cancel callback and change all the callers with defer cancel(). Do you want to proceed with that? Otherwise let's close this PR and we will find someone else to address it
There was a problem hiding this comment.
I have prepared an updated patch. However, I am traveling now and cannot access the GitHub account used to create the pull request. I will address this in about a week.
|
While I agree with this in general, I don't think it's true for The leak would be coming from the parent's list of children to propagate cancels, but a background context both does not have that list, and it has a nil So these should be cleaned up as soon as they're garbage-collectable. Which is fine. That said, these kinds of funcs mean we can't easily add context data (no parent-ctx arg), and this is a potential landmine if we did (because at that point it'd likely leak). So as long as we've got a clear path to cancel correctly, it seems like an improvement. |
munahaf
requested review from
neil-xie,
davidporter-id-au,
Groxx,
shijiesheng,
agautam478,
jakobht,
3vilhamster,
sankari165,
dkrotx and
demirkayaender
as code owners
taylanisikdemir
changed the title
What changed?
A marker has been added to the code. This is not an actual fix, but a marker denoting that there may be a bug.
Why?
In file: taskpoller.go, there is a function
createContextthat contains a cancellation function returned bycontext.WithTimeout. However, the cancellation function is ignored using_. I suggested that the cancellation function must be called or the new context will remain live until the parent context is cancelled. I did not propose a fix since I am not familiar with the business logic. However, the codebase appears to be following that prescribed convention in other parts.Sponsorship and Support:
This work is done by the security researchers from OpenRefactory and is supported by the Open Source Security Foundation (OpenSSF)(https://openssf.org/): Project Alpha-Omega(https://alpha-omega.dev/). Alpha-Omega is a project partnering with open source software project maintainers to systematically find new, as-yet-undiscovered vulnerabilities in open source code - and get them fixed – to improve global software supply chain security.
How did you test it?
Not reproduced.
Potential risks
Cannot ascertain.
Release notes
Appears not a release candidate.
Documentation Changes
Appears no change is needed.