New page-skipping logic leaks skipped pages (I think)
Commit 75f43d3a (part of Bugzilla bug #794166) introduced a way that a page can be skipped, and yet still apply some default configuration. As far as I can tell, it leaks every skipped page.
-
static GPtrArray *skipped_pages;
is at global scope, for some unknown reason - Its destroy func is
gtk_widget_destroy
- But since these pages are never packed into another container, I'm pretty sure
gtk_widget_destroy
is a no-op and the initial (floating) ref is leaked.
I was curious why the list is at global scope. I think the intention might have been that skipped pages stay alive after rebuild_pages_cb
returns, because (eg) gis_keyboard_page_skip()
calls an async function, passes self
as user_data, without taking a ref, which suggests it assumes that self
will still be alive when the callback is called; destroying all skipped pages on exit from rebuild_pages_cb
would mean this isn't true. But actually it's not true, anyway: when the user selects a different language, rebuild_pages_cb
will be called again, destroying skipped_pages
and all pages within it. If this happens before skip_proxy_ready
is called, it will access a dangling pointer. In fact, the pointer is not used at all by the skip_proxy_ready
callback, so it's accidentally a non-issue.