On Mon, 16 Mar 2026 16:31:19 GMT, Harshitha Onkar <[email protected]> wrote:
>> CDesktopPeer.m creates dispatch semaphores via dispatch_semaphore_create in >> both _lsOpenURI and _lsOpenFile but never releases them. Since the JDK is >> compiled without ARC, each call to Desktop.open(), browse(), mail(), edit(), >> or print() leaks around 80 bytes. >> >> The issue is similar to >> [JDK-8376233](https://bugs.openjdk.org/browse/JDK-8376233) >> >> The fix adds dispatch_release(semaphore) after dispatch_semaphore_wait in >> both functions, paired with dispatch_retain before the async block to >> prevent use-after-free on the timeout path. > > src/java.desktop/macosx/native/libawt_lwawt/awt/CDesktopPeer.m line 82: > >> 80: } >> 81: dispatch_semaphore_signal(semaphore); >> 82: dispatch_release(semaphore); > > You have a **_dispatch_release(semaphore)_** after dispatch_semaphore_wait(), > would that be sufficient to release the semaphore or do we need to call it > here as well ? dispatch_release after dispatch_semaphore_wait is safe only if a timeout never happens. If a timeout happens the semaphore may be released after dispatch_semaphore_wait, and the code above could cause a use-after-free error if executed later. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/29927#discussion_r2941694002
