Ignore:
Timestamp:
Aug 3, 2010, 2:29:32 PM (15 years ago)
Author:
[email protected]
Message:

Change to keep returned pointer from malloc family functions to
quiet memory leak detect. The pointer is saved in the new m_allocBase
member of the ArrayStorage structure. This fixes the issue found in
https://bugs.webkit.org/show_bug.cgi?id=43229.

Patch by Michael Saboff <[email protected]> on 2010-08-03
Reviewed by Gavin Barraclough.

As part of this change, we use m_allocBase when reallocating and
freeing the memory associated with ArrayStorage.

  • runtime/JSArray.cpp:

(JSC::JSArray::JSArray):
(JSC::JSArray::~JSArray):
(JSC::JSArray::putSlowCase):
(JSC::JSArray::increaseVectorLength):
(JSC::JSArray::increaseVectorPrefixLength):

  • runtime/JSArray.h:
File:
1 edited

Legend:

Unmodified
Added
Removed

  • trunk/JavaScriptCore/runtime/JSArray.cpp

    r64320 r64588  
    133133
    134134    ArrayStorage* storage = static_cast<ArrayStorage*>(fastZeroedMalloc(storageSize(initialCapacity)));
     135    storage->m_allocBase = storage;
    135136    m_indexBias = 0;
    136137    setArrayStorage(storage);
     
    138139
    139140    checkConsistency();
     141
     142    Heap::heap(this)->reportExtraMemoryCost(storageSize(0));
    140143}
    141144
     
    150153   
    151154    ArrayStorage* storage = static_cast<ArrayStorage*>(fastMalloc(storageSize(initialCapacity)));
     155    storage->m_allocBase = storage;
    152156    storage->m_length = initialLength;
    153157    m_indexBias = 0;
     
    177181    checkConsistency();
    178182   
    179     Heap::heap(this)->reportExtraMemoryCost(initialCapacity * sizeof(JSValue));
     183    Heap::heap(this)->reportExtraMemoryCost(storageSize(initialCapacity));
    180184}
    181185
     
    186190
    187191    ArrayStorage* storage = static_cast<ArrayStorage*>(fastMalloc(storageSize(initialCapacity)));
     192    storage->m_allocBase = storage;
    188193    m_indexBias = 0;
    189194    storage->m_length = initialCapacity;
     
    216221    ArrayStorage* storage = arrayStorage();
    217222    delete storage->m_sparseValueMap;
    218     char* realStorage = reinterpret_cast<char*>(storage) - (m_indexBias * sizeof(JSValue));
    219     fastFree(realStorage);
     223    fastFree(storage->m_allocBase);
    220224}
    221225
     
    417421    }
    418422
    419     int baseBias = m_indexBias * sizeof(JSValue);
    420     char* baseStorage = reinterpret_cast<char*>(storage - baseBias);
     423    void* baseStorage = storage->m_allocBase;
    421424   
    422425    if (!tryFastRealloc(baseStorage, storageSize(newVectorLength + m_indexBias)).getValue(baseStorage)) {
     
    425428    }
    426429
    427     storage = reinterpret_cast<ArrayStorage*>(baseStorage + baseBias);
     430    storage = reinterpret_cast<ArrayStorage*>(static_cast<char*>(baseStorage) + m_indexBias * sizeof(JSValue));
     431    storage->m_allocBase = baseStorage;
    428432    setArrayStorage(storage);
    429433   
     
    568572    ASSERT(newLength <= MAX_STORAGE_VECTOR_INDEX);
    569573    unsigned newVectorLength = getNewVectorLength(newLength);
    570     int baseBias = m_indexBias * sizeof(JSValue);
    571     char* baseStorage = reinterpret_cast<char*>(storage) - baseBias;
     574    void* baseStorage = storage->m_allocBase;
    572575
    573576    if (!tryFastRealloc(baseStorage, storageSize(newVectorLength + m_indexBias)).getValue(baseStorage))
    574577        return false;
    575    
    576     storage = reinterpret_cast<ArrayStorage*>(baseStorage + baseBias);
     578
     579    storage = reinterpret_cast<ArrayStorage*>(static_cast<char*>(baseStorage) + m_indexBias * sizeof(JSValue));
     580    storage->m_allocBase = baseStorage;
    577581    setArrayStorage(storage);
    578582
     
    600604    ASSERT(newLength <= MAX_STORAGE_VECTOR_INDEX);
    601605    unsigned newVectorLength = getNewVectorLength(newLength);
    602     char* baseStorage = reinterpret_cast<char*>(storage) - (m_indexBias * sizeof(JSValue));
    603    
    604     char* newBaseStorage = reinterpret_cast<char*>(fastMalloc(storageSize(newVectorLength + m_indexBias)));
     606
     607    void* newBaseStorage = fastMalloc(storageSize(newVectorLength + m_indexBias));
    605608    if (!newBaseStorage)
    606609        return false;
    607610   
    608611    m_indexBias += newVectorLength - newLength;
    609     int newStorageOffset = m_indexBias * sizeof(JSValue);
    610    
    611     newStorage = reinterpret_cast<ArrayStorage*>(newBaseStorage + newStorageOffset);
    612    
     612   
     613    newStorage = reinterpret_cast<ArrayStorage*>(static_cast<char*>(newBaseStorage) + m_indexBias * sizeof(JSValue));
     614
    613615    memcpy(newStorage, storage, storageSize(0));
    614616    memcpy(&newStorage->m_vector[newLength - m_vectorLength], &storage->m_vector[0], storage->m_length * sizeof(JSValue));
    615617   
     618    newStorage->m_allocBase = newBaseStorage;
    616619    m_vectorLength = newLength;
    617620   
    618     fastFree(baseStorage);
     621    fastFree(storage->m_allocBase);
    619622
    620623    setArrayStorage(newStorage);
Note: See TracChangeset for help on using the changeset viewer.