+2016-02-23 Filip Pizlo <fpizlo@apple.com>
+
+ B3::Value doesn't self-destruct virtually enough (Causes many leaks in LowerDFGToB3::appendOSRExit)
+ https://bugs.webkit.org/show_bug.cgi?id=154592
+
+ Reviewed by Saam Barati.
+
+ If Foo has a virtual destructor, then:
+
+ foo->Foo::~Foo() does a non-virtual call to Foo's destructor. Even if foo points to a
+ subclass of Foo that overrides the destructor, this syntax will not call that override.
+
+ foo->~Foo() does a virtual call to the destructor, and so if foo points to a subclass, you
+ get the subclass's override.
+
+ In B3, we used this->Value::~Value() thinking that it would call the subclass's override.
+ This caused leaks because this didn't actually call the subclass's override. This fixes the
+ problem by using this->~Value() instead.
+
+ * b3/B3ControlValue.cpp:
+ (JSC::B3::ControlValue::convertToJump):
+ (JSC::B3::ControlValue::convertToOops):
+ * b3/B3Value.cpp:
+ (JSC::B3::Value::replaceWithIdentity):
+ (JSC::B3::Value::replaceWithNop):
+ (JSC::B3::Value::replaceWithPhi):
+
2016-02-23 Brian Burg <bburg@apple.com>
Web Inspector: the protocol generator's Objective-C name prefix should be configurable
Origin origin = this->origin();
BasicBlock* owner = this->owner;
- this->ControlValue::~ControlValue();
+ this->~ControlValue();
new (this) ControlValue(Jump, origin, FrequentedBlock(destination));
Origin origin = this->origin();
BasicBlock* owner = this->owner;
- this->ControlValue::~ControlValue();
+ this->~ControlValue();
new (this) ControlValue(Oops, origin);
RELEASE_ASSERT(type == value->type());
- this->Value::~Value();
+ this->~Value();
new (this) Value(Identity, type, origin, value);
Origin origin = m_origin;
BasicBlock* owner = this->owner;
- this->Value::~Value();
+ this->~Value();
new (this) Value(Nop, Void, origin);
BasicBlock* owner = this->owner;
Type type = m_type;
- this->Value::~Value();
+ this->~Value();
new (this) Value(Phi, type, origin);
git://git.webkit.org / WebKit-https.git / commitdiff