Leak of VectorBufferBase.m_buffer (16-64 bytes) under JSC::CompactVariableEnvironment...
authorddkilzer@apple.com <ddkilzer@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 9 Jan 2019 00:56:35 +0000 (00:56 +0000)
committerddkilzer@apple.com <ddkilzer@apple.com@268f45cc-cd09-0410-ab3c-d52691b4dbfc>
Wed, 9 Jan 2019 00:56:35 +0000 (00:56 +0000)
<https://webkit.org/b/193264>
<rdar://problem/46651026>

Reviewed by Yusuke Suzuki.

* parser/VariableEnvironment.cpp:
(JSC::CompactVariableMap::Handle::~Handle): Call delete on
m_environment instead of fastFree() to make sure the destructors
for the Vector instance variables are run.  This fixes the leaks
because calling fastFree() would only free the
CompactVariableEnvironment object, but not the heap-based
buffers allocated for the Vector instance variables.

git-svn-id: https://svn.webkit.org/repository/webkit/trunk@239755 268f45cc-cd09-0410-ab3c-d52691b4dbfc

Source/JavaScriptCore/ChangeLog
Source/JavaScriptCore/parser/VariableEnvironment.cpp

index 210d0be..d6fce9f 100644 (file)
@@ -1,3 +1,19 @@
+2019-01-08  David Kilzer  <ddkilzer@apple.com>
+
+        Leak of VectorBufferBase.m_buffer (16-64 bytes) under JSC::CompactVariableEnvironment in com.apple.WebKit.WebContent running layout tests
+        <https://webkit.org/b/193264>
+        <rdar://problem/46651026>
+
+        Reviewed by Yusuke Suzuki.
+
+        * parser/VariableEnvironment.cpp:
+        (JSC::CompactVariableMap::Handle::~Handle): Call delete on
+        m_environment instead of fastFree() to make sure the destructors
+        for the Vector instance variables are run.  This fixes the leaks
+        because calling fastFree() would only free the
+        CompactVariableEnvironment object, but not the heap-based
+        buffers allocated for the Vector instance variables.
+
 2019-01-08  Joseph Pecoraro  <pecoraro@apple.com>
 
         ASSERT when paused in debugger and console evaluation causes exception
index 24fd233..a395ff5 100644 (file)
@@ -179,7 +179,7 @@ CompactVariableMap::Handle::~Handle()
     if (!iter->value) {
         ASSERT(m_environment == &iter->key.environment());
         m_map->m_map.remove(iter);
-        fastFree(m_environment);
+        delete m_environment;
     }
 }