[webkit-changes] [WebKit/WebKit] 55bd5e: [JSC] Refactor Wasm::Table and fix memory leak

Yusuke Suzuki noreply at github.com
Sat Dec 24 14:01:08 PST 2022 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: 55bd5e05561eb0c7c119fce0c90d5c1c1b24fab9
      https://github.com/WebKit/WebKit/commit/55bd5e05561eb0c7c119fce0c90d5c1c1b24fab9
  Author: Yusuke Suzuki <ysuzuki at apple.com>
  Date:   2022-12-24 (Sat, 24 Dec 2022)

  Changed paths:
    M Source/JavaScriptCore/runtime/WriteBarrier.h
    M Source/JavaScriptCore/wasm/WasmFormat.h
    M Source/JavaScriptCore/wasm/WasmOperations.cpp
    M Source/JavaScriptCore/wasm/WasmTable.cpp
    M Source/JavaScriptCore/wasm/WasmTable.h
    M Source/JavaScriptCore/wasm/js/JSWebAssemblyTable.cpp

  Log Message:
  -----------
  [JSC] Refactor Wasm::Table and fix memory leak
https://bugs.webkit.org/show_bug.cgi?id=249861
rdar://103682266

Reviewed by Mark Lam.

This patch refactors Wasm::Table and fixes memory leak.
Previously, FuncRefTable's destructor is not called so
it was leaking memory for functions. This patch integrates
std::destroying_delete so that we can call derived class'
destructor correctly. We also introduce ExternRefTable so
we allocate combined memory (jsValue + functions) for FuncRefTable.

* Source/JavaScriptCore/runtime/WriteBarrier.h:
* Source/JavaScriptCore/wasm/WasmFormat.h:
* Source/JavaScriptCore/wasm/WasmOperations.cpp:
(JSC::Wasm::setWasmTableElement):
* Source/JavaScriptCore/wasm/WasmTable.cpp:
(JSC::Wasm::Table::visitDerived):
(JSC::Wasm::Table::visitDerived const):
(JSC::Wasm::Table::operator delete):
(JSC::Wasm::Table::Table):
(JSC::Wasm::Table::tryCreate):
(JSC::Wasm::Table::grow):
(JSC::Wasm::Table::clear):
(JSC::Wasm::Table::set):
(JSC::Wasm::Table::get const):
(JSC::Wasm::Table::visitAggregateImpl):
(JSC::Wasm::ExternRefTable::ExternRefTable):
(JSC::Wasm::ExternRefTable::clear):
(JSC::Wasm::ExternRefTable::set):
(JSC::Wasm::FuncRefTable::FuncRefTable):
(JSC::Wasm::FuncRefTable::setFunction):
(JSC::Wasm::FuncRefTable::copyFunction):
(JSC::Wasm::FuncRefTable::clear):
(JSC::Wasm::FuncRefTable::set):
* Source/JavaScriptCore/wasm/WasmTable.h:
(JSC::Wasm::FuncRefTable::Function::offsetOfFunction): Deleted.
(JSC::Wasm::FuncRefTable::Function::offsetOfInstance): Deleted.
(JSC::Wasm::FuncRefTable::offsetOfFunctions): Deleted.
* Source/JavaScriptCore/wasm/js/JSWebAssemblyTable.cpp:
(JSC::JSWebAssemblyTable::set):

Canonical link: https://commits.webkit.org/258325@main

More information about the webkit-changes mailing list