[Webkit-unassigned] [Bug 23315] New: Mismatched new[] / delete in ByteArray
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Wed Jan 14 05:43:54 PST 2009
https://bugs.webkit.org/show_bug.cgi?id=23315
Summary: Mismatched new[] / delete in ByteArray
Product: WebKit
Version: 528+ (Nightly build)
Platform: PC
OS/Version: Mac OS X 10.5
Status: UNCONFIRMED
Severity: Normal
Priority: P2
Component: JavaScriptCore
AssignedTo: webkit-unassigned at lists.webkit.org
ReportedBy: deanm at chromium.org
A ByteArray created with ByteArray::create is allocated with new unsigned
char[]. There is then a placement new to initialize the ByteArray object on
top of this memory. ByteArray is RefCounted, so it is eventually destroyed
with delete. In theory to do it properly, the destructor for ByteArray should
be manually called, and then the memory should be freed with delete[].
My reading of the C++ standard allows new/delete and new[]/delete[] to use
completely separate and incompatible allocators, which means it's important
that a buffer allocated with new[] is freed with delete[].
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the webkit-unassigned
mailing list