[webkit-changes] [WebKit/WebKit] a89290: Require MallocPtr parameter type to be trivially d...

Thu, 17 Jul 2025 14:15:04 -0700 

  Branch: refs/heads/main
  Home:   https://github.com/WebKit/WebKit
  Commit: a892900ddc2177f2283f274756a5816d8a5208f1
      
https://github.com/WebKit/WebKit/commit/a892900ddc2177f2283f274756a5816d8a5208f1
  Author: Vassili Bykov <v_by...@apple.com>
  Date:   2025-07-17 (Thu, 17 Jul 2025)

  Changed paths:
    M Source/JavaScriptCore/bytecode/ExpressionInfo.h
    M Source/JavaScriptCore/runtime/CachedTypes.cpp
    M Source/JavaScriptCore/runtime/VM.h
    M Source/JavaScriptCore/wasm/WasmTable.cpp
    M Source/JavaScriptCore/wasm/WasmTable.h
    M Source/WTF/wtf/MallocPtr.h

  Log Message:
  -----------
  Require MallocPtr parameter type to be trivially destructible, correctly 
destroy FuncRefTable
https://bugs.webkit.org/show_bug.cgi?id=294022
rdar://152575154

Reviewed by Keith Miller.

This patch changes `MallocPtr` to require the parameter type `T` to be 
trivially destructible.

The usage of `MallocPtr` in `WasmTable` which was responsible for a callee leak 
is now
incompatible with that requirement. `WasmTable` is changed to use 
`std::unique_ptr`
with a custom deleter that correctly destroys the table contents.

Additionally, `VM` is changed to use a `FixedVector` instead of a `MallocPtr` 
to allocate
the exception fuzzing buffer.

* Source/JavaScriptCore/bytecode/ExpressionInfo.h:
* Source/JavaScriptCore/runtime/CachedTypes.cpp:
* Source/JavaScriptCore/runtime/VM.h:
(JSC::VM::exceptionFuzzingBuffer):
* Source/JavaScriptCore/wasm/WasmTable.cpp:
(JSC::Wasm::reallocate):
(JSC::Wasm::Table::grow):
(JSC::Wasm::ExternOrAnyRefTable::ExternOrAnyRefTable):
(JSC::Wasm::FuncRefTable::FuncRefTable):
(JSC::Wasm::FuncRefTable::~FuncRefTable): Deleted.
* Source/JavaScriptCore/wasm/WasmTable.h:
(JSC::Wasm::Table::StorageDeleter::operator()):
* Source/WTF/wtf/MallocPtr.h:

Canonical link: https://commits.webkit.org/297550@main



To unsubscribe from these emails, change your notification settings at 
https://github.com/WebKit/WebKit/settings/notifications
_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes

Reply via email to