Bug 180425

Summary: IsoAlignedMemoryAllocator needs to free all of its memory when the VM destructs
Product: WebKit Reporter: Filip Pizlo <fpizlo>
Component: JavaScriptCoreAssignee: Filip Pizlo <fpizlo>
Status: RESOLVED FIXED    
Severity: Normal CC: ap, ews-watchlist, keith_miller, mark.lam, msaboff, saam, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: WebKit Nightly Build   
Hardware: All   
OS: All   
See Also: https://bugs.webkit.org/show_bug.cgi?id=179288
Attachments:
Description Flags
the patch saam: review+

Description Filip Pizlo 2017-12-05 08:38:32 PST 
...
Comment 1 Filip Pizlo 2017-12-05 08:55:42 PST 
Otherwise we will have leaks due to iso-allocated MarkedBlocks from workers, like here:

https://build.webkit.org/LeaksViewer/?url=%2Fresults%2FApple%20High%20Sierra%20%28Leaks%29%2Fr225314%20%281178%29%2F
Comment 2 Filip Pizlo 2017-12-05 13:32:03 PST 
Created attachment 328491 [details]
the patch
Comment 3 Saam Barati 2017-12-05 13:36:14 PST 
Comment on attachment 328491 [details]
the patch

View in context: https://bugs.webkit.org/attachment.cgi?id=328491&action=review

> Source/JavaScriptCore/heap/IsoAlignedMemoryAllocator.cpp:64
> +    if (!result)
> +        return nullptr;

Lets make the above "tryFastAlignedMalloc"
Comment 4 Filip Pizlo 2017-12-05 13:45:52 PST 
Comment on attachment 328491 [details]
the patch

View in context: https://bugs.webkit.org/attachment.cgi?id=328491&action=review

> Source/JavaScriptCore/heap/IsoAlignedMemoryAllocator.cpp:41
> +        free(block);

Also, I should call fastFree here.
Comment 5 Filip Pizlo 2017-12-05 13:55:26 PST 
Landed in https://trac.webkit.org/changeset/225540/webkit
Comment 6 Radar WebKit Bug Importer 2017-12-05 13:56:21 PST 
<rdar://problem/35863996>