1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
|
# HG changeset patch
# User Nicholas Nethercote <nnethercote@mozilla.com>
# Date 1383798497 -39600
# Thu Nov 07 15:28:17 2013 +1100
# Node ID fcfdc49d52489b12a4e724ce52b2009ff32d8bc0
# Parent 8aa6d9c79371db8e92214025cbfa5f116a607c07
Bug 634417 - Remove inappropriate uses of vanilla malloc/calloc/realloc/free/strdup from SpiderMonkey.
diff --git a/js/public/Utility.h b/js/public/Utility.h
--- a/js/public/Utility.h
+++ b/js/public/Utility.h
@@ -110,6 +110,8 @@ PrintBacktrace()
fprintf(stderr, "#%d %s\n", OOM_traceIdx, OOM_traceSymbols[OOM_traceIdx]);
}
+ // This must be free(), not js_free(), because backtrace_symbols()
+ // allocates with malloc().
free(OOM_traceSymbols);
}
diff --git a/js/src/TraceLogging.cpp b/js/src/TraceLogging.cpp
--- a/js/src/TraceLogging.cpp
+++ b/js/src/TraceLogging.cpp
@@ -104,7 +104,7 @@ TraceLogging::~TraceLogging()
if (entries != NULL) {
flush();
- free(entries);
+ js_free(entries);
entries = NULL;
}
}
@@ -112,7 +112,7 @@ TraceLogging::~TraceLogging()
void
TraceLogging::grow()
{
- Entry* nentries = (Entry*) realloc(entries, numEntries*2*sizeof(Entry));
+ Entry* nentries = (Entry*) js_realloc(entries, numEntries*2*sizeof(Entry));
// Allocating a bigger array failed.
// Keep using the current storage, but remove all entries by flushing them.
@@ -132,7 +132,7 @@ TraceLogging::log(Type type, const char*
// Create array containing the entries if not existing.
if (entries == NULL) {
- entries = (Entry*) malloc(numEntries*sizeof(Entry));
+ entries = (Entry*) js_malloc(numEntries*sizeof(Entry));
if (entries == NULL)
return;
}
@@ -214,7 +214,7 @@ TraceLogging::flush()
}
if (entries[i].file() != NULL) {
- free(entries[i].file());
+ js_free(entries[i].file());
entries[i].file_ = NULL;
}
}
diff --git a/js/src/assembler/assembler/AssemblerBuffer.h b/js/src/assembler/assembler/AssemblerBuffer.h
--- a/js/src/assembler/assembler/AssemblerBuffer.h
+++ b/js/src/assembler/assembler/AssemblerBuffer.h
@@ -73,7 +73,7 @@ namespace JSC {
~AssemblerBuffer()
{
if (m_buffer != m_inlineBuffer)
- free(m_buffer);
+ js_free(m_buffer);
}
void ensureSpace(int space)
@@ -225,7 +225,7 @@ namespace JSC {
}
if (m_buffer == m_inlineBuffer) {
- newBuffer = static_cast<char*>(malloc(newCapacity));
+ newBuffer = static_cast<char*>(js_malloc(newCapacity));
if (!newBuffer) {
m_size = 0;
m_oom = true;
@@ -233,7 +233,7 @@ namespace JSC {
}
memcpy(newBuffer, m_buffer, m_size);
} else {
- newBuffer = static_cast<char*>(realloc(m_buffer, newCapacity));
+ newBuffer = static_cast<char*>(js_realloc(m_buffer, newCapacity));
if (!newBuffer) {
m_size = 0;
m_oom = true;
diff --git a/js/src/assembler/assembler/AssemblerBufferWithConstantPool.h b/js/src/assembler/assembler/AssemblerBufferWithConstantPool.h
--- a/js/src/assembler/assembler/AssemblerBufferWithConstantPool.h
+++ b/js/src/assembler/assembler/AssemblerBufferWithConstantPool.h
@@ -106,14 +106,14 @@ public:
, m_lastConstDelta(0)
, m_flushCount(0)
{
- m_pool = static_cast<uint32_t*>(malloc(maxPoolSize));
- m_mask = static_cast<char*>(malloc(maxPoolSize / sizeof(uint32_t)));
+ m_pool = static_cast<uint32_t*>(js_malloc(maxPoolSize));
+ m_mask = static_cast<char*>(js_malloc(maxPoolSize / sizeof(uint32_t)));
}
~AssemblerBufferWithConstantPool()
{
- free(m_mask);
- free(m_pool);
+ js_free(m_mask);
+ js_free(m_pool);
}
void ensureSpace(int space)
diff --git a/js/src/builtin/Profilers.cpp b/js/src/builtin/Profilers.cpp
--- a/js/src/builtin/Profilers.cpp
+++ b/js/src/builtin/Profilers.cpp
@@ -498,10 +498,15 @@ JSBool js_StartPerf()
flags = "--call-graph";
}
- // Split |flags| on spaces. (Don't bother to free it -- we're going to
+ char *flags2 = (char *)js_malloc(strlen(flags) + 1);
+ if (!flags2)
+ return false;
+ strcpy(flags2, flags);
+
+ // Split |flags2| on spaces. (Don't bother to free it -- we're going to
// exec anyway.)
char *toksave;
- char *tok = strtok_r(strdup(flags), " ", &toksave);
+ char *tok = strtok_r(flags2, " ", &toksave);
while (tok) {
args.append(tok);
tok = strtok_r(NULL, " ", &toksave);
diff --git a/js/src/jit/AsmJS.cpp b/js/src/jit/AsmJS.cpp
--- a/js/src/jit/AsmJS.cpp
+++ b/js/src/jit/AsmJS.cpp
@@ -1172,7 +1172,7 @@ class MOZ_STACK_CLASS ModuleCompiler
JS_ASSERT(str);
JS_ASSERT(pn);
errorNode_ = pn;
- errorString_ = strdup(str);
+ errorString_ = js_strdup(cx_, str);
return false;
}
diff --git a/js/src/jit/MIR.cpp b/js/src/jit/MIR.cpp
--- a/js/src/jit/MIR.cpp
+++ b/js/src/jit/MIR.cpp
@@ -642,7 +642,7 @@ MPhi::reserveLength(size_t length)
{
// Initializes a new MPhi to have an Operand vector of at least the given
// capacity. This permits use of addInput() instead of addInputSlow(), the
- // latter of which may call realloc().
+ // latter of which may call realloc_().
JS_ASSERT(numOperands() == 0);
#if DEBUG
capacity_ = length;
@@ -788,7 +788,7 @@ MPhi::addInputSlow(MDefinition *ins, boo
uint32_t index = inputs_.length();
bool performingRealloc = !inputs_.canAppendWithoutRealloc(1);
- // Remove all MUses from all use lists, in case realloc() moves.
+ // Remove all MUses from all use lists, in case realloc_() moves.
if (performingRealloc) {
for (uint32_t i = 0; i < index; i++) {
MUse *use = &inputs_[i];
diff --git a/js/src/jit/MIR.h b/js/src/jit/MIR.h
--- a/js/src/jit/MIR.h
+++ b/js/src/jit/MIR.h
@@ -3677,7 +3677,7 @@ class MPhi : public MDefinition, public
// Use only if capacity has been reserved by reserveLength
void addInput(MDefinition *ins);
- // Appends a new input to the input vector. May call realloc().
+ // Appends a new input to the input vector. May call realloc_().
// Prefer reserveLength() and addInput() instead, where possible.
bool addInputSlow(MDefinition *ins, bool *ptypeChange = NULL);
diff --git a/js/src/jsprf.cpp b/js/src/jsprf.cpp
--- a/js/src/jsprf.cpp
+++ b/js/src/jsprf.cpp
@@ -368,7 +368,7 @@ cvt_ws(SprintfState *ss, const jschar *w
int result;
/*
* Supply NULL as the JSContext; errors are not reported,
- * and malloc() is used to allocate the buffer buffer.
+ * and js_malloc() is used to allocate the buffer buffer.
*/
if (ws) {
size_t wslen = js_strlen(ws);
@@ -443,7 +443,7 @@ static struct NumArgState* BuildArgArray
if( number > NAS_DEFAULT_NUM ){
- nas = (struct NumArgState*)malloc( number * sizeof( struct NumArgState ) );
+ nas = (struct NumArgState*)js_malloc( number * sizeof( struct NumArgState ) );
if( !nas ){
*rv = -1;
return NULL;
@@ -1038,7 +1038,7 @@ JS_PUBLIC_API(uint32_t) JS_vsxprintf(JSS
}
/*
-** Stuff routine that automatically grows the malloc'd output buffer
+** Stuff routine that automatically grows the js_malloc'd output buffer
** before it overflows.
*/
static int GrowStuff(SprintfState *ss, const char *sp, uint32_t len)
@@ -1075,7 +1075,7 @@ static int GrowStuff(SprintfState *ss, c
}
/*
-** sprintf into a malloc'd buffer
+** sprintf into a js_malloc'd buffer
*/
JS_PUBLIC_API(char *) JS_smprintf(const char *fmt, ...)
{
diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
--- a/js/src/shell/js.cpp
+++ b/js/src/shell/js.cpp
@@ -284,7 +284,7 @@ GetLine(FILE *file, const char * prompt)
}
if (len + 1 == size) {
size = size * 2;
- char *tmp = (char *) realloc(buffer, size);
+ char *tmp = (char *) js_realloc(buffer, size);
if (!tmp) {
free(buffer);
return NULL;
@@ -329,7 +329,7 @@ NewContextData()
return NULL;
JSShellContextData *data = (JSShellContextData *)
- calloc(sizeof(JSShellContextData), 1);
+ js_calloc(sizeof(JSShellContextData), 1);
if (!data)
return NULL;
data->startTime = PRMJ_Now();
|
