Bug 1302064 - prevent static analysis use after free checker for base. r=luke
authorAndi-Bogdan Postelnicu <bpostelnicu@mozilla.com>
Mon, 12 Sep 2016 16:46:40 +0300
changeset 357062 7f3a9e2318555b99f355f0bd84a0e62c0459ed91
parent 357029 b8b6ed05d041bd151d5df9e9f867fb26baffc0d3
child 357063 4b33830da34cb7b672c50007490bc1a8f441fec0
push id1324
push usermtabara@mozilla.com
push dateMon, 16 Jan 2017 13:07:44 +0000
treeherdermozilla-release@a01c49833940 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersluke
bugs1302064
milestone51.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 1302064 - prevent static analysis use after free checker for base. r=luke MozReview-Commit-ID: KPotPnrAOD9
js/src/vm/ArrayBufferObject.cpp
--- a/js/src/vm/ArrayBufferObject.cpp
+++ b/js/src/vm/ArrayBufferObject.cpp
@@ -619,22 +619,22 @@ WasmArrayRawBuffer::Allocate(uint32_t nu
 /* static */ void
 WasmArrayRawBuffer::Release(void* mem)
 {
     WasmArrayRawBuffer* header = (WasmArrayRawBuffer*)((uint8_t*)mem - sizeof(WasmArrayRawBuffer));
     uint8_t* base = header->basePointer();
     MOZ_RELEASE_ASSERT(header->mappedSize() <= SIZE_MAX - gc::SystemPageSize());
     size_t mappedSizeWithHeader = header->mappedSize() + gc::SystemPageSize();
 
+    MemProfiler::RemoveNative(base);
 # ifdef XP_WIN
     VirtualFree(base, 0, MEM_RELEASE);
 # else  // XP_WIN
     munmap(base, mappedSizeWithHeader);
 # endif  // !XP_WIN
-    MemProfiler::RemoveNative(base);
 
 #  if defined(MOZ_VALGRIND) && defined(VALGRIND_ENABLE_ADDR_ERROR_REPORTING_IN_RANGE)
     VALGRIND_ENABLE_ADDR_ERROR_REPORTING_IN_RANGE(base, mappedSizeWithHeader);
 #  endif
 }
 
 WasmArrayRawBuffer*
 ArrayBufferObject::BufferContents::wasmBuffer() const