From Kyle Ambroff-Kao <kyle@xxxxxxxxxxxxxx>:
Kyle Ambroff-Kao has uploaded this change for review. (
https://review.haiku-os.org/c/haiku/+/2060 ;)
Change subject: support/String: Revert 6c67c7d63 to fix double-free
......................................................................
support/String: Revert 6c67c7d63 to fix double-free
6c67c7d63 was attempting to fix a leak caught by a static analysis
tool, but it actually just introduced a double-free bug. Running
`UnitTester BString` will result in a crash..
The original code was correct because, in the event that realloc()
fails in BString::_Resize(), the value of fPrivateData is still
retained. It will be freed by the destructor of BString only if
fPrivateData is not shared by another BString instance, since BStrings
are copy-on-write.
Note that while the change in 6c67c7d63 caused tests to fail, that
doesn't mean those tests are ideal. They only trigger
BString::_Resize() to fail because they depend on implementation
details of hoard2 where on implementation details of hoard2 which
limit allocations via malloc() to 1GB. Most malloc() implementations
will allow allocations of arbitrary sizes using anonymous
mappings (mmap on Linux, or create_area() in Haiku). This is a much
bigger change, so for now I'm just adding some comments so that we can
revisit these tests if we make a change to the allocator.
---
M src/kits/support/String.cpp
M src/tests/kits/support/bstring/StringAppendTest.cpp
M src/tests/kits/support/bstring/StringAssignTest.cpp
3 files changed, 18 insertions(+), 8 deletions(-)
git pull ssh://git.haiku-os.org:22/haiku refs/changes/60/2060/1
--
To view, visit https://review.haiku-os.org/c/haiku/+/2060
To unsubscribe, or for help writing mail filters, visit
https://review.haiku-os.org/settings
Gerrit-Project: haiku
Gerrit-Branch: master
Gerrit-Change-Id: I208c1c7a76b6b4409d237b911c62bb3198e49dab
Gerrit-Change-Number: 2060
Gerrit-PatchSet: 1
Gerrit-Owner: Kyle Ambroff-Kao <kyle@xxxxxxxxxxxxxx>
Gerrit-MessageType: newchange
