This was actually a memory leak in the hidden class implementation, but
it was mostly visible in the @synchronized implementation. Every hidden
class registered a custom .cxx_destruct method, to handle cleanup of all
of the hidden class structures. Unfortunately, this destructor failed
to delete the reflection metadata structures associated with the class,
specifically the objc_method_list containing the objc_method pointing to
the destructor itself.
Fixes#98
We were leaving the isa pointer pointing to the deleted class and were
then following its super_class pointer, both of which are potentially
serious. This didn't show up on FreeBSD, because the relevant memory
was always returned to a thread-local pool and the accesses were
immediately afterwards, so it always worked. It broke with malloc
implementations that were more aggressive about checking for
use-after-free.
Every class is either a class or a metaclass, it doesn't make sense to
use two flags to store one bit of data.
Also remove the newabi flag from classes in the v2 ABI, where it's
redundant.
Without this fix, we would lose associated objects silently after adding
the 11th. We would also allocate full pages for each object after the
11th because we couldn't find empty slots.
Frederik Seiffert
David Chisnall
David Chisnall
Dustin Howett
David Chisnall
theraven