|Summary:||CoreIPC/ArgumentDecoder should use aligned memory for its internal copy of data|
|Product:||WebKit||Reporter:||Siddharth Mathur <s.mathur>|
|Component:||WebKit2||Assignee:||Siddharth Mathur <s.mathur>|
|Severity:||Normal||CC:||andersca, ap, commit-queue, darin|
|Version:||528+ (Nightly build)|
|OS:||S60 3rd edition|
|Bug Depends on:|
Description Siddharth Mathur 2011-05-02 14:11:54 PDT
While debugging erratic page loading issues with the Symbian port of WebKit2 (patch in Bug 55877) , I observed that in ArgumentDecoder::initialize(), the fastMalloc will return an arbitrarily aligned address. m_buffer = static_cast<uint8_t*>(fastMalloc(bufferSize)); However, soon enough we attempt to unpack a uint64_t in the same function .. decodeUInt64(m_destinationID); .. and call alignBufferPosition(8, 8) which leads to a check of the alignment of the base address. For small messages (size 9 in my case), this leads to markInvalid() being called and then bad things happen with the state of the 2 processes. We should consider changing the fastMalloc(bufferSize) code to a slightly larger sized allocation which guarantees sizeof(uin64_t) alignment of the base address m_buffer.
Comment 2 Anders Carlsson 2011-05-03 10:28:38 PDT
Comment on attachment 92080 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=92080&action=review > Source/WebKit2/ChangeLog:1 > +2011-05-03 Siddharth Mathur <siddharth mathur> No e-mail address here. > Source/WebKit2/Platform/CoreIPC/ArgumentDecoder.cpp:71 > + m_buffer = roundUpToAlignment(m_allocatedBase, expectedAlignment); If you want, you can assert that m_buffer is aligned here.
Comment 3 Siddharth Mathur 2011-05-03 13:26:30 PDT
Created attachment 92114 [details] Patch with assert and fixed Changelog
Comment 4 WebKit Commit Bot 2011-05-04 09:58:11 PDT
The commit-queue encountered the following flaky tests while processing attachment 92114 [details]: http/tests/xmlhttprequest/remember-bad-password.html bug 51733 (author: email@example.com) The commit-queue is continuing to process your patch.
Comment 5 WebKit Commit Bot 2011-05-04 09:59:39 PDT
Comment on attachment 92114 [details] Patch with assert and fixed Changelog Clearing flags on attachment: 92114 Committed r85755: <http://trac.webkit.org/changeset/85755>
Comment 6 WebKit Commit Bot 2011-05-04 09:59:47 PDT
All reviewed patches have been landed. Closing bug.