Bug 80912

Summary: BumpPointerAllocator assumes page size is less than MINIMUM_BUMP_POOL_SIZE
Product: WebKit Reporter: Myles C. Maxfield <litherum>
Component: JavaScriptCoreAssignee: Nobody <webkit-unassigned>
Status: RESOLVED FIXED    
Severity: Normal CC: barraclough, webkit.review.bot
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Attachments:
Description Flags
Patch none

Description Myles C. Maxfield 2012-03-12 17:39:49 PDT
In BumpPointerPool::create(), poolSize is set to MINIMUM_BUMP_POOL_SIZE and then passed to PageAllocation::allocate(). If this value is not divisible by WTF::pageSize() (or, if the page size is larger than poolSize) allocate() crashes because of ASSERT(isPageAligned(size)).
Comment 1 Myles C. Maxfield 2012-03-13 10:50:33 PDT
Created attachment 131664 [details]
Patch
Comment 2 Myles C. Maxfield 2012-03-20 17:46:27 PDT
What can I do to get this submitted? According to http://www.webkit.org/quality/lifecycle.html it should be automatically submitted, but this hasn't happened.

Thanks,
Myles
Comment 3 Myles C. Maxfield 2012-04-16 12:13:52 PDT
Ping?
Comment 4 WebKit Review Bot 2012-04-17 20:42:59 PDT
Comment on attachment 131664 [details]
Patch

Clearing flags on attachment: 131664

Committed r114477: <http://trac.webkit.org/changeset/114477>
Comment 5 WebKit Review Bot 2012-04-17 20:43:03 PDT
All reviewed patches have been landed.  Closing bug.