RESOLVED FIXED 144815
Creating a large MarkedBlock sometimes results in more than one cell in the block 
https://bugs.webkit.org/show_bug.cgi?id=144815
Summary Creating a large MarkedBlock sometimes results in more than one cell in the b...
Michael Saboff
Reported 2015-05-08 14:39:44 PDT
The large block allocator is designed so that only one block should be in a MarkedBlock. In some cases the current code can allocate a large MarkedBlock that has 2 cells. Things fall over dead when this happens. rdar://problem/20764509
Attachments
Patch (1.67 KB, patch)
2015-05-08 15:22 PDT, Michael Saboff 		mark.lam: review+
DetailsFormatted DiffDiff
View All Add attachment proposed patch, testcase, etc.
Michael Saboff
Comment 1 2015-05-08 15:22:55 PDT
Created attachment 252752 [details] Patch
Mark Lam
Comment 2 2015-05-08 15:24:51 PDT
Comment on attachment 252752 [details] Patch r=me
Mark Lam
Comment 3 2015-05-08 15:25:46 PDT
Comment on attachment 252752 [details] Patch View in context: https://bugs.webkit.org/attachment.cgi?id=252752&action=review > Source/JavaScriptCore/ChangeLog:9 > + m_endAtom for large blocks to use the location of the first block + 1. This s/first block/first cell/
Michael Saboff
Comment 4 2015-05-08 15:27:20 PDT
(In reply to comment #3) > Comment on attachment 252752 [details] > Patch > > View in context: > https://bugs.webkit.org/attachment.cgi?id=252752&action=review > > > Source/JavaScriptCore/ChangeLog:9 > > + m_endAtom for large blocks to use the location of the first block + 1. This > > s/first block/first cell/ Fixed locally.
Michael Saboff
Comment 5 2015-05-08 15:55:44 PDT
Committed r184019: <http://trac.webkit.org/changeset/184019>
Note You need to log in before you can comment on or make changes to this bug.