80912 – BumpPointerAllocator assumes page size is less than MINIMUM_BUMP_POOL_SIZE

Bug 80912 - BumpPointerAllocator assumes page size is less than MINIMUM_BUMP_POOL_SIZE

Summary: BumpPointerAllocator assumes page size is less than MINIMUM_BUMP_POOL_SIZE

Status:	RESOLVED FIXED

Alias:	None

Product:	WebKit
Classification:	Unclassified
Component:	JavaScriptCore (show other bugs)
Version:	528+ (Nightly build)
Hardware:	Unspecified Unspecified

Importance:	P2 Normal
Assignee:	Nobody

URL:
Keywords:

Depends on:
Blocks:

Reported:	2012-03-12 17:39 PDT by Myles C. Maxfield
Modified:	2012-04-17 20:43 PDT (History)
CC List:	2 users (show)

See Also:

Attachments
Patch (1.48 KB, patch) 2012-03-13 10:50 PDT, Myles C. Maxfield	no flags	Details \| Formatted Diff \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Myles C. Maxfield 2012-03-12 17:39:49 PDT

In BumpPointerPool::create(), poolSize is set to MINIMUM_BUMP_POOL_SIZE and then passed to PageAllocation::allocate(). If this value is not divisible by WTF::pageSize() (or, if the page size is larger than poolSize) allocate() crashes because of ASSERT(isPageAligned(size)).

Comment 1 Myles C. Maxfield 2012-03-13 10:50:33 PDT

Created attachment 131664 [details]
Patch

Comment 2 Myles C. Maxfield 2012-03-20 17:46:27 PDT

What can I do to get this submitted? According to http://www.webkit.org/quality/lifecycle.html it should be automatically submitted, but this hasn't happened.

Thanks,
Myles

Comment 3 Myles C. Maxfield 2012-04-16 12:13:52 PDT

Ping?

Comment 4 WebKit Review Bot 2012-04-17 20:42:59 PDT

Comment on attachment 131664 [details]
Patch

Clearing flags on attachment: 131664

Committed r114477: <http://trac.webkit.org/changeset/114477>

Comment 5 WebKit Review Bot 2012-04-17 20:43:03 PDT

All reviewed patches have been landed.  Closing bug.