[webkit-changes] [181177] trunk/Source/JavaScriptCore

[ggaren]

Title: [181177] trunk/Source/_javascript_Core

Revision

181177

Author

gga...@apple.com

Date

2015-03-06 12:19:47 -0800 (Fri, 06 Mar 2015)

Log Message

2015-03-06  Geoffrey Garen  <gga...@apple.com>

        Fix crashes seen on the the 32-bit buildbots after my last patch.

        Unreviewed.

        * heap/CopiedBlock.h:
        (JSC::CopiedBlock::payload):
        * heap/CopiedSpace.cpp:
        (JSC::CopiedSpace::tryAllocateOversize): Round up to the right alignment,
        since the size of the CopiedBlock class is not guaranteed to be the
        right alignment, and is in fact the wrong alignment on 32-bit.

Modified Paths

• trunk/Source/_javascript_Core/ChangeLog
• trunk/Source/_javascript_Core/heap/CopiedBlock.h
• trunk/Source/_javascript_Core/heap/CopiedSpace.cpp

Diff

Modified: trunk/Source/_javascript_Core/ChangeLog (181176 => 181177)

--- trunk/Source/_javascript_Core/ChangeLog	2015-03-06 20:13:46 UTC (rev 181176)
+++ trunk/Source/_javascript_Core/ChangeLog	2015-03-06 20:19:47 UTC (rev 181177)
@@ -1,3 +1,16 @@
+2015-03-06  Geoffrey Garen  <gga...@apple.com>
+
+        Fix crashes seen on the the 32-bit buildbots after my last patch.
+
+        Unreviewed.
+
+        * heap/CopiedBlock.h:
+        (JSC::CopiedBlock::payload):
+        * heap/CopiedSpace.cpp:
+        (JSC::CopiedSpace::tryAllocateOversize): Round up to the right alignment,
+        since the size of the CopiedBlock class is not guaranteed to be the
+        right alignment, and is in fact the wrong alignment on 32-bit.
+
 2015-03-05  Geoffrey Garen  <gga...@apple.com>
 
         Use FastMalloc (bmalloc) instead of BlockAllocator for GC pages

Modified: trunk/Source/_javascript_Core/heap/CopiedBlock.h (181176 => 181177)

--- trunk/Source/_javascript_Core/heap/CopiedBlock.h	2015-03-06 20:13:46 UTC (rev 181176)
+++ trunk/Source/_javascript_Core/heap/CopiedBlock.h	2015-03-06 20:19:47 UTC (rev 181177)
@@ -228,7 +228,7 @@
 
 inline char* CopiedBlock::payload()
 {
-    return reinterpret_cast<char*>(this) + ((sizeof(CopiedBlock) + 7) & ~7);
+    return reinterpret_cast<char*>(this) + WTF::roundUpToMultipleOf<sizeof(double)>(sizeof(CopiedBlock));
 }
 
 inline char* CopiedBlock::payloadEnd()

Modified: trunk/Source/_javascript_Core/heap/CopiedSpace.cpp (181176 => 181177)

--- trunk/Source/_javascript_Core/heap/CopiedSpace.cpp	2015-03-06 20:13:46 UTC (rev 181176)
+++ trunk/Source/_javascript_Core/heap/CopiedSpace.cpp	2015-03-06 20:19:47 UTC (rev 181177)
@@ -99,7 +99,7 @@
 {
     ASSERT(isOversize(bytes));
     
-    CopiedBlock* block = CopiedBlock::create(sizeof(CopiedBlock) + bytes);
+    CopiedBlock* block = CopiedBlock::create(WTF::roundUpToMultipleOf<sizeof(double)>(sizeof(CopiedBlock) + bytes));
     m_newGen.oversizeBlocks.push(block);
     m_newGen.blockFilter.add(reinterpret_cast<Bits>(block));
     m_blockSet.add(block);

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
https://lists.webkit.org/mailman/listinfo/webkit-changes