[webkit-changes] [134286] branches/safari-536.28-branch/Source/WebKit2

[lforschler]

Title: [134286] branches/safari-536.28-branch/Source/WebKit2

Revision

134286

Author

lforsch...@apple.com

Date

2012-11-12 12:44:24 -0800 (Mon, 12 Nov 2012)

Log Message

Merged r133379.  <rdar://problem/12632315>

Modified Paths

branches/safari-536.28-branch/Source/WebKit2/ChangeLog
branches/safari-536.28-branch/Source/WebKit2/Platform/CoreIPC/ArgumentDecoder.cpp

Diff

Modified: branches/safari-536.28-branch/Source/WebKit2/ChangeLog (134285 => 134286)

--- branches/safari-536.28-branch/Source/WebKit2/ChangeLog	2012-11-12 20:41:30 UTC (rev 134285)
+++ branches/safari-536.28-branch/Source/WebKit2/ChangeLog	2012-11-12 20:44:24 UTC (rev 134286)
@@ -1,5 +1,25 @@
 2012-11-12  Lucas Forschler  <lforsch...@apple.com>
 
+        Merge r133379
+
+    2012-11-02  Anders Carlsson  <ander...@apple.com>
+
+            Very speculative ArgumentDecoder crash fix
+            https://bugs.webkit.org/show_bug.cgi?id=101130
+            <rdar://problem/11917046>
+
+            Reviewed by Sam Weinig.
+
+            Switch from fastMalloc/fastFree to system malloc/free in the hopes that it'll give more information about
+            a crash inside TCMalloc when freeing the argument data. (It seems unlikely that this is a bug in TCMalloc, but
+            switching to the system malloc could potentially give better error reporting).
+
+            * Platform/CoreIPC/ArgumentDecoder.cpp:
+            (CoreIPC::ArgumentDecoder::~ArgumentDecoder):
+            (CoreIPC::ArgumentDecoder::initialize):
+
+2012-11-12  Lucas Forschler  <lforsch...@apple.com>
+
         Merge r131018
 
     2012-10-10  Jer Noble  <jer.no...@apple.com>
@@ -47859,3 +47879,4 @@
 .
 .
 .
+.

Modified: branches/safari-536.28-branch/Source/WebKit2/Platform/CoreIPC/ArgumentDecoder.cpp (134285 => 134286)

--- branches/safari-536.28-branch/Source/WebKit2/Platform/CoreIPC/ArgumentDecoder.cpp	2012-11-12 20:41:30 UTC (rev 134285)
+++ branches/safari-536.28-branch/Source/WebKit2/Platform/CoreIPC/ArgumentDecoder.cpp	2012-11-12 20:44:24 UTC (rev 134286)
@@ -46,7 +46,7 @@
 ArgumentDecoder::~ArgumentDecoder()
 {
     ASSERT(m_allocatedBase);
-    fastFree(m_allocatedBase);
+    free(m_allocatedBase);
 #if !USE(UNIX_DOMAIN_SOCKETS)
     // FIXME: We need to dispose of the mach ports in cases of failure.
 #else
@@ -69,7 +69,7 @@
 {
     // This is the largest primitive type we expect to unpack from the message.
     const size_t expectedAlignment = sizeof(uint64_t);
-    m_allocatedBase = static_cast<uint8_t*>(fastMalloc(bufferSize + expectedAlignment));
+    m_allocatedBase = static_cast<uint8_t*>(malloc(bufferSize + expectedAlignment));
     m_buffer = roundUpToAlignment(m_allocatedBase, expectedAlignment);
     ASSERT(!(reinterpret_cast<uintptr_t>(m_buffer) % expectedAlignment));
 

_______________________________________________
webkit-changes mailing list
webkit-changes@lists.webkit.org
http://lists.webkit.org/mailman/listinfo/webkit-changes