[Webkit-unassigned] [Bug 59960] New: CoreIPC/ArgumentDecoder should use aligned memory for its internal copy of data

[bugzilla-daemon at webkit.org]

https://bugs.webkit.org/show_bug.cgi?id=59960

           Summary: CoreIPC/ArgumentDecoder should use aligned memory for
                    its internal copy of data
           Product: WebKit
           Version: 528+ (Nightly build)
          Platform: S60 Hardware
        OS/Version: S60 3rd edition
            Status: NEW
          Severity: Normal
          Priority: P2
         Component: WebKit2
        AssignedTo: webkit-unassigned at lists.webkit.org
        ReportedBy: siddharth.mathur at nokia.com
                CC: andersca at apple.com


While debugging erratic page loading issues with the Symbian port of WebKit2 (patch in Bug 55877) ,  
I observed that in ArgumentDecoder::initialize(), the fastMalloc will return an arbitrarily aligned address. 
    m_buffer = static_cast<uint8_t*>(fastMalloc(bufferSize)); 

However, soon enough we attempt to unpack a uint64_t in the same function .. 
   decodeUInt64(m_destinationID);

.. and call alignBufferPosition(8, 8) which leads to a check of the alignment of the base address. 

For small messages (size 9 in my case), this leads to markInvalid() being called and then bad things happen with the state of the 2 processes. 

We should consider changing the fastMalloc(bufferSize) code to a slightly larger sized allocation which guarantees sizeof(uin64_t) alignment of the base address m_buffer.

-- 
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.