Bug 128655

Summary: VerifyMarked functor is wrong during EdenCollections
Product: WebKit Reporter: Mark Hahnenberg <mhahnenberg>
Component: JavaScriptCoreAssignee: Mark Lam <mark.lam>
Status: ASSIGNED    
Severity: Normal CC: mark.lam, mhahnenberg, webkit-bug-importer
Priority: P2 Keywords: InRadar
Version: 528+ (Nightly build)   
Hardware: Unspecified   
OS: Unspecified   
Bug Depends on:    
Bug Blocks: 129067    

Mark Hahnenberg
Reported 2014-02-11 22:12:20 PST
We should think about the invariants for the MarkedBlock's BlockState.
Attachments
Add attachment proposed patch, testcase, etc.
Mark Hahnenberg
Comment 1 2014-02-11 22:14:13 PST
To be more specific, blocks whose marks aren't cleared during an EdenCollection could potentially still be in the Allocated block state. Historically the invariant has been that all blocks after a collection are in the MarkedState. It might be the case that we can relax this invariant for EdenCollections.
Mark Hahnenberg
Comment 2 2014-02-11 22:14:49 PST
(In reply to comment #1) > MarkedState Marked state.
Mark Lam
Comment 3 2014-02-19 15:24:39 PST
This issue can be easily reproduced by applying the patch at <https://webkit.org/b/129067>, and running testapi on a 64-bit debug build.
Radar WebKit Bug Importer
Comment 4 2014-02-19 15:25:39 PST
<rdar://problem/16115197>
Note You need to log in before you can comment on or make changes to this bug.