Bug 53393

Summary: Simplified Heap iteration
Product: WebKit Reporter: Geoffrey Garen <ggaren>
Component: New BugsAssignee: Geoffrey Garen <ggaren>
Status: RESOLVED FIXED    
Severity: Normal CC: alex
Priority: P2    
Version: 528+ (Nightly build)   
Hardware: Other   
OS: OS X 10.5   
Attachments:
Description Flags
Patch zwarich: review+

Description Geoffrey Garen 2011-01-29 22:13:24 PST
Simplified Heap iteration
Comment 1 Geoffrey Garen 2011-01-29 22:21:00 PST
Created attachment 80588 [details]
Patch
Comment 2 Geoffrey Garen 2011-01-29 22:23:22 PST
Committed r77082: <http://trac.webkit.org/changeset/77082>
Comment 3 Alejandro G. Castro 2011-01-31 11:10:47 PST
Apparently after this patch and the other committed at the same point (r77081 and r77082) we have problems with the inspector tests in an assertion (GTK+ 32bits debug bot):

ASSERTION FAILED: !JSDebugWrapperSet::shared().contains(wrapper)
(../../Source/WebCore/bindings/js/JSDebugWrapperSet.h:73 static void WebCore::JSDebugWrapperSet::willCacheWrapper(WebCore::DOMObject*))

Any idea of what could be causing the issue?

http://build.webkit.org/results/GTK%20Linux%2032-bit%20Debug/r77136%20(13539)/inspector/extensions-resources-stderr.txt
Comment 4 Geoffrey Garen 2011-01-31 14:39:52 PST
I think this patch may have caused random crashes on the WebKit2 bot as well:

Exception Type:  EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000124700030
Crashed Thread:  0  Dispatch queue: com.apple.main-thread

Thread 0 Crashed:  Dispatch queue: com.apple.main-thread
0   com.apple.JavaScriptCore      	0x0000000100ca77d4 JSC::JSGlobalObject::d() const + 12 (JSGlobalObject.h:261)
1   com.apple.JavaScriptCore      	0x0000000100c5bf0f JSC::JSGlobalObject::~JSGlobalObject() + 315 (JSGlobalObject.cpp:108)
2   com.apple.WebCore             	0x0000000101a329d1 WebCore::JSDOMGlobalObject::~JSDOMGlobalObject() + 39 (JSDOMGlobalObject.h:44)
3   com.apple.WebCore             	0x0000000101a32a15 WebCore::JSDOMWindowBase::~JSDOMWindowBase() + 39 (JSDOMWindowBase.h:44)
4   com.apple.WebCore             	0x0000000101a2c528 WebCore::JSDOMWindow::~JSDOMWindow() + 60 (JSDOMWindow.cpp:1092)
5   com.apple.JavaScriptCore      	0x0000000100cae2eb JSC::MarkedSpace::freeBlock(unsigned long) + 85 (MarkedSpace.cpp:96)
6   com.apple.JavaScriptCore      	0x0000000100cae499 JSC::MarkedSpace::shrinkBlocks(unsigned long) + 195 (MarkedSpace.cpp:176)
7   com.apple.JavaScriptCore      	0x0000000100cae8f1 JSC::MarkedSpace::resizeBlocks() + 405 (MarkedSpace.cpp:157)
8   com.apple.JavaScriptCore      	0x0000000100cae920 JSC::MarkedSpace::reset() + 44 (MarkedSpace.cpp:299)
9   com.apple.JavaScriptCore      	0x0000000100bf02a6 JSC::Heap::reset(JSC::Heap::SweepToggle) + 132 (Heap.cpp:382)
10  com.apple.JavaScriptCore      	0x0000000100bf030a JSC::Heap::collectAllGarbage() + 26 (Heap.cpp:370)
11  com.apple.WebCore             	0x000000010178d973 WebCore::collect(void*) + 44 (GCController.cpp:47)
12  com.apple.WebCore             	0x000000010178d9ee WebCore::GCController::gcTimerFired(WebCore::Timer<WebCore::GCController>*) + 26 (GCController.cpp:70)
Comment 5 Geoffrey Garen 2011-01-31 14:40:25 PST
Actually, it seems like 77081, and not 77082, was to blame. I will try rolling out 77081.