Bug 128745 - REGRESSION: fast/workers/use-machine-stack.html hits Heap::isMarked(cell) assertion
Summary: REGRESSION: fast/workers/use-machine-stack.html hits Heap::isMarked(cell) ass...
Status: RESOLVED DUPLICATE of bug 128537
Alias: None
Product: WebKit
Classification: Unclassified
Component: JavaScriptCore (show other bugs)
Version: 528+ (Nightly build)
Hardware: Unspecified Unspecified
: P1 Normal
Assignee: Mark Hahnenberg
URL:
Keywords: InRadar, Regression
: 128656 (view as bug list)
Depends on:
Blocks:
 
Reported: 2014-02-13 09:16 PST by Alexey Proskuryakov
Modified: 2014-02-19 11:58 PST (History)
4 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexey Proskuryakov 2014-02-13 09:16:37 PST 
fast/workers/use-machine-stack.html has started to fail (not very frequently) on February 8th, hitting this assertion:

ASSERTION FAILED: Heap::isMarked(cell)
/Volumes/Data/slave/mountainlion-debug/build/Source/JavaScriptCore/heap/SlotVisitorInlines.h(123) : void JSC::SlotVisitor::unconditionallyAppend(JSC::JSCell *)
1   0x10c6a8a90 WTFCrash
2   0x10bfa678d JSC::SlotVisitor::unconditionallyAppend(JSC::JSCell*)
3   0x10c3064dd JSC::Heap::addToRememberedSet(JSC::JSCell const*)
4   0x10c0623d8 JSC::CodeBlockSet::rememberCurrentlyExecutingCodeBlocks(JSC::Heap*)
5   0x10c306b3e JSC::Heap::collect()
6   0x10c2f64c4 JSC::DefaultGCActivityCallback::doWork()
7   0x10c317222 JSC::HeapTimer::timerDidFire(__CFRunLoopTimer*, void*)
8   0x7fff90360804 __CFRUNLOOP_IS_CALLING_OUT_TO_A_TIMER_CALLBACK_FUNCTION__
Comment 1 Radar WebKit Bug Importer 2014-02-13 09:17:14 PST 
<rdar://problem/16059648>
Comment 2 Alexey Proskuryakov 2014-02-13 09:20:05 PST 
Marked as flakily asserting in <http://trac.webkit.org/r164030>.

Looks like all worker tests have regressed last week :-(
Comment 3 Mark Hahnenberg 2014-02-19 11:09:53 PST 
I think this is a dup of bug 128537. What is happening is that CodeBlocks from the Worker virtual machine are being marked as part of the main thread's garbage collection, which confuses our ASSERT later on.

*** This bug has been marked as a duplicate of bug 128537 ***
Comment 4 Mark Hahnenberg 2014-02-19 11:12:22 PST 
*** Bug 128656 has been marked as a duplicate of this bug. ***
Comment 5 Alexey Proskuryakov 2014-02-19 11:58:59 PST 
Nice! Could you please remove it from TestExpectations?