RESOLVED FIXED 79419
[WinCairo] Assertion (is8ByteAligned) in JSC::CopiedSpace::getFreshBlock 
https://bugs.webkit.org/show_bug.cgi?id=79419
Summary [WinCairo] Assertion (is8ByteAligned) in JSC::CopiedSpace::getFreshBlock
Brent Fulgham
Reported 2012-02-23 16:31:11 PST
I'm getting an assertion when attempting to run the WinLauncher test application: ntdll.dll!_ZwRaiseException@12() + 0x12 bytes ntdll.dll!_ZwRaiseException@12() + 0x12 bytes > JavaScriptCore.dll!JSC::CopiedSpace::getFreshBlock(JSC::AllocationEffort allocationEffort=AllocationMustSucceed, JSC::CopiedBlock * * outBlock=0x003ef104) Line 259 + 0x3c bytes C++ JavaScriptCore.dll!JSC::CopiedSpace::getFreshBlock(JSC::AllocationEffort allocationEffort=AllocationCanFail, JSC::CopiedBlock * * outBlock=0x003ef14c) Line 252 + 0x12 bytes C++ JavaScriptCore.dll!JSC::CopiedSpace::addNewBlock() Line 103 + 0x12 bytes C++ JavaScriptCore.dll!JSC::CopiedSpace::init() Line 51 + 0xc bytes C++ JavaScriptCore.dll!JSC::Heap::Heap(JSC::JSGlobalData * globalData=0x00b5bfd0, JSC::HeapSize heapSize=LargeHeap) Line 338 C++ JavaScriptCore.dll!JSC::JSGlobalData::JSGlobalData(JSC::JSGlobalData::GlobalDataType globalDataType=Default, JSC::ThreadStackType threadStackType=ThreadStackTypeLarge, JSC::HeapSize heapSize=LargeHeap) Line 167 + 0x707 bytes C++ JavaScriptCore.dll!JSC::JSGlobalData::create(JSC::ThreadStackType type=ThreadStackTypeLarge, JSC::HeapSize heapSize=LargeHeap) Line 331 + 0x28 bytes C++ JavaScriptCore.dll!JSC::JSGlobalData::createLeaked(JSC::ThreadStackType type=ThreadStackTypeLarge, JSC::HeapSize heapSize=LargeHeap) Line 336 + 0x11 bytes C++ WebKit.dll!WebCore::JSDOMWindowBase::commonJSGlobalData() Line 199 + 0xd bytes C++ WebKit.dll!WebCore::ScriptController::getAllWorlds(WTF::Vector<WebCore::DOMWrapperWorld *,0> & worlds={...}) Line 172 + 0x9 bytes C++ WebKit.dll!WebCore::FrameLoader::dispatchDidClearWindowObjectsInAllWorlds() Line 3221 + 0x9 bytes C++ WebKit.dll!WebCore::FrameLoader::receivedFirstData() Line 588 C++ WebKit.dll!WebCore::FrameLoader::willSetEncoding() Line 987 C++ WebKit.dll!WebCore::DocumentWriter::setEncoding(const WTF::String & name={...}, bool userChosen=false) Line 240 C++ WebKit.dll!WebCore::DocumentLoader::commitData(const char * bytes=0x00b4b140, unsigned int length=0x00000202) Line 326 C++ WebKit.dll!WebFrameLoaderClient::committedLoad(WebCore::DocumentLoader * loader=0x00b54fd8, const char * data=0x00b4b140, int length=0x00000202) Line 505 C++ WebKit.dll!WebCore::DocumentLoader::commitLoad(const char * data=0x00b4b140, int length=0x00000202) Line 313 + 0x29 bytes C++ WebKit.dll!WebCore::DocumentLoader::receivedData(const char * data=0x00b4b140, int length=0x00000202) Line 340 C++ WebKit.dll!WebCore::MainResourceLoader::addData(const char * data=0x00b4b140, int length=0x00000202, bool allAtOnce=true) Line 171 C++ WebKit.dll!WebCore::ResourceLoader::didReceiveData(const char * data=0x00b4b140, int length=0x00000202, __int64 encodedDataLength=0x0000000000000202, bool allAtOnce=true) Line 287 + 0x1b bytes C++ WebKit.dll!WebCore::MainResourceLoader::didReceiveData(const char * data=0x00b4b140, int length=0x00000202, __int64 encodedDataLength=0x0000000000000202, bool allAtOnce=true) Line 465 C++ WebKit.dll!WebCore::MainResourceLoader::continueAfterContentPolicy(WebCore::PolicyAction contentPolicy=PolicyUse, const WebCore::ResourceResponse & r={...}) Line 320 + 0x56 bytes C++ WebKit.dll!WebCore::MainResourceLoader::continueAfterContentPolicy(WebCore::PolicyAction policy=PolicyUse) Line 339 C++ WebKit.dll!WebCore::MainResourceLoader::callContinueAfterContentPolicy(void * argument=0x00b55b88, WebCore::PolicyAction policy=PolicyUse) Line 331 C++ WebKit.dll!WebCore::MainResourceLoader::didReceiveResponse(const WebCore::ResourceResponse & r={...}) Line 418 + 0xb bytes C++ WebKit.dll!WebCore::MainResourceLoader::handleDataLoadNow(WebCore::Timer<WebCore::MainResourceLoader> * __formal=0x00b56020) Line 529 + 0x16 bytes C++ WebKit.dll!WebCore::Timer<WebCore::MainResourceLoader>::fired() Line 100 + 0x29 bytes C++ WebKit.dll!WebCore::ThreadTimers::sharedTimerFiredInternal() Line 115 + 0xf bytes C++ WebKit.dll!WebCore::ThreadTimers::sharedTimerFired() Line 94 C++ WebKit.dll!WebCore::TimerWindowWndProc(HWND__ * hWnd=0x000305d4, unsigned int message=0x0000c209, unsigned int wParam=0x00000000, long lParam=0x00000000) Line 103 + 0x8 bytes C++ user32.dll!_InternalCallWinProc@20() + 0x23 bytes user32.dll!_UserCallWinProcCheckWow@32() + 0xb7 bytes user32.dll!_DispatchMessageWorker@8() + 0xed bytes user32.dll!_DispatchMessageW@4() + 0xf bytes WinLauncher.dll!dllLauncherEntryPoint(HINSTANCE__ * __formal=0x011e0000, HINSTANCE__ * __formal=0x011e0000, HINSTANCE__ * __formal=0x011e0000, int nCmdShow=0x00000001) Line 382 + 0xc bytes C++ WinLauncher.exe!wWinMain(HINSTANCE__ * hInstance=0x011e0000, HINSTANCE__ * hPrevInstance=0x00000000, wchar_t * lpstrCmdLine=0x004b349e, int nCmdShow=0x00000001) Line 200 + 0x18 bytes C++ WinLauncher.exe!__tmainCRTStartup() Line 589 + 0x1c bytes C kernel32.dll!@BaseThreadInitThunk@12() + 0x12 bytes
Attachments
Add attachment proposed patch, testcase, etc.
Brent Fulgham
Comment 1 2012-02-23 17:19:13 PST
When I attempt to run DumpRenderTree I get some console output: ASSERTION FAILED: is8ByteAligned(block->m_offset) ..\..\heap\CopiedSpace.cpp(259) : JSC::CopiedSpace::getFreshBlock 1 6C67EBA4 2 6C67EAA1 3 6C67F1A4 4 6C67DAFF 5 6C68F587 6 6C43A767 7 6C43B58C 8 6C43B5D4 9 68FCB6C3 10 68FE56EC 11 690FA730 12 690EF9F4 13 690F1524 14 69CC4D8F 15 695AE414 16 6A0FB670 17 695AE32A 18 695AE596 19 69E05AC9 20 69A996A0 21 69E06C28 22 69A9A05E 23 69F8782B First-chance exception at 0x6c67eba9 (JavaScriptCore.dll) in DumpRenderTree.exe: 0xC0000005: Access violation writing location 0xbbadbeef. Unhandled exception at 0x77a415de (ntdll.dll) in DumpRenderTree.exe: 0xC0000005: Access violation writing location 0xbbadbeef. The program '[2832] DumpRenderTree.exe: Native' has exited with code -1073741819 (0xc0000005).
Radar WebKit Bug Importer
Comment 2 2012-02-24 09:05:18 PST
<rdar://problem/10926932>
Adam Roben (:aroben)
Comment 3 2012-02-24 09:10:14 PST
Does r108779 and/or r108808 make this go away?
Brent Fulgham
Comment 4 2012-02-24 10:38:35 PST
Resolved by r108779 and r108808 .
Note You need to log in before you can comment on or make changes to this bug.