[Webkit-unassigned] [Bug 90957] [Qt] There are GC related crashes regularly
bugzilla-daemon at webkit.org
bugzilla-daemon at webkit.org
Tue Jul 24 09:34:29 PDT 2012
https://bugs.webkit.org/show_bug.cgi?id=90957
--- Comment #15 from Filip Pizlo <fpizlo at apple.com> 2012-07-24 09:34:33 PST ---
(In reply to comment #10)
> Looks like various threads overwrites each other "segments".
>
> void MarkStackArray::expand()
> {
> ...
>
> unsigned count = 0;
> for (MarkStackSegment* current = m_topSegment->m_previous; current; current = current->m_previous)
> count++;
> if (count != m_numberOfPreviousSegments) {
> printf("nums: %d %d\n", count, (int)m_numberOfPreviousSegments);
>
> sleep(1);
> count = 0;
> for (MarkStackSegment* current = m_topSegment->m_previous; current; current = current->m_previous)
> count++;
> printf("nums: %d %d\n", count, (int)m_numberOfPreviousSegments);
> }
> }
>
> It prints:
>
> nums: 14 40
> nums: 102 40
>
> -> During the sleep(1), something overwrote the segment chain. And the length of the chain is not 40, which is expected.
>
> I suspect this is not allowed.
First of all, can you confirm that the bug goes away if you disable parallel tracing?
Second, the only segment that multiple threads are allowed to touch is the m_sharedMarkStack, and as far as I can tell, we always hold the m_markingLock when playing with that stack.
--
Configure bugmail: https://bugs.webkit.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
More information about the webkit-unassigned
mailing list