Status: Accepted
Owner: mstarzin...@chromium.org
Labels: Type-Bug Priority-Critical NewGC
New issue 1708 by mstarzin...@chromium.org: MarkWordToObjectStarts
encountered consecutive one-bits.
http://code.google.com/p/v8/issues/detail?id=1708
Several sites (e.g. http://24ur.com/) trigger an assertion checking that we
don't have consecutive one-bits in marking cells. In debug mode this looks
like ...
#
# Fatal error in v8/src/mark-compact.cc, line 3215
# CHECK((mark_bits & 0x1800000) != 0x1800000) failed
#
(gdb) f 16
#16 0x00007ffff2e5de84 in v8::internal::MarkWordToObjectStarts
(mark_bits=31457280, starts=0x7fffd95f06d0)
at v8/src/mark-compact.cc:3215
3215 ASSERT((mark_bits & 0x1800000) != 0x1800000);
(gdb) p/x mark_bits
$1 = 0x1e00000
In release mode this triggers a crash while adding free memory to the free
list ...
Trace Signature:
v8::internal::FreeList::Free
v8::internal::SweepPrecisely<1>
--
v8-dev mailing list
v8-dev@googlegroups.com
http://groups.google.com/group/v8-dev
