[v8-dev] Issue 3679 in v8: d8 crashes with --trace_dead_code_elimination flag

codesite-noreply via v8-dev Wed, 05 Nov 2014 16:20:56 -0800

Status: New
Owner: ----

New issue 3679 by [email protected]: d8 crashes with--trace_dead_code_elimination flag

https://code.google.com/p/v8/issues/detail?id=3679

When running the Octane benchmarks using d8 in x64.debug with the--trace_dead_code_elimination flag d8 crashes.


Can be reproduced in mainline repo with command:

v8/benchmarks$../out/x64.debug/d8 --enable_slow_asserts--trace_dead_code_elimination run.js


Results in:

#
# Fatal error in .././src/handles-inl.h, line 43

# CHECK(!v8::internal::FLAG_enable_slow_asserts ||(IsDereferenceAllowed(INCLUDE_DEFERRED_CHECK))) failed

#

==== C stack trace ===============================

 1: V8_Fatal
 2: v8::internal::Handle<v8::internal::Map>::operator*() const
 3: v8::internal::HConstant::PrintDataTo(std::ostream&) const
 4: v8::internal::HInstruction::PrintTo(std::ostream&) const
 5: v8::internal::operator<<(std::ostream&, v8::internal::HValue const&)

6:v8::internal::HDeadCodeEliminationPhase::PrintLive(v8::internal::HValue*,v8::internal::HValue*)7:v8::internal::HDeadCodeEliminationPhase::MarkLive(v8::internal::HValue*,v8::internal::ZoneList<v8::internal::HValue*>*)

 8: v8::internal::HDeadCodeEliminationPhase::MarkLiveInstructions()
 9: v8::internal::HDeadCodeEliminationPhase::Run()

10: voidv8::internal::HGraph::Run<v8::internal::HDeadCodeEliminationPhase>()

11: v8::internal::HGraph::Optimize(v8::internal::BailoutReason*)
12: ??
13: ??
14: v8::internal::FastCloneShallowObjectStub::GenerateCode()
15: v8::internal::CodeStub::GetCode()

16: v8::internal::MacroAssembler::CallStub(v8::internal::CodeStub*,v8::internal::TypeFeedbackId)17:v8::internal::FullCodeGenerator::VisitObjectLiteral(v8::internal::ObjectLiteral*)

18: v8::internal::ObjectLiteral::Accept(v8::internal::AstVisitor*)
19: v8::internal::FullCodeGenerator::Visit(v8::internal::AstNode*)

20:v8::internal::FullCodeGenerator::VisitForAccumulatorValue(v8::internal::Expression*)21:v8::internal::FullCodeGenerator::VisitAssignment(v8::internal::Assignment*)

22: v8::internal::Assignment::Accept(v8::internal::AstVisitor*)
23: v8::internal::FullCodeGenerator::Visit(v8::internal::AstNode*)

24:v8::internal::FullCodeGenerator::VisitForEffect(v8::internal::Expression*)25:v8::internal::FullCodeGenerator::VisitExpressionStatement(v8::internal::ExpressionStatement*)

26: v8::internal::ExpressionStatement::Accept(v8::internal::AstVisitor*)
27: v8::internal::FullCodeGenerator::Visit(v8::internal::AstNode*)

28:v8::internal::AstVisitor::VisitStatements(v8::internal::ZoneList<v8::internal::Statement*>*)

29: v8::internal::FullCodeGenerator::VisitBlock(v8::internal::Block*)
30: v8::internal::Block::Accept(v8::internal::AstVisitor*)
31: v8::internal::FullCodeGenerator::Visit(v8::internal::AstNode*)

32:v8::internal::FullCodeGenerator::VisitIfStatement(v8::internal::IfStatement*)

33: v8::internal::IfStatement::Accept(v8::internal::AstVisitor*)
34: v8::internal::FullCodeGenerator::Visit(v8::internal::AstNode*)

35:v8::internal::AstVisitor::VisitStatements(v8::internal::ZoneList<v8::internal::Statement*>*)36:v8::internal::FullCodeGenerator::VisitSwitchStatement(v8::internal::SwitchStatement*)

37: v8::internal::SwitchStatement::Accept(v8::internal::AstVisitor*)
38: v8::internal::FullCodeGenerator::Visit(v8::internal::AstNode*)

39:v8::internal::AstVisitor::VisitStatements(v8::internal::ZoneList<v8::internal::Statement*>*)

40: v8::internal::FullCodeGenerator::Generate()

41:v8::internal::FullCodeGenerator::MakeCode(v8::internal::CompilationInfo*)

42: ??
43: ??

44:v8::internal::Compiler::GetLazyCode(v8::internal::Handle<v8::internal::JSFunction>)

45: ??

46: v8::internal::Runtime_CompileLazy(int, v8::internal::Object**,v8::internal::Isolate*)

47: ??
Illegal instruction (core dumped)

System: $uname -a

Linux mascd3 3.5.0-49-generic #74~precise1-Ubuntu SMP Fri May 2 21:32:31UTC 2014 x86_64 x86_64 x86_64 GNU/Linux


As of commit: f3b633cc0c6473c24d46ec4ce5c0e9190e1b3d64

I included the stack trace from --enable_slow_asserts, but the crash alsohappens without this flag.

--

You received this message because this project is configured to send allissue notifications to this address.

You may adjust your notification preferences at:
https://code.google.com/hosting/settings

--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev

---You received this message because you are subscribed to the Google Groups "v8-dev" group.

To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

[v8-dev] Issue 3679 in v8: d8 crashes with --trace_dead_code_elimination flag

Reply via email to