Status: Assigned
Owner: [email protected]
CC: [email protected]
Labels: Type-Bug Priority-Medium
New issue 4259 by [email protected]: DCHECK failure:
scope_info_->StackSlotIndex(*name_handle) < 0 || is_block_scope()
https://code.google.com/p/v8/issues/detail?id=4259
Version: 4.5.83.1
OS: Linux
Architecture: x64
I don't have a good repro. I observed this DCHECK failure after letting an
inbox.google.com renderer run in GDB for about 20 hours.
I have a core file and accompanying Chrome binary I can share.
#
# Fatal error in ../../v8/src/scopes.cc, line 393
# Check failed: scope_info_->StackSlotIndex(*name_handle) < 0 ||
is_block_scope().
#
(gdb) bt
#0 v8::base::OS::Abort ()
at ../../v8/src/base/platform/platform-posix.cc:229
#1 0x00007fe553b635e1 in V8_Fatal (file=0x7fe553c155b9
<.L.str> "../../v8/src/scopes.cc", line=393, format=0x7fe553bb2461
<.L.str.949> "Check failed: %s.")
at ../../v8/src/base/logging.cc:116
#2 0x00007fe5539e7eb5 in v8::internal::Scope::LookupLocal
(this=0x3d6bc3339ff8, name=0x3d6bc333ad18) at ../../v8/src/scopes.cc:393
#3 0x00007fe5539ea659 in v8::internal::Scope::LookupRecursive
(this=0x3d6bc3339ff8, proxy=0x3d6bc333ad48, binding_kind=0x7ffd385739f4,
factory=0x7ffd38573b30) at ../../v8/src/scopes.cc:1029
#4 0x00007fe5539ea6e6 in v8::internal::Scope::LookupRecursive
(this=0x3d6bc3339c98, proxy=0x3d6bc333ad48, binding_kind=0x7ffd385739f4,
factory=0x7ffd38573b30) at ../../v8/src/scopes.cc:1047
#5 0x00007fe5539ea6e6 in v8::internal::Scope::LookupRecursive
(this=0x3d6bc333a6b8, proxy=0x3d6bc333ad48, binding_kind=0x7ffd385739f4,
factory=0x7ffd38573b30) at ../../v8/src/scopes.cc:1047
#6 0x00007fe5539ea9e1 in v8::internal::Scope::ResolveVariable
(this=0x3d6bc333a6b8, info=0x3d6bcaf47020, proxy=0x3d6bc333ad48,
factory=0x7ffd38573b30)
at ../../v8/src/scopes.cc:1095
#7 0x00007fe5539e95b4 in v8::internal::Scope::ResolveVariablesRecursively
(this=0x3d6bc333a6b8, info=0x3d6bcaf47020, factory=0x7ffd38573b30)
at ../../v8/src/scopes.cc:1266
#8 0x00007fe5539e6f00 in v8::internal::Scope::AllocateVariables
(this=0x3d6bc333a6b8, info=0x3d6bcaf47020, factory=0x7ffd38573b30)
at ../../v8/src/scopes.cc:685
#9 0x00007fe5539e6c51 in v8::internal::Scope::Analyze
(info=0x3d6bcaf47020) at ../../v8/src/scopes.cc:277
#10 0x00007fe5535b4dfc in v8::internal::Compiler::Analyze
(info=0x3d6bcaf47020) at ../../v8/src/compiler.cc:762
#11 0x00007fe5535b95e7 in v8::internal::CompileUnoptimizedCode
(info=0x7ffd38573d20) at ../../v8/src/compiler.cc:650
#12 0x00007fe5535b740b in v8::internal::GetUnoptimizedCodeCommon
(info=0x7ffd38573d20) at ../../v8/src/compiler.cc:674
#13 0x00007fe5535b7aa4 in v8::internal::Compiler::GetLazyCode
(function=...) at ../../v8/src/compiler.cc:887
#14 0x00007fe553950dc6 in v8::internal::__RT_impl_Runtime_CompileLazy
(args=..., isolate=0x3d6bc17f3020)
at ../../v8/src/runtime/runtime-compiler.cc:36
#15 0x00007fe553950c1e in v8::internal::Runtime_CompileLazy (args_length=1,
args_object=0x7ffd385741b0, isolate=0x3d6bc17f3020)
at ../../v8/src/runtime/runtime-compiler.cc:20
The variable name in question is "h", and the function's source code
is "(){G(h);this.$[d]==a&&delete this.$[d]}".
Adam, I'm assigning this to you, since Andreas suggested you might know
what's up or who else might know.
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
