Re: [v8-dev] Is it OK to invoke v8::internal::SlotSet::Iterate from a background thread?

'Irina Yatsenko' via v8-dev Wed, 07 Aug 2019 15:35:45 -0700

<Ulan> Are there any other maps (besides the free space map) around the 
broken slots?


In most of the dumps we get the slot pointer lands in the middle of a 
zeroed out region and crashpad doesn't collect the memory beyond it. But 
occasionally get lucky, for example (v8 at 
63edc02cda79436625d5bc9a9b608857722a56bd):

rax=0000000000000001 rbx=000001e6d6bedc00 rcx=000001e6cc91ad20

rdx=0000135413c43340 rsi=0000000000000000 rdi=0000000000000000

rip=00007fff2f039c9d rsp=00000091ddbfd0a0 rbp=000001e6cd5109b8

 r8=00005fa57213dee1  r9=000001e6cc91ad20 r10=000001e6cc91ae60

r11=0000000000000000 r12=0000135413c43340 r13=0000000000000100

r14=0000000000000660 r15=0000000000000013

iopl=0         nv up ei pl zr na po nc

cs=0033  ss=0000  ds=0000  es=0000  fs=0053  gs=002b             
efl=00010246

v8::internal::MemoryChunk::InYoungGeneration+0x2:

00007fff`2f039c9d f6460818        test    byte ptr [rsi+8],18h 
ds:00000000`00000008=??

 

  code_space 0x4b4de89c0000

  map_space 0x713198180000

  ro_space 0x6fa75d840000

  isolate 0x1e6c98eef90

 

00005fa5`7213de60  ????????`????????

00005fa5`7213de68  00000000`00000000

00005fa5`7213de70  00000000`00000000

00005fa5`7213de78  00000000`00000000

00005fa5`7213de80  00000c64`0b582ac9

00005fa5`7213de88  00006fa7`5d840c21

00005fa5`7213de90  00006fa7`5d840c21 <- what is this? (also in ro_space, 
lots of references to it across the dump)

00005fa5`7213de98  00005fa5`7213de21

00005fa5`7213dea0  41258000`00000000

00005fa5`7213dea8  00006fa7`5d840139 <- first item in ro_space in this 
build (I believe): FREE_SPACE_TYPE

00005fa5`7213deb0  00000fb0`00000000 <- size of the free space

00005fa5`7213deb8  00000000`00000000

00005fa5`7213dec0  00000000`00000000

00005fa5`7213dec8  00000000`00000000

00005fa5`7213ded0  00000000`00000000

00005fa5`7213ded8  00000000`00000000

00005fa5`7213dee0  00000000`00000000

00005fa5`7213dee8  00000000`00000000

00005fa5`7213def0  00000000`00000000

00005fa5`7213def8  00000000`00000000

00005fa5`7213df00  00000000`00000000

00005fa5`7213df08  00000000`00000000

00005fa5`7213df10  00000000`00000000

00005fa5`7213df18  00000000`00000000

00005fa5`7213df20  00000000`00000000

00005fa5`7213df28  00000000`00000000

00005fa5`7213df30  00000000`00000000

00005fa5`7213df38  00000000`00000000

00005fa5`7213df40  00000000`00000000

00005fa5`7213df48  00000000`00000000

00005fa5`7213df50  00000000`00000000

00005fa5`7213df58  00000000`00000000

00005fa5`7213df60  00000000`00000000

00005fa5`7213df68  00000000`00000000

00005fa5`7213df70  00000000`00000000

00005fa5`7213df78  00000000`00000000

00005fa5`7213df80  00000000`00000000

00005fa5`7213df88  00000000`00000000

00005fa5`7213df90  00000000`00000000

00005fa5`7213df98  00000000`00000000

00005fa5`7213dfa0  00000000`00000000

00005fa5`7213dfa8  00000000`00000000

00005fa5`7213dfb0  00000000`00000000

00005fa5`7213dfb8  00000000`00000000

00005fa5`7213dfc0  00000000`00000000

00005fa5`7213dfc8  00000000`00000000

00005fa5`7213dfd0  00000000`00000000

00005fa5`7213dfd8  00000000`00000000

00005fa5`7213dfe0  00000000`00000000

00005fa5`7213dfe8  00000000`00000000

00005fa5`7213dff0  00000000`00000000

00005fa5`7213dff8  00000000`00000000

00005fa5`7213e000  00000000`00000000

00005fa5`7213e008  00000000`00000000

00005fa5`7213e010  00000000`00000000

00005fa5`7213e018  00000000`00000000

00005fa5`7213e020  00000000`00000000

00005fa5`7213e028  00000000`00000000

00005fa5`7213e030  00000000`00000000

00005fa5`7213e038  00000000`00000000

00005fa5`7213e040  00000000`00000000

00005fa5`7213e048  00000000`00000000

00005fa5`7213e050  00000000`00000000

00005fa5`7213e058  00000000`00000000

00005fa5`7213e060  ????????`????????

 

In *frame 02* 00000091`ddbfd0a0 00007fff`2f0400af 
v8::internal::Scavenger::ScavengeObject<v8::internal::FullHeapObjectSlot>

0:000> dx -r1 p

p                 [Type: v8::internal::FullHeapObjectSlot]

    [+0x000] ptr_             : 0x135413c43340 [Type: unsigned __int64]

 

0:000> dx -r1 object

object                 [Type: v8::internal::HeapObject]

    [+0x000] ptr_             : 0x5fa57213dee1 [Type: unsigned __int64]

 

00001354`13c432b8  ????????`????????

00001354`13c432c0  00001354`13c55619

00001354`13c432c8  0000000f`00000000

00001354`13c432d0  00006fa7`5d840371

00001354`13c432d8  4137270d`00000000

00001354`13c432e0  00004a75`021a18d9

00001354`13c432e8  00006fa7`5d840c21

00001354`13c432f0  00001354`13c47b49

00001354`13c432f8  0000000f`00000000

00001354`13c43300  00004a75`021a18d9

00001354`13c43308  00006fa7`5d840c21

00001354`13c43310  00001354`13c556b1

00001354`13c43318  0000000f`00000000

00001354`13c43320  00006fa7`5d840371

00001354`13c43328  4137270d`00000000

00001354`13c43330  00004a75`021a1979

00001354`13c43338  00006fa7`5d840c21

00001354`13c43340  00000000`00000001 <- "tagged nullptr" written by 
HeapObjectReference::Update(p, dest);

00001354`13c43348  00000128`00000000

00001354`13c43350  00001e82`f90233b9

00001354`13c43358  00006fa7`5d840c21

00001354`13c43360  00006fa7`5d840c21

00001354`13c43368  00001354`13c47af9

00001354`13c43370  00001354`13c47b21

00001354`13c43378  00006fa7`5d8404d1

00001354`13c43380  00006fa7`5d8404d1

00001354`13c43388  00004a75`021a18d9

00001354`13c43390  00006fa7`5d840c21

00001354`13c43398  00001b18`65a7b9f9

00001354`13c433a0  00000003`00000000

00001354`13c433a8  00004a75`021a18d9

00001354`13c433b0  00006fa7`5d840c21

00001354`13c433b8  00001b18`65a7ba91

00001354`13c433c0  00000003`00000000

00001354`13c433c8  00001e82`f90233b9

00001354`13c433d0  00006fa7`5d840c21

00001354`13c433d8  00006fa7`5d840c21

00001354`13c433e0  00001354`13c47ab9

00001354`13c433e8  00001354`13c47ad9

00001354`13c433f0  00006fa7`5d8404d1

00001354`13c433f8  00006fa7`5d8404d1

00001354`13c43400  00001e82`f90233b9

00001354`13c43408  00006fa7`5d840c21

00001354`13c43410  00006fa7`5d840c21

00001354`13c43418  00000000`00000000

00001354`13c43420  00000000`00000000

00001354`13c43428  00006fa7`5d8404d1

00001354`13c43430  00006fa7`5d8404d1

00001354`13c43438  00004a75`021a18d9

00001354`13c43440  00006fa7`5d840c21

00001354`13c43448  000067cc`bb9f75b9

00001354`13c43450  0000001e`00000000

00001354`13c43458  00004a75`021a18d9

00001354`13c43460  00006fa7`5d840c21

00001354`13c43468  000067cc`bb9f7721

00001354`13c43470  0000001e`00000000

00001354`13c43478  00006fa7`5d840139

00001354`13c43480  000007b8`00000000

00001354`13c43488  00001354`13c42e89

00001354`13c43490  00000002`00000000

00001354`13c43498  00000dc6`ab69dfab

00001354`13c434a0  00000000`00000003

00001354`13c434a8  00006fa7`5d8402d1

00001354`13c434b0  00000002`00000000

00001354`13c434b8  00000000`00000003

00001354`13c434c0  ????????`????????


00006fa7`5d840c20  00006fa7`5d8407b1

00006fa7`5d840c28  00000000`00000000

00006fa7`5d840c30  00006fa7`5d840c61

00006fa7`5d840c38  c0100000`00000000

00006fa7`5d840c40  00006fa7`5d840cb1

00006fa7`5d840c48  fffffffc`00000000

00006fa7`5d840c50  00006fa7`5d8404b1

00006fa7`5d840c58  00000004`00000000

00006fa7`5d840c60  00006fa7`5d840189

00006fa7`5d840c68  19000043`21000006

00006fa7`5d840c70  00000000`084003ff

00006fa7`5d840c78  00006fa7`5d8401d9

00006fa7`5d840c80  00006fa7`5d8401d9

 

00006fa7`5d840760  00006fa7`5d840189

00006fa7`5d840768  19000048`01000000

00006fa7`5d840770  00000000`084003ff

00006fa7`5d840778  00006fa7`5d8401d9

00006fa7`5d840780  00006fa7`5d8401d9

00006fa7`5d840788  00006fa7`5d840259

00006fa7`5d840790  00000000`00000000

00006fa7`5d840798  00006fa7`5d8402c1

00006fa7`5d8407a0  00000000`00000000

00006fa7`5d8407a8  00000000`00000000

00006fa7`5d8407b0  00006fa7`5d840189

00006fa7`5d8407b8  1800007d`14000000

00006fa7`5d8407c0  00000000`004003ff

00006fa7`5d8407c8  00006fa7`5d8401d9

00006fa7`5d8407d0  00006fa7`5d8401d9

00006fa7`5d8407d8  00006fa7`5d840259

00006fa7`5d8407e0  00000000`00000000

00006fa7`5d8407e8  00006fa7`5d8402c1

00006fa7`5d8407f0  00000000`00000000

00006fa7`5d8407f8  00000000`00000000

00006fa7`5d840800  00006fa7`5d840189

00006fa7`5d840808  1800007d`14000000

00006fa7`5d840810  00000000`004003ff

00006fa7`5d840818  00006fa7`5d8401d9

00006fa7`5d840820  00006fa7`5d8401d9

00006fa7`5d840828  00006fa7`5d840259

00006fa7`5d840830  00000000`00000000

00006fa7`5d840838  00006fa7`5d8402c1

00006fa7`5d840840  00000000`00000000

00006fa7`5d840848  00000000`00000000

00006fa7`5d840850  00006fa7`5d840189

00006fa7`5d840858  19000080`14000000

00006fa7`5d840860  00000000`084003ff

00006fa7`5d840868  00006fa7`5d8401d9

00006fa7`5d840870  00006fa7`5d8401d9

00006fa7`5d840878  00006fa7`5d840259

00006fa7`5d840880  00000000`00000000

00006fa7`5d840888  ????????`????????


Any useful?

-- 
-- 
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
--- 
You received this message because you are subscribed to the Google Groups 
"v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To view this discussion on the web visit 
https://groups.google.com/d/msgid/v8-dev/d21fdad4-e349-4912-92d4-63e76a468e52%40googlegroups.com.

Re: [v8-dev] Is it OK to invoke v8::internal::SlotSet::Iterate from a background thread?

Reply via email to