Status: Accepted
Owner: ----
CC: [email protected], [email protected], [email protected],
[email protected], [email protected]
Labels: Type-Bug Priority-High
New issue 2846 by [email protected]: Reproducable segfault in v8 on the
3.20 branch.
http://code.google.com/p/v8/issues/detail?id=2846
I have attached the dart2js compiled output of
https://code.google.com/p/dart/source/browse/branches/bleeding_edge/dart/pkg/csslib/test/declaration_test.dart
This is causing flaky segfaults (on my z620 this reproduces often).
This is happening on 3.20.15.5
Here is the back trace from gdb:
Program received signal SIGSEGV, Segmentation fault.
0x08148feb in v8::internal::HCheckMaps::New(v8::internal::Zone*,
v8::internal::HValue*, v8::internal::HValue*,
v8::internal::Handle<v8::internal::Map>, v8::internal::CompilationInfo*,
v8::internal::HValue*) ()
(gdb) bt
#0 0x08148feb in v8::internal::HCheckMaps::New(v8::internal::Zone*,
v8::internal::HValue*, v8::internal::HValue*,
v8::internal::Handle<v8::internal::Map>, v8::internal::CompilationInfo*,
v8::internal::HValue*) ()
#1 0x081619d5 in
v8::internal::HGraphBuilder::BuildCompareNil(v8::internal::HValue*,
v8::internal::Handle<v8::internal::Type>, int,
v8::internal::HIfContinuation*) ()
#2 0x08161b76 in
v8::internal::HOptimizedGraphBuilder::HandleLiteralCompareNil(v8::internal::CompareOperation*,
v8::internal::Expression*, v8::internal::NilValue) [clone .part.690] ()
#3 0x0816dbe0 in
v8::internal::HOptimizedGraphBuilder::VisitCompareOperation(v8::internal::CompareOperation*)
()
#4 0x081540c6 in
v8::internal::HOptimizedGraphBuilder::VisitForValue(v8::internal::Expression*,
v8::internal::ArgumentsAllowedFlag) ()
#5 0x08159ee8 in
v8::internal::HOptimizedGraphBuilder::VisitReturnStatement(v8::internal::ReturnStatement*)
()
#6 0x0815903c in
v8::internal::HOptimizedGraphBuilder::VisitIfStatement(v8::internal::IfStatement*)
()
#7 0x0814d9c9 in
v8::internal::HOptimizedGraphBuilder::VisitStatements(v8::internal::ZoneList<v8::internal::Statement*>*)
()
#8 0x08171cb2 in
v8::internal::HOptimizedGraphBuilder::TryInline(v8::internal::CallKind,
v8::internal::Handle<v8::internal::JSFunction>, int, v8::internal::HValue*,
v8::internal::BailoutId, v8::internal::BailoutId,
v8::internal::InliningKind) ()
#9 0x08172452 in
v8::internal::HOptimizedGraphBuilder::TryInlineCall(v8::internal::Call*,
bool) ()
#10 0x08177781 in
v8::internal::HOptimizedGraphBuilder::VisitCall(v8::internal::Call*) ()
#11 0x081540c6 in
v8::internal::HOptimizedGraphBuilder::VisitForValue(v8::internal::Expression*,
v8::internal::ArgumentsAllowedFlag) ()
#12 0x08154db1 in
v8::internal::HOptimizedGraphBuilder::VisitExpressions(v8::internal::ZoneList<v8::internal::Expression*>*)
()
#13 0x081770db in
v8::internal::HOptimizedGraphBuilder::VisitCall(v8::internal::Call*) ()
#14 0x08158fcd in
v8::internal::HOptimizedGraphBuilder::VisitIfStatement(v8::internal::IfStatement*)
()
#15 0x0815903c in
v8::internal::HOptimizedGraphBuilder::VisitIfStatement(v8::internal::IfStatement*)
()
#16 0x0814d9c9 in
v8::internal::HOptimizedGraphBuilder::VisitStatements(v8::internal::ZoneList<v8::internal::Statement*>*)
()
#17 0x08171cb2 in
v8::internal::HOptimizedGraphBuilder::TryInline(v8::internal::CallKind,
v8::internal::Handle<v8::internal::JSFunction>, int, v8::internal::HValue*,
v8::internal::BailoutId, v8::internal::BailoutId,
v8::internal::InliningKind) ()
#18 0x08172452 in
v8::internal::HOptimizedGraphBuilder::TryInlineCall(v8::internal::Call*,
bool) ()
#19 0x08177781 in
v8::internal::HOptimizedGraphBuilder::VisitCall(v8::internal::Call*) ()
#20 0x081540c6 in
v8::internal::HOptimizedGraphBuilder::VisitForValue(v8::internal::Expression*,
v8::internal::ArgumentsAllowedFlag) ()
#21 0x08154db1 in
v8::internal::HOptimizedGraphBuilder::VisitExpressions(v8::internal::ZoneList<v8::internal::Expression*>*)
()
#22 0x081770db in
v8::internal::HOptimizedGraphBuilder::VisitCall(v8::internal::Call*) ()
#23 0x081540c6 in
v8::internal::HOptimizedGraphBuilder::VisitForValue(v8::internal::Expression*,
v8::internal::ArgumentsAllowedFlag) ()
#24 0x0815ab00 in
v8::internal::HOptimizedGraphBuilder::VisitLogicalExpression(v8::internal::BinaryOperation*)
()
#25 0x081629e9 in
v8::internal::HOptimizedGraphBuilder::VisitBinaryOperation(v8::internal::BinaryOperation*)
()
#26 0x081540c6 in
v8::internal::HOptimizedGraphBuilder::VisitForValue(v8::internal::Expression*,
v8::internal::ArgumentsAllowedFlag) ()
#27 0x0815a82e in
v8::internal::HOptimizedGraphBuilder::VisitLogicalExpression(v8::internal::BinaryOperation*)
()
#28 0x081629e9 in
v8::internal::HOptimizedGraphBuilder::VisitBinaryOperation(v8::internal::BinaryOperation*)
()
#29 0x081540c6 in
v8::internal::HOptimizedGraphBuilder::VisitForValue(v8::internal::Expression*,
v8::internal::ArgumentsAllowedFlag) ()
#30 0x0815a82e in
v8::internal::HOptimizedGraphBuilder::VisitLogicalExpression(v8::internal::BinaryOperation*)
()
#31 0x081629e9 in
v8::internal::HOptimizedGraphBuilder::VisitBinaryOperation(v8::internal::BinaryOperation*)
()
#32 0x081540c6 in
v8::internal::HOptimizedGraphBuilder::VisitForValue(v8::internal::Expression*,
v8::internal::ArgumentsAllowedFlag) ()
#33 0x0815a1ff in
v8::internal::HOptimizedGraphBuilder::VisitReturnStatement(v8::internal::ReturnStatement*)
()
#34 0x0814d9c9 in
v8::internal::HOptimizedGraphBuilder::VisitStatements(v8::internal::ZoneList<v8::internal::Statement*>*)
()
#35 0x08169ec4 in v8::internal::HOptimizedGraphBuilder::BuildGraph() ()
#36 0x08152f3b in v8::internal::HGraphBuilder::CreateGraph() ()
#37 0x0809e4e5 in v8::internal::OptimizingCompiler::CreateGraph() ()
#38 0x080a149c in
v8::internal::Compiler::RecompileParallel(v8::internal::Handle<v8::internal::JSFunction>)
()
#39 0x0829a9ce in v8::internal::Runtime_ParallelRecompile(int,
v8::internal::Object**, v8::internal::Isolate*) ()
#40 0x3e40a2d6 in ?? ()
#41 0x3e42697d in ?? ()
#42 0x53a71a09 in ?? ()
Attachments:
out.js 922 KB
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/groups/opt_out.
