Comment #1 on issue 3197 by [email protected]: Handle to elements
backing-store while being left-trimmed
http://code.google.com/p/v8/issues/detail?id=3197
I'm running into a similar issue with debug builds of 3.27.25 (release
builds work fine) when calling Array#join() on an array with a handful of
long strings. When I randomly remove one or two strings first,
Array#join() succeeds.
Each string is 10-100 kB, created with String::NewFromUtf8() and it's not
empty (i.e. string.IsEmpty() == false.)
I tried to put together a simple test case but reproducing it standalone
has proven elusive so far. I'll be happy to help debug it, though.
The stack trace follows (or rather, *a* stack trace. Tweaking the JS code
changes the stack trace but the actual assertion is always the same.)
#
# Fatal error in ../deps/v8/src/heap.cc, line 2034
# CHECK(heap->AllowedToBeMigrated(object, NEW_SPACE)) failed
#
==== C stack trace ===============================
1: V8_Fatal
2: void v8::internal::ScavengingVisitor<(v8::internal::MarksHandling)1,
(v8::internal::LoggingAndProfiling)1>::EvacuateObject<(v8::internal::ScavengingVisitor<(v8::internal::MarksHandling)1,
(v8::internal::LoggingAndProfiling)1>::ObjectContents)0,
8>(v8::internal::Map*, v8::internal::HeapObject**,
v8::internal::HeapObject*, int)
3: v8::internal::ScavengingVisitor<(v8::internal::MarksHandling)1,
(v8::internal::LoggingAndProfiling)1>::ObjectEvacuationStrategy<(v8::internal::ScavengingVisitor<(v8::internal::MarksHandling)1,
(v8::internal::LoggingAndProfiling)1>::ObjectContents)0>::Visit(v8::internal::Map*,
v8::internal::HeapObject**, v8::internal::HeapObject*)
4: v8::internal::Heap::DoScavengeObject(v8::internal::Map*,
v8::internal::HeapObject**, v8::internal::HeapObject*)
5: v8::internal::Heap::ScavengeObjectSlow(v8::internal::HeapObject**,
v8::internal::HeapObject*)
6: v8::internal::Heap::ScavengeObject(v8::internal::HeapObject**,
v8::internal::HeapObject*)
7: v8::internal::ScavengeVisitor::ScavengePointer(v8::internal::Object**)
8: v8::internal::ScavengeVisitor::VisitPointers(v8::internal::Object**,
v8::internal::Object**)
9:
v8::internal::HandleScopeImplementer::IterateThis(v8::internal::ObjectVisitor*)
10:
v8::internal::HandleScopeImplementer::Iterate(v8::internal::ObjectVisitor*)
11: v8::internal::Heap::IterateStrongRoots(v8::internal::ObjectVisitor*,
v8::internal::VisitMode)
12: v8::internal::Heap::IterateRoots(v8::internal::ObjectVisitor*,
v8::internal::VisitMode)
13: v8::internal::Heap::Scavenge()
14:
v8::internal::Heap::PerformGarbageCollection(v8::internal::GarbageCollector,
v8::internal::GCTracer*, v8::GCCallbackFlags)
15: v8::internal::Heap::CollectGarbage(v8::internal::GarbageCollector, char
const*, char const*, v8::GCCallbackFlags)
16: v8::internal::Heap::CollectGarbage(v8::internal::AllocationSpace, char
const*, v8::GCCallbackFlags)
17: v8::internal::Factory::NewRawOneByteString(int,
v8::internal::PretenureFlag)
18: ??
19: v8::internal::Runtime_StringBuilderConcat(int, v8::internal::Object**,
v8::internal::Isolate*)
20: ??
--
You received this message because this project is configured to send all
issue notifications to this address.
You may adjust your notification preferences at:
https://code.google.com/hosting/settings
--
--
v8-dev mailing list
[email protected]
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
