In addition to what Yang said, here are a few more points: - When the GC hits an ASSERT, 99% of the time it's not a bug in the GC, but rather the GC stumbling over a broken object while it's inspecting the heap's content. Are you messing with maps or objects in any way? - I don't know what state the MIPS port is in currently; it tends to lag behind the other architectures by a few hours to a few days and is sometimes broken when changes have not been ported yet. You should try to repro the failure with the unmodified MIPS branch. If that doesn't run on your device, try running it in the built-in simulator (just "make mips" on a Linux workstation with your regular (non-cross-) compiler). Trying to repro in the simulator is probably a good idea even with your local modifications. - You can also try to find another revision that works (especially if you know that it worked before). Once you have a good and a bad revision, you can "git bisect" the range in between to find out what broke it. - If you can reproduce the problem on either of ia32, x64, or arm, please file a bug and we'll look into it.
Good luck! On Fri, Jul 27, 2012 at 10:44 AM, Yang Guo <[email protected]> wrote: > While the V8 team accepts upstream patches from the team that develops the > MIPS port for V8, we do not maintain it ourselves. Please file an issue to > https://github.com/paul99/v8m-**rb <https://github.com/paul99/v8m-rb> > > Yang > > > On Friday, July 27, 2012 6:05:26 AM UTC+2, Evgeny Baskakov wrote: >> >> Hi guys, >> >> I'm experiencing severe GC crashes on some rare MIPS devices. The V8 code >> is taken from >> https://github.com/paul99/v8m-**rb<https://github.com/paul99/v8m-rb>, >> commit **c2e35dc507b4562ce666a48cb7a266**33f9d7fdaf (plus some >> modifications for the specific device). >> >> The crashing command line is >> >> # /bin/d8 --nocrankshaft --expose-gc --noopt /bin/mjsunit/mjsunit.js >> /bin/mjsunit/regress/regress-**84234.js --test >> >> Can someone give some hints to what to look at first? >> >> Here are the gdb callstacks: >> >> Program received signal SIGSEGV, Segmentation fault. >> 0x2ab4fd5c in v8::internal::Map::instance_**size (this=0x166) at >> ../src/objects-inl.h:2833 >> 2833 return READ_BYTE_FIELD(this, kInstanceSizeOffset) << >> kPointerSizeLog2; >> (gdb) bt >> #0 0x2ab4fd5c in v8::internal::Map::instance_**size (this=0x166) at >> ../src/objects-inl.h:2833 >> #1 0x2ab5952c in v8::internal::HeapObject::**SizeFromMap >> (this=0x40728b3d, map=0x166) at ../src/objects-inl.h:2848 >> #2 0x2ab597a4 in v8::internal::HeapObject::Size (this=0x40728b3d) at >> ../src/objects-inl.h:1181 >> #3 0x2aeda718 in v8::internal::**SemiSpaceIterator::Next >> (this=0x7fe1bfec) at ../src/spaces.h:2006 >> #4 0x2aecd4e4 in v8::internal::**MarkCompactCollector::**EvacuateNewSpace >> (this=0x44b470) at ../src/mark-compact.cc:3004 >> #5 0x2aecd63c in >> v8::internal::**MarkCompactCollector::**EvacuateNewSpaceAndCandidates >> (this=0x44b470) at ../src/mark-compact.cc:3411 >> #6 0x2aece720 in v8::internal::**MarkCompactCollector::**SweepSpaces >> (this=0x44b470) at ../src/mark-compact.cc:4103 >> #7 0x2aed27d4 in v8::internal::**MarkCompactCollector::**CollectGarbage >> (this=0x44b470) at ../src/mark-compact.cc:295 >> #8 0x2ad5b2bc in v8::internal::Heap::**MarkCompact (this=0x44a040, >> tracer=0x7fe1c2c0) at ../src/heap.cc:979 >> #9 0x2ad5b958 in v8::internal::Heap::**PerformGarbageCollection >> (this=0x44a040, collector=v8::internal::MARK_**COMPACTOR, >> tracer=0x7fe1c2c0) at ../src/heap.cc:862 >> #10 0x2ad5e0d0 in v8::internal::Heap::**CollectGarbage (this=0x44a040, >> space=v8::internal::OLD_**POINTER_SPACE, >> collector=v8::internal::MARK_**COMPACTOR, >> gc_reason=0x2b2bde34 "gc extension", >> collector_reason=0x2b2cc244 "GC in old space requested") at >> ../src/heap.cc:600 >> #11 0x2ac1f784 in v8::internal::Heap::**CollectGarbage (this=0x44a040, >> space=v8::internal::OLD_**POINTER_SPACE, gc_reason=0x2b2bde34 "gc >> extension") at ../src/heap-inl.h:440 >> #12 0x2ad5e934 in v8::internal::Heap::**CollectAllGarbage >> (this=0x44a040, flags=0, gc_reason=0x2b2bde34 "gc extension") at >> ../src/heap.cc:510 >> #13 0x2aca7c14 in v8::internal::GCExtension::GC (args=@0x7fe1c4cc) at >> ../src/extensions/gc-**extension.cc:43 >> #14 0x2ac047f4 in HandleApiCallHelper<false> >> (args={<v8::internal::**Arguments> >> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ = >> 0x7fe1c594}, <No data fields>}, >> isolate=0x44a038) at ../src/builtins.cc:1145 >> #15 0x2ac049d0 in Builtin_Impl_HandleApiCall >> (args={<v8::internal::**Arguments> >> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ = >> 0x7fe1c594}, <No data fields>}, >> isolate=0x44a038) at ../src/builtins.cc:1162 >> #16 0x2ac04aac in Builtin_HandleApiCall (args={<v8::internal::**Arguments> >> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ = >> 0x7fe1c594}, <No data fields>}, >> isolate=0x44a038) at ../src/builtins.cc:1161 >> #17 0x3f60a0b4 in ?? () >> >> (gdb) print this >> $1 = (class v8::internal::Map * const) 0x166 >> >> >> Another one, with similar call stack: >> >> #12 0x2ac10918 in V8_Fatal (file=0x2b2a7730 "../src/objects-inl.h", >> line=2875, format=0x2b2a7748 "CHECK(%s) failed") at ../src/checks.cc:55 >> #13 0x2ab5971c in v8::internal::HeapObject::**SizeFromMap >> (this=0x49728af9, map=0x49728b51) at ../src/objects-inl.h:2875 >> #14 0x2ab597a4 in v8::internal::HeapObject::Size (this=0x49728af9) at >> ../src/objects-inl.h:1181 >> #15 0x2aeda718 in v8::internal::**SemiSpaceIterator::Next >> (this=0x7fdc5a1c) at ../src/spaces.h:2006 >> #16 0x2aecd4e4 in v8::internal::**MarkCompactCollector::**EvacuateNewSpace >> (this=0x44b470) at ../src/mark-compact.cc:3004 >> #17 0x2aecd63c in >> v8::internal::**MarkCompactCollector::**EvacuateNewSpaceAndCandidates >> (this=0x44b470) at ../src/mark-compact.cc:3411 >> #18 0x2aece720 in v8::internal::**MarkCompactCollector::**SweepSpaces >> (this=0x44b470) at ../src/mark-compact.cc:4103 >> #19 0x2aed27d4 in v8::internal::**MarkCompactCollector::**CollectGarbage >> (this=0x44b470) at ../src/mark-compact.cc:295 >> #20 0x2ad5b2bc in v8::internal::Heap::**MarkCompact (this=0x44a040, >> tracer=0x7fdc5cf0) at ../src/heap.cc:979 >> #21 0x2ad5b958 in v8::internal::Heap::**PerformGarbageCollection >> (this=0x44a040, collector=v8::internal::MARK_**COMPACTOR, >> tracer=0x7fdc5cf0) at ../src/heap.cc:862 >> #22 0x2ad5e0d0 in v8::internal::Heap::**CollectGarbage (this=0x44a040, >> space=v8::internal::OLD_**POINTER_SPACE, >> collector=v8::internal::MARK_**COMPACTOR, >> gc_reason=0x2b2bde34 "gc extension", >> collector_reason=0x2b2cc244 "GC in old space requested") at >> ../src/heap.cc:600 >> #23 0x2ac1f784 in v8::internal::Heap::**CollectGarbage (this=0x44a040, >> space=v8::internal::OLD_**POINTER_SPACE, gc_reason=0x2b2bde34 "gc >> extension") at ../src/heap-inl.h:440 >> #24 0x2ad5e934 in v8::internal::Heap::**CollectAllGarbage >> (this=0x44a040, flags=0, gc_reason=0x2b2bde34 "gc extension") at >> ../src/heap.cc:510 >> #25 0x2aca7c14 in v8::internal::GCExtension::GC (args=@0x7fdc5efc) at >> ../src/extensions/gc-**extension.cc:43 >> #26 0x2ac047f4 in HandleApiCallHelper<false> >> (args={<v8::internal::**Arguments> >> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ = >> 0x7fdc5fc4}, <No data fields>}, >> isolate=0x44a038) at ../src/builtins.cc:1145 >> #27 0x2ac049d0 in Builtin_Impl_HandleApiCall >> (args={<v8::internal::**Arguments> >> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ = >> 0x7fdc5fc4}, <No data fields>}, >> isolate=0x44a038) at ../src/builtins.cc:1162 >> #28 0x2ac04aac in Builtin_HandleApiCall (args={<v8::internal::**Arguments> >> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ = >> 0x7fdc5fc4}, <No data fields>}, >> isolate=0x44a038) at ../src/builtins.cc:1161 >> #29 0x5370a0b4 in ?? () >> >> (gdb) up 13 >> #13 0x2ab5971c in v8::internal::HeapObject::**SizeFromMap >> (this=0x49728af9, map=0x49728b51) at ../src/objects-inl.h:2875 >> 2875 ASSERT(instance_type == CODE_TYPE); >> Current language: auto; currently c++ >> >> (gdb) print instance_type >> $1 = 50 >> >> -- > v8-users mailing list > [email protected] > http://groups.google.com/group/v8-users > -- v8-users mailing list [email protected] http://groups.google.com/group/v8-users
