Thanks Paul, Yang turns to be absolutely right -- it turned out that it is not a GC fault. I just found and fixed a bug in a stub that created an object with an incorrect property layout.
The modifications in my branch enable support for big-endian MIPS platforms. I'm going to create a pull request for your repo tomorrow. Thank you again, --Evgeny On Saturday, July 28, 2012 1:30:59 AM UTC+7, paul lind wrote: > > Hi Evgeny - > > I'm one of the maintainers of the mips port, and as Yang mentioned, we're > the ones who can help you with bugs there. > > My testing shows that our test boards are working fine at the rev you > pulled, including the regress-84234.js test you mentioned below. > > I suggest that you do file a bug at our issues system: > https://github.com/paul99/v8m-rb > > Please include as much detailed info as possible about your target > platform. That would include cpu core type, if it has an fpu, name of > product/SoC used, amount of memory, etc. You can get a lot from > /proc/cpuinfo and /proc/meminfo. > > Also, it sounds like you've made some of your own changes to the code. > Please let us know the high-level intent of these changes, as well as the > code itself, if that is possible. > > Thanks Yang and Jakob for responding! > > thanks, > > paul > > PS, Jakob is right that we are often a bit behind, as we port changes and > get them submitted and landed. The github rev you pulled is a few days > behind Google's current code, but it is building and running fine. I show > that the current Google head of tree (r 12214) is also building fine for > mips, although with a few test timeouts on the builder. (these tests are > passing given longer timeouts) > > > On Jul 27, 2012, at 8:41 AM, Evgeny Baskakov wrote: > > > Thank you guys for the information. > > --Evgeny > > > On Friday, July 27, 2012 4:02:08 PM UTC+7, Jakob Kummerow wrote: >> >> In addition to what Yang said, here are a few more points: >> >> - When the GC hits an ASSERT, 99% of the time it's not a bug in the >> GC, but rather the GC stumbling over a broken object while it's >> inspecting >> the heap's content. Are you messing with maps or objects in any way? >> - I don't know what state the MIPS port is in currently; it tends to >> lag behind the other architectures by a few hours to a few days and is >> sometimes broken when changes have not been ported yet. You should try to >> repro the failure with the unmodified MIPS branch. If that doesn't run on >> your device, try running it in the built-in simulator (just "make mips" >> on >> a Linux workstation with your regular (non-cross-) compiler). Trying to >> repro in the simulator is probably a good idea even with your local >> modifications. >> - You can also try to find another revision that works (especially if >> you know that it worked before). Once you have a good and a bad revision, >> you can "git bisect" the range in between to find out what broke it. >> - If you can reproduce the problem on either of ia32, x64, or arm, >> please file a bug and we'll look into it. >> >> Good luck! >> >> >> On Fri, Jul 27, 2012 at 10:44 AM, Yang Guo <[email protected]> wrote: >> >>> While the V8 team accepts upstream patches from the team that develops >>> the MIPS port for V8, we do not maintain it ourselves. Please file an issue >>> to https://github.com/paul99/v8m-**rb <https://github.com/paul99/v8m-rb> >>> >>> Yang >>> >>> >>> On Friday, July 27, 2012 6:05:26 AM UTC+2, Evgeny Baskakov wrote: >>>> >>>> Hi guys, >>>> >>>> I'm experiencing severe GC crashes on some rare MIPS devices. The V8 >>>> code is taken from >>>> https://github.com/paul99/v8m-**rb<https://github.com/paul99/v8m-rb>, >>>> commit **c2e35dc507b4562ce666a48cb7a266**33f9d7fdaf (plus some >>>> modifications for the specific device). >>>> >>>> The crashing command line is >>>> >>>> # /bin/d8 --nocrankshaft --expose-gc --noopt /bin/mjsunit/mjsunit.js >>>> /bin/mjsunit/regress/regress-**84234.js --test >>>> >>>> Can someone give some hints to what to look at first? >>>> >>>> Here are the gdb callstacks: >>>> >>>> Program received signal SIGSEGV, Segmentation fault. >>>> 0x2ab4fd5c in v8::internal::Map::instance_**size (this=0x166) at >>>> ../src/objects-inl.h:2833 >>>> 2833 return READ_BYTE_FIELD(this, kInstanceSizeOffset) << >>>> kPointerSizeLog2; >>>> (gdb) bt >>>> #0 0x2ab4fd5c in v8::internal::Map::instance_**size (this=0x166) at >>>> ../src/objects-inl.h:2833 >>>> #1 0x2ab5952c in v8::internal::HeapObject::**SizeFromMap >>>> (this=0x40728b3d, map=0x166) at ../src/objects-inl.h:2848 >>>> #2 0x2ab597a4 in v8::internal::HeapObject::Size (this=0x40728b3d) at >>>> ../src/objects-inl.h:1181 >>>> #3 0x2aeda718 in v8::internal::**SemiSpaceIterator::Next >>>> (this=0x7fe1bfec) at ../src/spaces.h:2006 >>>> #4 0x2aecd4e4 in v8::internal::**MarkCompactCollector::**EvacuateNewSpace >>>> (this=0x44b470) at ../src/mark-compact.cc:3004 >>>> #5 0x2aecd63c in >>>> v8::internal::**MarkCompactCollector::**EvacuateNewSpaceAndCandidates >>>> (this=0x44b470) at ../src/mark-compact.cc:3411 >>>> #6 0x2aece720 in v8::internal::**MarkCompactCollector::**SweepSpaces >>>> (this=0x44b470) at ../src/mark-compact.cc:4103 >>>> #7 0x2aed27d4 in v8::internal::**MarkCompactCollector::**CollectGarbage >>>> (this=0x44b470) at ../src/mark-compact.cc:295 >>>> #8 0x2ad5b2bc in v8::internal::Heap::**MarkCompact (this=0x44a040, >>>> tracer=0x7fe1c2c0) at ../src/heap.cc:979 >>>> #9 0x2ad5b958 in v8::internal::Heap::**PerformGarbageCollection >>>> (this=0x44a040, collector=v8::internal::MARK_**COMPACTOR, >>>> tracer=0x7fe1c2c0) at ../src/heap.cc:862 >>>> #10 0x2ad5e0d0 in v8::internal::Heap::**CollectGarbage (this=0x44a040, >>>> space=v8::internal::OLD_**POINTER_SPACE, collector=v8::internal::MARK_* >>>> *COMPACTOR, gc_reason=0x2b2bde34 "gc extension", >>>> collector_reason=0x2b2cc244 "GC in old space requested") at >>>> ../src/heap.cc:600 >>>> #11 0x2ac1f784 in v8::internal::Heap::**CollectGarbage (this=0x44a040, >>>> space=v8::internal::OLD_**POINTER_SPACE, gc_reason=0x2b2bde34 "gc >>>> extension") at ../src/heap-inl.h:440 >>>> #12 0x2ad5e934 in v8::internal::Heap::**CollectAllGarbage >>>> (this=0x44a040, flags=0, gc_reason=0x2b2bde34 "gc extension") at >>>> ../src/heap.cc:510 >>>> #13 0x2aca7c14 in v8::internal::GCExtension::GC (args=@0x7fe1c4cc) at >>>> ../src/extensions/gc-**extension.cc:43 >>>> #14 0x2ac047f4 in HandleApiCallHelper<false> >>>> (args={<v8::internal::**Arguments> >>>> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ >>>> = >>>> 0x7fe1c594}, <No data fields>}, >>>> isolate=0x44a038) at ../src/builtins.cc:1145 >>>> #15 0x2ac049d0 in Builtin_Impl_HandleApiCall >>>> (args={<v8::internal::**Arguments> >>>> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ >>>> = >>>> 0x7fe1c594}, <No data fields>}, >>>> isolate=0x44a038) at ../src/builtins.cc:1162 >>>> #16 0x2ac04aac in Builtin_HandleApiCall (args={<v8::internal::**Arguments> >>>> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ >>>> = >>>> 0x7fe1c594}, <No data fields>}, >>>> isolate=0x44a038) at ../src/builtins.cc:1161 >>>> #17 0x3f60a0b4 in ?? () >>>> >>>> (gdb) print this >>>> $1 = (class v8::internal::Map * const) 0x166 >>>> >>>> >>>> Another one, with similar call stack: >>>> >>>> #12 0x2ac10918 in V8_Fatal (file=0x2b2a7730 "../src/objects-inl.h", >>>> line=2875, format=0x2b2a7748 "CHECK(%s) failed") at ../src/checks.cc:55 >>>> #13 0x2ab5971c in v8::internal::HeapObject::**SizeFromMap >>>> (this=0x49728af9, map=0x49728b51) at ../src/objects-inl.h:2875 >>>> #14 0x2ab597a4 in v8::internal::HeapObject::Size (this=0x49728af9) at >>>> ../src/objects-inl.h:1181 >>>> #15 0x2aeda718 in v8::internal::**SemiSpaceIterator::Next >>>> (this=0x7fdc5a1c) at ../src/spaces.h:2006 >>>> #16 0x2aecd4e4 in v8::internal::**MarkCompactCollector::**EvacuateNewSpace >>>> (this=0x44b470) at ../src/mark-compact.cc:3004 >>>> #17 0x2aecd63c in >>>> v8::internal::**MarkCompactCollector::**EvacuateNewSpaceAndCandidates >>>> (this=0x44b470) at ../src/mark-compact.cc:3411 >>>> #18 0x2aece720 in v8::internal::**MarkCompactCollector::**SweepSpaces >>>> (this=0x44b470) at ../src/mark-compact.cc:4103 >>>> #19 0x2aed27d4 in v8::internal::**MarkCompactCollector::**CollectGarbage >>>> (this=0x44b470) at ../src/mark-compact.cc:295 >>>> #20 0x2ad5b2bc in v8::internal::Heap::**MarkCompact (this=0x44a040, >>>> tracer=0x7fdc5cf0) at ../src/heap.cc:979 >>>> #21 0x2ad5b958 in v8::internal::Heap::**PerformGarbageCollection >>>> (this=0x44a040, collector=v8::internal::MARK_**COMPACTOR, >>>> tracer=0x7fdc5cf0) at ../src/heap.cc:862 >>>> #22 0x2ad5e0d0 in v8::internal::Heap::**CollectGarbage (this=0x44a040, >>>> space=v8::internal::OLD_**POINTER_SPACE, collector=v8::internal::MARK_* >>>> *COMPACTOR, gc_reason=0x2b2bde34 "gc extension", >>>> collector_reason=0x2b2cc244 "GC in old space requested") at >>>> ../src/heap.cc:600 >>>> #23 0x2ac1f784 in v8::internal::Heap::**CollectGarbage (this=0x44a040, >>>> space=v8::internal::OLD_**POINTER_SPACE, gc_reason=0x2b2bde34 "gc >>>> extension") at ../src/heap-inl.h:440 >>>> #24 0x2ad5e934 in v8::internal::Heap::**CollectAllGarbage >>>> (this=0x44a040, flags=0, gc_reason=0x2b2bde34 "gc extension") at >>>> ../src/heap.cc:510 >>>> #25 0x2aca7c14 in v8::internal::GCExtension::GC (args=@0x7fdc5efc) at >>>> ../src/extensions/gc-**extension.cc:43 >>>> #26 0x2ac047f4 in HandleApiCallHelper<false> >>>> (args={<v8::internal::**Arguments> >>>> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ >>>> = >>>> 0x7fdc5fc4}, <No data fields>}, >>>> isolate=0x44a038) at ../src/builtins.cc:1145 >>>> #27 0x2ac049d0 in Builtin_Impl_HandleApiCall >>>> (args={<v8::internal::**Arguments> >>>> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ >>>> = >>>> 0x7fdc5fc4}, <No data fields>}, >>>> isolate=0x44a038) at ../src/builtins.cc:1162 >>>> #28 0x2ac04aac in Builtin_HandleApiCall (args={<v8::internal::**Arguments> >>>> = {<v8::internal::Embedded> = {<No data fields>}, length_ = 2, arguments_ >>>> = >>>> 0x7fdc5fc4}, <No data fields>}, >>>> isolate=0x44a038) at ../src/builtins.cc:1161 >>>> #29 0x5370a0b4 in ?? () >>>> >>>> (gdb) up 13 >>>> #13 0x2ab5971c in v8::internal::HeapObject::**SizeFromMap >>>> (this=0x49728af9, map=0x49728b51) at ../src/objects-inl.h:2875 >>>> 2875 ASSERT(instance_type == CODE_TYPE); >>>> Current language: auto; currently c++ >>>> >>>> (gdb) print instance_type >>>> $1 = 50 >>>> >>>> >>> -- >>> v8-users mailing list >>> [email protected] >>> http://groups.google.com/group/v8-users >>> >> >> >> > -- > v8-users mailing list > [email protected] > http://groups.google.com/group/v8-users > > > -- v8-users mailing list [email protected] http://groups.google.com/group/v8-users
