Stack trace of another thread that might be the culprit below.
The way the code works is I have a few files, all of which have a native
method to include, which can include other files into the global scope.
a.js:
include('b.js')
b.js:
include('c.js')
So you can see the nested v8::Script::Run calls, as we include a.js, we
execute the script, which triggers a native call to include, which compiles
another file b.js, and goes into Script::Run for that file, etc.
Stacktrace:
0 # NtWaitForAlertByThreadId in ntdll+0xa0f24
1 # RtlAcquireSRWLockExclusive in ntdll+0x29205
2 # v8::base::SharedMutex::LockExclusive in app+0x67c96f
3 #
`v8::internal::ParkedSharedMutexGuardIf<1,0>::ParkedSharedMutexGuardIf<1,0>'::`25'::<lambda_2>::operator()
in app+0xf89b29
4 #
v8::internal::LocalHeap::ParkAndExecuteCallback<`v8::internal::ParkedSharedMutexGuardIf<1,0>::ParkedSharedMutexGuardIf<1,0>'::`25'::<lambda_2>
> in app+0xf88858
5 #
`v8::internal::LocalHeap::ExecuteWhileParked<`v8::internal::ParkedSharedMutexGuardIf<1,0>::ParkedSharedMutexGuardIf<1,0>'::`25'::<lambda_2>
>'::`2'::<lambda_1>::operator() in app+0xf897d9
6 #
heap::base::Stack::SetMarkerAndCallbackImpl<`v8::internal::LocalHeap::ExecuteWhileParked<`v8::internal::ParkedSharedMutexGuardIf<1,0>::ParkedSharedMutexGuardIf<1,0>'::`25'::<lambda_2>
>'::`2'::<lambda_1> > in app+0xf88a2b
7 # PushAllRegistersAndIterateStack in app+0x104eb4d
8 # heap::base::Stack::TrampolineCallbackHelper in app+0x8dc837
9 #
heap::base::Stack::SetMarkerAndCallback<`v8::internal::LocalHeap::ExecuteWhileParked<`v8::internal::ParkedSharedMutexGuardIf<1,0>::ParkedSharedMutexGuardIf<1,0>'::`25'::<lambda_2>
>'::`2'::<lambda_1> > in app+0xf88964
10 #
v8::internal::LocalHeap::ExecuteWithStackMarker<`v8::internal::LocalHeap::ExecuteWhileParked<`v8::internal::ParkedSharedMutexGuardIf<1,0>::ParkedSharedMutexGuardIf<1,0>'::`25'::<lambda_2>
>'::`2'::<lambda_1> > in app+0xf87e8e
11 #
v8::internal::LocalHeap::ExecuteWhileParked<`v8::internal::ParkedSharedMutexGuardIf<1,0>::ParkedSharedMutexGuardIf<1,0>'::`25'::<lambda_2>
> in app+0xf87ce5
12 #
v8::internal::ParkedSharedMutexGuardIf<0,0>::ParkedSharedMutexGuardIf<0,0>
in app+0xf8926d
13 #
v8::internal::ParkedSharedMutexGuardIf<0,0>::ParkedSharedMutexGuardIf<0,0>
in app+0xf892ba
14 # v8::internal::MapUpdater::ReconfigureToDataField in app+0xf93add
15 # v8::internal::Map::Update in app+0x8f85c7
16 # v8::internal::Map::TransitionToDataProperty in app+0x8f6020
17 # v8::internal::LookupIterator::PrepareTransitionToDataProperty in
app+0xabcf05
18 # v8::internal::StoreIC::LookupForWrite in app+0x1e2c091
19 # v8::internal::StoreIC::UpdateCaches in app+0x1e3889d
20 # v8::internal::StoreIC::Store in app+0x1e34ca2
21 # v8::internal::MaybeObjectHandle::Weak in app+0x1e44cce
22 # v8::internal::Runtime_StoreIC_Miss in app+0x1e2edb4
23 # Builtins_CEntry_Return1_ArgvOnStack_NoBuiltinExit in app+0x1684185
<many jit frames>
45 # Builtins_InterpreterPushArgsThenFastConstructFunction in
app+0x12a87b0
46 # Builtins_InterpreterPushArgsThenFastConstructFunction in
app+0x12a87b0
47 # Builtins_ConstructHandler in app+0x1c8238d
48 # Builtins_InterpreterEntryTrampoline in app+0x12a7825
49 # Builtins_InterpreterEntryTrampoline in app+0x12a7825
50 # Builtins_InterpreterEntryTrampoline in app+0x12a7825
51 # Builtins_JSEntryTrampoline in app+0x129e860
52 # Builtins_JSEntry in app+0x129e3b7
53 # v8::internal::GeneratedCode<unsigned __int64,unsigned
__int64,unsigned __int64,unsigned __int64,unsigned __int64,__int64,unsigned
__int64 * __ptr64 * __ptr64>::Call in app+0x68dff5
54 # v8::internal::Isolate::IncrementJavascriptExecutionCounter in
app+0x68f8fc
55 # v8::internal::Execution::CallScript in app+0x68e4de
56 # v8::Script::Run in app+0x655458
57 # v8::Script::Run in app+0x655056
58 # Script::include at Script.cpp:566 (app+0x378392b)
59 # include_file at JSCore.cpp:225 (app+0x373b03b)
60 # func_caller at js32.cpp:136 (app+0x3734f8a)
61 # Builtins_CallApiCallbackGeneric in app+0x12ab99b
<many jit frames>
101 # Builtins_InterpreterEntryTrampoline in app+0x12a7825
102 # Builtins_InterpreterEntryTrampoline in app+0x12a7825
103 # Builtins_InterpreterEntryTrampoline in app+0x12a7825
104 # Builtins_JSEntryTrampoline in app+0x129e860
105 # Builtins_JSEntry in app+0x129e3b7
106 # v8::internal::GeneratedCode<unsigned __int64,unsigned
__int64,unsigned __int64,unsigned __int64,unsigned __int64,__int64,unsigned
__int64 * __ptr64 * __ptr64>::Call in app+0x68dff5
107 # v8::internal::Isolate::IncrementJavascriptExecutionCounter in
app+0x68f8fc
108 # v8::internal::Execution::CallScript in app+0x68e4de
109 # v8::Script::Run in app+0x655458
110 # v8::Script::Run in app+0x655056
111 # Script::include at Script.cpp:566 (app+0x378392b)
112 # include_file at JSCore.cpp:225 (app+0x373b03b)
113 # func_caller at js32.cpp:136 (app+0x3734f8a)
114 # Builtins_CallApiCallbackGeneric in app+0x12ab99b
<many jit frames>
154 # Builtins_InterpreterEntryTrampoline in app+0x12a7825
155 # Builtins_InterpreterEntryTrampoline in app+0x12a7825
156 # Builtins_JSEntryTrampoline in app+0x129e860
157 # Builtins_JSEntry in app+0x129e3b7
158 # v8::internal::GeneratedCode<unsigned __int64,unsigned
__int64,unsigned __int64,unsigned __int64,unsigned __int64,__int64,unsigned
__int64 * __ptr64 * __ptr64>::Call in app+0x68dff5
159 # v8::internal::Isolate::IncrementJavascriptExecutionCounter in
app+0x68f8fc
160 # v8::internal::Execution::CallScript in app+0x68e4de
161 # v8::Script::Run in app+0x655458
162 # v8::Script::Run in app+0x655056
163 # Script::include at Script.cpp:566 (app+0x378392b)
164 # include_file at JSCore.cpp:225 (app+0x373b03b)
165 # func_caller at js32.cpp:136 (app+0x3734f8a)
166 # Builtins_CallApiCallbackGeneric in app+0x12ab99b
167 # Builtins_InterpreterEntryTrampoline in app+0x12a7825
168 # Builtins_JSEntryTrampoline in app+0x129e860
169 # Builtins_JSEntry in app+0x129e3b7
170 # v8::internal::GeneratedCode<unsigned __int64,unsigned
__int64,unsigned __int64,unsigned __int64,unsigned __int64,__int64,unsigned
__int64 * __ptr64 * __ptr64>::Call in app+0x68dff5
171 # v8::internal::Isolate::IncrementJavascriptExecutionCounter in
app+0x68f8fc
172 # v8::internal::Execution::CallScript in app+0x68e4de
173 # v8::Script::Run in app+0x655458
174 # v8::Script::Run in app+0x655056
175 # Script::run at Script.cpp:409 (app+0x378081f)
176 # script_thread at Script.cpp:747 (app+0x378460d)
177 # BaseThreadInitThunk in KERNEL32+0x17374
178 # RtlUserThreadStart in ntdll+0x4cc91
On Tuesday, 24 June 2025 at 22:45:00 UTC+1 jmr wrote:
> Hi,
>
> I'm embedding a statically linked v8 into my msvc dll, which is then
> loaded as a plugin in another application.
> While running under debug mode I noticed the following assertion failure:
>
> C:\Program Files\Microsoft Visual
> Studio\2022\Community\VC\Tools\MSVC\14.43.34808\include\vector(280) :
> Assertion failed: can't dereference out of range vector iterator
>
> coming from:
> ...
>
> 3 # `DllMain'::`5'::<lambda_1>::operator() at dllmain.cpp:598
> (app+0x371a7cd)
> 4 # `DllMain'::`5'::<lambda_1>::<lambda_invoker_cdecl> at
> dllmain.cpp:614 (app+0x371a668)
> 5 # _VCrtDbgReportA at dbgrptt.cpp:391 (app+0x361df8f)
> 6 # _CrtDbgReport at dbgrpt.cpp:263 (app+0x35ee779)
> 7 #
> std::_Vector_iterator<std::_Vector_val<std::_Simple_types<std::pair<int,v8::internal::Tagged<v8::internal::HeapObject>
>
> > > > >::operator-> in app+0x92054c
> 8 # v8::MemorySpan<v8::internal::Handle<v8::internal::Map>
> >::to_address<std::_Vector_iterator<std::_Vector_val<std::_Simple_types<v8::internal::Handle<v8::internal::Map>
> >
> > > >,void> in app+0x10e5643
> 9 # v8::MemorySpan<v8::internal::Handle<v8::internal::Map>
> >::MemorySpan<v8::internal::Handle<v8::internal::Map>
> ><std::_Vector_iterator<std::_Vector_val<std::_Simple_types<v8::internal::Handle<v8::internal::Map>
> >
> > > >,1> in app+0x10e50c4
> 10 #
> v8::internal::compiler::JSHeapBroker::ProcessFeedbackMapsForElementAccess
> in app+0x251e77a
> 11 # v8::internal::compiler::JSHeapBroker::ReadFeedbackForPropertyAccess
> in app+0x2520011
> 12 # v8::internal::compiler::JSHeapBroker::GetFeedbackForPropertyAccess
> in app+0x251af78
> 13 # v8::internal::maglev::MaglevGraphBuilder::VisitStaInArrayLiteral in
> app+0x2862834
> 14 # v8::internal::maglev::MaglevGraphBuilder::VisitSingleBytecode in
> app+0x2343e8f
> 15 # v8::internal::maglev::MaglevGraphBuilder::BuildBody in app+0x230b567
> 16 # v8::internal::maglev::MaglevGraphBuilder::Build in app+0x230b385
> 17 # v8::internal::maglev::MaglevCompiler::Compile in app+0x230bd91
> 18 # v8::internal::maglev::MaglevCompilationJob::ExecuteJobImpl in
> app+0xfe89b8
> 19 # v8::internal::OptimizedCompilationJob::ExecuteJob in app+0xb0583b
> 20 # v8::internal::maglev::MaglevConcurrentDispatcher::JobTask::Run in
> app+0xfe9c23
> 21 # v8::platform::DefaultJobWorker::Run in app+0xd2a949
> 22 # v8::platform::DefaultWorkerThreadsTaskRunner::WorkerThread::Run in
> app+0xd2b1c2
> 23 # v8::base::Thread::NotifyStartedAndRun in app+0x681104
> 24 # v8::base::OS::StrNCpy in app+0x681e4d
> 25 # thread_start<unsigned int (__cdecl*)(void *),1> at thread.cpp:97
> (app+0x3622e45)
> 26 # BaseThreadInitThunk in KERNEL32+0x17374
> 27 # RtlUserThreadStart in ntdll+0x4cc91
> ```
>
> Sadly none of this looks like my code, hence I'm lost as to why this is
> happening.
>
> The reason I'm running a debug build is trying to find a heap corruption
> that has been happening, potentially somewhere in my code, and I wonder if
> this could be related.
>
> My application has an isolate per thread, I'm not using lockers (as in
> theory each isolate is single threaded), and any time data flows between
> threads it's done via ValueSerializer.
>
> Sadly this is version 12.9.202, as that is the last version that supports
> MSVC.
>
> Any advice as to what I'm doing wrong would be helpful, or how to approach
> debugging this.
>
> Sadly the debugging situation is dire, the application that I'm loading my
> plugin in, cannot be debugged due to protections and I'm mostly constrained
> to printf, and various hooks that CRT provides.
>
> Thanks,
> Audrius.
>
--
--
v8-users mailing list
v8-users@googlegroups.com
http://groups.google.com/group/v8-users
---
You received this message because you are subscribed to the Google Groups
"v8-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to v8-users+unsubscr...@googlegroups.com.
To view this discussion visit
https://groups.google.com/d/msgid/v8-users/e62aea95-0a18-40be-a596-aaeceef6c1f7n%40googlegroups.com.
