New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.
Starred by 1 user

Issue metadata

Status: Fixed
Owner:
Last visit > 30 days ago
Closed: Sep 2011
HW: ----
NextAction: ----
OS: ----
Priority: 0
Type: Bug



Sign in to add a comment
link

Issue 1710: NewGC: stepping- / debugging-related crashes in the test suite

Reported by wi...@igalia.com, Sep 21 2011 Project Member

Issue description

In bleeding_edge, I'm getting some crashes in the test suite:

=== release debug-step-stub-callfunction ===                                   
Path: mjsunit/debug-step-stub-callfunction
============ Stress 1/5 ============
Hello, world!
============ Stress 2/5 ============
Hello, world!
============ Stress 3/5 ============
Hello, world!
Command: /home/wingo/src/v8/d8 --stress-opt --always-opt --expose-debug-as debug /home/wingo/src/v8/test/mjsunit/mjsunit.js /home/wingo/src/v8/test/mjsunit/debug-step-stub-callfunction.js --test
--- CRASHED ---
=== release debug-stepin-accessor ===                          
Path: mjsunit/debug-stepin-accessor
Command: /home/wingo/src/v8/d8 --stress-opt --always-opt --expose-debug-as debug /home/wingo/src/v8/test/mjsunit/mjsunit.js /home/wingo/src/v8/test/mjsunit/debug-stepin-accessor.js --test
--- CRASHED ---
=== release debug-stepin-builtin ===                    
Path: mjsunit/debug-stepin-builtin
Command: /home/wingo/src/v8/d8 --stress-opt --always-opt --expose-debug-as debug /home/wingo/src/v8/test/mjsunit/mjsunit.js /home/wingo/src/v8/test/mjsunit/debug-stepin-builtin.js --test
--- CRASHED ---
=== release debug-stepnext-do-while ===                            
Path: mjsunit/debug-stepnext-do-while
Command: /home/wingo/src/v8/d8 --stress-opt --always-opt --expose-debug-as debug /home/wingo/src/v8/test/mjsunit/mjsunit.js /home/wingo/src/v8/test/mjsunit/debug-stepnext-do-while.js --test
--- CRASHED ---
=== release debug-stepout-to-builtin ===                            
Path: mjsunit/debug-stepout-to-builtin
Command: /home/wingo/src/v8/d8 --stress-opt --always-opt --expose-debug-as debug /home/wingo/src/v8/test/mjsunit/mjsunit.js /home/wingo/src/v8/test/mjsunit/debug-stepout-to-builtin.js --test
--- CRASHED ---
[18:26|% 100|+ 7717|-   5]: Done                                               

This is a release x64 build on GNU/Linux.
 

Comment 1 by wi...@igalia.com, Sep 21 2011

A backtrace for the stepin-builtin:


Starting program: /home/wingo/src/v8/d8 --stress-opt --always-opt --expose-debug-as debug /home/wingo/src/v8/test/mjsunit/mjsunit.js /home/wingo/src/v8/test/mjsunit/debug-stepin-builtin.js --test
[Thread debugging using libthread_db enabled]
============ Stress 1/5 ============
[New Thread 0x7ffff709a700 (LWP 10380)]
============ Stress 2/5 ============
============ Stress 3/5 ============
============ Stress 4/5 ============

Program received signal SIGSEGV, Segmentation fault.
0x00000000005d64e8 in v8::internal::HeapObjectIterator::next_object() ()
(gdb) bt
#0  0x00000000005d64e8 in v8::internal::HeapObjectIterator::next_object() ()
#1  0x00000000004af7a5 in v8::internal::HeapIterator::next() ()
#2  0x0000000000455f8d in v8::internal::Debug::PrepareForBreakPoints ()
#3  0x000000000045f704 in v8::internal::Debug::PrepareStep(v8::internal::StepAction, int) ()
#4  0x000000000059d17e in v8::internal::Runtime_PrepareStep(v8::internal::Arguments, v8::internal::Isolate*) ()
#5  0x00002e0dc0d04402 in ?? ()
#6  0x0000000000000002 in ?? ()
#7  0x00002e0dc0d04381 in ?? ()

Comment 2 by vegorov@chromium.org, Sep 21 2011

Labels: Type-Bug Priority-Critical NewGC
Owner: vegorov@chromium.org
Status: Assigned
Summary: NewGC: stepping- / debugging-related crashes in the test suite
Thanks for the report Andy.

bleeding_edge is currently highly unstable after merge of the new GC.

This particular problem should be (partially) fixed by http://codereview.chromium.org/7977004/

Comment 3 by wi...@igalia.com, Sep 21 2011

No prob, I'm just back from vacation and wanted to get in on the NewGC fun :)  I'll try again when that patch lands.

Comment 4 by vegorov@chromium.org, Sep 21 2011

Status: Fixed
I've landed the CL. Does it still crash for you?

Comment 5 by wi...@igalia.com, Sep 21 2011

It works now.  Thanks!

Comment 6 by hablich@chromium.org, Mar 23 2017

Labels: Priority-0

Sign in to add a comment