Done: https://bugs.chromium.org/p/v8/issues/detail?id=7923 thanks!
On Saturday, July 7, 2018 at 3:38:58 AM UTC-7, Jakob Gruber wrote: > > Even without a repro, could you open a bug? It's easier to loop in people > and discuss there. Thanks! > > On Sat, Jul 7, 2018 at 2:43 AM, Yvonne Chen <iyam...@gmail.com > <javascript:>> wrote: > >> Actually, not mprotect. madvise, in ReclaimInaccessibleMemory, with both >> MADV_FREE and MADV_DONTNEED calls failing, both with error code EINVAL. >> >> On Friday, July 6, 2018 at 4:44:00 PM UTC-7, Yvonne Chen wrote: >>> >>> Still unable to produce a standalone repo, but I've narrowed down the >>> issue - eventually, a call to mprotect fails with error code EINVAL, while >>> trying to create a pre-code guard page. >>> Probably means there's some system level configuration we have that's >>> not playing well with v8? >>> >>> On Thursday, July 5, 2018 at 3:27:48 PM UTC-7, Yvonne Chen wrote: >>>> >>>> It's the case where "if (allocation.To(&free_space))" is false. >>>> >>>> I'm currently unable to reproduce this outside of our main codebase >>>> into a standalone test file, but I'll file a bug if I manage to do so. >>>> >>>> On Wednesday, July 4, 2018 at 12:05:30 AM UTC-7, Jakob Gruber wrote: >>>>> >>>>> Could you check which 'perform_gc = true' case we reach? See >>>>> >>>>> >>>>> https://cs.chromium.org/chromium/src/v8/src/heap/heap.cc?l=1614&rcl=fe51067f43e7208d06977d5036726360a4539d7b >>>>> >>>>> Then please open a bug at http://crbug.com/v8/new. >>>>> >>>>> On Wed, Jul 4, 2018 at 12:18 AM, Yvonne Chen <iyam...@gmail.com> >>>>> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> I'm in the process of trying to upgrade from v8 6.0.186 to >>>>>> 6.7.288.46. In heap.cc, the latter now has a check for >>>>>> !deserialization_complete_ before throwing an OOM error. For some >>>>>> reason, >>>>>> my code can create one Isolate just fine, but if I try to create >>>>>> another, I >>>>>> run into the error. The comments in heap.cc suggest a low max old space >>>>>> size as a possible reason, but my code uses all defaults for heap >>>>>> initial >>>>>> values and everything worked fine on the previous v8 version, so that >>>>>> seems >>>>>> unlikely to be the culprit. What other possible cases could result in >>>>>> deserialization_complete_ being false at this point? Or maybe perform_gc >>>>>> is >>>>>> getting set when it's not supposed to be? >>>>>> >>>>>> Stack trace, not sure if it helps much though: >>>>>> >>>>>> <--- Last few GCs ---> >>>>>> >>>>>> >>>>>> <--- JS stacktrace ---> >>>>>> >>>>>> >>>>>> # >>>>>> # Fatal process OOM in insufficient memory to create an Isolate >>>>>> # >>>>>> >>>>>> >>>>>> Thread 12 "threadname" received signal SIGILL, Illegal instruction. >>>>>> [Switching to Thread 0x7ffff48eb700 (LWP 2646)] >>>>>> v8::base::OS::Abort () at >>>>>> ../../src/base/platform/platform-posix.cc:381 >>>>>> 381 V8_IMMEDIATE_CRASH(); >>>>>> (gdb) bt >>>>>> #0 v8::base::OS::Abort () at >>>>>> ../../src/base/platform/platform-posix.cc:381 >>>>>> #1 0x00000000007bb68a in v8::Utils::ReportOOMFailure () >>>>>> at ../../src/api.cc:432 >>>>>> #2 0x00000000007bb887 in v8::internal::V8::FatalProcessOutOfMemory () >>>>>> at ../../src/api.cc:400 >>>>>> #3 0x000000000097231c in v8::internal::Heap::ReserveSpace () >>>>>> at ../../src/heap/heap.cc:1611 >>>>>> #4 0x0000000000ee7914 in >>>>>> v8::internal::DefaultDeserializerAllocator::ReserveSpace () at >>>>>> ../../src/snapshot/default-deserializer-allocator.cc:177 >>>>>> #5 0x0000000000b87e93 in >>>>>> v8::internal::StartupDeserializer::DeserializeInto () >>>>>> at ../../src/snapshot/startup-deserializer.cc:21 >>>>>> #6 0x00000000009f8593 in v8::internal::Isolate::Init () >>>>>> at ../../src/isolate.cc:3068 >>>>>> #7 0x0000000000b87958 in v8::internal::Snapshot::Initialize () >>>>>> at ../../src/snapshot/snapshot-common.cc:54 >>>>>> #8 0x00000000007d1208 in v8::IsolateNewImpl () at >>>>>> ../../src/api.cc:8367 >>>>>> >>>>>> >>>>>> -- >> -- >> v8-users mailing list >> v8-u...@googlegroups.com <javascript:> >> http://groups.google.com/group/v8-users >> --- >> You received this message because you are subscribed to the Google Groups >> "v8-users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to v8-users+u...@googlegroups.com <javascript:>. >> For more options, visit https://groups.google.com/d/optout. >> > > -- -- v8-users mailing list v8-users@googlegroups.com http://groups.google.com/group/v8-users --- You received this message because you are subscribed to the Google Groups "v8-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to v8-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
