Pointer compression on V8 7.8?

Matheus Marchini

unread,

Feb 20, 2020, 3:25:13 PM2/20/20

to v8-dev

As part of https://github.com/nodejs/TSC/issues/790, I'm looking into the performance impact (positive or negative) of pointer compressions on Node.js micro-services at Netflix. My goal is to share results of this analysis with Node.js TSC so they can take an informed decision on the future of pointer compression builds on Node.js, as well as sharing these results with the V8 team.

Netflix follows Node.js LTS schedule, which means we are on Node.js v12 now. I'm trying to build Node.js v12 with pointer compression enabled, but the resulting binary is segfaulting. The latest V8 version on Node.js 12 is 7.8.279.23. Building Node.js v13 (V8 7.9.317) works, but it's unlikely I'll be able to use this version for testing.

This is the stack I'm getting on a release build:

(lldb) bt
* thread #1, name = 'node', stop reason = signal SIGSEGV: invalid address (fault address: 0x0)
  * frame #0: 0x0000555555c784b5 node`node::binding::GetInternalBinding(v8::FunctionCallbackInfo<v8::Value> const&) + 53
    frame #1: 0x0000555555eaae86 node`v8::internal::FunctionCallbackArguments::Call(v8::internal::CallHandlerInfo) + 406
    frame #2: 0x0000555555eab263 node`v8::internal::MaybeHandle<v8::internal::Object> v8::internal::(anonymous namespace)::HandleApiCallHelper<false>(v8::internal::Isolate*, v8::internal::Handle<v8::internal::HeapObject>, v8::internal::Handle<v8::internal::HeapObject>, v8::internal::Handle<v8::internal::FunctionTemplateInfo>, v8::internal::Handle<v8::internal::Object>, v8::internal::BuiltinArguments) + 227
    frame #3: 0x0000555555eabcd2 node`v8::internal::Builtin_Impl_HandleApiCall(v8::internal::BuiltinArguments, v8::internal::Isolate*) + 354
    frame #4: 0x0000555555eac64a node`v8::internal::Builtin_HandleApiCall(int, unsigned long*, v8::internal::Isolate*) + 26
    frame #5: 0x0000555556753418 node`Builtins_CEntry_Return1_DontSaveFPRegs_ArgvOnStack_BuiltinExit at base.tq:3418
    frame #6: 0x00005555566cc728 node`Builtins_InterpreterEntryTrampoline at base.tq:357
    frame #7: 0x00005555566cc728 node`Builtins_InterpreterEntryTrampoline at base.tq:357
    frame #8: 0x00005555566c995d node`Builtins_JSEntryTrampoline at base.tq:357
    frame #9: 0x00005555566c9738 node`Builtins_JSEntry at base.tq:357
    frame #10: 0x0000555555f91263 node`v8::internal::(anonymous namespace)::Invoke(v8::internal::Isolate*, v8::internal::(anonymous namespace)::InvokeParams const&) + 435
    frame #11: 0x0000555555f91860 node`v8::internal::Execution::Call(v8::internal::Isolate*, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>, int, v8::internal::Handle<v8::internal::Object>*) + 112
    frame #12: 0x0000555555e5382e node`v8::Function::Call(v8::Local<v8::Context>, v8::Local<v8::Value>, int, v8::Local<v8::Value>*) + 334
    frame #13: 0x0000555555c6f017 node`node::ExecuteBootstrapper(node::Environment*, char const*, std::vector<v8::Local<v8::String>, std::allocator<v8::Local<v8::String> > >*, std::vector<v8::Local<v8::Value>, std::allocator<v8::Local<v8::Value> > >*) + 135
    frame #14: 0x0000555555c6f628 node`node::Environment::BootstrapInternalLoaders() + 520
    frame #15: 0x0000555555c6fc1b node`node::Environment::RunBootstrapping() + 75
    frame #16: 0x0000555555cf1418 node`node::NodeMainInstance::CreateMainEnvironment(int*) + 728
    frame #17: 0x0000555555cf14d3 node`node::NodeMainInstance::Run() + 131
    frame #18: 0x0000555555c72bba node`node::Start(int, char**) + 474
    frame #19: 0x00007ffff7a651e3 libc.so.6`__libc_start_main(main=(node`main), argc=1, argv=0x00007fffffffde48, init=<unavailable>, fini=<unavailable>, rtld_fini=<unavailable>, stack_end=0x00007fffffffde38) at libc-start.c:308
    frame #20: 0x0000555555bfb76e node`_start + 46

Interestingly enough, a debug build kinda works. It doesn't crash, but it hangs on most programs I tried, except some extremely simple ones.

Should V8 7.8 work with pointer compression enabled? I'm setting v8_enable_pointer_compression to true, and I tried with v8_enable_31bit_smis_on_64bit_arch set to true and false (same result in both cases).

clearsc...@gmail.com

unread,

Feb 20, 2020, 3:53:46 PM2/20/20

to v8-dev

One thing to check for is that the embedder (Node.js) #defines V8_COMPRESS_POINTERS before #including any of V8's public headers.

Matheus Marchini

unread,

Feb 20, 2020, 10:06:46 PM2/20/20

to v8-dev

Ah, yes, that was it. It's working now, thanks!

Hannes Payer

unread,

Feb 21, 2020, 2:43:27 AM2/21/20

to v8-dev, Igor Sheludko, Santiago Aboy Solanes

We shipped pointer compression in 8.0. 7.8 may contain a couple of bugs. WDYT +Igor Sheludko +Santiago Aboy Solanes?

--
--
v8-dev mailing list
v8-...@googlegroups.com
http://groups.google.com/group/v8-dev
---
You received this message because you are subscribed to the Google Groups "v8-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to v8-dev+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/2e8fde9d-c12d-40ec-afae-516f410fecb1%40googlegroups.com.

--

Hannes Payer |

V8 |

Google Germany GmbH |

Erika-Mann Str. 33, 80636 München

Registergericht und -nummer: Hamburg, HRB 86891 | Sitz der Gesellschaft: Hamburg | Geschäftsführer: Matthew Scott Sucherman, Paul Terence Manicle

Igor Sheludko

unread,

Feb 21, 2020, 4:34:18 AM2/21/20

to Hannes Payer, v8-dev, Santiago Aboy Solanes

clearscriptlib@, thanks! We are planning to address this issue.

V8 7.8 uses old slow compression scheme and it doesn't have a good test coverage, 7.9 should be faster but it does not support typed arrays bigger than 1Gb and still has bugs.

So, as Hannes said I'd definitely recommend using 8.0 and newer versions.

--

Igor Sheludko

Software Engineer

ish...@google.com

Google Germany GmbH

Erika-Mann-Str. 33

80636 München

Geschäftsführer: Paul Manicle, Halimah DeLaine Prado

Registergericht und -nummer: Hamburg, HRB 86891

Sitz der Gesellschaft: Hamburg

Diese E-Mail ist vertraulich. Falls sie diese fälschlicherweise erhalten haben sollten, leiten Sie diese bitte nicht an jemand anderes weiter, löschen Sie alle Kopien und Anhänge davon und lassen Sie mich bitte wissen, dass die E-Mail an die falsche Person gesendet wurde.

This e-mail is confidential. If you received this communication by mistake, please don't forward it to anyone else, please erase all copies and attachments, and please let me know that it has gone to the wrong person.

Matheus Marchini

unread,

Feb 21, 2020, 1:02:01 PM2/21/20

to v8-...@googlegroups.com, Hannes Payer, Santiago Aboy Solanes

Thank you for the context. Netflix follows Node.js LTS releases, which means we are on v12 (V8 7.8), so any performance testing we do today will have to be on 7.8. We won't be able to test with V8 8.0+ before October, when the next LTS is released. We'll evaluate if it's worth running these tests now.

When you say bugs, is it a crashing issue, or issues where the wrong object might be accessed?

To view this discussion on the web visit https://groups.google.com/d/msgid/v8-dev/CAOAEZ4P3MGL%2B6DezZM2_fhgpUgprzxX20kvVc0V8B4VGqXEEBQ%40mail.gmail.com.

Reply all

Reply to author

Forward