Debugging mksnapshot bus error
75 views
Skip to first unread message
Matt Henkes
May 17, 2023, 3:29:31 PM5/17/23
to v8-users
Hi all, I'm looking into a mksnapshot bus error which i have logged here: https://bugs.chromium.org/p/v8/issues/detail?id=14007
I've been able to identify the commit that introduced the bug: https://chromium.googlesource.com/v8/v8.git/+/91637c25fcdb199526a7060ceca858aeef16bd3d
But i could really use some advice debugging the issue. What I'd really like is to get a callstack from when the error is throw, but I haven't been successful thus far. I'm building v8 in debug mode and have tried the `--logAll` and `--trace` flags. The logfile doesn't seem to contain anything readable the trace also seems to stop somewhere random, inside the parser map? mksnapshot really has a ton of flags and it's hard to know exactly which ones i should use.
Is it possible to run mksnapshot through a debugger? I haven't been able to find much with my google searches, but i have to assume you can.
I'm new to v8 develop and would appreciate any help.
I've been able to identify the commit that introduced the bug: https://chromium.googlesource.com/v8/v8.git/+/91637c25fcdb199526a7060ceca858aeef16bd3d
But i could really use some advice debugging the issue. What I'd really like is to get a callstack from when the error is throw, but I haven't been successful thus far. I'm building v8 in debug mode and have tried the `--logAll` and `--trace` flags. The logfile doesn't seem to contain anything readable the trace also seems to stop somewhere random, inside the parser map? mksnapshot really has a ton of flags and it's hard to know exactly which ones i should use.
Is it possible to run mksnapshot through a debugger? I haven't been able to find much with my google searches, but i have to assume you can.
I'm new to v8 develop and would appreciate any help.
Ben Noordhuis
May 18, 2023, 4:40:45 AM5/18/23
to v8-u...@googlegroups.com
same command line arguments that the build scripts do. See the
run_mksnapshot template in BUILD.gn.
You should be able to find the exact stanza in
out/x64.release/toolchain.ninja - it'll be something like "mksnapshot
--turbo_instruction_scheduling --target_os=linux --target_arch=x64"
etc.
Matt Henkes
May 19, 2023, 8:25:14 AM5/19/23
to v8-users
Thanks for the tip!
With your help i was able to run mksnapshot through the debugger. Here's my vsCode launch.json file for anyone who comes along after me.
```
With your help i was able to run mksnapshot through the debugger. Here's my vsCode launch.json file for anyone who comes along after me.
```
{
// Use IntelliSense to learn about possible attributes.
// Hover to view descriptions of existing attributes.
// For more information, visit: https://go.microsoft.com/fwlink/?linkid=830387
"version": "0.2.0",
"configurations": [
{
"name": "(lldb) Launch mksnapshot",
"type": "cppdbg",
"request": "launch",
"program": "${workspaceFolder}/out/x64.debug/mksnapshot",
"args": [
"${workspaceFolder}/snapshot.js",
"--turbo_instruction_scheduling",
"--target_os=mac",
"--target_arch=x64",
"--embedded_src",
"${workspaceFolder}/out/x64.debug/gen/embedded.S",
"--turbo-profiling-input",
"${workspaceFolder}/tools/builtins-pgo/x64.profile",
"--embedded_variant",
"Default",
"--random-seed",
"314159265",
"--startup_blob",
"snapshot_blob.bin",
"--no-native-code-counters",
"--verify-heap"
],
"stopAtEntry": false,
"cwd": "${fileDirname}",
"environment": [],
"externalConsole": false,
"MIMode": "lldb",
"sourceFileMap": { "../../": "${workspaceFolder}" }
}
]
}
```
I was able to get a callstack at the crash, I'm not sure if it helps, but i'm poking further into it.
[Unknown/Just-In-Time compiled code] (Unknown Source:0)
mksnapshot!v8::internal::GeneratedCode<unsigned long, unsigned long, unsigned long, unsigned long, unsigned long, long, unsigned long**>::Call(unsigned long, unsigned long, unsigned long, unsigned long, long, unsigned long**) (/Users/matthenkes/Source/v8-build/v8/src/execution/simulator.h:157)
mksnapshot!v8::internal::(anonymous namespace)::Invoke(v8::internal::Isolate*, v8::internal::(anonymous namespace)::InvokeParams const&) (/Users/matthenkes/Source/v8-build/v8/src/execution/execution.cc:426)
mksnapshot!v8::internal::Execution::CallScript(v8::internal::Isolate*, v8::internal::Handle<v8::internal::JSFunction>, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>) (/Users/matthenkes/Source/v8-build/v8/src/execution/execution.cc:537)
mksnapshot!v8::Script::Run(v8::Local<v8::Context>, v8::Local<v8::Data>) (/Users/matthenkes/Source/v8-build/v8/src/api/api.cc:2112)
mksnapshot!v8::Script::Run(v8::Local<v8::Context>) (/Users/matthenkes/Source/v8-build/v8/src/api/api.cc:2040)
mksnapshot!v8::internal::(anonymous namespace)::RunExtraCode(v8::Isolate*, v8::Local<v8::Context>, char const*, char const*) (/Users/matthenkes/Source/v8-build/v8/src/snapshot/snapshot.cc:736)
mksnapshot!v8::internal::CreateSnapshotDataBlobInternal(v8::SnapshotCreator::FunctionCodeHandling, char const*, v8::Isolate*) (/Users/matthenkes/Source/v8-build/v8/src/snapshot/snapshot.cc:755)
mksnapshot!(anonymous namespace)::CreateSnapshotDataBlob(v8::Isolate*, char const*) (/Users/matthenkes/Source/v8-build/v8/src/snapshot/mksnapshot.cc:160)
mksnapshot!main (/Users/matthenkes/Source/v8-build/v8/src/snapshot/mksnapshot.cc:286)
dyld!start (Unknown Source:0)
In the debugger i am using, lldb, the variables at the time of the crash aren't very useful. They just numbers and addresses when i'd expect them to be an array. (I'm currently a JS dev and haven't looked at C++ in 20 years, so my expectations might be off lol). Anyone know if variables would be more readable if i used GDB instead of LLDB?
I was able to get a callstack at the crash, I'm not sure if it helps, but i'm poking further into it.
[Unknown/Just-In-Time compiled code] (Unknown Source:0)
mksnapshot!v8::internal::GeneratedCode<unsigned long, unsigned long, unsigned long, unsigned long, unsigned long, long, unsigned long**>::Call(unsigned long, unsigned long, unsigned long, unsigned long, long, unsigned long**) (/Users/matthenkes/Source/v8-build/v8/src/execution/simulator.h:157)
mksnapshot!v8::internal::(anonymous namespace)::Invoke(v8::internal::Isolate*, v8::internal::(anonymous namespace)::InvokeParams const&) (/Users/matthenkes/Source/v8-build/v8/src/execution/execution.cc:426)
mksnapshot!v8::internal::Execution::CallScript(v8::internal::Isolate*, v8::internal::Handle<v8::internal::JSFunction>, v8::internal::Handle<v8::internal::Object>, v8::internal::Handle<v8::internal::Object>) (/Users/matthenkes/Source/v8-build/v8/src/execution/execution.cc:537)
mksnapshot!v8::Script::Run(v8::Local<v8::Context>, v8::Local<v8::Data>) (/Users/matthenkes/Source/v8-build/v8/src/api/api.cc:2112)
mksnapshot!v8::Script::Run(v8::Local<v8::Context>) (/Users/matthenkes/Source/v8-build/v8/src/api/api.cc:2040)
mksnapshot!v8::internal::(anonymous namespace)::RunExtraCode(v8::Isolate*, v8::Local<v8::Context>, char const*, char const*) (/Users/matthenkes/Source/v8-build/v8/src/snapshot/snapshot.cc:736)
mksnapshot!v8::internal::CreateSnapshotDataBlobInternal(v8::SnapshotCreator::FunctionCodeHandling, char const*, v8::Isolate*) (/Users/matthenkes/Source/v8-build/v8/src/snapshot/snapshot.cc:755)
mksnapshot!(anonymous namespace)::CreateSnapshotDataBlob(v8::Isolate*, char const*) (/Users/matthenkes/Source/v8-build/v8/src/snapshot/mksnapshot.cc:160)
mksnapshot!main (/Users/matthenkes/Source/v8-build/v8/src/snapshot/mksnapshot.cc:286)
dyld!start (Unknown Source:0)
In the debugger i am using, lldb, the variables at the time of the crash aren't very useful. They just numbers and addresses when i'd expect them to be an array. (I'm currently a JS dev and haven't looked at C++ in 20 years, so my expectations might be off lol). Anyone know if variables would be more readable if i used GDB instead of LLDB?
Ben Noordhuis
May 20, 2023, 4:22:29 AM5/20/23
to v8-u...@googlegroups.com
second call frame is where V8 calls into generated machine code and
such crashes are just really, really hard to debug.
The best advice I can give you at this point is to upgrade to a newer
V8 version and see if the problem is fixed. 10.7.71 is almost 9 months
behind.
Reply all
Reply to author
Forward
0 new messages