Deferred TaggedToI: NaN

[Matt Broadstone]

Hi,

I'm trying to track down an eager deoptimization in my node.js code, and it seems to be directly related to a keyed lookup on an object using a string. There is a comment on an issue from May (https://code.google.com/p/v8/issues/detail?id=3183#c12) that seems to indicate that the assumption is that keyed lookups are by number. Is that the case? Is it not possible for me to optimize this method if I require a keyed lookup by string?

versions:

  node: v0.12.7

  v8: 3.28.71.19

This is the stack for the triggered DEOPT, please let me know if further information would help:

[optimizing 0x2d3900bd1609 <JS Function Codec.encode (SharedFunctionInfo 0x2d3900b27af9)> - took 0.820, 0.509, 0.214 ms]

[deoptimizing (DEOPT eager): begin 0x2d3900bd1609 Codec.encode (opt #34) @40, FP to SP delta: 56]

            Deferred TaggedToI: NaN

  translating Codec.encode => node=136, height=24

    0x7fff5fbff0a0: [top + 80] <- 0x373656140201 ; [sp + 96] 0x373656140201 <JS Object>

    0x7fff5fbff098: [top + 72] <- 0x331bd6004161 ; rbx 0x331bd6004161 <true>

    0x7fff5fbff090: [top + 64] <- 0x3736561487c1 ; [sp + 80] 0x3736561487c1 <a BufferBuilder with map 0x28dbca62ad71>

    0x7fff5fbff088: [top + 56] <- 0xeb789d0f7f1 ; rdx 0xeb789d0f7f1 <String[7]: boolean>

    0x7fff5fbff080: [top + 48] <- 0x31a4d47f5f88 ; caller's pc

    0x7fff5fbff078: [top + 40] <- 0x7fff5fbff0e0 ; caller's fp

    0x7fff5fbff070: [top + 32] <- 0x2d3900b7d7f9; context

    0x7fff5fbff068: [top + 24] <- 0x2d3900bd1609; function

    0x7fff5fbff060: [top + 16] <- 0x331bd6004121 <undefined> ; literal

    0x7fff5fbff058: [top + 8] <- 0x331bd6004121 <undefined> ; literal

    0x7fff5fbff050: [top + 0] <- 0x331bd6004121 <undefined> ; literal

[deoptimizing (eager): end 0x2d3900bd1609 Codec.encode @40 => node=136, pc=0x31a4d47f4edf, state=NO_REGISTERS, alignment=no padding, took 0.062 ms]

[deoptimizer unlinked: Codec.encode / 2d3900bd1609]

Regards,

Matt

[Jakob Kummerow]

Correct. This has been fixed in the meantime, but 3.28 is too old.

--
--
v8-users mailing list
v8-u...@googlegroups.com
http://groups.google.com/group/v8-users
---
You received this message because you are subscribed to the Google Groups "v8-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to v8-users+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Matt Broadstone]

Do you have any idea which version this was fixed in?

Matt

[Jakob Kummerow]

That should be 4.1, but you should really update to the latest stable version. All older (=outdated, unsupported) branches have known security bugs.

[Matt Broadstone]

On Mon, Nov 2, 2015 at 10:33 AM, Jakob Kummerow <jkum...@chromium.org> wrote:

That should be 4.1, but you should really update to the latest stable version. All older (=outdated, unsupported) branches have known security bugs.

Thanks Jakob,

It looks like we'll have to update to node 4.2.1 in order to get these updates. I appreciate the quick responses.

Matt

 

You received this message because you are subscribed to a topic in the Google Groups "v8-users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/v8-users/sb80m69y6ic/unsubscribe.
To unsubscribe from this group and all its topics, send an email to v8-users+u...@googlegroups.com.