[Vm-dev] last object overwritten

Frank Shearar frank.shearar at gmail.com
Wed Feb 27 18:23:59 UTC 2013


On 27 February 2013 18:15, Eliot Miranda <eliot.miranda at gmail.com> wrote:
>
> Hi Frank,
>
> On Wed, Feb 27, 2013 at 6:51 AM, Frank Shearar <frank.shearar at gmail.com> wrote:
>>
>>
>> So I thought I'd be extra tricky with some partial continuation stuff
>> and, as sometimes happens, things went Badly Wrong and the VM crashed.
>> What was odd was that it said "last object overwritten", which I've
>> not seen before.
>
>
> this means what it says and is pointing to e.g. a bug in an FFI call.  Cog fills the object eden zone with a bit pattern and checks on every allocation that the word pointed to by the allocation pointer contains the correct bit pattern.  If the last object allocated is written-to past its end this will corrupt the bit pattern in the allocation zone and the next  allocation will exit with an error.  Such overwriting happens e.g. when one supplies a buffer that is too short to external code that writes to the buffer.
>
> So if you're making FFI calls perhaps you can debug this yourself.

That just makes things stranger, because I'm not using FFI. Other than
the fact that I'm stack-hacking, there's nothing other than normal
Smalltalk stuff going on.

> If you're not then, yes, please send me the tarball in email.

Good, because I did that already :)

frank

> cheers.
>
>>
>> Good news though: I have an image that will trigger the bug in a
>> reproducible fashion! Since it's a 14M tarball, maybe I should mail it
>> to Eliot separately... (but if anyone else wants a look I'm happy to
>> supply a copy).
>>
>> frank
>>
>> Stack trace:
>>
>> last object overwritten
>>
>> Squeak VM version: 4.0-2678 #1 Wed Feb  6 11:36:48 PST 2013 gcc 4.1.2
>> Built from: CoInterpreter VMMaker.oscog-eem.264 uuid:
>> 64e76092-8af7-449f-9188-e65f3bd1f08d Feb  6 2013
>> With: StackToRegisterMappingCogit VMMaker.oscog-eem.264 uuid:
>> 64e76092-8af7-449f-9188-e65f3bd1f08d Feb  6 2013
>> Revision: VM: r2678 http://www.squeakvm.org/svn/squeak/branches/Cog
>> Plugins: r2545 http://squeakvm.org/svn/squeak/trunk/platforms/Cross/plugins
>> Build host: Linux mcqfes 2.6.18-128.el5 #1 SMP Wed Jan 21 10:44:23 EST
>> 2009 i686 i686 i386 GNU/Linux
>> plugin path: /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678
>> [default: /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/lib/squeak/4.0-2678/]
>>
>>
>> C stack backtrace:
>> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak[0x805cb71]
>> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak(error+0x19)[0x805ce59]
>> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak[0x8069bb3]
>> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak[0x80789ff]
>> [0x77709183]
>> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak(interpret+0x1eb)[0x807f23b]
>> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak(main+0x397)[0x805d237]
>> /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xbb1bd6]
>> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak[0x805ac41]
>>
>>
>> Smalltalk stack dump:
>> 0xbfc80668 M MethodContext(Object)>copy 2037438000: a(n) MethodContext
>> 0xbfc80684 M MethodContext(ContextPart)>copyTo: 2037438000: a(n) MethodContext
>> 0xbfc806a8 M MethodContext(ContextPart)>copyTo: 2037437956: a(n) MethodContext
>> 0xbfc806cc M MethodContext(ContextPart)>copyTo: 2037437880: a(n) MethodContext
>> 0xbfc87548 M MethodContext(ContextPart)>copyTo: 2037440340: a(n) MethodContext
>> 0xbfc8756c M MethodContext(ContextPart)>copyTo: 2037440248: a(n) MethodContext
>> 0xbfc87590 M MethodContext(ContextPart)>copyTo: 2037439048: a(n) MethodContext
>> 0xbfc875b4 M MethodContext(ContextPart)>copyTo: 2037440156: a(n) MethodContext
>> 0xbfc875d0 M PartialContinuation>from:downTo: 2037440528: a(n)
>> PartialContinuation
>> 0xbfc875f0 M PartialContinuation class>from:downTo: 2032752868: a(n)
>> PartialContinuation class
>> 0xbfc87620 M BlockClosure>shift: 2037439144: a(n) BlockClosure
>> 0xbfc8763c M BlockClosure>shift 2037439144: a(n) BlockClosure
>> 0xbfc87654 M [] in Zipper class>zipOver: 2033885808: a(n) Zipper class
>> 0xbfc87674 M [] in Zipper class>zipOver: 2033885808: a(n) Zipper class
>> 0xbfc8769c M TestTree>collect: 2037413184: a(n) TestTree
>> 0xbfc876cc I TestTree>collect: 2037413204: a(n) TestTree
>> 0x7970d604 s TestTree>collect:
>> 0x7970d630 s [] in Zipper class>zipOver:
>> 0x7970d65c s [] in PartialContinuation>compose:
>> 0x7970d690 s [] in Zipper>next:
>> 0x7970d6c4 s [] in PartialContinuation>compose:
>> 0x7970d700 s [] in Zipper>next:
>> 0x7970d73c s [] in PartialContinuation>compose:
>> 0x7970d780 s [] in Zipper>next:
>> 0x7970d87c s [] in PartialContinuation>compose:
>> 0x7970d8c8 s [] in Zipper>next:
>> 0x7970d914 s [] in PartialContinuation>compose:
>> 0x7970d968 s [] in Zipper>next:
>> 0xbfc92558 M [] in PartialContinuation>compose: 2037435320: a(n)
>> PartialContinuation
>> 0xbfc92578 M [] in Zipper>next: 2037436996: a(n) Zipper
>> 0xbfc92594 M BlockClosure>on:do: 2037437104: a(n) BlockClosure
>> 0xbfc925b4 M BlockClosure>reset 2037437104: a(n) BlockClosure
>> 0xbfc925cc M Zipper>next: 2037436996: a(n) Zipper
>> 0xbfc925f4 M ZipperTest>testEnumerationWorksOverTrees 2035691720: a(n)
>> ZipperTest
>> 0xbfc9260c M ZipperTest(TestCase)>performTest 2035691720: a(n) ZipperTest
>> 0xbfc92624 M [] in ZipperTest(TestCase)>runCase 2035691720: a(n) ZipperTest
>> 0xbfc92640 M BlockClosure>on:do: 2037411540: a(n) BlockClosure
>> 0xbfc92668 M [] in ZipperTest(TestCase)>timeout:after: 2035691720:
>> a(n) ZipperTest
>> 0xbfc92688 M BlockClosure>ensure: 2037412856: a(n) BlockClosure
>> 0xbfc926b0 M ZipperTest(TestCase)>timeout:after: 2035691720: a(n) ZipperTest
>> 0xbfc926d0 M [] in ZipperTest(TestCase)>runCase 2035691720: a(n) ZipperTest
>> 0xbfcd0508 M BlockClosure>ensure: 2037409660: a(n) BlockClosure
>> 0xbfcd0524 M ZipperTest(TestCase)>runCase 2035691720: a(n) ZipperTest
>> 0xbfcd0540 M [] in TestResult>runCase: 2035689052: a(n) TestResult
>> 0xbfcd055c M BlockClosure>on:do: 2037409516: a(n) BlockClosure
>> 0xbfcd0584 M [] in TestResult>runCase: 2035689052: a(n) TestResult
>> 0xbfcd05a0 M BlockClosure>on:do: 2037409368: a(n) BlockClosure
>> 0xbfcd05c4 M TestResult>runCase: 2035689052: a(n) TestResult
>> 0xbfcd05e0 M ZipperTest(TestCase)>run: 2035691720: a(n) ZipperTest
>> 0xbfcd05fc M TestRunner>runTest: 2034780632: a(n) TestRunner
>> 0xbfcd0620 I [] in TestRunner>runSuite: 2034780632: a(n) TestRunner
>> 0xbfcd0658 M [] in
>> OrderedCollection(Collection)>do:displayingProgress:every: 2035691588:
>> a(n) OrderedCollection
>> 0xbfcd0678 M OrderedCollection>do: 2035691588: a(n) OrderedCollection
>> 0xbfcd06a8 M [] in
>> OrderedCollection(Collection)>do:displayingProgress:every: 2035691588:
>> a(n) OrderedCollection
>> 0xbfcd06d0 M [] in MorphicUIManager>displayProgress:at:from:to:during:
>> 2015074224: a(n) MorphicUIManager
>> 0xbfccd504 M BlockClosure>on:do: 2035694312: a(n) BlockClosure
>> 0xbfccd530 M [] in MorphicUIManager>displayProgress:at:from:to:during:
>> 2015074224: a(n) MorphicUIManager
>> 0xbfccd550 M BlockClosure>ensure: 2035694164: a(n) BlockClosure
>> 0xbfccd574 M MorphicUIManager>displayProgress:at:from:to:during:
>> 2015074224: a(n) MorphicUIManager
>> 0xbfccd5a0 M ProgressInitiationException>defaultResumeValue
>> 2035693376: a(n) ProgressInitiationException
>> 0xbfccd5bc M ProgressInitiationException(Exception)>resume 2035693376:
>> a(n) ProgressInitiationException
>> 0xbfccd5d4 M ProgressInitiationException>defaultAction 2035693376:
>> a(n) ProgressInitiationException
>> 0xbfccd5f0 M UndefinedObject>handleSignal: 2004824068: a(n) UndefinedObject
>> 0xbfccd610 M MethodContext(ContextPart)>handleSignal: 2035693708: a(n)
>> MethodContext
>> 0xbfccd62c M ProgressInitiationException(Exception)>signal 2035693376:
>> a(n) ProgressInitiationException
>> 0xbfccd644 M ProgressInitiationException>display:at:from:to:during:
>> 2035693376: a(n) ProgressInitiationException
>> 0xbfccd670 M ProgressInitiationException
>> class>display:at:from:to:during: 2015244060: a(n)
>> ProgressInitiationException class
>> 0xbfccd69c M ByteString(String)>displayProgressAt:from:to:during:
>> 2015249596: a(n) ByteString
>> 0xbfccd6c4 M ByteString(String)>displayProgressFrom:to:during:
>> 2015249596: a(n) ByteString
>> 0xbfccc5d0 M OrderedCollection(Collection)>do:displayingProgress:every:
>> 2035691588: a(n) OrderedCollection
>> 0xbfccc608 I [] in TestRunner>basicRunSuite:do: 2034780632: a(n) TestRunner
>> 0xbfccc628 M BlockClosure>ensure: 2035693036: a(n) BlockClosure
>> 0xbfccc64c I TestRunner>basicRunSuite:do: 2034780632: a(n) TestRunner
>> 0xbfccc674 I TestRunner>runSuite: 2034780632: a(n) TestRunner
>> 0xbfccc690 M TestRunner>runAll 2034780632: a(n) TestRunner
>> 0xbfccc6b0 I PluggableButtonMorphPlus(PluggableButtonMorph)>performAction
>> 2034847192: a(n) PluggableButtonMorphPlus
>> 0xbfccc6d0 I PluggableButtonMorphPlus>performAction 2034847192: a(n)
>> PluggableButtonMorphPlus
>> 0xbfccf534 M [] in
>> PluggableButtonMorphPlus(PluggableButtonMorph)>mouseUp: 2034847192:
>> a(n) PluggableButtonMorphPlus
>> 0xbfccf558 M Array(SequenceableCollection)>do: 2035687788: a(n) Array
>> 0xbfccf574 M PluggableButtonMorphPlus(PluggableButtonMorph)>mouseUp:
>> 2034847192: a(n) PluggableButtonMorphPlus
>> 0xbfccf598 I PluggableButtonMorphPlus>mouseUp: 2034847192: a(n)
>> PluggableButtonMorphPlus
>> 0xbfccf5b4 M PluggableButtonMorphPlus(Morph)>handleMouseUp:
>> 2034847192: a(n) PluggableButtonMorphPlus
>> 0xbfccf5d0 M MouseButtonEvent>sentTo: 2035688712: a(n) MouseButtonEvent
>> 0xbfccf5ec M PluggableButtonMorphPlus(Morph)>handleEvent: 2034847192:
>> a(n) PluggableButtonMorphPlus
>> 0xbfccf608 M PluggableButtonMorphPlus(Morph)>handleFocusEvent:
>> 2034847192: a(n) PluggableButtonMorphPlus
>> 0xbfccf630 M [] in HandMorph>sendFocusEvent:to:clear: 2007171128: a(n) HandMorph
>> 0xbfccf64c M BlockClosure>on:do: 2035688464: a(n) BlockClosure
>> 0xbfccf678 M PasteUpMorph>becomeActiveDuring: 2013415124: a(n) PasteUpMorph
>> 0xbfccf69c M HandMorph>sendFocusEvent:to:clear: 2007171128: a(n) HandMorph
>> 0xbfccf6c4 M HandMorph>sendEvent:focus:clear: 2007171128: a(n) HandMorph
>> 0xbfc755b4 M HandMorph>sendMouseEvent: 2007171128: a(n) HandMorph
>> 0xbfc755d8 M HandMorph>handleEvent: 2007171128: a(n) HandMorph
>> 0xbfc75604 M HandMorph>processEvents 2007171128: a(n) HandMorph
>> 0xbfc75620 M [] in WorldState>doOneCycleNowFor: 2004979600: a(n) WorldState
>> 0xbfc75644 M Array(SequenceableCollection)>do: 2004895736: a(n) Array
>> 0xbfc75660 M WorldState>handsDo: 2004979600: a(n) WorldState
>> 0xbfc75680 M WorldState>doOneCycleNowFor: 2004979600: a(n) WorldState
>> 0xbfc7569c M WorldState>doOneCycleFor: 2004979600: a(n) WorldState
>> 0xbfc756b8 M PasteUpMorph>doOneCycle 2013415124: a(n) PasteUpMorph
>> 0xbfc756d0 M [] in Project class>spawnNewProcess 2012564228: a(n) Project class
>> 0x79075924 s [] in BlockClosure>newProcess
>>
>> Most recent primitives
>> basicNew
>> basicNew
>> basicNew
>> findNextHandlerContextStarting
>> tempAt:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> findNextUnwindContextUpTo:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> terminateTo:
>> tempAt:put:
>> findNextUnwindContextUpTo:
>> terminateTo:
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> findNextHandlerContextStarting
>> tempAt:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> findNextUnwindContextUpTo:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> terminateTo:
>> tempAt:put:
>> findNextUnwindContextUpTo:
>> terminateTo:
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> findNextHandlerContextStarting
>> tempAt:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> findNextUnwindContextUpTo:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> terminateTo:
>> tempAt:put:
>> findNextUnwindContextUpTo:
>> terminateTo:
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> findNextHandlerContextStarting
>> tempAt:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> findNextUnwindContextUpTo:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> terminateTo:
>> tempAt:put:
>> findNextUnwindContextUpTo:
>> terminateTo:
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> findNextHandlerContextStarting
>> tempAt:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> findNextUnwindContextUpTo:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> terminateTo:
>> tempAt:put:
>> findNextUnwindContextUpTo:
>> terminateTo:
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> findNextHandlerContextStarting
>> tempAt:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> findNextUnwindContextUpTo:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> terminateTo:
>> tempAt:put:
>> findNextUnwindContextUpTo:
>> terminateTo:
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> basicNew
>> findNextHandlerContextStarting
>> tempAt:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> findNextUnwindContextUpTo:
>> tempAt:
>> tempAt:put:
>> tempAt:
>> terminateTo:
>> tempAt:put:
>> findNextUnwindContextUpTo:
>> terminateTo:
>> basicNew
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>> shallowCopy
>>
>> stack page bytes 4096 available headroom 3300 minimum unused headroom 3504
>>
>>         (last object overwritten)
>
>
>
>
> --
> best,
> Eliot
>


More information about the Vm-dev mailing list