[Vm-dev] [OpenSmalltalk/opensmalltalk-vm] GC crash on (corrupted?) image resume (#391)

Holger Freyther notifications at github.com
Tue Apr 16 06:13:28 UTC 2019 

This happens with 1d9c8bcfd3214c52e8a449840b2cd1c448b33d18 on MacOS 64bit. The Assert VM doesn't see to trigger on any asserts. The GC seems to follow an object ending in a NULL OOP? The image includes non opensource code but it is crashing reliable on start-up.

Smalltalk backtrace
```
Smalltalk stack dump:
    0x7ffee269dbb8 I SmalltalkImage>garbageCollect 0x11bcef9a8: a(n) SmalltalkImage
    0x7ffee269dc00 I ByteArray class(Behavior)>handleFailingBasicNew: 0x11bce0d78: a(n) ByteArray class
    0x7ffee269dc40 M ByteArray class(Behavior)>basicNew: 0x11bce0d78: a(n) ByteArray class
    0x7ffee269dc78 M ByteArray class(Behavior)>new: 0x11bce0d78: a(n) ByteArray class
    0x7ffee269dcb0 M ByteArray class(SequenceableCollection class)>ofSize: 0x11bce0d78: a(n) ByteArray class
    0x7ffee269dcf8 M ByteArray(SequenceableCollection)>grownBy: 0x13b3027d8: a(n) ByteArray
    0x7ffee269dd40 M WriteStream>growTo: 0x11b543e60: a(n) WriteStream
    0x7ffee269dd80 M WriteStream>nextPutAll: 0x11b543e60: a(n) WriteStream
    0x7ffee269ddb8 M WriteStream(Stream)>next:putAll:startingAt: 0x11b543e60: a(n) WriteStream
    0x7ffee269de10 M WriteStream>next:putAll:startingAt: 0x11b543e60: a(n) WriteStream
    0x7ffee269de58 M [] in ZnBufferedReadStream>upToEnd 0x11b553e98: a(n) ZnBufferedReadStream
    0x7ffee269de98 M ByteArray class(SequenceableCollection class)>new:streamContents: 0x11bce0d78: a(n) ByteArray class
    0x7ffee269ded8 M ByteArray class(SequenceableCollection class)>streamContents: 0x11bce0d78: a(n) ByteArray class
    0x7ffee269df20 I ZnBufferedReadStream>upToEnd 0x11b553e98: a(n) ZnBufferedReadStream
    0x7ffee269df60 I ZnBufferedReadStream>contents 0x11b553e98: a(n) ZnBufferedReadStream
    0x7ffee269df90 M [] in LucidaGrandeRegular class>fontContents 0x11c4246f8: a(n) LucidaGrandeRegular class
    0x7ffee269dfd8 M [] in FileReference(AbstractFileReference)>binaryReadStreamDo: 0x11b553fb8: a(n) FileReference
    0x7ffee269e018 M BlockClosure>ensure: 0x11b553fd0: a(n) BlockClosure
    0x7ffee269e068 I FileReference(AbstractFileReference)>binaryReadStreamDo: 0x11b553fb8: a(n) FileReference
    0x7ffee269e0b0 I LucidaGrandeRegular class>fontContents 0x11c4246f8: a(n) LucidaGrandeRegular class
    0x7ffee269e0f8 I LucidaGrandeRegular class(EmbeddedFreeTypeFontFontDescription class)>installFontsIn: 0x11c4246f8: a(n) LucidaGrandeRegular class
    0x7ffee269e138 M [] in EmbeddedFreeTypeFontFontDescription class>installAllFontsIn: 0x11c422d60: a(n) EmbeddedFreeTypeFontFontDescription class
    0x7ffee269aca0 M OrderedCollection>do: 0x11b543700: a(n) OrderedCollection
    0x7ffee269ace8 I EmbeddedFreeTypeFontFontDescription class>installAllFontsIn: 0x11c422d60: a(n) EmbeddedFreeTypeFontFontDescription class
    0x7ffee269ad30 I EmbeddedFreeTypeFontInstaller>installAllFontsIn: 0x11ca636f0: a(n) EmbeddedFreeTypeFontInstaller
    0x7ffee269ad68 M [] in FreeTypeFontProvider>updateEmbeddedFreeTypeFonts 0x11ca63590: a(n) FreeTypeFontProvider
    0x7ffee269adb0 M OrderedCollection>do: 0x11cae4688: a(n) OrderedCollection
    0x7ffee269adf8 I FreeTypeFontProvider>updateEmbeddedFreeTypeFonts 0x11ca63590: a(n) FreeTypeFontProvider
    0x7ffee269ae38 I FreeTypeSettings class>updateFreeType 0x11c41bf60: a(n) FreeTypeSettings class
    0x7ffee269ae78 I FreeTypeSettings class>startUp: 0x11c41bf60: a(n) FreeTypeSettings class
    0x7ffee269aeb0 M ClassSessionHandler>startup: 0x11ca66cc8: a(n) ClassSessionHandler
    0x7ffee269aef0 M [] in WorkingSession>runStartup: 0x11b543000: a(n) WorkingSession
    0x7ffee269af38 M [] in WorkingSession>runList:do: 0x11b543000: a(n) WorkingSession
    0x7ffee269af68 M BlockClosure>on:do: 0x11b5439b8: a(n) BlockClosure
    0x7ffee269afb0 M [] in WorkingSession>runList:do: 0x11b543000: a(n) WorkingSession
    0x7ffee269aff8 M Array(SequenceableCollection)>do: 0x11b543ae8: a(n) Array
    0x7ffee269b040 I WorkingSession>runList:do: 0x11b543000: a(n) WorkingSession
    0x7ffee269b090 I WorkingSession>runStartup: 0x11b543000: a(n) WorkingSession
    0x7ffee269b0d8 I WorkingSession>start: 0x11b543000: a(n) WorkingSession
    0x7ffee269b130 I SessionManager>launchSnapshot:andQuit: 0x11bd57848: a(n) SessionManager
       0x13611ef38 s [] in SessionManager>snapshot:andQuit:
       0x136135618 s [] in BlockClosure>newProcess
```

VM backtrace by itself
```
VM: 201904111858-AssertVM ich at macbookair.local:source/smalltalk/pharo/opensmalltalk-vm
Date: Thu Apr 11 11:58:46 2019 CommitHash: 1d9c8bcfd
Plugins: 201904111858-AssertVM ich at macbookair.local:source/smalltalk/pharo/opensmalltalk-vm

C stack backtrace & registers:
	rax 0x0000000000000000 rbx 0x0000000000000000 rcx 0x0400000000000000 rdx 0x000000012d2d1140
	rdi 0x0000000000000000 rsi 0x0000000000000000 rbp 0x00007ffee2698f50 rsp 0x00007ffee2698f50
	r8  0x0001471835afb3bc r9  0x0000000003ecc22d r10 0x000000011b345558 r11 0x000000011c067ce8
	r12 0x000000013a6e7188 r13 0x0000000000000004 r14 0x000000013a6e7188 r15 0x0000000000000002
	rip 0x000000010d545a04
0   Pharo                               0x000000010d545a04 longAtPointer + 4
1   Pharo                               0x000000010d5eaf8e reportStackState + 174
2   Pharo                               0x000000010d5eb2f3 sigsegv + 195
3   libsystem_platform.dylib            0x00007fff5e938f5a _sigtramp + 26
4   AppKit                              0x00007fff349238eb .str.41.llvm.C4DC25C8 + 241198
5   Pharo                               0x000000010d545d5c fixFollowedFieldofObjectwithInitialValue + 76
6   Pharo                               0x000000010d56cae7 markAndTrace + 2439
7   Pharo                               0x000000010d569156 markObjects + 966
8   Pharo                               0x000000010d568805 fullGC + 149
9   Pharo                               0x000000010d584cc5 primitiveFullGC + 277
10  Pharo                               0x000000010d53aae4 interpret + 26756
11  Pharo                               0x000000010d545776 enterSmalltalkExecutiveImplementation + 310
12  Pharo                               0x000000010d534407 interpret + 423
13  Pharo                               0x000000010d5ecb59 -[sqSqueakMainApplication runSqueak] + 393
14  Foundation                          0x00007fff388a07b8 __NSFirePerformWithOrder + 360
15  CoreFoundation                      0x00007fff36717747 __CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 23
16  CoreFoundation                      0x00007fff3671766f __CFRunLoopDoObservers + 527
17  CoreFoundation                      0x00007fff366f9be8 __CFRunLoopRun + 1240
18  CoreFoundation                      0x00007fff366f9483 CFRunLoopRunSpecific + 483
19  HIToolbox                           0x00007fff359e3d96 RunCurrentEventLoopInMode + 286
20  HIToolbox                           0x00007fff359e3a0f ReceiveNextEventCommon + 366
21  HIToolbox                           0x00007fff359e3884 _BlockUntilNextEventMatchingListInModeWithFilter + 64
22  AppKit                              0x00007fff33c93a73 _DPSNextEvent + 2085
23  AppKit                              0x00007fff34429e34 -[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 3044
24  AppKit                              0x00007fff33c88885 -[NSApplication run] + 764
25  AppKit                              0x00007fff33c57a72 NSApplicationMain + 804
26  libdyld.dylib                       0x00007fff5e62a015 start + 1
```

lldb backtrace
```
Pharo was compiled with optimization - stepping may behave oddly; variables may not be available.
Process 49107 stopped
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x0)
    frame #0: 0x0000000100013a04 Pharo`longAtPointer(ptr=0x0000000000000000) at sqMemoryAccess.h:141 [opt]
   138 	  static inline sqInt shortAtPointerput(char *ptr, int val)	{ return (sqInt)(*((short *)ptr)= (short)val); }
   139 	  static inline sqInt intAtPointer(char *ptr)			{ return (sqInt)(*((int *)ptr)); }
   140 	  static inline sqInt intAtPointerput(char *ptr, int val)	{ return (sqInt)(*((int *)ptr)= val); }
-> 141 	  static inline sqInt longAtPointer(char *ptr)			{ return *(sqInt *)ptr; }
   142 	  static inline sqInt longAtPointerput(char *ptr, sqInt val)	{ return *(sqInt *)ptr= val; }
   143 	  static inline sqLong long64AtPointer(char *ptr)			{ return *(sqLong *)ptr; }
   144 	  static inline sqLong long64AtPointerput(char *ptr, sqLong val)	{ return *(sqLong *)ptr= val; }
Target 0: (Pharo) stopped.
(lldb) bt
* thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS (code=1, address=0x0)
  * frame #0: 0x0000000100013a04 Pharo`longAtPointer(ptr=0x0000000000000000) at sqMemoryAccess.h:141 [opt]
    frame #1: 0x0000000100013d5c Pharo`fixFollowedFieldofObjectwithInitialValue(fieldIndex=2, anObject=4944834952, initialValue=<unavailable>) at gcc3x-cointerp.c:48964 [opt]
    frame #2: 0x000000010003aae7 Pharo`markAndTrace(objOop=4430957424) at gcc3x-cointerp.c:53153 [opt]
    frame #3: 0x0000000100037156 Pharo`markObjects(objectsShouldBeUnmarkedAndUnmarkedClassesShouldBeExpunged=1) at gcc3x-cointerp.c:53409 [opt]
    frame #4: 0x0000000100036805 Pharo`fullGC at gcc3x-cointerp.c:49325 [opt]
    frame #5: 0x0000000100052cc5 Pharo`primitiveFullGC at gcc3x-cointerp.c:77294 [opt]
    frame #6: 0x0000000100008ae4 Pharo`interpret at gcc3x-cointerp.c:6186 [opt]
    frame #7: 0x0000000100013776 Pharo`enterSmalltalkExecutiveImplementation at gcc3x-cointerp.c:17314 [opt]
    frame #8: 0x0000000100002407 Pharo`interpret at gcc3x-cointerp.c:2755 [opt]
    frame #9: 0x00000001000bab59 Pharo`-[sqSqueakMainApplication runSqueak](self=0x00000001004310d0, _cmd=<unavailable>) at sqSqueakMainApplication.m:201 [opt]
    frame #10: 0x00007fff388a07b8 Foundation`__NSFirePerformWithOrder + 360
    frame #11: 0x00007fff36717747 CoreFoundation`__CFRUNLOOP_IS_CALLING_OUT_TO_AN_OBSERVER_CALLBACK_FUNCTION__ + 23
    frame #12: 0x00007fff3671766f CoreFoundation`__CFRunLoopDoObservers + 527
    frame #13: 0x00007fff366f9be8 CoreFoundation`__CFRunLoopRun + 1240
    frame #14: 0x00007fff366f9483 CoreFoundation`CFRunLoopRunSpecific + 483
    frame #15: 0x00007fff359e3d96 HIToolbox`RunCurrentEventLoopInMode + 286
    frame #16: 0x00007fff359e3a0f HIToolbox`ReceiveNextEventCommon + 366
    frame #17: 0x00007fff359e3884 HIToolbox`_BlockUntilNextEventMatchingListInModeWithFilter + 64
    frame #18: 0x00007fff33c93a73 AppKit`_DPSNextEvent + 2085
    frame #19: 0x00007fff34429e34 AppKit`-[NSApplication(NSEvent) _nextEventMatchingEventMask:untilDate:inMode:dequeue:] + 3044
    frame #20: 0x00007fff33c88885 AppKit`-[NSApplication run] + 764
    frame #21: 0x00007fff33c57a72 AppKit`NSApplicationMain + 804
    frame #22: 0x00007fff5e62a015 libdyld.dylib`start + 1
    frame #23: 0x00007fff5e62a015 libdyld.dylib`start + 1
(lldb) frame select 1
frame #1: 0x0000000100013d5c Pharo`fixFollowedFieldofObjectwithInitialValue(fieldIndex=2, anObject=4944834952, initialValue=<unavailable>) at gcc3x-cointerp.c:48964 [opt]
   48961			/* begin fetchPointer:ofMaybeForwardedObject: */
   48962			objOop = longAt((objOop + BaseHeaderSize) + (0U << (shiftForWord())));
   48963		} while(((objOop & (tagMask())) == 0)
-> 48964			 && (((longAt(objOop)) & ((classIndexMask()) - (isForwardedObjectClassIndexPun()))) == 0));
   48965		/* begin storePointer:ofObject:withValue: */
   48966		assert(!(isForwarded(anObject)));
   48967		if ((assert(isNonImmediate(anObject)),
(lldb) p objOop
(sqInt) $0 = 0
(lldb) q
```



-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/OpenSmalltalk/opensmalltalk-vm/issues/391
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squeakfoundation.org/pipermail/vm-dev/attachments/20190415/97965f1f/attachment.html>

More information about the Vm-dev mailing list