[Vm-dev] squeak.cog.spur x64 macos & linux reproducible VM crash

Nicolas Cellier nicolas.cellier.aka.nice at gmail.com
Wed Sep 4 20:07:04 UTC 2019 

hint: if I disable SmallInteger->Float conversion in VM with more recent
VMMaker.oscog-nice.2547

    Smalltalk vmParameterAt: 75 put: false.
    Smalltalk voidCogVMState.

then the `WebClientServerTest suite run` snippet does not trigger the bug...

I noticed another assert failure though

    (((self_in_concretizeAt->maxSize)) == null) ||
(((self_in_concretizeAt->maxSize)) >=
((self_in_concretizeAt->machineCodeSize))) 2124

I first thought that I failed to count the number of machine code bytes
generated for new ops ClzRR and BSR...
But I did not hook new primitive 75 in this image, so it must be due to
another instruction...

Whether or not this specific VM crash is due to my own recent changes has
to be inquired... need to bissect.

Note that the incorrect register RDI and RCX are mapped to abstract
register Arg0Reg...
Some we might also query usage of this specific register.

Le mer. 4 sept. 2019 à 11:37, Nicolas Cellier <
nicolas.cellier.aka.nice at gmail.com> a écrit :

> MBP-de-Nicolas:nsboot nicolas$ lldb
> /Users/nicolas/Smalltalk/OpenSmalltalk/opensmalltalk-vm/build.macos64x64/squeak.cog.spur/SqueakDebug.app/Contents/MacOS/Squeak
>
> (lldb) target create
> "/Users/nicolas/Smalltalk/OpenSmalltalk/opensmalltalk-vm/build.macos64x64/squeak.cog.spur/SqueakDebug.app/Contents/MacOS/Squeak"
> Current executable set to
> '/Users/nicolas/Smalltalk/OpenSmalltalk/opensmalltalk-vm/build.macos64x64/squeak.cog.spur/SqueakDebug.app/Contents/MacOS/Squeak'
> (x86_64).
> (lldb) run ../../image/trunk6-64.image
> Process 76862 launched:
> '/Users/nicolas/Smalltalk/OpenSmalltalk/opensmalltalk-vm/build.macos64x64/squeak.cog.spur/SqueakDebug.app/Contents/MacOS/Squeak'
> (x86_64)
>
> Process 76862 stopped
> * thread #1, queue = 'com.apple.main-thread', stop reason = EXC_BAD_ACCESS
> (code=1, address=0x16a)
>     frame #0: 0x0000000107c02436
> ->  0x107c02436: movq   (%rdi), %r9
>     0x107c02439: andq   $0x3fffff, %r9            ; imm = 0x3FFFFF
>     0x107c02440: cmpq   $0x22, %r9
>     0x107c02444: jne    0x107c0244d
> Target 0: (Squeak) stopped.
> (lldb) print $rdi
> (unsigned long) $0 = 362
> (lldb) call printCallStack()
>     0x7ffeefbd54c8 M WebUtils class>jsonDecode: 0x109098170: a(n) WebUtils
> class
>     0x7ffeefbd5500 M WebClientServerTest>decode: 0x107eb0c38: a(n)
> WebClientServerTest
>     0x7ffeefbd5548 M WebClientServerTest>testNumbers 0x107eb0c38: a(n)
> WebClientServerTest
>     0x7ffeefbd5578 M WebClientServerTest(TestCase)>performTest
> 0x107eb0c38: a(n) WebClientServerTest
>     0x7ffeefbd55a8 M [] in WebClientServerTest(TestCase)>runCase
> 0x107eb0c38: a(n) WebClientServerTest
>     0x7ffeefbd55e0 M BlockClosure>on:do: 0x1081f30f8: a(n) BlockClosure
>     0x7ffeefbd5630 M [] in WebClientServerTest(TestCase)>timeout:after:
> 0x107eb0c38: a(n) WebClientServerTest
>     0x7ffeefbd5670 M BlockClosure>ensure: 0x1081f3a08: a(n) BlockClosure
>     0x7ffeefbd56c0 M WebClientServerTest(TestCase)>timeout:after:
> 0x107eb0c38: a(n) WebClientServerTest
>     0x7ffeefbd5700 M [] in WebClientServerTest(TestCase)>runCase
> 0x107eb0c38: a(n) WebClientServerTest
>     0x7ffeefbd1f60 M BlockClosure>ensure: 0x1081efb68: a(n) BlockClosure
>     0x7ffeefbd1f98 M WebClientServerTest(TestCase)>runCase 0x107eb0c38:
> a(n) WebClientServerTest
>     0x7ffeefbd1fd0 M [] in TestResult>runCase: 0x107e66628: a(n) TestResult
>     0x7ffeefbd2008 M BlockClosure>on:do: 0x1081efa58: a(n) BlockClosure
>     0x7ffeefbd2058 M [] in TestResult>runCase: 0x107e66628: a(n) TestResult
>     0x7ffeefbd2090 M BlockClosure>on:do: 0x1081ef940: a(n) BlockClosure
>     0x7ffeefbd20d8 M TestResult>runCase: 0x107e66628: a(n) TestResult
>     0x7ffeefbd2110 M WebClientServerTest(TestCase)>run: 0x107eb0c38: a(n)
> WebClientServerTest
>     0x7ffeefbd2148 M TestRunner>runTest: 0x10c7e9c98: a(n) TestRunner
>     0x7ffeefbd2180 M [] in TestRunner>runSuite: 0x10c7e9c98: a(n)
> TestRunner
>     0x7ffeefbd21f0 M [] in
> OrderedCollection(Collection)>do:displayingProgress:every: 0x107e689b8:
> a(n) OrderedCollection
>     0x7ffeefbd2230 M OrderedCollection>do: 0x107e689b8: a(n)
> OrderedCollection
>     0x7ffeefbd2290 M [] in
> OrderedCollection(Collection)>do:displayingProgress:every: 0x107e689b8:
> a(n) OrderedCollection
>     0x7ffeefbd22e0 M [] in
> MorphicUIManager>displayProgress:at:from:to:during: 0x109d48eb8: a(n)
> MorphicUIManager
>     0x7ffeefbd2318 M BlockClosure>on:do: 0x107e68bf0: a(n) BlockClosure
>     0x7ffeefbd2370 M [] in
> MorphicUIManager>displayProgress:at:from:to:during: 0x109d48eb8: a(n)
> MorphicUIManager
>     0x7ffeefbd23b0 M BlockClosure>ensure: 0x107e68dc0: a(n) BlockClosure
>     0x7ffeefbd2408 I MorphicUIManager>displayProgress:at:from:to:during:
> 0x109d48eb8: a(n) MorphicUIManager
>     0x7ffeefbd2470 I ProgressInitiationException>defaultResumeValue
> 0x107e68ed8: a(n) ProgressInitiationException
>     0x7ffeefbd24b8 I ProgressInitiationException(Exception)>resume
> 0x107e68ed8: a(n) ProgressInitiationException
>     0x7ffeefbd24f8 I ProgressInitiationException>defaultAction
> 0x107e68ed8: a(n) ProgressInitiationException
>     0x7ffeefbd2530 M UndefinedObject>handleSignal: 0x1085e78e0: a(n)
> UndefinedObject
>     0x7ffeefbd2578 I ProgressInitiationException(Exception)>signal
> 0x107e68ed8: a(n) ProgressInitiationException
>     0x7ffeefbd25b8 I
> ProgressInitiationException>display:at:from:to:during: 0x107e68ed8: a(n)
> ProgressInitiationException
>     0x7ffeefbd2620 I ProgressInitiationException
> class>display:at:from:to:during: 0x108b34888: a(n)
> ProgressInitiationException class
>     0x7ffeefbd2688 I ByteString(String)>displayProgressAt:from:to:during:
> 0x108ed25d0: a(n) ByteString
>     0x7ffeefbd26e8 I ByteString(String)>displayProgressFrom:to:during:
> 0x108ed25d0: a(n) ByteString
>        0x107e69158 s
> OrderedCollection(Collection)>do:displayingProgress:every:
>        0x107e736a8 s [] in TestRunner>basicRunSuite:do:
>        0x107eb01c0 s BlockClosure>ensure:
>        0x107ebae20 s TestRunner>basicRunSuite:do:
>        0x107e735f0 s TestRunner>runSuite:
>        0x107eb00e8 s TestRunner>runAll
>        0x107ebad38 s
> PluggableButtonMorphPlus(PluggableButtonMorph)>performAction
>        0x107ec0030 s PluggableButtonMorphPlus>performAction
>        0x107ec5028 s [] in
> PluggableButtonMorphPlus(PluggableButtonMorph)>mouseUp:
>        0x107ec9e00 s Array(SequenceableCollection)>do:
>        0x107ecb020 s
> PluggableButtonMorphPlus(PluggableButtonMorph)>mouseUp:
>        0x107eccab0 s PluggableButtonMorphPlus(Morph)>handleMouseUp:
>        0x107ecd4f0 s MouseButtonEvent>sentTo:
>        0x107ece660 s PluggableButtonMorphPlus(Morph)>handleEvent:
>        0x107ecee40 s PluggableButtonMorphPlus(Morph)>handleFocusEvent:
>        0x107ed1838 s MorphicEventDispatcher>doHandlingForFocusEvent:with:
>        0x107edbe30 s MorphicEventDispatcher>dispatchFocusEvent:with:
>        0x107edc568 s
> PluggableButtonMorphPlus(Morph)>processFocusEvent:using:
>        0x107ededf8 s PluggableButtonMorphPlus(Morph)>processFocusEvent:
>        0x107edf1f8 s [] in HandMorph>sendFocusEvent:to:clear:
>        0x107edf458 s BlockClosure>ensure:
>        0x107edf5f0 s MouseButtonEvent(MorphicEvent)>becomeActiveDuring:
>        0x107edf6d0 s [] in HandMorph>sendFocusEvent:to:clear:
>        0x107edf7a0 s BlockClosure>ensure:
>        0x107edf8b0 s HandMorph>becomeActiveDuring:
>        0x107edf990 s [] in HandMorph>sendFocusEvent:to:clear:
>        0x107edfa48 s BlockClosure>ensure:
>        0x107edfb38 s PasteUpMorph>becomeActiveDuring:
>        0x107edfc18 s HandMorph>sendFocusEvent:to:clear:
>        0x107edfcd0 s HandMorph>sendEvent:focus:clear:
>        0x107edfda8 s HandMorph>sendMouseEvent:
>        0x107edfe70 s HandMorph>handleEvent:
>        0x107edff28 s HandMorph>processEvents
>        0x107edffe0 s [] in WorldState>doOneCycleNowFor:
>        0x107ee0098 s Array(SequenceableCollection)>do:
>        0x107ee0188 s WorldState>handsDo:
>        0x107ee0240 s WorldState>doOneCycleNowFor:
>        0x107ee02f8 s WorldState>doOneCycleFor:
>        0x107ee03b0 s PasteUpMorph>doOneCycle
>        0x10a1bcb48 s [] in MorphicProject>spawnNewProcess
>        0x10a1bc3e8 s [] in BlockClosure>newProcess
> (lldb)
>
> To trigger this, just start an updated trunk64 squeak image and run this:
> WebClientServerTest suite run.
>
> You might have to accept connections in macos dialog box at first run.
>
> I always have $RDI register = 362, same in linux x64...
>
> (gdb) print $rdi
> $1 = 362
> (gdb) x /4i $pc
> => 0x8803c33: mov    (%rdi),%r9
>    0x8803c36: and    $0x3fffff,%r9
>    0x8803c3d: cmp    $0x22,%r9
>    0x8803c41: jne    0x8803c4a
>
> Could it be a conflict in register allocation?
>
> On Win64, I could not get anything useful from gdb (call printCallStack()
> sigsegv gdb itself...).
>
> Though, the instructions are quite similar (the register are different due
> to Win64 ABI)...
> (gdb) x /4i $pc
> => 0x4f02043:   mov    (%rcx),%r10
>    0x4f02046:   and    $0x3fffff,%r10
>    0x4f0204d:   cmp    $0x22,%r10
>    0x4f02051:   jne    0x4f0205a
> (gdb) print $rcx
> $1 = 362
>
> This might well be related to recurring Newspeak bootstrap crash on the CI
> side...
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.squeakfoundation.org/pipermail/vm-dev/attachments/20190904/864ef830/attachment.html>

More information about the Vm-dev mailing list