[Vm-dev] last object overwritten

Eliot Miranda eliot.miranda at gmail.com
Wed Feb 27 18:15:47 UTC 2013


Hi Frank,

On Wed, Feb 27, 2013 at 6:51 AM, Frank Shearar <frank.shearar at gmail.com>wrote:

>
> So I thought I'd be extra tricky with some partial continuation stuff
> and, as sometimes happens, things went Badly Wrong and the VM crashed.
> What was odd was that it said "last object overwritten", which I've
> not seen before.
>

this means what it says and is pointing to e.g. a bug in an FFI call.  Cog
fills the object eden zone with a bit pattern and checks on every
allocation that the word pointed to by the allocation pointer contains the
correct bit pattern.  If the last object allocated is written-to past its
end this will corrupt the bit pattern in the allocation zone and the next
 allocation will exit with an error.  Such overwriting happens e.g. when
one supplies a buffer that is too short to external code that writes to the
buffer.

So if you're making FFI calls perhaps you can debug this yourself.

If you're not then, yes, please send me the tarball in email.

cheers.


> Good news though: I have an image that will trigger the bug in a
> reproducible fashion! Since it's a 14M tarball, maybe I should mail it
> to Eliot separately... (but if anyone else wants a look I'm happy to
> supply a copy).
>
> frank
>
> Stack trace:
>
> last object overwritten
>
> Squeak VM version: 4.0-2678 #1 Wed Feb  6 11:36:48 PST 2013 gcc 4.1.2
> Built from: CoInterpreter VMMaker.oscog-eem.264 uuid:
> 64e76092-8af7-449f-9188-e65f3bd1f08d Feb  6 2013
> With: StackToRegisterMappingCogit VMMaker.oscog-eem.264 uuid:
> 64e76092-8af7-449f-9188-e65f3bd1f08d Feb  6 2013
> Revision: VM: r2678 http://www.squeakvm.org/svn/squeak/branches/Cog
> Plugins: r2545
> http://squeakvm.org/svn/squeak/trunk/platforms/Cross/plugins
> Build host: Linux mcqfes 2.6.18-128.el5 #1 SMP Wed Jan 21 10:44:23 EST
> 2009 i686 i686 i386 GNU/Linux
> plugin path:
> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678
> [default:
> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/lib/squeak/4.0-2678/]
>
>
> C stack backtrace:
>
> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak[0x805cb71]
>
> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak(error+0x19)[0x805ce59]
>
> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak[0x8069bb3]
>
> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak[0x80789ff]
> [0x77709183]
>
> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak(interpret+0x1eb)[0x807f23b]
>
> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak(main+0x397)[0x805d237]
> /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe6)[0xbb1bd6]
>
> /home/frank/Documents/squeak-ci/target/cog.r2678/coglinux/bin/../lib/squeak/4.0-2678/squeak[0x805ac41]
>
>
> Smalltalk stack dump:
> 0xbfc80668 M MethodContext(Object)>copy 2037438000: a(n) MethodContext
> 0xbfc80684 M MethodContext(ContextPart)>copyTo: 2037438000: a(n)
> MethodContext
> 0xbfc806a8 M MethodContext(ContextPart)>copyTo: 2037437956: a(n)
> MethodContext
> 0xbfc806cc M MethodContext(ContextPart)>copyTo: 2037437880: a(n)
> MethodContext
> 0xbfc87548 M MethodContext(ContextPart)>copyTo: 2037440340: a(n)
> MethodContext
> 0xbfc8756c M MethodContext(ContextPart)>copyTo: 2037440248: a(n)
> MethodContext
> 0xbfc87590 M MethodContext(ContextPart)>copyTo: 2037439048: a(n)
> MethodContext
> 0xbfc875b4 M MethodContext(ContextPart)>copyTo: 2037440156: a(n)
> MethodContext
> 0xbfc875d0 M PartialContinuation>from:downTo: 2037440528: a(n)
> PartialContinuation
> 0xbfc875f0 M PartialContinuation class>from:downTo: 2032752868: a(n)
> PartialContinuation class
> 0xbfc87620 M BlockClosure>shift: 2037439144: a(n) BlockClosure
> 0xbfc8763c M BlockClosure>shift 2037439144: a(n) BlockClosure
> 0xbfc87654 M [] in Zipper class>zipOver: 2033885808: a(n) Zipper class
> 0xbfc87674 M [] in Zipper class>zipOver: 2033885808: a(n) Zipper class
> 0xbfc8769c M TestTree>collect: 2037413184: a(n) TestTree
> 0xbfc876cc I TestTree>collect: 2037413204: a(n) TestTree
> 0x7970d604 s TestTree>collect:
> 0x7970d630 s [] in Zipper class>zipOver:
> 0x7970d65c s [] in PartialContinuation>compose:
> 0x7970d690 s [] in Zipper>next:
> 0x7970d6c4 s [] in PartialContinuation>compose:
> 0x7970d700 s [] in Zipper>next:
> 0x7970d73c s [] in PartialContinuation>compose:
> 0x7970d780 s [] in Zipper>next:
> 0x7970d87c s [] in PartialContinuation>compose:
> 0x7970d8c8 s [] in Zipper>next:
> 0x7970d914 s [] in PartialContinuation>compose:
> 0x7970d968 s [] in Zipper>next:
> 0xbfc92558 M [] in PartialContinuation>compose: 2037435320: a(n)
> PartialContinuation
> 0xbfc92578 M [] in Zipper>next: 2037436996: a(n) Zipper
> 0xbfc92594 M BlockClosure>on:do: 2037437104: a(n) BlockClosure
> 0xbfc925b4 M BlockClosure>reset 2037437104: a(n) BlockClosure
> 0xbfc925cc M Zipper>next: 2037436996: a(n) Zipper
> 0xbfc925f4 M ZipperTest>testEnumerationWorksOverTrees 2035691720: a(n)
> ZipperTest
> 0xbfc9260c M ZipperTest(TestCase)>performTest 2035691720: a(n) ZipperTest
> 0xbfc92624 M [] in ZipperTest(TestCase)>runCase 2035691720: a(n) ZipperTest
> 0xbfc92640 M BlockClosure>on:do: 2037411540: a(n) BlockClosure
> 0xbfc92668 M [] in ZipperTest(TestCase)>timeout:after: 2035691720:
> a(n) ZipperTest
> 0xbfc92688 M BlockClosure>ensure: 2037412856: a(n) BlockClosure
> 0xbfc926b0 M ZipperTest(TestCase)>timeout:after: 2035691720: a(n)
> ZipperTest
> 0xbfc926d0 M [] in ZipperTest(TestCase)>runCase 2035691720: a(n) ZipperTest
> 0xbfcd0508 M BlockClosure>ensure: 2037409660: a(n) BlockClosure
> 0xbfcd0524 M ZipperTest(TestCase)>runCase 2035691720: a(n) ZipperTest
> 0xbfcd0540 M [] in TestResult>runCase: 2035689052: a(n) TestResult
> 0xbfcd055c M BlockClosure>on:do: 2037409516: a(n) BlockClosure
> 0xbfcd0584 M [] in TestResult>runCase: 2035689052: a(n) TestResult
> 0xbfcd05a0 M BlockClosure>on:do: 2037409368: a(n) BlockClosure
> 0xbfcd05c4 M TestResult>runCase: 2035689052: a(n) TestResult
> 0xbfcd05e0 M ZipperTest(TestCase)>run: 2035691720: a(n) ZipperTest
> 0xbfcd05fc M TestRunner>runTest: 2034780632: a(n) TestRunner
> 0xbfcd0620 I [] in TestRunner>runSuite: 2034780632: a(n) TestRunner
> 0xbfcd0658 M [] in
> OrderedCollection(Collection)>do:displayingProgress:every: 2035691588:
> a(n) OrderedCollection
> 0xbfcd0678 M OrderedCollection>do: 2035691588: a(n) OrderedCollection
> 0xbfcd06a8 M [] in
> OrderedCollection(Collection)>do:displayingProgress:every: 2035691588:
> a(n) OrderedCollection
> 0xbfcd06d0 M [] in MorphicUIManager>displayProgress:at:from:to:during:
> 2015074224: a(n) MorphicUIManager
> 0xbfccd504 M BlockClosure>on:do: 2035694312: a(n) BlockClosure
> 0xbfccd530 M [] in MorphicUIManager>displayProgress:at:from:to:during:
> 2015074224: a(n) MorphicUIManager
> 0xbfccd550 M BlockClosure>ensure: 2035694164: a(n) BlockClosure
> 0xbfccd574 M MorphicUIManager>displayProgress:at:from:to:during:
> 2015074224: a(n) MorphicUIManager
> 0xbfccd5a0 M ProgressInitiationException>defaultResumeValue
> 2035693376: a(n) ProgressInitiationException
> 0xbfccd5bc M ProgressInitiationException(Exception)>resume 2035693376:
> a(n) ProgressInitiationException
> 0xbfccd5d4 M ProgressInitiationException>defaultAction 2035693376:
> a(n) ProgressInitiationException
> 0xbfccd5f0 M UndefinedObject>handleSignal: 2004824068: a(n) UndefinedObject
> 0xbfccd610 M MethodContext(ContextPart)>handleSignal: 2035693708: a(n)
> MethodContext
> 0xbfccd62c M ProgressInitiationException(Exception)>signal 2035693376:
> a(n) ProgressInitiationException
> 0xbfccd644 M ProgressInitiationException>display:at:from:to:during:
> 2035693376: a(n) ProgressInitiationException
> 0xbfccd670 M ProgressInitiationException
> class>display:at:from:to:during: 2015244060: a(n)
> ProgressInitiationException class
> 0xbfccd69c M ByteString(String)>displayProgressAt:from:to:during:
> 2015249596: a(n) ByteString
> 0xbfccd6c4 M ByteString(String)>displayProgressFrom:to:during:
> 2015249596: a(n) ByteString
> 0xbfccc5d0 M OrderedCollection(Collection)>do:displayingProgress:every:
> 2035691588: a(n) OrderedCollection
> 0xbfccc608 I [] in TestRunner>basicRunSuite:do: 2034780632: a(n) TestRunner
> 0xbfccc628 M BlockClosure>ensure: 2035693036: a(n) BlockClosure
> 0xbfccc64c I TestRunner>basicRunSuite:do: 2034780632: a(n) TestRunner
> 0xbfccc674 I TestRunner>runSuite: 2034780632: a(n) TestRunner
> 0xbfccc690 M TestRunner>runAll 2034780632: a(n) TestRunner
> 0xbfccc6b0 I PluggableButtonMorphPlus(PluggableButtonMorph)>performAction
> 2034847192: a(n) PluggableButtonMorphPlus
> 0xbfccc6d0 I PluggableButtonMorphPlus>performAction 2034847192: a(n)
> PluggableButtonMorphPlus
> 0xbfccf534 M [] in
> PluggableButtonMorphPlus(PluggableButtonMorph)>mouseUp: 2034847192:
> a(n) PluggableButtonMorphPlus
> 0xbfccf558 M Array(SequenceableCollection)>do: 2035687788: a(n) Array
> 0xbfccf574 M PluggableButtonMorphPlus(PluggableButtonMorph)>mouseUp:
> 2034847192: a(n) PluggableButtonMorphPlus
> 0xbfccf598 I PluggableButtonMorphPlus>mouseUp: 2034847192: a(n)
> PluggableButtonMorphPlus
> 0xbfccf5b4 M PluggableButtonMorphPlus(Morph)>handleMouseUp:
> 2034847192: a(n) PluggableButtonMorphPlus
> 0xbfccf5d0 M MouseButtonEvent>sentTo: 2035688712: a(n) MouseButtonEvent
> 0xbfccf5ec M PluggableButtonMorphPlus(Morph)>handleEvent: 2034847192:
> a(n) PluggableButtonMorphPlus
> 0xbfccf608 M PluggableButtonMorphPlus(Morph)>handleFocusEvent:
> 2034847192: a(n) PluggableButtonMorphPlus
> 0xbfccf630 M [] in HandMorph>sendFocusEvent:to:clear: 2007171128: a(n)
> HandMorph
> 0xbfccf64c M BlockClosure>on:do: 2035688464: a(n) BlockClosure
> 0xbfccf678 M PasteUpMorph>becomeActiveDuring: 2013415124: a(n) PasteUpMorph
> 0xbfccf69c M HandMorph>sendFocusEvent:to:clear: 2007171128: a(n) HandMorph
> 0xbfccf6c4 M HandMorph>sendEvent:focus:clear: 2007171128: a(n) HandMorph
> 0xbfc755b4 M HandMorph>sendMouseEvent: 2007171128: a(n) HandMorph
> 0xbfc755d8 M HandMorph>handleEvent: 2007171128: a(n) HandMorph
> 0xbfc75604 M HandMorph>processEvents 2007171128: a(n) HandMorph
> 0xbfc75620 M [] in WorldState>doOneCycleNowFor: 2004979600: a(n) WorldState
> 0xbfc75644 M Array(SequenceableCollection)>do: 2004895736: a(n) Array
> 0xbfc75660 M WorldState>handsDo: 2004979600: a(n) WorldState
> 0xbfc75680 M WorldState>doOneCycleNowFor: 2004979600: a(n) WorldState
> 0xbfc7569c M WorldState>doOneCycleFor: 2004979600: a(n) WorldState
> 0xbfc756b8 M PasteUpMorph>doOneCycle 2013415124: a(n) PasteUpMorph
> 0xbfc756d0 M [] in Project class>spawnNewProcess 2012564228: a(n) Project
> class
> 0x79075924 s [] in BlockClosure>newProcess
>
> Most recent primitives
> basicNew
> basicNew
> basicNew
> findNextHandlerContextStarting
> tempAt:
> tempAt:
> tempAt:put:
> tempAt:
> findNextUnwindContextUpTo:
> tempAt:
> tempAt:put:
> tempAt:
> terminateTo:
> tempAt:put:
> findNextUnwindContextUpTo:
> terminateTo:
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> findNextHandlerContextStarting
> tempAt:
> tempAt:
> tempAt:put:
> tempAt:
> findNextUnwindContextUpTo:
> tempAt:
> tempAt:put:
> tempAt:
> terminateTo:
> tempAt:put:
> findNextUnwindContextUpTo:
> terminateTo:
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> findNextHandlerContextStarting
> tempAt:
> tempAt:
> tempAt:put:
> tempAt:
> findNextUnwindContextUpTo:
> tempAt:
> tempAt:put:
> tempAt:
> terminateTo:
> tempAt:put:
> findNextUnwindContextUpTo:
> terminateTo:
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> findNextHandlerContextStarting
> tempAt:
> tempAt:
> tempAt:put:
> tempAt:
> findNextUnwindContextUpTo:
> tempAt:
> tempAt:put:
> tempAt:
> terminateTo:
> tempAt:put:
> findNextUnwindContextUpTo:
> terminateTo:
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> findNextHandlerContextStarting
> tempAt:
> tempAt:
> tempAt:put:
> tempAt:
> findNextUnwindContextUpTo:
> tempAt:
> tempAt:put:
> tempAt:
> terminateTo:
> tempAt:put:
> findNextUnwindContextUpTo:
> terminateTo:
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> findNextHandlerContextStarting
> tempAt:
> tempAt:
> tempAt:put:
> tempAt:
> findNextUnwindContextUpTo:
> tempAt:
> tempAt:put:
> tempAt:
> terminateTo:
> tempAt:put:
> findNextUnwindContextUpTo:
> terminateTo:
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> basicNew
> findNextHandlerContextStarting
> tempAt:
> tempAt:
> tempAt:put:
> tempAt:
> findNextUnwindContextUpTo:
> tempAt:
> tempAt:put:
> tempAt:
> terminateTo:
> tempAt:put:
> findNextUnwindContextUpTo:
> terminateTo:
> basicNew
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
> shallowCopy
>
> stack page bytes 4096 available headroom 3300 minimum unused headroom 3504
>
>         (last object overwritten)
>



-- 
best,
Eliot
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.squeakfoundation.org/pipermail/vm-dev/attachments/20130227/bf07557a/attachment-0001.htm


More information about the Vm-dev mailing list