[Mono-bugs] [Bug 47576][Wis] New - intermittant crashing on SMP system
bugzilla-daemon@bugzilla.ximian.com
bugzilla-daemon@bugzilla.ximian.com
Tue, 12 Aug 2003 23:16:32 -0400 (EDT)
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by mass@akuma.org.
http://bugzilla.ximian.com/show_bug.cgi?id=47576
--- shadow/47576 2003-08-12 23:16:32.000000000 -0400
+++ shadow/47576.tmp.13004 2003-08-12 23:16:32.000000000 -0400
@@ -0,0 +1,265 @@
+Bug#: 47576
+Product: Mono/Runtime
+Version: unspecified
+OS: GNU/Linux [Other]
+OS Details: Debian Sarge
+Status: NEW
+Resolution:
+Severity:
+Priority: Wishlist
+Component: misc
+AssignedTo: mono-bugs@ximian.com
+ReportedBy: mass@akuma.org
+QAContact: mono-bugs@ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: intermittant crashing on SMP system
+
+Description of Problem:
+
+There are intermittant failures with mono on my SMP system, which usually
+can be found while re-compiling the mcs module. This is reproducable on
+0.25 and HEAD, although the failure is random. The behavior seen is
+usually one of:
+1. assertion failure
+2. implement me notice
+3. invalid opcode: IL_019 pop
+4. silent crash
+5. hang (I assume it is a thread crashing)
+
+Steps to reproduce the problem:
+1. install mono (I used a 0.25 package and a daily snapshot)
+2. re-compile mcs
+
+Actual Results:
+
+Here are two failures and some relevant information from GDB.
+
+MONO_PATH="../../../class/lib:$MONO_PATH"
+mono ../../../mcs/mcs.exe /r:corlib.dll /r:I18N.dll -
+g /noconfig /target:library /out:../../../class/lib/I18N.Rare.dll
+@I18N.Rare.dll.sources
+WROTE SYMFILE: 37 sources, 148 methods, 152 types, 29246 line numbers, 74
+locals, 111 namespaces, 12667 bytes of string data
+OffsetTable [383281 - 52:380565 - 37:382393:888 - 148:380617:1776 - 152]
+Compilation succeeded
+
+** ERROR **: file mini.c: line 626 (mono_find_final_block): assertion
+failed: (handler)
+aborting...
+make[3]: *** [../../../class/lib/I18N.Rare.dll] Aborted (core dumped)
+
+(gdb) bt
+#0 0xffffe410 in ?? ()
+#1 0x4025f8cb in abort () from /lib/libc.so.6
+#2 0x401a51ee in g_logv () from /usr/lib/libglib-2.0.so.0
+#3 0x401a5213 in g_log () from /usr/lib/libglib-2.0.so.0
+#4 0x4002f34e in mono_find_final_block (cfg=0x413e94a8, ip=0x403c841d
+<Address 0x403c841d out of bounds>,
+ target=0x403c8429 <Address 0x403c8429 out of bounds>, type=2) at
+mini.c:626
+#5 0x400485ce in mono_method_to_ir (cfg=0x413e94a8, method=0x8105e28,
+start_bblock=0x413d84fc, end_bblock=0x413d8594,
+ locals_offset=1, return_var=0x0, dont_inline=0x98c3744,
+inline_args=0x0, inline_offset=0, is_virtual_call=0)
+ at mini.c:4526
+#6 0x400535ac in mini_method_compile (method=0x8105e28, opts=18827,
+domain=0x8082f80, parts=0) at mini.c:6728
+#7 0x40054154 in mono_jit_compile_method (method=0x8105e28) at
+mini.c:7018
+#8 0x4009defe in mono_compile_method (method=0x8105e28) at object.c:177
+#9 0x4002e1d7 in mono_ldftn (method=0x8105e28) at jit-icalls.c:21
+#10 0x09feac42 in ?? ()
+#11 0x40054291 in mono_jit_runtime_invoke (method=0x8105e28,
+obj=0x808cf40, params=0x0, exc=0x40aa5a28) at mini.c:7059
+#12 0x4009eebd in mono_runtime_invoke (method=0x8105e28, obj=0x808cf40,
+params=0x0, exc=0x40aa5a28) at object.c:690
+#13 0x400ae6fd in run_finalize (obj=0x808cf40, data=0x0) at gc.c:72
+#14 0x4014e011 in GC_invoke_finalizers () at finalize.c:789
+#15 0x400af086 in finalizer_thread (unused=0x0) at gc.c:485
+#16 0x400f6cd0 in timed_thread_start_routine (args=0x80b4758) at timed-
+thread.c:115
+#17 0x401505ee in GC_start_routine (arg=0x40aa5ad8) at
+linux_threads.c:1663
+#18 0x4021924c in start_thread () from /lib/libpthread.so.0
+
+print *cfg
+$3 = {method = 0x8105e28, mempool = 0x413d8430, varinfo = 0x41400ee0,
+vars = 0x41400ef8, ret = 0x0, bb_entry = 0x413d84fc,
+ bb_exit = 0x413d8594, bb_init = 0x413d8874, bblocks = 0x0, bb_hash =
+0x413def58, state_pool = 0x0, cbb = 0x0,
+ prev_ins = 0x0, patch_info = 0x0, num_bblocks = 7, locals_start = 1,
+num_varinfo = 2, varinfo_count = 4,
+ stack_offset = 0, rs = 0x0, spill_info = 0x0, spill_count = 0, exvar =
+0x0, domainvar = 0x0, spvar = 0x413d862c,
+ ldstr_list = 0x0, domain = 0x8082f80, native_code = 0x0, code_size = 0,
+code_len = 0, prolog_end = 0, epilog_begin = 0,
+ used_int_regs = 0, opt = 18827, prof_options = 0, flags = 0, comp_done
+= 0, verbose_level = 0, stack_usage = 0,
+ param_area = 0, frame_reg = 0, sig_cookie = 0, disable_aot = 0,
+disable_ssa = 0, debug_info = 0x0, intvars = 0x413d8444,
+ coverage_info = 0x0}
+
+(gdb) print *cfg.method
+$4 = {flags = 196, iflags = 0, token = 100673411, klass = 0x805cdb8,
+signature = 0x8105d68, addr = 0x0, info = 0x8106f20,
+ remoting_tramp = 0x0, slot = 3, name = 0x40740a49 <Address 0x40740a49
+out of bounds>, inline_info = 0, uses_this = 0,
+ wrapper_type = MONO_WRAPPER_NONE, string_ctor = 0, save_lmf = 0,
+inline_count = 0}
+
+(gdb) print *clause
+$7 = {flags = 2, try_offset = 0, try_len = 17, handler_offset = 17,
+handler_len = 7, token_or_filter = 0}
+
+(gdb) print *header
+$12 = {code_size = 25, code = 0x403c8411 <Address 0x403c8411 out of
+bounds>, max_stack = 6, num_clauses = 1,
+ init_locals = 1, num_locals = 0, clauses = 0x8105e80, locals =
+0x8105e7c}
+
+-----------------------------------------
+
+make[2]: Entering directory `/home/mass/src/mono/mcs/class/Microsoft.Vsa'
+touch ../../build/deps/Microsoft.Vsa.dll.stamp
+MONO_PATH="../../class/lib:$MONO_PATH" mono ../../mcs/mcs.exe -
+g /noconfig /r:System.dll /target:library /out:../../class/lib/Microsoft.V
+sa.dll @Microsoft.Vsa.dll.sources
+WROTE SYMFILE: 12 sources, 0 methods, 0 types, 0 line numbers, 0 locals,
+36 namespaces, 1541 bytes of string data
+OffsetTable [2605 - 52:2265 - 12:2317:288 - 0:2317:0 - 0]
+Compilation succeeded
+
+** ERROR **: Invalid IL code at IL0019 in 04
+System.IO.StreamWriter:Finalize (object,intptr,intptr): IL_0019: pop
+
+
+aborting...
+make[2]: *** [../../class/lib/Microsoft.Vsa.dll] Aborted (core dumped)
+
+(gdb) bt
+#0 0xffffe410 in ?? ()
+#1 0x4025f8cb in abort () from /lib/libc.so.6
+#2 0x401a51ee in g_logv () from /usr/lib/libglib-2.0.so.0
+#3 0x401a5213 in g_log () from /usr/lib/libglib-2.0.so.0
+#4 0x4004f8f2 in mono_method_to_ir (cfg=0x8107408, method=0x83d2bf0,
+start_bblock=0x84174b4, end_bblock=0x841754c,
+ locals_offset=3, return_var=0x0, dont_inline=0x84532bc,
+inline_args=0x0, inline_offset=0, is_virtual_call=0)
+ at mini.c:5185
+#5 0x400535ac in mini_method_compile (method=0x83d2bf0, opts=18827,
+domain=0x8082f80, parts=0) at mini.c:6728
+#6 0x40054154 in mono_jit_compile_method (method=0x83d2bf0) at
+mini.c:7018
+#7 0x4005427a in mono_jit_runtime_invoke (method=0x830a1b0,
+obj=0x85ce0e0, params=0x0, exc=0xbffff670) at mini.c:7058
+#8 0x4009eebd in mono_runtime_invoke (method=0x830a1b0, obj=0x85ce0e0,
+params=0x0, exc=0xbffff670) at object.c:690
+#9 0x400ae6fd in run_finalize (obj=0x85ce0e0, data=0x0) at gc.c:72
+#10 0x400ae8bb in finalize_fields (class=0x818f690, data=0x8656d60 "",
+instance=0, todo=0x83d2d70) at gc.c:140
+#11 0x400ae934 in finalize_static_data (class=0x818f690,
+vtable=0x841523c, todo=0x83d2d70) at gc.c:175
+#12 0x400f8abe in mono_g_hash_table_foreach (hash_table=0x807ff60,
+func=0x400ae8fd <finalize_static_data>,
+ user_data=0x83d2d70) at mono-hash.c:573
+#13 0x400ae97b in mono_domain_finalize (domain=0x8082f80) at gc.c:191
+#14 0x40055268 in mini_cleanup (domain=0x8082f80) at mini.c:7377
+#15 0x40075d7a in mono_main (argc=8, argv=0xbffff894) at driver.c:667
+#16 0x08048e6e in main (argc=8, argv=0xbffff894) at main.c:6
+(gdb) frame 4
+
+(gdb) print *method
+$2 = {flags = 0, iflags = 0, token = 0, klass = 0x818f690, signature =
+0x830e270, addr = 0x0, info = 0x0,
+ remoting_tramp = 0x0, slot = 0, name = 0x83d3a48 "Finalize",
+inline_info = 1, uses_this = 0,
+ wrapper_type = MONO_WRAPPER_RUNTIME_INVOKE, string_ctor = 0, save_lmf =
+0, inline_count = -1}
+
+(gdb) print *method.klass
+$3 = {image = 0x8053488, enum_basetype = 0x0, element_class = 0x818f690,
+cast_class = 0x818f690, rank = 0, inited = 1,
+ init_pending = 0, size_inited = 1, valuetype = 0, enumtype = 0,
+blittable = 0, unicode = 0, wastypebuilder = 0,
+ min_align = 4, packing_size = 0, ghcimpl = 0, has_finalize = 1,
+marshalbyref = 1, contextbound = 0, delegate = 0,
+ gc_descr_inited = 1, dummy = 0, parent = 0x8118bd8, nested_in = 0x0,
+nested_classes = 0x0, type_token = 33554882,
+ name = 0x4074dcb9 <Address 0x4074dcb9 out of bounds>, name_space =
+0x4074cc30 <Address 0x4074cc30 out of bounds>,
+ interface_count = 0, interface_id = 0, max_interface_id = 10,
+interface_offsets = 0x830a3e8, interfaces = 0x0,
+ idepth = 4, supertypes = 0x818f770, instance_size = 48, class_size =
+16, vtable_size = 79, flags = 8193, field = {
+ first = 965, last = 978, count = 13}, method = {first = 5503, last =
+5524, count = 21}, property = {first = 761,
+ last = 764, count = 3}, event = {first = 0, last = 0, count = 0},
+marshal_info = 0x0, fields = 0x83097a8,
+ properties = 0x830a3b0, events = 0x0, methods = 0x83099c8, this_arg =
+{data = {klass = 0x818f690, type = 0x818f690,
+ array = 0x818f690, method = 0x818f690, type_param = 135853712,
+generic_inst = 0x818f690}, attrs = 0, type = 18,
+ num_mods = 0, byref = 1, pinned = 0, modifiers = 0x818f738},
+byval_arg = {data = {klass = 0x818f690, type = 0x818f690,
+ array = 0x818f690, method = 0x818f690, type_param = 135853712,
+generic_inst = 0x818f690}, attrs = 0, type = 18,
+ num_mods = 0, byref = 0, pinned = 0, modifiers = 0x818f740},
+generic_inst = 0x0, gen_params = 0x0, num_gen_params = 0,
+ reflection_info = 0x0, gc_descr = 0x7e200001, gc_bitmap = 1150,
+ptr_to_str = 0x0, str_to_ptr = 0x0,
+ cached_vtable = 0x841523c, vtable = 0x830a460}
+
+(gdb) call print_method_from_ip(0x81072d9)
+You can't do that without a process to debug.
+
+(gdb) print *cfg
+$7 = {method = 0x83d2bf0, mempool = 0x84171c0, varinfo = 0x83d2c28, vars
+= 0x83d2c60, ret = 0x84172d4,
+ bb_entry = 0x84174b4, bb_exit = 0x841754c, bb_init = 0x0, bblocks =
+0x0, bb_hash = 0x830e290, state_pool = 0x0,
+ cbb = 0x0, prev_ins = 0x0, patch_info = 0x0, num_bblocks = 10,
+locals_start = 3, num_varinfo = 9, varinfo_count = 12,
+ stack_offset = 0, rs = 0x0, spill_info = 0x0, spill_count = 0, exvar =
+0x8417794, domainvar = 0x0, spvar = 0x84175e4,
+ ldstr_list = 0x0, domain = 0x8082f80, native_code = 0x0, code_size = 0,
+code_len = 0, prolog_end = 0, epilog_begin = 0,
+ used_int_regs = 0, opt = 18827, prof_options = 0, flags = 0, comp_done
+= 0, verbose_level = 0, stack_usage = 0,
+ param_area = 0, frame_reg = 0, sig_cookie = 0, disable_aot = 0,
+disable_ssa = 0, debug_info = 0x0, intvars = 0x84171d4,
+ coverage_info = 0x0}
+
+(gdb) print *start_bblock
+$11 = {last_ins = 0x0, cil_code = 0x0, cil_length = 0, native_offset = 0,
+max_offset = 0, dfn = 0, block_num = 0,
+ flags = 0, out_count = 1, in_count = 0, in_bb = 0x0, out_bb =
+0x8417954, next_bb = 0x84178bc, code = 0x0,
+ dominators = 0x0, dfrontier = 0x0, idom = 0x0, dominated = 0x0,
+df_parent = 0x0, ancestor = 0x0, child = 0x0,
+ label = 0x0, bucket = 0x0, size = 0, sdom = 0, idomn = 0, loop_blocks =
+0x0, nesting = 0 '\0', gen_set = 0x0,
+ kill_set = 0x0, live_in_set = 0x0, live_out_set = 0x0, out_scount = 0,
+in_scount = 0, out_stack = 0x0, in_stack = 0x0,
+ real_offset = 0, region = 0, max_ireg = 0, max_freg = 0}
+
+(gdb) print *end_bblock
+$13 = {last_ins = 0x0, cil_code = 0x0, cil_length = 0, native_offset = 0,
+max_offset = 0, dfn = 0, block_num = 1,
+ flags = 0, out_count = 0, in_count = 0, in_bb = 0x0, out_bb = 0x0,
+next_bb = 0x0, code = 0x0, dominators = 0x0,
+ dfrontier = 0x0, idom = 0x0, dominated = 0x0, df_parent = 0x0, ancestor
+= 0x0, child = 0x0, label = 0x0, bucket = 0x0,
+ size = 0, sdom = 0, idomn = 0, loop_blocks = 0x0, nesting = 0 '\0',
+gen_set = 0x0, kill_set = 0x0, live_in_set = 0x0,
+ live_out_set = 0x0, out_scount = 0, in_scount = 0, out_stack = 0x0,
+in_stack = 0x0, real_offset = 0, region = 0,
+ max_ireg = 0, max_freg = 0}
+
+(gdb) print *dont_inline
+$14 = {data = 0x83d2bf0, next = 0x0, prev = 0x0}
+
+How often does this happen?
+
+Usually it takes about three tries to compile all of the classes.