[Mono-bugs] [Bug 82828][Maj] New - Mono crashes with (mono_convert_imt_slot_to_vtable_slot): assertion failed: (vtable_offset >= 0)
bugzilla-daemon at bugzilla.ximian.com
bugzilla-daemon at bugzilla.ximian.com
Wed Sep 12 12:31:09 EDT 2007
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by marek.safar at seznam.cz.
http://bugzilla.ximian.com/show_bug.cgi?id=82828
--- shadow/82828 2007-09-12 12:31:09.000000000 -0400
+++ shadow/82828.tmp.26306 2007-09-12 12:31:09.000000000 -0400
@@ -0,0 +1,267 @@
+Bug#: 82828
+Product: Mono: Runtime
+Version: 1.2
+OS:
+OS Details:
+Status: NEW
+Resolution:
+Severity:
+Priority: Major
+Component: JIT
+AssignedTo: lupus at ximian.com
+ReportedBy: marek.safar at seznam.cz
+QAContact: mono-bugs at ximian.com
+TargetMilestone: ---
+URL:
+Cc:
+Summary: Mono crashes with (mono_convert_imt_slot_to_vtable_slot): assertion failed: (vtable_offset >= 0)
+
+Please fill in this template when reporting a bug, unless you know what you
+are doing.
+Description of Problem:
+
+When running the latest MD mono crashes, here is the log gathered together
+with lupus.
+
+
+Starting program: /usr/local/bin/mono build/bin/MonoDevelop.exe
+[Thread debugging using libthread_db enabled]
+[New Thread -1211197728 (LWP 11409)]
+[New Thread -1220858992 (LWP 11410)]
+[New Thread -1221006448 (LWP 11411)]
+2007-09-12 16:28:49,144 [-1211197728] WARN
+MonoDevelop.Core.ILoggingService [(null)] - Inotify watch limit is too low
+(8192).
+MonoDevelop will switch to managed file watching.
+See http://www.monodevelop.com/Inotify_Watches_Limit for more info.
+[New Thread -1253459056 (LWP 11416)]
+[New Thread -1258755184 (LWP 11438)]
+[Thread -1253459056 (LWP 11416) exited]
+[New Thread -1253459056 (LWP 11444)]
+[New Thread -1261749360 (LWP 11445)]
+2007-09-12 16:28:52,093 [-1211197728] ERROR
+MonoDevelop.Core.ILoggingService [(null)] -
+System.Reflection.TargetInvocationException: Exception has been thrown by
+the target of an invocation. ---> System.TypeInitializationException: An
+exception was thrown by the type initializer for
+MonoDevelop.Components.HtmlControl.MozillaControl --->
+System.TypeInitializationException: An exception was thrown by the type
+initializer for Gecko.WebControl ---> System.DllNotFoundException:
+libgtkembedmoz.so
+ at (wrapper managed-to-native) Gecko.WebControl:gtk_moz_embed_get_type ()
+ at Gecko.WebControl.get_GType () [0x00000]
+ at GtkSharp.GeckoSharp.ObjectManager.Initialize () [0x00000]
+ at Gecko.WebControl..cctor () [0x00000] --- End of inner exception stack
+trace ---
+
+ at MonoDevelop.Components.HtmlControl.MozillaControl..cctor () [0x00000]
+--- End of inner exception stack trace ---
+
+ at MonoDevelop.WelcomePage.WelcomePageView..ctor () [0x00000]
+ at MonoDevelop.WelcomePage.ShowWelcomePageOnStartUpHandler.Run () [0x00000]
+ at (wrapper managed-to-native)
+System.Reflection.MonoMethod:InternalInvoke (object,object[])
+ at System.Reflection.MonoMethod.Invoke (System.Object obj, BindingFlags
+invokeAttr, System.Reflection.Binder binder, System.Object[] parameters,
+System.Globalization.CultureInfo culture) [0x00000] --- End of inner
+exception stack trace ---
+
+ at System.Reflection.MonoMethod.Invoke (System.Object obj, BindingFlags
+invokeAttr, System.Reflection.Binder binder, System.Object[] parameters,
+System.Globalization.CultureInfo culture) [0x00000]
+ at System.Reflection.MethodBase.Invoke (System.Object obj,
+System.Object[] parameters) [0x00000]
+ at MonoDevelop.Ide.Gui.IdeApp.OnExtensionChanged (System.Object s,
+Mono.Addins.ExtensionNodeEventArgs args) [0x00000]
+[New Thread -1296319600 (LWP 11455)]
+[New Thread -1297372272 (LWP 11456)]
+[New Thread -1298490480 (LWP 11458)]
+[New Thread -1299543152 (LWP 11464)]
+[New Thread -1300661360 (LWP 11465)]
+[New Thread -1301714032 (LWP 11468)]
+[New Thread -1302783088 (LWP 11469)]
+Unrecognised ItemGroup element 'Folder', Include = 'Properties\'. Ignoring.
+[New Thread -1304122480 (LWP 11471)]
+[New Thread -1305175152 (LWP 11472)]
+[New Thread -1306227824 (LWP 11473)]
+2007-09-12 16:28:58,836 [-1211197728] WARN
+MonoDevelop.Core.ILoggingService [(null)] - Already read starting node.
+2007-09-12 16:28:58,861 [-1211197728] WARN
+MonoDevelop.Core.ILoggingService [(null)] - Already read starting node.
+2007-09-12 16:28:59,332 [-1211197728] WARN
+MonoDevelop.Core.ILoggingService [(null)] - Already read starting node.
+2007-09-12 16:28:59,437 [-1211197728] WARN
+MonoDevelop.Core.ILoggingService [(null)] - Already read starting node.
+2007-09-12 16:28:59,684 [-1211197728] WARN
+MonoDevelop.Core.ILoggingService [(null)] - Already read starting node.
+2007-09-12 16:28:59,782 [-1211197728] WARN
+MonoDevelop.Core.ILoggingService [(null)] - Already read starting node.
+2007-09-12 16:29:00,046 [-1211197728] WARN
+MonoDevelop.Core.ILoggingService [(null)] - Already read starting node.
+2007-09-12 16:29:00,120 [-1211197728] WARN
+MonoDevelop.Core.ILoggingService [(null)] - Already read starting node.
+2007-09-12 16:29:00,239 [-1211197728] WARN
+MonoDevelop.Core.ILoggingService [(null)] - Already read starting node.
+2007-09-12 16:29:00,526 [-1211197728] WARN
+MonoDevelop.Core.ILoggingService [(null)] - Already read starting node.
+
+** ERROR **: file mini-trampolines.c: line 48
+(mono_convert_imt_slot_to_vtable_slot): assertion failed: (vtable_offset >= 0)
+aborting...
+
+Program received signal SIGABRT, Aborted.
+[Switching to Thread -1211197728 (LWP 11409)]
+0xffffe410 in __kernel_vsyscall ()
+(gdb) up
+#1 0xb7d14df0 in raise () from /lib/tls/i686/cmov/libc.so.6
+(gdb) up
+#2 0xb7d16641 in abort () from /lib/tls/i686/cmov/libc.so.6
+(gdb) up
+#3 0xb7ea470a in g_logv () from /usr/lib/libglib-2.0.so.0
+(gdb) up
+#4 0xb7ea4749 in g_log () from /usr/lib/libglib-2.0.so.0
+(gdb) up
+#5 0xb7ea47c6 in g_assert_warning () from /usr/lib/libglib-2.0.so.0
+(gdb) up
+#6 0x0807ee59 in mono_convert_imt_slot_to_vtable_slot (slot=0x8193520,
+ regs=0xbfaeea58, code=0xb1e1ca30 "Y\211E��u\020�u�\213E�P\213",
+ method=0xb507cc14) at mini-trampolines.c:48
+48 g_assert (vtable_offset >= 0);
+(gdb) print vtable_offset, displacement, *imt_method, *vt
+No symbol "displacement" in current context.
+(gdb) print vtable_offset, *imt_method, *vt
+$1 = {klass = 0x62617476, gc_descr = 0x6f5f656c, domain = 0x65736666,
+ data = 0x3d3e2074, type = 0x2a003020,
+ interface_bitmap = 0x62617476 <Address 0x62617476 out of bounds>,
+ max_interface_id = 25964, rank = 95 '_', remote = 1, initialized = 1,
+ init_failed = 0, imt_collisions_bitmap = 7630700, vtable = 0x81934c7}
+(gdb) print vtable_offset
+$2 = 0
+(gdb) print displacement
+No symbol "displacement" in current context.
+(gdb) print *imt_method
+$3 = {flags = 3526, iflags = 0, token = 100664565, klass = 0x92e79dc,
+ signature = 0x95a2934, generic_container = 0x0,
+ name = 0xb68a9fe6 "get_ReturnType", inline_info = 0, uses_this = 0,
+ wrapper_type = 0, string_ctor = 0, save_lmf = 0, dynamic = 0,
+ is_inflated = 0, skip_visibility = 0, slot = 0}
+(gdb) print *vt
+$4 = {klass = 0x62617476, gc_descr = 0x6f5f656c, domain = 0x65736666,
+ data = 0x3d3e2074, type = 0x2a003020,
+ interface_bitmap = 0x62617476 <Address 0x62617476 out of bounds>,
+ max_interface_id = 25964, rank = 95 '_', remote = 1, initialized = 1,
+ init_failed = 0, imt_collisions_bitmap = 7630700, vtable = 0x81934c7}
+(gdb) print *method
+$5 = {flags = 2534, iflags = 0, token = 100663868, klass = 0xb507c714,
+ signature = 0xb5514a64, generic_container = 0x0,
+ name = 0xb68ae197 "get_Documentation", inline_info = 0, uses_this = 0,
+ wrapper_type = 0, string_ctor = 0, save_lmf = 0, dynamic = 0,
+ is_inflated = 0, skip_visibility = 0, slot = 70}
+(gdb) x/8x regs
+0xbfaeea58: 0xb5089940 0x0000003e 0x095a794c 0x004b9fa8
+0xbfaeea68: 0xbfaeea6c 0xbfaeeaa0 0x00de8d00 0x01ce1660
+(gdb) call mono_pmip(code)
+$6 = 0x9dc9d00 " CSharpBinding.CSharpAmbience:Convert
+(MonoDevelop.Projects.Parser.IParameter,MonoDevelop.Projects.Ambience.ConversionFlags)
++ 0xc8 (0xb1e1c968 0xb1e1cac6) [0x21f00 - MonoDevelop.exe]"
+(gdb) disas 0xb1e1c968 code+6
+Dump of assembler code from 0xb1e1c968 to 0xb1e1ca36:
+0xb1e1c968: push %ebp
+0xb1e1c969: mov %esp,%ebp
+0xb1e1c96b: push %ebx
+0xb1e1c96c: push %edi
+0xb1e1c96d: push %esi
+0xb1e1c96e: sub $0x10,%esp
+0xb1e1c971: mov 0x8(%ebp),%ebx
+0xb1e1c974: mov 0xc(%ebp),%esi
+0xb1e1c977: xor %edi,%edi
+0xb1e1c979: push $0x82e7d78
+0xb1e1c97e: call 0xb7919618
+0xb1e1c983: pop %ecx
+0xb1e1c984: mov %eax,0xfffffff0(%ebp)
+0xb1e1c987: push %eax
+0xb1e1c988: call 0xb6caa208
+0xb1e1c98d: pop %ecx
+0xb1e1c98e: mov 0xfffffff0(%ebp),%edi
+0xb1e1c991: push %esi
+0xb1e1c992: mov (%esi),%eax
+0xb1e1c994: mov $0x95a79cc,%edx
+0xb1e1c999: call *0xffffffbc(%eax)
+0xb1e1c99c: pop %ecx
+0xb1e1c99d: mov %al,0xffffffef(%ebp)
+0xb1e1c9a0: movzbl %al,%eax
+0xb1e1c9a3: test %eax,%eax
+0xb1e1c9a5: je 0xb1e1c9c3
+0xb1e1c9a7: pushl 0x10(%ebp)
+0xb1e1c9aa: push $0xdca80
+0xb1e1c9af: push $0x1ca1378
+0xb1e1c9b4: push %edi
+0xb1e1c9b5: push %ebx
+0xb1e1c9b6: call 0xb1e1cb48
+0xb1e1c9bb: add $0x14,%esp
+0xb1e1c9be: jmp 0xb1e1ca1f
+0xb1e1c9c3: push %esi
+0xb1e1c9c4: mov (%esi),%eax
+0xb1e1c9c6: mov $0x95a79ac,%edx
+0xb1e1c9cb: call *0xfffffff8(%eax)
+0xb1e1c9ce: pop %ecx
+---Type <return> to continue, or q <return> to quit---
+0xb1e1c9cf: mov %al,0xffffffef(%ebp)
+0xb1e1c9d2: movzbl %al,%eax
+0xb1e1c9d5: test %eax,%eax
+0xb1e1c9d7: je 0xb1e1c9f2
+0xb1e1c9d9: pushl 0x10(%ebp)
+0xb1e1c9dc: push $0xdca80
+0xb1e1c9e1: push $0x1ca1360
+0xb1e1c9e6: push %edi
+0xb1e1c9e7: push %ebx
+0xb1e1c9e8: call 0xb1e1cac8
+0xb1e1c9ed: add $0x14,%esp
+0xb1e1c9f0: jmp 0xb1e1ca1f
+0xb1e1c9f2: push %esi
+0xb1e1c9f3: mov (%esi),%eax
+0xb1e1c9f5: mov $0x95a79ec,%edx
+0xb1e1c9fa: call *0xffffffe8(%eax)
+0xb1e1c9fd: pop %ecx
+0xb1e1c9fe: mov %al,0xffffffef(%ebp)
+0xb1e1ca01: movzbl %al,%eax
+0xb1e1ca04: test %eax,%eax
+0xb1e1ca06: je 0xb1e1ca1f
+0xb1e1ca08: pushl 0x10(%ebp)
+0xb1e1ca0b: push $0xdca80
+0xb1e1ca10: push $0x1cd98a0
+0xb1e1ca15: push %edi
+0xb1e1ca16: push %ebx
+0xb1e1ca17: call 0xb1e1cac8
+0xb1e1ca1c: add $0x14,%esp
+0xb1e1ca1f: mov %edi,0xfffffff0(%ebp)
+0xb1e1ca22: mov %ebx,0xffffffe8(%ebp)
+0xb1e1ca25: push %esi
+0xb1e1ca26: mov (%esi),%eax
+0xb1e1ca28: mov $0x95a794c,%edx
+0xb1e1ca2d: call *0xfffffff0(%eax)
+0xb1e1ca30: pop %ecx
+0xb1e1ca31: mov %eax,0xffffffe4(%ebp)
+0xb1e1ca34: pushl 0x10(%ebp)
+End of assembler dump.
+(gdb) x/8x regs [4]
+0xbfaeea6c: 0xbfaeeaa0 0x00de8d00 0x01ce1660 0xb507cc14
+0xbfaeea7c: 0xb1e1ca30 0x00de8d00 0x00000012 0x004b9fa8
+(gdb)
+
+
+Steps to reproduce the problem:
+1.
+2.
+3.
+
+Actual Results:
+
+
+Expected Results:
+
+
+How often does this happen?
+
+
+Additional Information:
More information about the mono-bugs
mailing list