[Mono-bugs] [Bug 564253] [verifier] SIGSEGV in set_stack_value (2) on a bad assembly

bugzilla_noreply at novell.com bugzilla_noreply at novell.com
Wed Apr 7 13:48:06 EDT 2010


http://bugzilla.novell.com/show_bug.cgi?id=564253

http://bugzilla.novell.com/show_bug.cgi?id=564253#c3


Sebastien Pouliot <spouliot at novell.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
         Resolution|FIXED                       |

--- Comment #3 from Sebastien Pouliot <spouliot at novell.com> 2010-04-07 17:48:04 UTC ---
I can still get this assembly to crash on x86_64 (not tested on x86)

[mono] ~/svn/moon-3-0/fuzz/regress @ mono --version
Mono JIT compiler version 2.6.4 (/branches/mono-2-6/mono r154966 Wed Apr  7
11:12:25 EDT 2010)
Copyright (C) 2002-2010 Novell, Inc and Contributors. www.mono-project.com
    TLS:           __thread
    GC:            Included Boehm (with typed GC and Parallel Mark)
    SIGSEGV:       altstack
    Notifications: epoll
    Architecture:  amd64
    Disabled:      none


mono --security=core-clr --compile-all System.Windows.sigsegv.102219.dll 

..

** ERROR:(verify.c:2487):set_stack_value: assertion failed: (type)
Stacktrace:


Native stacktrace:

    mono [0x48b618]
    /lib64/libpthread.so.0 [0x7f4c03e53b30]
    /lib64/libc.so.6(gsignal+0x35) [0x7f4c038c85c5]
    /lib64/libc.so.6(abort+0x183) [0x7f4c038c9bb3]
    /usr/lib64/libglib-2.0.so.0(g_assertion_message+0x117) [0x7f4c046f62c7]
    /usr/lib64/libglib-2.0.so.0 [0x7f4c046f6762]
    mono [0x4facfd]
    mono(mono_method_verify+0x47a8) [0x504678]
    mono [0x41d8af]
    mono [0x41e8cb]
    mono [0x46a8c1]
    mono [0x51eda8]
    mono [0x5a64eb]
    mono [0x5bc2c6]
    /lib64/libpthread.so.0 [0x7f4c03e4c040]
    /lib64/libc.so.6(clone+0x6d) [0x7f4c0396908d]

Debug info from gdb:

[Thread debugging using libthread_db enabled]
[New Thread 0x7f4c04d5b730 (LWP 6704)]
[New Thread 0x41610950 (LWP 6707)]
[New Thread 0x4140f950 (LWP 6706)]
[New Thread 0x40f74950 (LWP 6705)]
0x00007f4c03e4fdd9 in pthread_cond_wait@@GLIBC_2.3.2 () from
/lib64/libpthread.so.0
Current language:  auto; currently asm
  4 Thread 0x40f74950 (LWP 6705)  0x00007f4c03e53251 in nanosleep () from
/lib64/libpthread.so.0
  3 Thread 0x4140f950 (LWP 6706)  0x00007f4c03e51d01 in sem_wait () from
/lib64/libpthread.so.0
  2 Thread 0x41610950 (LWP 6707)  0x00007f4c03e5290b in read () from
/lib64/libpthread.so.0
  1 Thread 0x7f4c04d5b730 (LWP 6704)  0x00007f4c03e4fdd9 in
pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0

Thread 4 (Thread 0x40f74950 (LWP 6705)):
#0  0x00007f4c03e53251 in nanosleep () from /lib64/libpthread.so.0
#1  0x0000000000599c92 in collection_thread (unused=<value optimized out>) at
collection.c:34
#2  0x00007f4c03e4c040 in start_thread (arg=<value optimized out>) at
pthread_create.c:297
#3  0x00007f4c0396908d in clone () from /lib64/libc.so.6
#4  0x0000000000000000 in ?? ()

Thread 3 (Thread 0x4140f950 (LWP 6706)):
#0  0x00007f4c03e51d01 in sem_wait () from /lib64/libpthread.so.0
#1  0x00000000005a7408 in mono_sem_wait (sem=0x8c4b60, alertable=0) at
mono-semaphore.c:85
#2  0x00000000004dfc4a in finalizer_thread (unused=<value optimized out>) at
gc.c:1022
#3  0x000000000051eda8 in start_wrapper (data=<value optimized out>) at
threads.c:666
#4  0x00000000005a64eb in thread_start_routine (args=0x93df78) at
wthreads.c:286
#5  0x00000000005bc2c6 in GC_start_routine (arg=0x7f4c04c0de70) at
pthread_support.c:1390
#6  0x00007f4c03e4c040 in start_thread (arg=<value optimized out>) at
pthread_create.c:297
#7  0x00007f4c0396908d in clone () from /lib64/libc.so.6
#8  0x0000000000000000 in ?? ()

Thread 2 (Thread 0x41610950 (LWP 6707)):
#0  0x00007f4c03e5290b in read () from /lib64/libpthread.so.0
#1  0x000000000048b791 in mono_handle_native_sigsegv (signal=<value optimized
out>, ctx=<value optimized out>) at mini-exceptions.c:1818
#2  <signal handler called>
#3  0x00007f4c038c85c5 in *__GI_raise (sig=<value optimized out>) at
./nptl/sysdeps/unix/sysv/linux/raise.c:64
#4  0x00007f4c038c9bb3 in *__GI_abort () at abort.c:88
#5  0x00007f4c046f62c7 in IA__g_assertion_message (domain=0x7f4c04732f3e "",
file=0x60701b "verify.c", line=<value optimized out>, func=0x5fe250
"set_stack_value", 
    message=<value optimized out>) at gtestutils.c:1218
#6  0x00007f4c046f6762 in IA__g_assertion_message_expr (domain=0x0,
file=0x60701b "verify.c", line=2487, func=0x5fe250 "set_stack_value",
expr=<value optimized out>)
    at gtestutils.c:1229
#7  0x00000000004facfd in set_stack_value (ctx=0x4160fd40, stack=0xaa3000,
type=0x0, take_addr=<value optimized out>) at verify.c:2487
#8  0x0000000000504678 in mono_method_verify (method=<value optimized out>,
level=<value optimized out>) at verify.c:3545
#9  0x000000000041d8af in mini_method_verify (cfg=0xac7e00, method=0xac6860) at
mini.c:1252
#10 0x000000000041e8cb in mini_method_compile (method=0xac6860, opts=55667199,
domain=0x7f4c04c0cdb0, run_cctors=<value optimized out>, 
    compile_aot=<value optimized out>, parts=0) at mini.c:1301
#11 0x000000000046a8c1 in compile_all_methods_thread_main (args=0x7fff04fa2cf0)
at driver.c:881
#12 0x000000000051eda8 in start_wrapper (data=<value optimized out>) at
threads.c:666
#13 0x00000000005a64eb in thread_start_routine (args=0x93e040) at
wthreads.c:286
#14 0x00000000005bc2c6 in GC_start_routine (arg=0x7f4c04c0de70) at
pthread_support.c:1390
#15 0x00007f4c03e4c040 in start_thread (arg=<value optimized out>) at
pthread_create.c:297
#16 0x00007f4c0396908d in clone () from /lib64/libc.so.6
#17 0x0000000000000000 in ?? ()

Thread 1 (Thread 0x7f4c04d5b730 (LWP 6704)):
#0  0x00007f4c03e4fdd9 in pthread_cond_wait@@GLIBC_2.3.2 () from
/lib64/libpthread.so.0
#1  0x00000000005983cd in _wapi_handle_timedwait_signal_handle (handle=0x400,
timeout=0x0, alertable=1, poll=9689312) at handles.c:1611
#2  0x0000000000591649 in WaitForMultipleObjectsEx (numobjects=2,
handles=0x9a3220, waitall=0, timeout=4294967295, alertable=0) at wait.c:724
#3  0x000000000052082f in mono_thread_manage () at threads.c:2823
#4  0x000000000046c23a in mono_main (argc=4, argv=<value optimized out>) at
driver.c:908
#5  0x00007f4c038b4436 in __libc_start_main (main=0x418030 <main>, argc=4,
ubp_av=0x7fff04fa2e38, init=0x5db5f0 <__libc_csu_init>, fini=<value optimized
out>, 
    rtld_fini=<value optimized out>, stack_end=0x7fff04fa2e28) at
libc-start.c:220
#6  0x0000000000417f69 in _start ()
#0  0x00007f4c03e4fdd9 in pthread_cond_wait@@GLIBC_2.3.2 () from
/lib64/libpthread.so.0

=================================================================
Got a SIGABRT while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries 
used by your application.
=================================================================

Aborted

-- 
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.


More information about the mono-bugs mailing list