[Mono-bugs] [Bug 684649] New: SIGSEGV in the Runtime when clearing an array

bugzilla_noreply at novell.com bugzilla_noreply at novell.com
Fri Apr 1 16:39:31 EDT 2011 

https://bugzilla.novell.com/show_bug.cgi?id=684649

https://bugzilla.novell.com/show_bug.cgi?id=684649#c0


           Summary: SIGSEGV in the Runtime when clearing an array
    Classification: Mono
           Product: MonoDroid
           Version: SVN
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Normal
          Priority: P5 - None
         Component: Runtime
        AssignedTo: gnorton at novell.com
        ReportedBy: jpryor at novell.com
         QAContact: mono-bugs at lists.ximian.com
          Found By: ---
           Blocker: ---


Created an attachment (id=422856)
 --> (http://bugzilla.novell.com/attachment.cgi?id=422856)
GcTest.zip

Build, install and run the attached GcTest.zip project.

Once it's running, tap the A button, tap Back, then tap the A button. You
should see the screen flash before it resumes.

Viewing `adb logcat` will show:

D/Zygote  (12918): Process 24015 terminated by signal (11) (SIGSEGV).

Run within an emulator+gdb, and when we hit the SIGSEGV [0].

What's "interesting" is that it appears to crash when Array.ClearInternal()
calls ves_icall_System_Array_CreateInstanceImpl64(), which makes _no_ sense at
all (see bt for Thread 2 vs. the `p mono_pmip()` call at the end).

[0] (gdb) t a a bt


Thread 8 (Thread 5238):
#0  0xafd0db4c in __ioctl ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#1  0xafd219d4 in ioctl ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#2  0x0011f6b8 in ?? ()

Thread 7 (Thread 5234):
#0  0xafd0db4c in __ioctl ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#1  0xafd219d4 in ioctl ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#2  0x00378858 in ?? ()

Thread 6 (Thread 5233):
#0  0xafd0db4c in __ioctl ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#1  0xafd219d4 in ioctl ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#2  0x0011f6b8 in ?? ()

Thread 5 (Thread 5232):

#0  0xafd0e63c in recvmsg ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#1  0x80854418 in ?? ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libdvm.so

Thread 4 (Thread 5231):
#0  0xafd0e3fc in __rt_sigtimedwait ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#1  0xafd13896 in sigwait ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#2  0x80887fc4 in ?? ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libdvm.so

Thread 3 (Thread 5230):
#0  0xafd0eb08 in __futex_syscall3 ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#1  0xafd107b0 in __pthread_cond_timedwait_relative ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#2  0xafd1087c in __pthread_cond_timedwait ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libc.so
#3  0x8084ab20 in ?? ()
   from /Users/jon/Development/mono-droid/mondroid/dbg/system/lib/libdvm.so


Thread 2 (Thread 5229):
#0  mono_class_get_cctor (klass=0x0) at ../../../../mono/metadata/class.c:7532
#1  0x80dac3a4 in ves_icall_System_Array_CreateInstanceImpl64 (type=0x0, 
    lengths=0xbe85a740, bounds=0x80ee5fc0)
    at ../../../../mono/metadata/icall.c:606
#2  0x43190f2c in ?? ()
Cannot access memory at address 0x0

Thread 1 (Thread 5235):
#0  mono_destroy_compile (cfg=0x3a8950) at ../../../../mono/mini/mini.c:2440
#1  0x80c28330 in mono_jit_compile_method_inner (method=0x2628e8, 
    target_domain=0x231d58, opt=51456511, jit_ex=0x4859bc20)
    at ../../../../mono/mini/mini.c:5262
#2  0x80c28990 in mono_jit_compile_method_with_opt (method=0x2628e8, 
    opt=51456511, ex=0x4859bc20) at ../../../../mono/mini/mini.c:5365
#3  0x80c28b9c in mono_jit_compile_method (method=0x2628e8)
    at ../../../../mono/mini/mini.c:5390
#4  0x80e2d388 in default_jump_trampoline (domain=0x2628e8, method=0x0, 
    add_sync_wrapper=-2132618360) at ../../../../mono/metadata/object.c:474
#5  0x80d123fc in common_call_trampoline (regs=0x4859bd48, 
    code=0x431a539c "\004?\233?\f??\024?\213?", m=0x2628e8, 
    tramp=0x26a240 "4?YHH?&", vt=0x0, vtable_slot=0x0, need_rgctx_tramp=0)
    at ../../../../mono/mini/mini-trampolines.c:479
#6  0x80d12a8c in mono_magic_trampoline (regs=0x4859bd48, 

    code=0x431a539c "\004?\233?\f??\024?\213?", arg=0x2628e8, 
    tramp=0x26a240 "4?YHH?&") at ../../../../mono/mini/mini-trampolines.c:581
#7  0x4184d064 in ?? ()
7532    in ../../../../mono/metadata/class.c

(gdb) p mono_pmip(0x43190f2c)
$1 = 0x3a0260 " (wrapper managed-to-native) System.Array:ClearInternal
(System.Array,int,int) + 0x4c (0x43190ee0 0x43190f68) [0x231d58 - RootDomain]"

-- 
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

More information about the mono-bugs mailing list