b9org/b9

Crash in GC

dnakamura opened this issue · 2 comments

dnakamura commented

There seems to be a crash in the GC which can be triggered by overwriting object pointers.

Test case (custom assembler syntax):

proc b9main,0,3
	;create some objects
	new
	store 0
	
	new
	store 1
	
	new 
	store 2
	
	; over write the objects stored in locals
	new
	dup
	store 0
	dup
	store 1
	dup
	store 2
	
	; keep allocating some new objects to force a gc
	new
	new
	new
	new
	new
endproc

STR sDummy,"xyz"

Output:

$ b9run crash_test.mod
terminate called after throwing an instance of 'std::runtime_error'
  what():  Unrecognized cell type
Aborted (core dumped)

Stack trace:

#0  0x00007ffffdb45428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1  0x00007ffffdb4702a in __GI_abort () at abort.c:89
#2  0x00007ffffe18f84d in __gnu_cxx::__verbose_terminate_handler() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#3  0x00007ffffe18d6b6 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#4  0x00007ffffe18d701 in std::terminate() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#5  0x00007ffffe18d919 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#6  0x00007ffffeef9159 in OMR::Om::ObjectModelDelegate::getObjectSizeInBytesWithHeader (cell=0x7ffffd1c0168,
    this=0x6252a0) at ../om/glue/ObjectModelDelegate.hpp:116
#7  GC_ObjectModelBase::getSizeInBytesWithHeader (objectPtr=0x7ffffd1c0168, this=0x625290)
    at ../third_party/omr/gc/base/ObjectModelBase.hpp:212
#8  GC_ObjectModelBase::getConsumedSizeInBytesWithHeader (objectPtr=0x7ffffd1c0168, this=0x625290)
    at ../third_party/omr/gc/base/ObjectModelBase.hpp:230
#9  GC_ObjectHeapIteratorAddressOrderedList::nextObject (this=0x7ffffffdca40)
    at ../third_party/omr/gc/base/ObjectHeapIteratorAddressOrderedList.hpp:161
#10 0x00007ffffeec7529 in MM_GlobalCollectorDelegate::poisonUnmarkedObjectsInRegion (this=0x62ca20, objectIterator=...)
    at ../om/glue/GlobalCollectorDelegate.cpp:35
#11 0x00007ffffeec7ade in MM_GlobalCollectorDelegate::poisonUnmarkedObjects (this=0x62ca20, env=0x62b9c8)
    at ../om/glue/GlobalCollectorDelegate.cpp:64
#12 0x00007ffffeec7b1b in MM_GlobalCollectorDelegate::postMarkProcessing (this=0x62ca20, env=0x62b9c8)
    at ../om/glue/GlobalCollectorDelegate.cpp:72
#13 0x00007ffffeeb0d46 in MM_ParallelGlobalGC::masterThreadGarbageCollect (this=0x62c9e0, env=0x62b9c8,
    allocDescription=0x0, initMarkMap=true, rebuildMarkBits=false)
    at ../third_party/omr/gc/base/standard/ParallelGlobalGC.cpp:383
#14 0x00007ffffeeb1fe5 in MM_ParallelGlobalGC::internalGarbageCollect (this=0x62c9e0, env=0x62b9c8, subSpace=0x652100,
    allocDescription=0x0) at ../third_party/omr/gc/base/standard/ParallelGlobalGC.cpp:1069
#15 0x00007ffffeec9d15 in MM_Collector::garbageCollect (this=0x62c9e0, env=0x62b9c8, callingSubSpace=0x652100,
    allocateDescription=0x0, gcCode=0, objectAllocationInterface=0x0, baseSubSpace=0x0, context=0x0)
    at ../third_party/omr/gc/base/Collector.cpp:494
---Type <return> to continue, or q <return> to quit---
#16 0x00007ffffeea9586 in MM_MemorySubSpace::systemGarbageCollect (this=0x652100, env=0x62b9c8, gcCode=0)
    at ../third_party/omr/gc/base/MemorySubSpace.cpp:951
#17 0x00007ffffeea9497 in MM_MemorySubSpace::systemGarbageCollect (this=0x651d50, env=0x62b9c8, gcCode=0)
    at ../third_party/omr/gc/base/MemorySubSpace.cpp:921
#18 0x00007ffffeea5c5a in MM_MemorySpace::systemGarbageCollect (this=0x652470, env=0x62b9c8, gcCode=0)
    at ../third_party/omr/gc/base/MemorySpace.cpp:400
#19 0x00007ffffeea2d95 in MM_Heap::systemGarbageCollect (this=0x62b420, env=0x62b9c8, gcCode=0)
    at ../third_party/omr/gc/base/Heap.cpp:108
#20 0x00007ffffeeba0e0 in OMR_GC_SystemCollect (omrVMThread=0x652a30, gcCode=0)
    at ../third_party/omr/gc/startup/omrgcalloc.cpp:66
#21 0x00007ffffe93ee00 in OMR::Om::BaseAllocator::allocate<OMR::Om::ObjectMap, OMR::Om::ObjectMapInitializer> (cx=...,
    init=..., size=56) at ../om/include/OMR/Om/Allocator.inl.hpp:23
#22 0x00007ffffe93c1b4 in OMR::Om::ObjectMap::allocate (cx=..., parent=..., attributes=...)
    at ../om/include/OMR/Om/ObjectMap.inl.hpp:42
#23 0x00007ffffe93c2ed in OMR::Om::ObjectMap::allocate (cx=...) at ../om/include/OMR/Om/ObjectMap.inl.hpp:59
#24 0x00007ffffe93baa4 in OMR::Om::Object::allocate (cx=...) at ../om/include/OMR/Om/Object.inl.hpp:141
#25 0x00007ffffe93938f in b9::ExecutionContext::doNewObject (this=0x655360) at ../b9/src/ExecutionContext.cpp:349
#26 0x00007ffffe9385ed in b9::ExecutionContext::interpret (this=0x655360, functionIndex=0)
    at ../b9/src/ExecutionContext.cpp:171
#27 0x00007ffffe947a5c in b9::VirtualMachine::run (this=0x7ffffffdd520, functionIndex=0,
    usrArgs=std::vector of length 0, capacity 0) at ../b9/src/core.cpp:147
#28 0x0000000000406fca in run (runtime=..., cfg=...) at ../b9run/main.cpp:142
#29 0x00000000004071d3 in main (argc=2, argv=0x7ffffffde268) at ../b9run/main.cpp:161#0  0x00007ffffdb45428 in __GI_raise (sig=sig@entry=6) at ../sysdeps/unix/sysv/linux/raise.c:54
#1  0x00007ffffdb4702a in __GI_abort () at abort.c:89
#2  0x00007ffffe18f84d in __gnu_cxx::__verbose_terminate_handler() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#3  0x00007ffffe18d6b6 in ?? () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#4  0x00007ffffe18d701 in std::terminate() () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#5  0x00007ffffe18d919 in __cxa_throw () from /usr/lib/x86_64-linux-gnu/libstdc++.so.6
#6  0x00007ffffeef9159 in OMR::Om::ObjectModelDelegate::getObjectSizeInBytesWithHeader (cell=0x7ffffd1c0168,
    this=0x6252a0) at ../om/glue/ObjectModelDelegate.hpp:116
#7  GC_ObjectModelBase::getSizeInBytesWithHeader (objectPtr=0x7ffffd1c0168, this=0x625290)
    at ../third_party/omr/gc/base/ObjectModelBase.hpp:212
#8  GC_ObjectModelBase::getConsumedSizeInBytesWithHeader (objectPtr=0x7ffffd1c0168, this=0x625290)
    at ../third_party/omr/gc/base/ObjectModelBase.hpp:230
#9  GC_ObjectHeapIteratorAddressOrderedList::nextObject (this=0x7ffffffdca40)
    at ../third_party/omr/gc/base/ObjectHeapIteratorAddressOrderedList.hpp:161
#10 0x00007ffffeec7529 in MM_GlobalCollectorDelegate::poisonUnmarkedObjectsInRegion (this=0x62ca20, objectIterator=...)
    at ../om/glue/GlobalCollectorDelegate.cpp:35
#11 0x00007ffffeec7ade in MM_GlobalCollectorDelegate::poisonUnmarkedObjects (this=0x62ca20, env=0x62b9c8)
    at ../om/glue/GlobalCollectorDelegate.cpp:64
#12 0x00007ffffeec7b1b in MM_GlobalCollectorDelegate::postMarkProcessing (this=0x62ca20, env=0x62b9c8)
    at ../om/glue/GlobalCollectorDelegate.cpp:72
#13 0x00007ffffeeb0d46 in MM_ParallelGlobalGC::masterThreadGarbageCollect (this=0x62c9e0, env=0x62b9c8,
    allocDescription=0x0, initMarkMap=true, rebuildMarkBits=false)
    at ../third_party/omr/gc/base/standard/ParallelGlobalGC.cpp:383
#14 0x00007ffffeeb1fe5 in MM_ParallelGlobalGC::internalGarbageCollect (this=0x62c9e0, env=0x62b9c8, subSpace=0x652100,
    allocDescription=0x0) at ../third_party/omr/gc/base/standard/ParallelGlobalGC.cpp:1069
#15 0x00007ffffeec9d15 in MM_Collector::garbageCollect (this=0x62c9e0, env=0x62b9c8, callingSubSpace=0x652100,
    allocateDescription=0x0, gcCode=0, objectAllocationInterface=0x0, baseSubSpace=0x0, context=0x0)
    at ../third_party/omr/gc/base/Collector.cpp:494
#16 0x00007ffffeea9586 in MM_MemorySubSpace::systemGarbageCollect (this=0x652100, env=0x62b9c8, gcCode=0)
    at ../third_party/omr/gc/base/MemorySubSpace.cpp:951
#17 0x00007ffffeea9497 in MM_MemorySubSpace::systemGarbageCollect (this=0x651d50, env=0x62b9c8, gcCode=0)
    at ../third_party/omr/gc/base/MemorySubSpace.cpp:921
#18 0x00007ffffeea5c5a in MM_MemorySpace::systemGarbageCollect (this=0x652470, env=0x62b9c8, gcCode=0)
    at ../third_party/omr/gc/base/MemorySpace.cpp:400
#19 0x00007ffffeea2d95 in MM_Heap::systemGarbageCollect (this=0x62b420, env=0x62b9c8, gcCode=0)
    at ../third_party/omr/gc/base/Heap.cpp:108
#20 0x00007ffffeeba0e0 in OMR_GC_SystemCollect (omrVMThread=0x652a30, gcCode=0)
    at ../third_party/omr/gc/startup/omrgcalloc.cpp:66
#21 0x00007ffffe93ee00 in OMR::Om::BaseAllocator::allocate<OMR::Om::ObjectMap, OMR::Om::ObjectMapInitializer> (cx=...,
    init=..., size=56) at ../om/include/OMR/Om/Allocator.inl.hpp:23
#22 0x00007ffffe93c1b4 in OMR::Om::ObjectMap::allocate (cx=..., parent=..., attributes=...)
    at ../om/include/OMR/Om/ObjectMap.inl.hpp:42
#23 0x00007ffffe93c2ed in OMR::Om::ObjectMap::allocate (cx=...) at ../om/include/OMR/Om/ObjectMap.inl.hpp:59
#24 0x00007ffffe93baa4 in OMR::Om::Object::allocate (cx=...) at ../om/include/OMR/Om/Object.inl.hpp:141
#25 0x00007ffffe93938f in b9::ExecutionContext::doNewObject (this=0x655360) at ../b9/src/ExecutionContext.cpp:349
#26 0x00007ffffe9385ed in b9::ExecutionContext::interpret (this=0x655360, functionIndex=0)
    at ../b9/src/ExecutionContext.cpp:171
#27 0x00007ffffe947a5c in b9::VirtualMachine::run (this=0x7ffffffdd520, functionIndex=0,
    usrArgs=std::vector of length 0, capacity 0) at ../b9/src/core.cpp:147
#28 0x0000000000406fca in run (runtime=..., cfg=...) at ../b9run/main.cpp:142
#29 0x00000000004071d3 in main (argc=2, argv=0x7ffffffde268) at ../b9run/main.cpp:161

crash_test.zip

rwy7 commented

Can you upload the module that your assembly compiles to?

rwy7 commented

By the way, there is a system_collect bytecode 👍