-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
AOT-ReleaseX64 segfault #35703
Comments
The stack trace is awful on the crash, but it happens during
when generating the code for the following "CheckedSmiComparison":
|
Digging deeper, crashes while accessing Selector() on the static call
because the underlying call does not have ic_data()
Adding an ASSERT confirms this. |
The problem may have been introduces by the unification CL (https://dart-review.googlesource.com/c/sdk/+/84433) which moved static calls into the realm of possibilities for a rewrite into a CheckedSmiComparison without proper check for ic_data(). |
Martin, would you mind having a quick look? |
Rationale: This would have made triaging the bug below a lot quicker. #35703 Change-Id: I23451f1b2944f9447a1f1c1c85af073a7211fe4b Reviewed-on: https://dart-review.googlesource.com/c/90302 Reviewed-by: Vyacheslav Egorov <vegorov@google.com> Commit-Queue: Aart Bik <ajcbik@google.com>
@aartbik Sure, I can take a look. How do I get the reproduction command from the fuzzer run? |
Thanks Martin. As for reproducing, I have a small write-up on how to do this on go/dartfuzz, but also attached (fuzz3608420507.dart as fuzz3608420507.txt) for your convenience. To reproduce
(note that the check fail is new, introduced above for more graceful failure). |
Reproduces on ToT.
Isolate (/b/s/w/itTQ5HWJ/dart_fuzzOPFNNB) AOT-ReleaseX64 - KBC-CMP-ReleaseX64: !DIVERGENCE! 1.2:3608420507 (output=false)
fail1:
===== CRASH =====
version=2.2.0-edge.e64428a8395179f534fee45ca9a831e6c2c39d03 (Fri Jan 18 01:41:18 2019 +0000) on "linux_x64"
si_signo=Segmentation fault(11), si_code=1, si_addr=0x8
thread=461, isolate=isolate(0x556c3fada900)
[0x0000556c3eb2c904] Unknown symbol
[0x0000556c3eb2c904] Unknown symbol
[0x0000556c3eafa4bf] Unknown symbol
[0x0000556c3eac3f90] Unknown symbol
[0x0000556c3eac57fe] Unknown symbol
[0x0000556c3eac0e05] Unknown symbol
[0x0000556c3eabf86a] Unknown symbol
[0x0000556c3eaba924] Unknown symbol
[0x0000556c3eab8460] Unknown symbol
[0x0000556c3eab8034] Unknown symbol
[0x0000556c3ec0de9a] Unknown symbol
[0x0000556c3e864170] Unknown symbol
-- End of DumpStackTrace
The text was updated successfully, but these errors were encountered: