Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[dartfuzz] runtime/vm/object.cc: 17505: error: expected: !is_megamorphic || result.NumberOfChecks() >= FLAG_max_polymorphic_checks #55625

Closed
alexmarkov opened this issue May 2, 2024 · 0 comments
Closed

[dartfuzz] runtime/vm/object.cc: 17505: error: expected: !is_megamorphic || result.NumberOfChecks() >= FLAG_max_polymorphic_checks #55625

alexmarkov opened this issue May 2, 2024 · 0 comments
Labels
area-vm Use area-vm for VM related issues, including code coverage, FFI, and the AOT and JIT backends. dartfuzz Found with Dart fuzzing (DartFuzz, libFuzzer, etc.) gardening P3 A lower priority bug or feature request triaged Issue has been triaged by sub team

Comments

@alexmarkov
Copy link
Contributor 

=== FAILURE ===
command: out/DebugX64C/dart --profiler --profile_period=6934 --max_profile_depth=169 --profile_vm=true --no_concurrent_mark --no_remove_redundant_phis --max_polymorphic_checks=10 pkg/compiler/lib/src/dart2js.dart --invoker=test --platform-binaries=out/ReleaseX64 --out=out/dartfuzz/7.js --no-source-maps pkg/compiler/lib/src/util/memory_compiler.dart
exitCode: -6
stdout:

stderr:
../../runtime/vm/object.cc: 17505: error: expected: !is_megamorphic || result.NumberOfChecks() >= FLAG_max_polymorphic_checks
version=3.5.0-edge (main) (Unknown timestamp) on "linux_x64"
pid=2778, thread=2822, isolate_group=kernel-service(0x7fe238000ef0), isolate=(nil)((nil))
os=linux, arch=x64, comp=yes, sim=no
isolate_instructions=7fe248917000, vm_instructions=55c71e00db40
fp=7fe24860b830, sp=7fe24860b700, pc=55c71e40ba1c
  pc 0x000055c71e40ba1c fp 0x00007fe24860b830 dart::Profiler::DumpStackTrace+0x7c
  pc 0x000055c71e00dd34 fp 0x00007fe24860b910 dart::Assert::Fail+0x84
  pc 0x000055c71e348bec fp 0x00007fe24860b980 dart::ICData::Clone+0x2bc
  pc 0x000055c71e348762 fp 0x00007fe24860b9e0 dart::Function::RestoreICDataMap+0x1f2
  pc 0x000055c71e8807a3 fp 0x00007fe24860bef0 dart::CallSiteInliner::TryInliningImpl+0xb33
  pc 0x000055c71e87be48 fp 0x00007fe24860bf80 dart::CallSiteInliner::TryInlining+0xe8
  pc 0x000055c71e885c41 fp 0x00007fe24860c060 dart::CallSiteInliner::InlineStaticCalls+0x531
  pc 0x000055c71e87f72f fp 0x00007fe24860c1b0 dart::CallSiteInliner::InlineCalls+0x2ff
  pc 0x000055c71e87f271 fp 0x00007fe24860c2a0 dart::FlowGraphInliner::Inline+0x1e1
  pc 0x000055c71e8e6b84 fp 0x00007fe24860c300 dart::CompilerPass_Inlining::DoBody+0x44
  pc 0x000055c71e8e6446 fp 0x00007fe24860c3d0 dart::CompilerPass::Run+0x126
  pc 0x000055c71e8e673f fp 0x00007fe24860c3f0 dart::CompilerPass::RunPipeline+0x6f
  pc 0x000055c71e4f220f fp 0x00007fe24860cbb0 dart::CompileParsedFunctionHelper::Compile+0x55f
  pc 0x000055c71e4f2fce fp 0x00007fe24860d4c0 dart::CompileFunctionHelper+0x4ee
  pc 0x000055c71e4f3afb fp 0x00007fe24860d560 dart::Compiler::CompileOptimizedFunction+0xcb
  pc 0x000055c71e4f466e fp 0x00007fe24860dcc0 dart::BackgroundCompiler::Run+0xfe
  pc 0x000055c71e4d48c8 fp 0x00007fe24860dd50 dart::ThreadPool::WorkerLoop+0x188
  pc 0x000055c71e4d51eb fp 0x00007fe24860dda0 dart::ThreadPool::Worker::Main+0x12b
  pc 0x000055c71e404ef3 fp 0x00007fe24860def0 dart::ThreadStart+0x103
-- End of DumpStackTrace
=== Crash occurred when compiling package:front_end/src/fasta/source/outline_builder.dart_OutlineBuilder_handleType in optimizing JIT mode in unknown pass
=== Flow Graph not available

https://logs.chromium.org/logs/dart/buildbucket/cr-buildbucket/8749081813646344017/+/u/collect_shards/dartfuzz_-_flags_shard_39/task_stdout_stderr:_dartfuzz_-_flags_shard_39
@alexmarkov alexmarkov added area-vm Use area-vm for VM related issues, including code coverage, FFI, and the AOT and JIT backends. gardening dartfuzz Found with Dart fuzzing (DartFuzz, libFuzzer, etc.) labels May 2, 2024
@a-siva a-siva added triaged Issue has been triaged by sub team P3 A lower priority bug or feature request labels May 8, 2024
copybara-service bot pushed a commit that referenced this issue May 10, 2024
@rmacnak-google
[vm] Don't assert assuming FLAG_max_polymorphic_checks is the same be…
57f57db 
…tween AppJIT training and execution.

Compare FLAG_optimization_counter_threshold, which can likewise change; optimized compilation might happen sooner or later than with a consistent flag value, but should still be correct.

TEST=dartfuzz
Bug: #55625
Change-Id: Iced616163ecf8b3d0a811c67e0c01a9be3d8b18b
Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/365904
Reviewed-by: Alexander Markov <alexmarkov@google.com>
Commit-Queue: Ryan Macnak <rmacnak@google.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area-vm Use area-vm for VM related issues, including code coverage, FFI, and the AOT and JIT backends. dartfuzz Found with Dart fuzzing (DartFuzz, libFuzzer, etc.) gardening P3 A lower priority bug or feature request triaged Issue has been triaged by sub team
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rmacnak-google @a-siva @alexmarkov