Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

lookup_tracer_nif crashes when tracer = erts_tracer_nil #6448

Closed
zzydxm opened this issue Nov 7, 2022 · 3 comments · Fixed by #6495
Closed

lookup_tracer_nif crashes when tracer = erts_tracer_nil #6448

zzydxm opened this issue Nov 7, 2022 · 3 comments · Fixed by #6495
Assignees
@rickard-green
Labels
bug Issue is reported as a bug team:VM Assigned to OTP team VM

Comments

@zzydxm
Copy link
Contributor

zzydxm commented Nov 7, 2022
edited

Describe the bug
We occasionally see this back trace in our coredumps:

#0  0x0000000000728c07 in lookup_tracer_nif (tracer=59) at beam/erl_trace.c:2636
#1  0x0000000000734699 in call_enabled_tracer (t_p_id=19756849570803, tag=43083, topt=TRACE_FUN_ENABLED, tnif_ret=0x0, tracer=59) at beam/erl_trace.c:2845
#2  is_tracer_enabled (tag=43083, topt=TRACE_FUN_ENABLED, tnif_ret=0x0, t_p=0x7fc406851da8, c_p_locks=1, c_p=0x7fc406851da8) at beam/erl_trace.c:2889
#3  erts_is_tracer_proc_enabled (c_p=c_p@entry=0x7fc406851da8, c_p_locks=c_p_locks@entry=1, t_p=t_p@entry=0x7fc406851da8) at beam/erl_trace.c:2950
#4  0x00000000006035d8 in trace_schedule_in (p=p@entry=0x7fc406851da8, state=687874090) at beam/erl_process.c:10246
#5  0x0000000000620579 in erts_schedule (esdp=<optimized out>, esdp@entry=0x7fc4d62346c0, p=0x7fc406851da8, p@entry=0x7fc405dd5a78, calls=0, calls@entry=1) at beam/erl_process.c:10051
#6  0x00000000006a866e in erts_dirty_process_main (esdp=esdp@entry=0x7fc4d62346c0) at beam/beam_common.c:174
#7  0x00000000006066f6 in sched_dirty_io_thread_func (vesdp=0x7fc4d62346c0) at beam/erl_process.c:8755
#8  0x00000000009e1518 in ethr_init (id=0x7fff792b3230) at pthread/ethread.c:280

It happens that tracer = 59 = erts_tracer_nil = [] in this case, but lookup_tracer_nif is trying to visit ((Eterm*)tracer - TAG_PRIMARY_LIST)[0] which will surely crash.

I checked the code that erts_tracer_nil should be a valid value on tracer, so I think a if(tracer == erts_tracer_nil) should be added in lookup_tracer_nif and return null if it does equal.

To Reproduce
Although this happens not rarely in our code base, I don't know how to reproduce this reliably due to lack of knowledge in erl_trace

Expected behavior
lookup_tracer_nif should not crash on erts_tracer_nil

Affected versions
25.0.2
@zzydxm zzydxm added the bug Issue is reported as a bug label Nov 7, 2022
@RaimoNiskanen RaimoNiskanen added the team:VM Assigned to OTP team VM label Nov 9, 2022
@zzydxm zzydxm mentioned this issue Nov 22, 2022
Merged
@max-au
Copy link
Contributor

max-au commented Nov 23, 2022

Is this a duplicate of #5984 ?

@rickard-green rickard-green self-assigned this Nov 28, 2022
@zzydxm
Copy link
Contributor Author

zzydxm commented Nov 28, 2022

Is this a duplicate of #5984 ?

Oh yes missed that, it is a duplicate

@rickard-green
Copy link
Contributor

Fixed by #6495 which have been merged into maint now

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rickard-green rickard-green

Labels
bug Issue is reported as a bug team:VM Assigned to OTP team VM
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

avoid crash when tracer = erts_tracer_nil zzydxm/otp
4 participants
@rickard-green @RaimoNiskanen @max-au @zzydxm