Using a relative path for the MasterPageFile throws an exception #26
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
MasterPageFile should be relative to the file being parsed, not the request path
luliyi1024
referenced
this pull request
in luliyi1024/mono
Mar 19, 2013
…-bisect Workaround bad request for generic method during evaluation.
akoeplinger
added a commit
that referenced
this pull request
Jun 5, 2017
Reverts 5e23a77 It seems to cause a crash during msbuild tests: ``` xunit -> Microsoft.Build.Engine.UnitTests... Stacktrace: Native stacktrace: 0 mono 0x0017cad4 mono_handle_native_crash + 308 1 mono 0x001e2b03 sigabrt_signal_handler + 147 2 libsystem_platform.dylib 0x920a8deb _sigtramp + 43 3 ??? 0xffffffff 0x0 + 4294967295 4 libsystem_c.dylib 0x940bb27c abort + 155 5 mono 0x0036886d mono_log_write_logfile + 381 6 mono 0x003630d2 structured_log_adapter + 50 7 mono 0x00380d1b monoeg_assertion_message + 107 8 mono 0x0033863d major_scan_object_with_evacuation + 3373 9 mono 0x0033b3d0 drain_gray_stack + 6608 10 mono 0x0032df57 finish_gray_stack + 151 11 mono 0x0032d3c6 major_finish_collection + 118 12 mono 0x00329909 major_do_collection + 169 13 mono 0x003288bd sgen_perform_collection + 605 14 mono 0x0032a90b sgen_gc_collect + 75 15 mono 0x002d5c4d unload_thread_main + 861 16 mono 0x002abb6b start_wrapper + 795 17 libsystem_pthread.dylib 0x9ae6d5fb _pthread_body + 144 18 libsystem_pthread.dylib 0x9ae6d485 _pthread_struct_init + 0 19 libsystem_pthread.dylib 0x9ae72cf2 thread_start + 34 Debug info from gdb: (lldb) command source -s 0 '/tmp/mono-gdb-commands.2tso9f' Executing commands in '/tmp/mono-gdb-commands.2tso9f'. (lldb) process attach --pid 2037 2017-06-02 13:07:23.000 lldb[2093:282f] Metadata.framework [Error]: couldn't get the client port Process 2037 stopped * thread #1, name = 'tid_507', queue = 'com.apple.main-thread', stop reason = signal SIGSTOP frame #0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 libsystem_kernel.dylib`__psynch_cvwait: -> 0x923cc7ca <+10>: jae 0x923cc7da ; <+26> 0x923cc7cc <+12>: calll 0x923cc7d1 ; <+17> 0x923cc7d1 <+17>: popl %edx 0x923cc7d2 <+18>: movl 0xe0b084f(%edx), %edx Executable module set to "/Users/builder/data/lanes/2716/mono-mac-sdk/external/bockbuild/stage/bin/mono". Architecture set to: i386-apple-macosx. (lldb) thread list Process 2037 stopped * thread #1: tid = 0x530e96a, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'tid_507', queue = 'com.apple.main-thread', stop reason = signal SIGSTOP thread #2: tid = 0x530e96b, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread #3: tid = 0x530e96c, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread #4: tid = 0x530e96d, 0x923c7fb6 libsystem_kernel.dylib`semaphore_wait_trap + 10, name = 'Finalizer' thread #5: tid = 0x530e96e, 0x923cd992 libsystem_kernel.dylib`kevent64 + 10, queue = 'com.apple.libdispatch-manager' thread #6: tid = 0x530ea26, 0x923ccace libsystem_kernel.dylib`__select + 10, name = 'tid_5a03' thread #7: tid = 0x530edf1, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'tid_4007' thread #8: tid = 0x530edf2, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'Threadpool worker' thread #9: tid = 0x530edf3, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'Threadpool worker' thread #10: tid = 0x530edf4, 0x923ccff2 libsystem_kernel.dylib`__wait4 + 10, name = 'Domain unloader' (lldb) thread backtrace all * thread #1, name = 'tid_507', queue = 'com.apple.main-thread', stop reason = signal SIGSTOP * frame #0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame #1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame #2: 0x9ae71bd9 libsystem_pthread.dylib`pthread_cond_wait$UNIX2003 + 71 frame #3: 0x00361ea9 mono`mono_os_event_wait_multiple + 505 frame #4: 0x00361ca5 mono`mono_os_event_wait_one + 53 frame #5: 0x00376b49 mono`mono_thread_info_wait_one_handle + 41 frame #6: 0x002d51b5 mono`mono_domain_try_unload + 485 frame #7: 0x002d4f6a mono`ves_icall_System_AppDomain_InternalUnload + 90 frame #8: 0x05bf9ee0 frame #9: 0x018ce01d mscorlib.dll.dylib`System_AppDomain_Unload_System_AppDomain + 45 frame #10: 0x05bf9d60 frame #11: 0x05bf9ccc frame #12: 0x05bf9d04 frame #13: 0x05bf9c90 frame #14: 0x05bf996d frame #15: 0x02e7d171 frame #16: 0x005c26d4 frame #17: 0x005b6878 frame #18: 0x005b6b7a frame #19: 0x000c38a8 mono`mono_jit_runtime_invoke + 1592 frame #20: 0x002e43fe mono`do_runtime_invoke + 94 frame #21: 0x002e7de3 mono`do_exec_main_checked + 147 frame #22: 0x002e69a5 mono`mono_runtime_run_main_checked + 69 frame #23: 0x0013b687 mono`mono_jit_exec + 311 frame #24: 0x0013e2b2 mono`mono_main + 10114 frame #25: 0x000b22db mono`main + 2011 frame #26: 0x000b1af5 mono`start + 53 thread #2, name = 'SGen worker' frame #0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame #1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame #2: 0x9ae71bd9 libsystem_pthread.dylib`pthread_cond_wait$UNIX2003 + 71 frame #3: 0x0035f0e9 mono`thread_func + 249 frame #4: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame #5: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame #6: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread #3, name = 'SGen worker' frame #0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame #1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame #2: 0x9ae71bd9 libsystem_pthread.dylib`pthread_cond_wait$UNIX2003 + 71 frame #3: 0x0035f0e9 mono`thread_func + 249 frame #4: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame #5: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame #6: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread #4, name = 'Finalizer' frame #0: 0x923c7fb6 libsystem_kernel.dylib`semaphore_wait_trap + 10 frame #1: 0x002dbeb6 mono`finalizer_thread + 278 frame #2: 0x002abb6b mono`start_wrapper + 795 frame #3: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame #4: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame #5: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread #5, queue = 'com.apple.libdispatch-manager' frame #0: 0x923cd992 libsystem_kernel.dylib`kevent64 + 10 frame #1: 0x91b5c899 libdispatch.dylib`_dispatch_mgr_invoke + 238 frame #2: 0x91b5c532 libdispatch.dylib`_dispatch_mgr_thread + 52 thread #6, name = 'tid_5a03' frame #0: 0x923ccace libsystem_kernel.dylib`__select + 10 frame #1: 0x0036df29 mono`mono_poll + 409 frame #2: 0x002b482f mono`poll_event_wait + 111 frame #3: 0x002b345f mono`selector_thread + 1439 frame #4: 0x002abb6b mono`start_wrapper + 795 frame #5: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame #6: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame #7: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread #7, name = 'tid_4007' frame #0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame #1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame #2: 0x9ae71c25 libsystem_pthread.dylib`pthread_cond_timedwait$UNIX2003 + 71 frame #3: 0x003760f3 mono`mono_thread_info_sleep + 979 frame #4: 0x002b1a86 mono`monitor_thread + 262 frame #5: 0x002abb6b mono`start_wrapper + 795 frame #6: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame #7: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame #8: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread #8, name = 'Threadpool worker' frame #0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame #1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame #2: 0x9ae71c25 libsystem_pthread.dylib`pthread_cond_timedwait$UNIX2003 + 71 frame #3: 0x002b12e0 mono`worker_thread + 1024 frame #4: 0x002abb6b mono`start_wrapper + 795 frame #5: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame #6: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame #7: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread #9, name = 'Threadpool worker' frame #0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame #1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame #2: 0x9ae71c25 libsystem_pthread.dylib`pthread_cond_timedwait$UNIX2003 + 71 frame #3: 0x002b12e0 mono`worker_thread + 1024 frame #4: 0x002abb6b mono`start_wrapper + 795 frame #5: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame #6: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame #7: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread #10, name = 'Domain unloader' frame #0: 0x923ccff2 libsystem_kernel.dylib`__wait4 + 10 frame #1: 0x940d9ea5 libsystem_c.dylib`waitpid$UNIX2003 + 48 frame #2: 0x0017cba7 mono`mono_handle_native_crash + 519 frame #3: 0x001e2b03 mono`sigabrt_signal_handler + 147 frame #4: 0x920a8deb libsystem_platform.dylib`_sigtramp + 43 (lldb) detach Process 2037 detached (lldb) quit ================================================================= Got a SIGABRT while executing native code. This usually indicates a fatal error in the mono runtime or one of the native libraries used by your application. ================================================================= ```
Closed
Closed
lewurm
pushed a commit
to lewurm/mono
that referenced
this pull request
Jul 27, 2018
alexanderkyte
added a commit
to alexanderkyte/mono
that referenced
this pull request
Jan 4, 2019
The MERP stress test often catches a crash like so:
```
* frame #0: 0x0000000103409827 mono-sgen`mono_get_hazardous_pointer(pp=0x00007fc559a1a1f8, hp=0x00000001037e9600, hazard_index=1) at hazard-pointer.c:208
frame mono#1: 0x000000010320eb8e mono-sgen`jit_info_table_chunk_index(chunk=0x00007fc4186060a0, hp=0x00000001037e9600, addr=0x00007fff73bffb66) at jit-info.c:200
frame mono#2: 0x000000010320d7fa mono-sgen`jit_info_table_find(table=0x00007fc4186057c0, hp=0x00000001037e9600, addr=0x00007fff73bffb66) at jit-info.c:222
frame mono#3: 0x000000010320d5e6 mono-sgen`mono_jit_info_table_find_internal(domain=0x00007fc418512bc0, addr=0x00007fff73bffb66, try_aot=1, allow_trampolines=1) at jit-info.c:293
frame mono#4: 0x00000001030d67af mono-sgen`sigabrt_signal_handler(_dummy=6, _info=0x00007ffeecd4ea28, context=0x00007ffeecd4ea90) at mini-posix.c:219
frame mono#5: 0x00007fff73dbdf5a libsystem_platform.dylib`_sigtramp + 26
frame mono#6: 0x00007fff73bffb67 libsystem_kernel.dylib`__pthread_kill + 11
frame mono#7: 0x00007fff73dca080 libsystem_pthread.dylib`pthread_kill + 333
frame mono#8: 0x00007fff73b5b1ae libsystem_c.dylib`abort + 127
frame mono#9: 0x00007fff73c59822 libsystem_malloc.dylib`free + 521
frame mono#10: 0x0000000103c7d9d4 libtest.0.dylib`monoeg_g_free(ptr=0x00007ffeecd4ec34) at gmem.c:86
frame mono#11: 0x0000000103c7733b libtest.0.dylib`mono_test_MerpCrashMalloc at libtest.c:7710
frame mono#12: 0x0000000103c5c288
frame mono#13: 0x000000010385dfd1
frame mono#14: 0x0000000102ec85c3 mono-sgen`mono_jit_runtime_invoke(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, exc=0x00007ffeecd4ef08, error=0x00007ffeecd4f250) at mini-runtime.c:3215
frame mono#15: 0x000000010326f39d mono-sgen`do_runtime_invoke(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, exc=0x0000000000000000, error=0x00007ffeecd4f250) at object.c:2977
frame mono#16: 0x0000000103267c61 mono-sgen`mono_runtime_invoke_checked(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, error=0x00007ffeecd4f250) at object.c:3145
frame mono#17: 0x0000000103274d58 mono-sgen`do_exec_main_checked(method=0x00007fc418514288, args=0x00000001040003e8, error=0x00007ffeecd4f250) at object.c:5042
frame mono#18: 0x0000000103272b03 mono-sgen`mono_runtime_exec_main_checked(method=0x00007fc418514288, args=0x00000001040003e8, error=0x00007ffeecd4f250) at object.c:5138
frame mono#19: 0x0000000103272b56 mono-sgen`mono_runtime_run_main_checked(method=0x00007fc418514288, argc=2, argv=0x00007ffeecd4f760, error=0x00007ffeecd4f250) at object.c:4599
frame mono#20: 0x0000000102f78bff mono-sgen`mono_jit_exec_internal(domain=0x00007fc418512bc0, assembly=0x00007fc4185445f0, argc=2, argv=0x00007ffeecd4f760) at driver.c:1298
frame mono#21: 0x0000000102f78a2d mono-sgen`mono_jit_exec(domain=0x00007fc418512bc0, assembly=0x00007fc4185445f0, argc=2, argv=0x00007ffeecd4f760) at driver.c:1257
frame mono#22: 0x0000000102f7d60f mono-sgen`main_thread_handler(user_data=0x00007ffeecd4f6a0) at driver.c:1375
frame mono#23: 0x0000000102f7b8dd mono-sgen`mono_main(argc=3, argv=0x00007ffeecd4f758) at driver.c:2551
frame mono#24: 0x0000000102eb1e4e mono-sgen`mono_main_with_options(argc=3, argv=0x00007ffeecd4f758) at main.c:50
frame mono#25: 0x0000000102eb145d mono-sgen`main(argc=3, argv=0x00007ffeecd4f758) at main.c:406
frame mono#26: 0x00007fff73aaf015 libdyld.dylib`start + 1
frame mono#27: 0x00007fff73aaf015 libdyld.dylib`start + 1
```
because of
```
(lldb) p table->num_chunks
(int) $24 = 6
(lldb) p table->chunks [0]->num_elements
(volatile int) $18 = 50
(lldb) p table->chunks [1]->num_elements
(volatile int) $19 = 48
(lldb) p table->chunks [2]->num_elements
(volatile int) $20 = 48
(lldb) p table->chunks [3]->num_elements
(volatile int) $21 = 32
(lldb) p table->chunks [4]->num_elements
(volatile int) $23 = 32
(lldb) p table->chunks [5]->num_elements
(volatile int) $22 = 1347440720
```
.
It reproduces very often. Adding assertions / memory fences at the end
of the add/remove functions seems to remove this crash.
Looking at the code in the add function, I can picture how a missing
fence right at the end could lead to what we were seeing.
Not 100% happy with this fix, as it's going to have a perf cost. We have
an earlier fence that might be able to be coalesced into this one, but
the logic as-is makes that look unsafe.
alexanderkyte
added a commit
to alexanderkyte/mono
that referenced
this pull request
Jan 7, 2019
The MERP stress test often catches a crash like so:
```
* frame #0: 0x0000000103409827 mono-sgen`mono_get_hazardous_pointer(pp=0x00007fc559a1a1f8, hp=0x00000001037e9600, hazard_index=1) at hazard-pointer.c:208
frame mono#1: 0x000000010320eb8e mono-sgen`jit_info_table_chunk_index(chunk=0x00007fc4186060a0, hp=0x00000001037e9600, addr=0x00007fff73bffb66) at jit-info.c:200
frame mono#2: 0x000000010320d7fa mono-sgen`jit_info_table_find(table=0x00007fc4186057c0, hp=0x00000001037e9600, addr=0x00007fff73bffb66) at jit-info.c:222
frame mono#3: 0x000000010320d5e6 mono-sgen`mono_jit_info_table_find_internal(domain=0x00007fc418512bc0, addr=0x00007fff73bffb66, try_aot=1, allow_trampolines=1) at jit-info.c:293
frame mono#4: 0x00000001030d67af mono-sgen`sigabrt_signal_handler(_dummy=6, _info=0x00007ffeecd4ea28, context=0x00007ffeecd4ea90) at mini-posix.c:219
frame mono#5: 0x00007fff73dbdf5a libsystem_platform.dylib`_sigtramp + 26
frame mono#6: 0x00007fff73bffb67 libsystem_kernel.dylib`__pthread_kill + 11
frame mono#7: 0x00007fff73dca080 libsystem_pthread.dylib`pthread_kill + 333
frame mono#8: 0x00007fff73b5b1ae libsystem_c.dylib`abort + 127
frame mono#9: 0x00007fff73c59822 libsystem_malloc.dylib`free + 521
frame mono#10: 0x0000000103c7d9d4 libtest.0.dylib`monoeg_g_free(ptr=0x00007ffeecd4ec34) at gmem.c:86
frame mono#11: 0x0000000103c7733b libtest.0.dylib`mono_test_MerpCrashMalloc at libtest.c:7710
frame mono#12: 0x0000000103c5c288
frame mono#13: 0x000000010385dfd1
frame mono#14: 0x0000000102ec85c3 mono-sgen`mono_jit_runtime_invoke(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, exc=0x00007ffeecd4ef08, error=0x00007ffeecd4f250) at mini-runtime.c:3215
frame mono#15: 0x000000010326f39d mono-sgen`do_runtime_invoke(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, exc=0x0000000000000000, error=0x00007ffeecd4f250) at object.c:2977
frame mono#16: 0x0000000103267c61 mono-sgen`mono_runtime_invoke_checked(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, error=0x00007ffeecd4f250) at object.c:3145
frame mono#17: 0x0000000103274d58 mono-sgen`do_exec_main_checked(method=0x00007fc418514288, args=0x00000001040003e8, error=0x00007ffeecd4f250) at object.c:5042
frame mono#18: 0x0000000103272b03 mono-sgen`mono_runtime_exec_main_checked(method=0x00007fc418514288, args=0x00000001040003e8, error=0x00007ffeecd4f250) at object.c:5138
frame mono#19: 0x0000000103272b56 mono-sgen`mono_runtime_run_main_checked(method=0x00007fc418514288, argc=2, argv=0x00007ffeecd4f760, error=0x00007ffeecd4f250) at object.c:4599
frame mono#20: 0x0000000102f78bff mono-sgen`mono_jit_exec_internal(domain=0x00007fc418512bc0, assembly=0x00007fc4185445f0, argc=2, argv=0x00007ffeecd4f760) at driver.c:1298
frame mono#21: 0x0000000102f78a2d mono-sgen`mono_jit_exec(domain=0x00007fc418512bc0, assembly=0x00007fc4185445f0, argc=2, argv=0x00007ffeecd4f760) at driver.c:1257
frame mono#22: 0x0000000102f7d60f mono-sgen`main_thread_handler(user_data=0x00007ffeecd4f6a0) at driver.c:1375
frame mono#23: 0x0000000102f7b8dd mono-sgen`mono_main(argc=3, argv=0x00007ffeecd4f758) at driver.c:2551
frame mono#24: 0x0000000102eb1e4e mono-sgen`mono_main_with_options(argc=3, argv=0x00007ffeecd4f758) at main.c:50
frame mono#25: 0x0000000102eb145d mono-sgen`main(argc=3, argv=0x00007ffeecd4f758) at main.c:406
frame mono#26: 0x00007fff73aaf015 libdyld.dylib`start + 1
frame mono#27: 0x00007fff73aaf015 libdyld.dylib`start + 1
```
because of
```
(lldb) p table->num_chunks
(int) $24 = 6
(lldb) p table->chunks [0]->num_elements
(volatile int) $18 = 50
(lldb) p table->chunks [1]->num_elements
(volatile int) $19 = 48
(lldb) p table->chunks [2]->num_elements
(volatile int) $20 = 48
(lldb) p table->chunks [3]->num_elements
(volatile int) $21 = 32
(lldb) p table->chunks [4]->num_elements
(volatile int) $23 = 32
(lldb) p table->chunks [5]->num_elements
(volatile int) $22 = 1347440720
```
.
It reproduces very often. Adding assertions / memory fences at the end
of the add/remove functions seems to remove this crash.
Looking at the code in the add function, I can picture how a missing
fence right at the end could lead to what we were seeing.
Not 100% happy with this fix, as it's going to have a perf cost. We have
an earlier fence that might be able to be coalesced into this one, but
the logic as-is makes that look unsafe.
alexanderkyte
added a commit
to alexanderkyte/mono
that referenced
this pull request
Jan 7, 2019
The MERP stress test often catches a crash like so:
```
* frame #0: 0x0000000103409827 mono-sgen`mono_get_hazardous_pointer(pp=0x00007fc559a1a1f8, hp=0x00000001037e9600, hazard_index=1) at hazard-pointer.c:208
frame mono#1: 0x000000010320eb8e mono-sgen`jit_info_table_chunk_index(chunk=0x00007fc4186060a0, hp=0x00000001037e9600, addr=0x00007fff73bffb66) at jit-info.c:200
frame mono#2: 0x000000010320d7fa mono-sgen`jit_info_table_find(table=0x00007fc4186057c0, hp=0x00000001037e9600, addr=0x00007fff73bffb66) at jit-info.c:222
frame mono#3: 0x000000010320d5e6 mono-sgen`mono_jit_info_table_find_internal(domain=0x00007fc418512bc0, addr=0x00007fff73bffb66, try_aot=1, allow_trampolines=1) at jit-info.c:293
frame mono#4: 0x00000001030d67af mono-sgen`sigabrt_signal_handler(_dummy=6, _info=0x00007ffeecd4ea28, context=0x00007ffeecd4ea90) at mini-posix.c:219
frame mono#5: 0x00007fff73dbdf5a libsystem_platform.dylib`_sigtramp + 26
frame mono#6: 0x00007fff73bffb67 libsystem_kernel.dylib`__pthread_kill + 11
frame mono#7: 0x00007fff73dca080 libsystem_pthread.dylib`pthread_kill + 333
frame mono#8: 0x00007fff73b5b1ae libsystem_c.dylib`abort + 127
frame mono#9: 0x00007fff73c59822 libsystem_malloc.dylib`free + 521
frame mono#10: 0x0000000103c7d9d4 libtest.0.dylib`monoeg_g_free(ptr=0x00007ffeecd4ec34) at gmem.c:86
frame mono#11: 0x0000000103c7733b libtest.0.dylib`mono_test_MerpCrashMalloc at libtest.c:7710
frame mono#12: 0x0000000103c5c288
frame mono#13: 0x000000010385dfd1
frame mono#14: 0x0000000102ec85c3 mono-sgen`mono_jit_runtime_invoke(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, exc=0x00007ffeecd4ef08, error=0x00007ffeecd4f250) at mini-runtime.c:3215
frame mono#15: 0x000000010326f39d mono-sgen`do_runtime_invoke(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, exc=0x0000000000000000, error=0x00007ffeecd4f250) at object.c:2977
frame mono#16: 0x0000000103267c61 mono-sgen`mono_runtime_invoke_checked(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, error=0x00007ffeecd4f250) at object.c:3145
frame mono#17: 0x0000000103274d58 mono-sgen`do_exec_main_checked(method=0x00007fc418514288, args=0x00000001040003e8, error=0x00007ffeecd4f250) at object.c:5042
frame mono#18: 0x0000000103272b03 mono-sgen`mono_runtime_exec_main_checked(method=0x00007fc418514288, args=0x00000001040003e8, error=0x00007ffeecd4f250) at object.c:5138
frame mono#19: 0x0000000103272b56 mono-sgen`mono_runtime_run_main_checked(method=0x00007fc418514288, argc=2, argv=0x00007ffeecd4f760, error=0x00007ffeecd4f250) at object.c:4599
frame mono#20: 0x0000000102f78bff mono-sgen`mono_jit_exec_internal(domain=0x00007fc418512bc0, assembly=0x00007fc4185445f0, argc=2, argv=0x00007ffeecd4f760) at driver.c:1298
frame mono#21: 0x0000000102f78a2d mono-sgen`mono_jit_exec(domain=0x00007fc418512bc0, assembly=0x00007fc4185445f0, argc=2, argv=0x00007ffeecd4f760) at driver.c:1257
frame mono#22: 0x0000000102f7d60f mono-sgen`main_thread_handler(user_data=0x00007ffeecd4f6a0) at driver.c:1375
frame mono#23: 0x0000000102f7b8dd mono-sgen`mono_main(argc=3, argv=0x00007ffeecd4f758) at driver.c:2551
frame mono#24: 0x0000000102eb1e4e mono-sgen`mono_main_with_options(argc=3, argv=0x00007ffeecd4f758) at main.c:50
frame mono#25: 0x0000000102eb145d mono-sgen`main(argc=3, argv=0x00007ffeecd4f758) at main.c:406
frame mono#26: 0x00007fff73aaf015 libdyld.dylib`start + 1
frame mono#27: 0x00007fff73aaf015 libdyld.dylib`start + 1
```
because of
```
(lldb) p table->num_chunks
(int) $24 = 6
(lldb) p table->chunks [0]->num_elements
(volatile int) $18 = 50
(lldb) p table->chunks [1]->num_elements
(volatile int) $19 = 48
(lldb) p table->chunks [2]->num_elements
(volatile int) $20 = 48
(lldb) p table->chunks [3]->num_elements
(volatile int) $21 = 32
(lldb) p table->chunks [4]->num_elements
(volatile int) $23 = 32
(lldb) p table->chunks [5]->num_elements
(volatile int) $22 = 1347440720
```
.
It reproduces very often. Adding assertions / memory fences at the end
of the add/remove functions seems to remove this crash.
Looking at the code in the add function, I can picture how a missing
fence right at the end could lead to what we were seeing.
Not 100% happy with this fix, as it's going to have a perf cost. We have
an earlier fence that might be able to be coalesced into this one, but
the logic as-is makes that look unsafe.
alexanderkyte
added a commit
to alexanderkyte/mono
that referenced
this pull request
Jan 11, 2019
The MERP stress test often catches a crash like so:
```
* frame #0: 0x0000000103409827 mono-sgen`mono_get_hazardous_pointer(pp=0x00007fc559a1a1f8, hp=0x00000001037e9600, hazard_index=1) at hazard-pointer.c:208
frame mono#1: 0x000000010320eb8e mono-sgen`jit_info_table_chunk_index(chunk=0x00007fc4186060a0, hp=0x00000001037e9600, addr=0x00007fff73bffb66) at jit-info.c:200
frame mono#2: 0x000000010320d7fa mono-sgen`jit_info_table_find(table=0x00007fc4186057c0, hp=0x00000001037e9600, addr=0x00007fff73bffb66) at jit-info.c:222
frame mono#3: 0x000000010320d5e6 mono-sgen`mono_jit_info_table_find_internal(domain=0x00007fc418512bc0, addr=0x00007fff73bffb66, try_aot=1, allow_trampolines=1) at jit-info.c:293
frame mono#4: 0x00000001030d67af mono-sgen`sigabrt_signal_handler(_dummy=6, _info=0x00007ffeecd4ea28, context=0x00007ffeecd4ea90) at mini-posix.c:219
frame mono#5: 0x00007fff73dbdf5a libsystem_platform.dylib`_sigtramp + 26
frame mono#6: 0x00007fff73bffb67 libsystem_kernel.dylib`__pthread_kill + 11
frame mono#7: 0x00007fff73dca080 libsystem_pthread.dylib`pthread_kill + 333
frame mono#8: 0x00007fff73b5b1ae libsystem_c.dylib`abort + 127
frame mono#9: 0x00007fff73c59822 libsystem_malloc.dylib`free + 521
frame mono#10: 0x0000000103c7d9d4 libtest.0.dylib`monoeg_g_free(ptr=0x00007ffeecd4ec34) at gmem.c:86
frame mono#11: 0x0000000103c7733b libtest.0.dylib`mono_test_MerpCrashMalloc at libtest.c:7710
frame mono#12: 0x0000000103c5c288
frame mono#13: 0x000000010385dfd1
frame mono#14: 0x0000000102ec85c3 mono-sgen`mono_jit_runtime_invoke(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, exc=0x00007ffeecd4ef08, error=0x00007ffeecd4f250) at mini-runtime.c:3215
frame mono#15: 0x000000010326f39d mono-sgen`do_runtime_invoke(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, exc=0x0000000000000000, error=0x00007ffeecd4f250) at object.c:2977
frame mono#16: 0x0000000103267c61 mono-sgen`mono_runtime_invoke_checked(method=0x00007fc418514288, obj=0x0000000000000000, params=0x00007ffeecd4f180, error=0x00007ffeecd4f250) at object.c:3145
frame mono#17: 0x0000000103274d58 mono-sgen`do_exec_main_checked(method=0x00007fc418514288, args=0x00000001040003e8, error=0x00007ffeecd4f250) at object.c:5042
frame mono#18: 0x0000000103272b03 mono-sgen`mono_runtime_exec_main_checked(method=0x00007fc418514288, args=0x00000001040003e8, error=0x00007ffeecd4f250) at object.c:5138
frame mono#19: 0x0000000103272b56 mono-sgen`mono_runtime_run_main_checked(method=0x00007fc418514288, argc=2, argv=0x00007ffeecd4f760, error=0x00007ffeecd4f250) at object.c:4599
frame mono#20: 0x0000000102f78bff mono-sgen`mono_jit_exec_internal(domain=0x00007fc418512bc0, assembly=0x00007fc4185445f0, argc=2, argv=0x00007ffeecd4f760) at driver.c:1298
frame mono#21: 0x0000000102f78a2d mono-sgen`mono_jit_exec(domain=0x00007fc418512bc0, assembly=0x00007fc4185445f0, argc=2, argv=0x00007ffeecd4f760) at driver.c:1257
frame mono#22: 0x0000000102f7d60f mono-sgen`main_thread_handler(user_data=0x00007ffeecd4f6a0) at driver.c:1375
frame mono#23: 0x0000000102f7b8dd mono-sgen`mono_main(argc=3, argv=0x00007ffeecd4f758) at driver.c:2551
frame mono#24: 0x0000000102eb1e4e mono-sgen`mono_main_with_options(argc=3, argv=0x00007ffeecd4f758) at main.c:50
frame mono#25: 0x0000000102eb145d mono-sgen`main(argc=3, argv=0x00007ffeecd4f758) at main.c:406
frame mono#26: 0x00007fff73aaf015 libdyld.dylib`start + 1
frame mono#27: 0x00007fff73aaf015 libdyld.dylib`start + 1
```
because of
```
(lldb) p table->num_chunks
(int) $24 = 6
(lldb) p table->chunks [0]->num_elements
(volatile int) $18 = 50
(lldb) p table->chunks [1]->num_elements
(volatile int) $19 = 48
(lldb) p table->chunks [2]->num_elements
(volatile int) $20 = 48
(lldb) p table->chunks [3]->num_elements
(volatile int) $21 = 32
(lldb) p table->chunks [4]->num_elements
(volatile int) $23 = 32
(lldb) p table->chunks [5]->num_elements
(volatile int) $22 = 1347440720
```
.
It reproduces very often. Adding assertions / memory fences at the end
of the add/remove functions seems to remove this crash.
Looking at the code in the add function, I can picture how a missing
fence right at the end could lead to what we were seeing.
Not 100% happy with this fix, as it's going to have a perf cost. We have
an earlier fence that might be able to be coalesced into this one, but
the logic as-is makes that look unsafe.
lewurm
added a commit
to lewurm/mono
that referenced
this pull request
Feb 1, 2019
Commit list for mono/corert: * mono/corert@1b7d4a1e4 [Number] make double 0.0 cmp more portable (mono#30) * mono/corert@c4ae51646 Update ISOWeek.cs * mono/corert@7e8bf2382 fix ISOWeek for mcs * mono/corert@0e5f123f6 [corlib] Import System.IO.Stream/BufferedStream from CoreFX (mono#26) Diff: mono/corert@b6a822b...1b7d4a1
This was referenced Feb 1, 2019
Merged
Merged
marek-safar
pushed a commit
that referenced
this pull request
Feb 4, 2019
Commit list for mono/corert: * mono/corert@1b7d4a1e4 [Number] make double 0.0 cmp more portable (#30) * mono/corert@c4ae51646 Update ISOWeek.cs * mono/corert@7e8bf2382 fix ISOWeek for mcs * mono/corert@0e5f123f6 [corlib] Import System.IO.Stream/BufferedStream from CoreFX (#26) Diff: mono/corert@b6a822b...1b7d4a1
lewurm
added a commit
to lewurm/mono
that referenced
this pull request
Sep 20, 2019
Fixes ``` * thread mono#12, name = 'tid_a507', stop reason = EXC_BREAKPOINT (code=1, subcode=0x1be66144) * frame #0: 0x1be66144 libsystem_c.dylib`__abort + 184 frame #1: 0x1be6608c libsystem_c.dylib`abort + 152 frame #2: 0x003e1fa0 monotouchtest`log_callback(log_domain=0x00000000, log_level="error", message="* Assertion at ../../../../../mono/utils/hazard-pointer.c:158, condition `mono_bitset_test_fast (small_id_table, id)' not met\n", fatal=4, user_data=0x00000000) at runtime.m:1251:3 frame mono#3: 0x003abf44 monotouchtest`monoeg_g_logv_nofree(log_domain=0x00000000, log_level=G_LOG_LEVEL_ERROR, format=<unavailable>, args=<unavailable>) at goutput.c:149:2 [opt] frame mono#4: 0x003abfb4 monotouchtest`monoeg_assertion_message(format=<unavailable>) at goutput.c:184:22 [opt] frame mono#5: 0x003904dc monotouchtest`mono_thread_small_id_free(id=<unavailable>) at hazard-pointer.c:0:2 [opt] frame mono#6: 0x003a0a74 monotouchtest`unregister_thread(arg=0x15c88400) at mono-threads.c:588:2 [opt] frame mono#7: 0x00336110 monotouchtest`mono_thread_detach_if_exiting at threads.c:1571:4 [opt] frame mono#8: 0x003e7a14 monotouchtest`::xamarin_release_trampoline(self=0x166452f0, sel="release") at trampolines.m:644:3 frame mono#9: 0x001cdc40 monotouchtest`::-[__Xamarin_NSTimerActionDispatcher release](self=0x166452f0, _cmd="release") at registrar.m:83445:3 frame mono#10: 0x1ce2ae68 Foundation`_timerRelease + 80 frame mono#11: 0x1c31b56c CoreFoundation`CFRunLoopTimerInvalidate + 612 frame mono#12: 0x1c31a554 CoreFoundation`__CFRunLoopTimerDeallocate + 32 frame mono#13: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame mono#14: 0x1c2be6e8 CoreFoundation`__CFArrayReleaseValues + 500 frame mono#15: 0x1c2be4c4 CoreFoundation`CFArrayRemoveAllValues + 104 frame mono#16: 0x1c31ff64 CoreFoundation`__CFSetApplyFunction_block_invoke + 24 frame mono#17: 0x1c3b2e18 CoreFoundation`CFBasicHashApply + 116 frame mono#18: 0x1c31ff10 CoreFoundation`CFSetApplyFunction + 160 frame mono#19: 0x1c3152cc CoreFoundation`__CFRunLoopDeallocate + 204 frame mono#20: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame mono#21: 0x1c304a80 CoreFoundation`__CFTSDFinalize + 144 frame mono#22: 0x1bfa324c libsystem_pthread.dylib`_pthread_tsd_cleanup + 644 frame mono#23: 0x1bf9cc08 libsystem_pthread.dylib`_pthread_exit + 80 frame mono#24: 0x1bf9af24 libsystem_pthread.dylib`pthread_exit + 36 frame mono#25: 0x0039df84 monotouchtest`mono_threads_platform_exit(exit_code=<unavailable>) at mono-threads-posix.c:145:2 [opt] frame mono#26: 0x0033bb84 monotouchtest`start_wrapper(data=0x1609e1c0) at threads.c:1296:2 [opt] frame mono#27: 0x1bf9b914 libsystem_pthread.dylib`_pthread_body + 128 frame mono#28: 0x1bf9b874 libsystem_pthread.dylib`_pthread_start + 44 frame mono#29: 0x1bfa3b94 libsystem_pthread.dylib`thread_start + 4 ```
lewurm
added a commit
to lewurm/mono
that referenced
this pull request
Sep 20, 2019
Fixes ``` * thread mono#12, name = 'tid_a507', stop reason = EXC_BREAKPOINT (code=1, subcode=0x1be66144) * frame #0: 0x1be66144 libsystem_c.dylib`__abort + 184 frame #1: 0x1be6608c libsystem_c.dylib`abort + 152 frame #2: 0x003e1fa0 monotouchtest`log_callback(log_domain=0x00000000, log_level="error", message="* Assertion at ../../../../../mono/utils/hazard-pointer.c:158, condition `mono_bitset_test_fast (small_id_table, id)' not met\n", fatal=4, user_data=0x00000000) at runtime.m:1251:3 frame mono#3: 0x003abf44 monotouchtest`monoeg_g_logv_nofree(log_domain=0x00000000, log_level=G_LOG_LEVEL_ERROR, format=<unavailable>, args=<unavailable>) at goutput.c:149:2 [opt] frame mono#4: 0x003abfb4 monotouchtest`monoeg_assertion_message(format=<unavailable>) at goutput.c:184:22 [opt] frame mono#5: 0x003904dc monotouchtest`mono_thread_small_id_free(id=<unavailable>) at hazard-pointer.c:0:2 [opt] frame mono#6: 0x003a0a74 monotouchtest`unregister_thread(arg=0x15c88400) at mono-threads.c:588:2 [opt] frame mono#7: 0x00336110 monotouchtest`mono_thread_detach_if_exiting at threads.c:1571:4 [opt] frame mono#8: 0x003e7a14 monotouchtest`::xamarin_release_trampoline(self=0x166452f0, sel="release") at trampolines.m:644:3 frame mono#9: 0x001cdc40 monotouchtest`::-[__Xamarin_NSTimerActionDispatcher release](self=0x166452f0, _cmd="release") at registrar.m:83445:3 frame mono#10: 0x1ce2ae68 Foundation`_timerRelease + 80 frame mono#11: 0x1c31b56c CoreFoundation`CFRunLoopTimerInvalidate + 612 frame mono#12: 0x1c31a554 CoreFoundation`__CFRunLoopTimerDeallocate + 32 frame mono#13: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame mono#14: 0x1c2be6e8 CoreFoundation`__CFArrayReleaseValues + 500 frame mono#15: 0x1c2be4c4 CoreFoundation`CFArrayRemoveAllValues + 104 frame mono#16: 0x1c31ff64 CoreFoundation`__CFSetApplyFunction_block_invoke + 24 frame mono#17: 0x1c3b2e18 CoreFoundation`CFBasicHashApply + 116 frame mono#18: 0x1c31ff10 CoreFoundation`CFSetApplyFunction + 160 frame mono#19: 0x1c3152cc CoreFoundation`__CFRunLoopDeallocate + 204 frame mono#20: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame mono#21: 0x1c304a80 CoreFoundation`__CFTSDFinalize + 144 frame mono#22: 0x1bfa324c libsystem_pthread.dylib`_pthread_tsd_cleanup + 644 frame mono#23: 0x1bf9cc08 libsystem_pthread.dylib`_pthread_exit + 80 frame mono#24: 0x1bf9af24 libsystem_pthread.dylib`pthread_exit + 36 frame mono#25: 0x0039df84 monotouchtest`mono_threads_platform_exit(exit_code=<unavailable>) at mono-threads-posix.c:145:2 [opt] frame mono#26: 0x0033bb84 monotouchtest`start_wrapper(data=0x1609e1c0) at threads.c:1296:2 [opt] frame mono#27: 0x1bf9b914 libsystem_pthread.dylib`_pthread_body + 128 frame mono#28: 0x1bf9b874 libsystem_pthread.dylib`_pthread_start + 44 frame mono#29: 0x1bfa3b94 libsystem_pthread.dylib`thread_start + 4 ```
lewurm
added a commit
that referenced
this pull request
Sep 24, 2019
* [threads] clear small_id_key TLS when unregistering a thread Fixes ``` * thread #12, name = 'tid_a507', stop reason = EXC_BREAKPOINT (code=1, subcode=0x1be66144) * frame #0: 0x1be66144 libsystem_c.dylib`__abort + 184 frame #1: 0x1be6608c libsystem_c.dylib`abort + 152 frame #2: 0x003e1fa0 monotouchtest`log_callback(log_domain=0x00000000, log_level="error", message="* Assertion at ../../../../../mono/utils/hazard-pointer.c:158, condition `mono_bitset_test_fast (small_id_table, id)' not met\n", fatal=4, user_data=0x00000000) at runtime.m:1251:3 frame #3: 0x003abf44 monotouchtest`monoeg_g_logv_nofree(log_domain=0x00000000, log_level=G_LOG_LEVEL_ERROR, format=<unavailable>, args=<unavailable>) at goutput.c:149:2 [opt] frame #4: 0x003abfb4 monotouchtest`monoeg_assertion_message(format=<unavailable>) at goutput.c:184:22 [opt] frame #5: 0x003904dc monotouchtest`mono_thread_small_id_free(id=<unavailable>) at hazard-pointer.c:0:2 [opt] frame #6: 0x003a0a74 monotouchtest`unregister_thread(arg=0x15c88400) at mono-threads.c:588:2 [opt] frame #7: 0x00336110 monotouchtest`mono_thread_detach_if_exiting at threads.c:1571:4 [opt] frame #8: 0x003e7a14 monotouchtest`::xamarin_release_trampoline(self=0x166452f0, sel="release") at trampolines.m:644:3 frame #9: 0x001cdc40 monotouchtest`::-[__Xamarin_NSTimerActionDispatcher release](self=0x166452f0, _cmd="release") at registrar.m:83445:3 frame #10: 0x1ce2ae68 Foundation`_timerRelease + 80 frame #11: 0x1c31b56c CoreFoundation`CFRunLoopTimerInvalidate + 612 frame #12: 0x1c31a554 CoreFoundation`__CFRunLoopTimerDeallocate + 32 frame #13: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame #14: 0x1c2be6e8 CoreFoundation`__CFArrayReleaseValues + 500 frame #15: 0x1c2be4c4 CoreFoundation`CFArrayRemoveAllValues + 104 frame #16: 0x1c31ff64 CoreFoundation`__CFSetApplyFunction_block_invoke + 24 frame #17: 0x1c3b2e18 CoreFoundation`CFBasicHashApply + 116 frame #18: 0x1c31ff10 CoreFoundation`CFSetApplyFunction + 160 frame #19: 0x1c3152cc CoreFoundation`__CFRunLoopDeallocate + 204 frame #20: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame #21: 0x1c304a80 CoreFoundation`__CFTSDFinalize + 144 frame #22: 0x1bfa324c libsystem_pthread.dylib`_pthread_tsd_cleanup + 644 frame #23: 0x1bf9cc08 libsystem_pthread.dylib`_pthread_exit + 80 frame #24: 0x1bf9af24 libsystem_pthread.dylib`pthread_exit + 36 frame #25: 0x0039df84 monotouchtest`mono_threads_platform_exit(exit_code=<unavailable>) at mono-threads-posix.c:145:2 [opt] frame #26: 0x0033bb84 monotouchtest`start_wrapper(data=0x1609e1c0) at threads.c:1296:2 [opt] frame #27: 0x1bf9b914 libsystem_pthread.dylib`_pthread_body + 128 frame #28: 0x1bf9b874 libsystem_pthread.dylib`_pthread_start + 44 frame #29: 0x1bfa3b94 libsystem_pthread.dylib`thread_start + 4 ``` * Update mono/utils/mono-threads.c Co-Authored-By: Aleksey Kliger (λgeek) <akliger@gmail.com>
monojenkins
pushed a commit
to monojenkins/mono
that referenced
this pull request
Sep 24, 2019
Fixes ``` * thread mono#12, name = 'tid_a507', stop reason = EXC_BREAKPOINT (code=1, subcode=0x1be66144) * frame #0: 0x1be66144 libsystem_c.dylib`__abort + 184 frame mono#1: 0x1be6608c libsystem_c.dylib`abort + 152 frame mono#2: 0x003e1fa0 monotouchtest`log_callback(log_domain=0x00000000, log_level="error", message="* Assertion at ../../../../../mono/utils/hazard-pointer.c:158, condition `mono_bitset_test_fast (small_id_table, id)' not met\n", fatal=4, user_data=0x00000000) at runtime.m:1251:3 frame mono#3: 0x003abf44 monotouchtest`monoeg_g_logv_nofree(log_domain=0x00000000, log_level=G_LOG_LEVEL_ERROR, format=<unavailable>, args=<unavailable>) at goutput.c:149:2 [opt] frame mono#4: 0x003abfb4 monotouchtest`monoeg_assertion_message(format=<unavailable>) at goutput.c:184:22 [opt] frame mono#5: 0x003904dc monotouchtest`mono_thread_small_id_free(id=<unavailable>) at hazard-pointer.c:0:2 [opt] frame mono#6: 0x003a0a74 monotouchtest`unregister_thread(arg=0x15c88400) at mono-threads.c:588:2 [opt] frame mono#7: 0x00336110 monotouchtest`mono_thread_detach_if_exiting at threads.c:1571:4 [opt] frame mono#8: 0x003e7a14 monotouchtest`::xamarin_release_trampoline(self=0x166452f0, sel="release") at trampolines.m:644:3 frame mono#9: 0x001cdc40 monotouchtest`::-[__Xamarin_NSTimerActionDispatcher release](self=0x166452f0, _cmd="release") at registrar.m:83445:3 frame mono#10: 0x1ce2ae68 Foundation`_timerRelease + 80 frame mono#11: 0x1c31b56c CoreFoundation`CFRunLoopTimerInvalidate + 612 frame mono#12: 0x1c31a554 CoreFoundation`__CFRunLoopTimerDeallocate + 32 frame mono#13: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame mono#14: 0x1c2be6e8 CoreFoundation`__CFArrayReleaseValues + 500 frame mono#15: 0x1c2be4c4 CoreFoundation`CFArrayRemoveAllValues + 104 frame mono#16: 0x1c31ff64 CoreFoundation`__CFSetApplyFunction_block_invoke + 24 frame mono#17: 0x1c3b2e18 CoreFoundation`CFBasicHashApply + 116 frame mono#18: 0x1c31ff10 CoreFoundation`CFSetApplyFunction + 160 frame mono#19: 0x1c3152cc CoreFoundation`__CFRunLoopDeallocate + 204 frame mono#20: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame mono#21: 0x1c304a80 CoreFoundation`__CFTSDFinalize + 144 frame mono#22: 0x1bfa324c libsystem_pthread.dylib`_pthread_tsd_cleanup + 644 frame mono#23: 0x1bf9cc08 libsystem_pthread.dylib`_pthread_exit + 80 frame mono#24: 0x1bf9af24 libsystem_pthread.dylib`pthread_exit + 36 frame mono#25: 0x0039df84 monotouchtest`mono_threads_platform_exit(exit_code=<unavailable>) at mono-threads-posix.c:145:2 [opt] frame mono#26: 0x0033bb84 monotouchtest`start_wrapper(data=0x1609e1c0) at threads.c:1296:2 [opt] frame mono#27: 0x1bf9b914 libsystem_pthread.dylib`_pthread_body + 128 frame mono#28: 0x1bf9b874 libsystem_pthread.dylib`_pthread_start + 44 frame mono#29: 0x1bfa3b94 libsystem_pthread.dylib`thread_start + 4 ```
monojenkins
added a commit
that referenced
this pull request
Sep 24, 2019
#17015) [2019-08] [threads] clear small_id_key TLS when unregistering a thread Fixes ``` * thread #12, name = 'tid_a507', stop reason = EXC_BREAKPOINT (code=1, subcode=0x1be66144) * frame #0: 0x1be66144 libsystem_c.dylib`__abort + 184 frame #1: 0x1be6608c libsystem_c.dylib`abort + 152 frame #2: 0x003e1fa0 monotouchtest`log_callback(log_domain=0x00000000, log_level="error", message="* Assertion at ../../../../../mono/utils/hazard-pointer.c:158, condition `mono_bitset_test_fast (small_id_table, id)' not met\n", fatal=4, user_data=0x00000000) at runtime.m:1251:3 frame #3: 0x003abf44 monotouchtest`monoeg_g_logv_nofree(log_domain=0x00000000, log_level=G_LOG_LEVEL_ERROR, format=<unavailable>, args=<unavailable>) at goutput.c:149:2 [opt] frame #4: 0x003abfb4 monotouchtest`monoeg_assertion_message(format=<unavailable>) at goutput.c:184:22 [opt] frame #5: 0x003904dc monotouchtest`mono_thread_small_id_free(id=<unavailable>) at hazard-pointer.c:0:2 [opt] frame #6: 0x003a0a74 monotouchtest`unregister_thread(arg=0x15c88400) at mono-threads.c:588:2 [opt] frame #7: 0x00336110 monotouchtest`mono_thread_detach_if_exiting at threads.c:1571:4 [opt] frame #8: 0x003e7a14 monotouchtest`::xamarin_release_trampoline(self=0x166452f0, sel="release") at trampolines.m:644:3 frame #9: 0x001cdc40 monotouchtest`::-[__Xamarin_NSTimerActionDispatcher release](self=0x166452f0, _cmd="release") at registrar.m:83445:3 frame #10: 0x1ce2ae68 Foundation`_timerRelease + 80 frame #11: 0x1c31b56c CoreFoundation`CFRunLoopTimerInvalidate + 612 frame #12: 0x1c31a554 CoreFoundation`__CFRunLoopTimerDeallocate + 32 frame #13: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame #14: 0x1c2be6e8 CoreFoundation`__CFArrayReleaseValues + 500 frame #15: 0x1c2be4c4 CoreFoundation`CFArrayRemoveAllValues + 104 frame #16: 0x1c31ff64 CoreFoundation`__CFSetApplyFunction_block_invoke + 24 frame #17: 0x1c3b2e18 CoreFoundation`CFBasicHashApply + 116 frame #18: 0x1c31ff10 CoreFoundation`CFSetApplyFunction + 160 frame #19: 0x1c3152cc CoreFoundation`__CFRunLoopDeallocate + 204 frame #20: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame #21: 0x1c304a80 CoreFoundation`__CFTSDFinalize + 144 frame #22: 0x1bfa324c libsystem_pthread.dylib`_pthread_tsd_cleanup + 644 frame #23: 0x1bf9cc08 libsystem_pthread.dylib`_pthread_exit + 80 frame #24: 0x1bf9af24 libsystem_pthread.dylib`pthread_exit + 36 frame #25: 0x0039df84 monotouchtest`mono_threads_platform_exit(exit_code=<unavailable>) at mono-threads-posix.c:145:2 [opt] frame #26: 0x0033bb84 monotouchtest`start_wrapper(data=0x1609e1c0) at threads.c:1296:2 [opt] frame #27: 0x1bf9b914 libsystem_pthread.dylib`_pthread_body + 128 frame #28: 0x1bf9b874 libsystem_pthread.dylib`_pthread_start + 44 frame #29: 0x1bfa3b94 libsystem_pthread.dylib`thread_start + 4 ``` Debugged by @lambdageek. Contributes to #10641 Edit: C/p into PR description so it's in the commit message: We think what happens is: 1. `start_wrapper` runs `unregister_thread` when the thread is exiting. At that point the `small_id` for the thread is cleared from the hazard pointer bitset by `mono_thread_small_id_free (small_id)` 2. Some other TLS destructor runs and attaches the thread again (which runs `mono_thread_info_register_small_id` which first calls `mono_thread_info_get_small_id` which tries to get the small id from the `small_id_key` TLS key and so the new `MonoThreadInfo` has the same `small_id` as the previously destroyed `MonoThreadInfo` - but the hazard pointer bitset is **not** updated). 3. This other TLS destructor runs and calls `mono_thread_detach_if_exiting` which calls `unregister_thread` again. 4. `unregister_thread` calls ` mono_thread_small_id_free (small_id)` a second time which asserts because we already cleared that id from the hazard pointer bitset. Backport of #16973. /cc @lewurm
lewurm
added a commit
to lewurm/mono
that referenced
this pull request
Dec 9, 2019
When the debugger tries to suspend all the VM threads, it can happen with cooperative-suspend that it tries to suspend a thread that has previously been attached, but then did a "light" detach (that only unsets the domain). With the domain set to `NULL`, looking up a JitInfo for a given `ip` will result into a crash, but it isn't even necessarily needed for the purpose of suspending a thread. More details: Consider the following: ``` (lldb) c error: Process is running. Use 'process interrupt' to pause execution. Process 12832 stopped * thread mono#9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 2713 MonoDomain *domain = (MonoDomain *) mono_thread_info_get_suspend_state (info)->unwind_data [MONO_UNWIND_DATA_DOMAIN]; 2714 if (!domain) { 2715 /* not attached */ -> 2716 ji = NULL; 2717 } else { 2718 ji = mono_jit_info_table_find_internal ( domain, MONO_CONTEXT_GET_IP (&mono_thread_info_get_suspend_state (info)->ctx), TRUE, TRUE); 2719 } Target 0: (WatchWCSessionAppWatchOSExtension) stopped. (lldb) bt * thread mono#9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 * frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 frame #1: 0x004e177b WatchWCSessionAppWatchOSExtension`mono_thread_info_safe_suspend_and_run(id=0xb0767000, interrupt_kernel=0, callback=(WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical at debugger-agent.c:2708), user_data=0xb04dc718) at mono-threads.c:1358:19 frame #2: 0x00222799 WatchWCSessionAppWatchOSExtension`notify_thread(key=0x03994508, value=0x81378c00, user_data=0x00000000) at debugger-agent.c:2747:2 frame mono#3: 0x00355bd8 WatchWCSessionAppWatchOSExtension`mono_g_hash_table_foreach(hash=0x8007b4e0, func=(WatchWCSessionAppWatchOSExtension`notify_thread at debugger-agent.c:2733), user_data=0x00000000) at mono-hash.c:310:4 frame mono#4: 0x0021e955 WatchWCSessionAppWatchOSExtension`suspend_vm at debugger-agent.c:2844:3 frame mono#5: 0x00225ff0 WatchWCSessionAppWatchOSExtension`process_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0, il_offset=0, ctx=0x00000000, events=0x805b28e0, suspend_policy=2) at debugger-agent.c:4012:3 frame mono#6: 0x00227c7c WatchWCSessionAppWatchOSExtension`process_profiler_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0) at debugger-agent.c:4072:2 frame mono#7: 0x0021b174 WatchWCSessionAppWatchOSExtension`thread_startup(prof=0x00000000, tid=2957889536) at debugger-agent.c:4149:2 frame mono#8: 0x0037912d WatchWCSessionAppWatchOSExtension`mono_profiler_raise_thread_started(tid=2957889536) at profiler-events.h:103:1 frame mono#9: 0x003d53da WatchWCSessionAppWatchOSExtension`fire_attach_profiler_events(tid=0xb04dd000) at threads.c:1120:2 frame mono#10: 0x003d4d83 WatchWCSessionAppWatchOSExtension`mono_thread_attach(domain=0x801750a0) at threads.c:1547:2 frame mono#11: 0x003df1a1 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop_internal(domain=0x801750a0, cookie=0xb04dcc0c, stackdata=0xb04dcba8) at threads.c:6008:3 frame mono#12: 0x003df287 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop(domain=0x00000000, dummy=0xb04dcc0c) at threads.c:6045:9 frame mono#13: 0x005034b8 WatchWCSessionAppWatchOSExtension`::xamarin_switch_gchandle(self=0x80762c20, to_weak=false) at runtime.m:1805:2 frame mono#14: 0x005065c1 WatchWCSessionAppWatchOSExtension`::xamarin_retain_trampoline(self=0x80762c20, sel="retain") at trampolines.m:693:2 frame mono#15: 0x657ea520 libobjc.A.dylib`objc_retain + 64 frame mono#16: 0x4b4d9caa WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke + 279 frame mono#17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame mono#18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame mono#19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame mono#20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame mono#21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame mono#22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame mono#23: 0x453cb26e Foundation`____addOperations_block_invoke_4 + 20 frame mono#24: 0x65de007b libdispatch.dylib`_dispatch_call_block_and_release + 15 frame mono#25: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#26: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame mono#27: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame mono#28: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame mono#29: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame mono#30: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame mono#31: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` Going further, `info` is about this thread: ``` (lldb) p/x *(int *)(((char *) info->node.key) + 0xa0) (int) $2 = 0x01243f93 (lldb) thread list Process 12832 stopped thread #1: tid = 0x1243ee1, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_303', queue = 'com.apple.main-thread' thread #2: tid = 0x1243ee6, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10 thread mono#3: tid = 0x1243ee7, 0x65f81aea libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread mono#4: tid = 0x1243ee9, 0x65f7e3d2 libsystem_kernel.dylib`semaphore_wait_trap + 10, name = 'Finalizer' thread mono#5: tid = 0x1243eea, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10, name = 'Debugger agent' thread mono#6: tid = 0x1243f1d, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'com.apple.uikit.eventfetch-thread' thread mono#8: tid = 0x1243f93, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * thread mono#9: tid = 0x12443a9, 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 thread mono#10: tid = 0x1244581, 0x65f7fd32 libsystem_kernel.dylib`__workq_kernreturn + 10 (lldb) thread select 8 * thread mono#8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 libsystem_kernel.dylib`mach_msg_trap: -> 0x65f7e396 <+10>: retl 0x65f7e397 <+11>: nop libsystem_kernel.dylib`mach_msg_overwrite_trap: 0x65f7e398 <+0>: movl $0xffffffe0, %eax ; imm = 0xFFFFFFE0 0x65f7e39d <+5>: calll 0x65f85f44 ; _sysenter_trap (lldb) bt * thread mono#8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 frame #1: 0x65f7e8ff libsystem_kernel.dylib`mach_msg + 47 frame #2: 0x66079679 libxpc.dylib`_xpc_send_serializer + 104 frame mono#3: 0x660794da libxpc.dylib`_xpc_pipe_simpleroutine + 80 frame mono#4: 0x66079852 libxpc.dylib`xpc_pipe_simpleroutine + 43 frame mono#5: 0x66043a8f libsystem_trace.dylib`___os_activity_stream_reflect_block_invoke_2 + 30 frame mono#6: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#7: 0x65de3d71 libdispatch.dylib`_dispatch_block_invoke_direct + 257 frame mono#8: 0x65de3c62 libdispatch.dylib`dispatch_block_perform + 112 frame mono#9: 0x6604349a libsystem_trace.dylib`_os_activity_stream_reflect + 725 frame mono#10: 0x6604ef19 libsystem_trace.dylib`_os_log_impl_stream + 468 frame mono#11: 0x6604e44d libsystem_trace.dylib`_os_log_impl_flatten_and_send + 6410 frame mono#12: 0x6604cb3b libsystem_trace.dylib`_os_log + 137 frame mono#13: 0x6604f4aa libsystem_trace.dylib`_os_log_impl + 31 frame mono#14: 0x4b4eb4e9 WatchConnectivity`WCSerializePayloadDictionary + 393 frame mono#15: 0x4b4d7c4d WatchConnectivity`-[WCSession onqueue_sendResponseDictionary:identifier:] + 195 frame mono#16: 0x4b4da435 WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke.411 + 35 frame mono#17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame mono#18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame mono#19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame mono#20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame mono#21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame mono#22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame mono#23: 0x453cb067 Foundation`____addOperations_block_invoke_2 + 20 frame mono#24: 0x65dedf49 libdispatch.dylib`_dispatch_block_async_invoke2 + 77 frame mono#25: 0x65de4461 libdispatch.dylib`_dispatch_block_async_invoke_and_release + 17 frame mono#26: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#27: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame mono#28: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame mono#29: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame mono#30: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame mono#31: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame mono#32: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` which is a thread in a "light" detach state (aka. coop detach), where we only unset the domain: https://github.com/mono/mono/blob/4cefdcb7ce2d939ee78fb45d1b4913eb3bc064fd/mono/metadata/threads.c#L6084-L6111 Fixes mono#17926
lewurm
added a commit
that referenced
this pull request
Dec 10, 2019
When the debugger tries to suspend all the VM threads, it can happen with cooperative-suspend that it tries to suspend a thread that has previously been attached, but then did a "light" detach (that only unsets the domain). With the domain set to `NULL`, looking up a JitInfo for a given `ip` will result into a crash, but it isn't even necessarily needed for the purpose of suspending a thread. More details: Consider the following: ``` (lldb) c error: Process is running. Use 'process interrupt' to pause execution. Process 12832 stopped * thread #9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 2713 MonoDomain *domain = (MonoDomain *) mono_thread_info_get_suspend_state (info)->unwind_data [MONO_UNWIND_DATA_DOMAIN]; 2714 if (!domain) { 2715 /* not attached */ -> 2716 ji = NULL; 2717 } else { 2718 ji = mono_jit_info_table_find_internal ( domain, MONO_CONTEXT_GET_IP (&mono_thread_info_get_suspend_state (info)->ctx), TRUE, TRUE); 2719 } Target 0: (WatchWCSessionAppWatchOSExtension) stopped. (lldb) bt * thread #9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 * frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 frame #1: 0x004e177b WatchWCSessionAppWatchOSExtension`mono_thread_info_safe_suspend_and_run(id=0xb0767000, interrupt_kernel=0, callback=(WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical at debugger-agent.c:2708), user_data=0xb04dc718) at mono-threads.c:1358:19 frame #2: 0x00222799 WatchWCSessionAppWatchOSExtension`notify_thread(key=0x03994508, value=0x81378c00, user_data=0x00000000) at debugger-agent.c:2747:2 frame #3: 0x00355bd8 WatchWCSessionAppWatchOSExtension`mono_g_hash_table_foreach(hash=0x8007b4e0, func=(WatchWCSessionAppWatchOSExtension`notify_thread at debugger-agent.c:2733), user_data=0x00000000) at mono-hash.c:310:4 frame #4: 0x0021e955 WatchWCSessionAppWatchOSExtension`suspend_vm at debugger-agent.c:2844:3 frame #5: 0x00225ff0 WatchWCSessionAppWatchOSExtension`process_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0, il_offset=0, ctx=0x00000000, events=0x805b28e0, suspend_policy=2) at debugger-agent.c:4012:3 frame #6: 0x00227c7c WatchWCSessionAppWatchOSExtension`process_profiler_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0) at debugger-agent.c:4072:2 frame #7: 0x0021b174 WatchWCSessionAppWatchOSExtension`thread_startup(prof=0x00000000, tid=2957889536) at debugger-agent.c:4149:2 frame #8: 0x0037912d WatchWCSessionAppWatchOSExtension`mono_profiler_raise_thread_started(tid=2957889536) at profiler-events.h:103:1 frame #9: 0x003d53da WatchWCSessionAppWatchOSExtension`fire_attach_profiler_events(tid=0xb04dd000) at threads.c:1120:2 frame #10: 0x003d4d83 WatchWCSessionAppWatchOSExtension`mono_thread_attach(domain=0x801750a0) at threads.c:1547:2 frame #11: 0x003df1a1 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop_internal(domain=0x801750a0, cookie=0xb04dcc0c, stackdata=0xb04dcba8) at threads.c:6008:3 frame #12: 0x003df287 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop(domain=0x00000000, dummy=0xb04dcc0c) at threads.c:6045:9 frame #13: 0x005034b8 WatchWCSessionAppWatchOSExtension`::xamarin_switch_gchandle(self=0x80762c20, to_weak=false) at runtime.m:1805:2 frame #14: 0x005065c1 WatchWCSessionAppWatchOSExtension`::xamarin_retain_trampoline(self=0x80762c20, sel="retain") at trampolines.m:693:2 frame #15: 0x657ea520 libobjc.A.dylib`objc_retain + 64 frame #16: 0x4b4d9caa WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke + 279 frame #17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame #18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame #19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame #20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame #21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame #22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame #23: 0x453cb26e Foundation`____addOperations_block_invoke_4 + 20 frame #24: 0x65de007b libdispatch.dylib`_dispatch_call_block_and_release + 15 frame #25: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #26: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame #27: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame #28: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame #29: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame #30: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame #31: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` Going further, `info` is about this thread: ``` (lldb) p/x *(int *)(((char *) info->node.key) + 0xa0) (int) $2 = 0x01243f93 (lldb) thread list Process 12832 stopped thread #1: tid = 0x1243ee1, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_303', queue = 'com.apple.main-thread' thread #2: tid = 0x1243ee6, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10 thread #3: tid = 0x1243ee7, 0x65f81aea libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread #4: tid = 0x1243ee9, 0x65f7e3d2 libsystem_kernel.dylib`semaphore_wait_trap + 10, name = 'Finalizer' thread #5: tid = 0x1243eea, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10, name = 'Debugger agent' thread #6: tid = 0x1243f1d, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'com.apple.uikit.eventfetch-thread' thread #8: tid = 0x1243f93, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * thread #9: tid = 0x12443a9, 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 thread #10: tid = 0x1244581, 0x65f7fd32 libsystem_kernel.dylib`__workq_kernreturn + 10 (lldb) thread select 8 * thread #8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 libsystem_kernel.dylib`mach_msg_trap: -> 0x65f7e396 <+10>: retl 0x65f7e397 <+11>: nop libsystem_kernel.dylib`mach_msg_overwrite_trap: 0x65f7e398 <+0>: movl $0xffffffe0, %eax ; imm = 0xFFFFFFE0 0x65f7e39d <+5>: calll 0x65f85f44 ; _sysenter_trap (lldb) bt * thread #8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 frame #1: 0x65f7e8ff libsystem_kernel.dylib`mach_msg + 47 frame #2: 0x66079679 libxpc.dylib`_xpc_send_serializer + 104 frame #3: 0x660794da libxpc.dylib`_xpc_pipe_simpleroutine + 80 frame #4: 0x66079852 libxpc.dylib`xpc_pipe_simpleroutine + 43 frame #5: 0x66043a8f libsystem_trace.dylib`___os_activity_stream_reflect_block_invoke_2 + 30 frame #6: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #7: 0x65de3d71 libdispatch.dylib`_dispatch_block_invoke_direct + 257 frame #8: 0x65de3c62 libdispatch.dylib`dispatch_block_perform + 112 frame #9: 0x6604349a libsystem_trace.dylib`_os_activity_stream_reflect + 725 frame #10: 0x6604ef19 libsystem_trace.dylib`_os_log_impl_stream + 468 frame #11: 0x6604e44d libsystem_trace.dylib`_os_log_impl_flatten_and_send + 6410 frame #12: 0x6604cb3b libsystem_trace.dylib`_os_log + 137 frame #13: 0x6604f4aa libsystem_trace.dylib`_os_log_impl + 31 frame #14: 0x4b4eb4e9 WatchConnectivity`WCSerializePayloadDictionary + 393 frame #15: 0x4b4d7c4d WatchConnectivity`-[WCSession onqueue_sendResponseDictionary:identifier:] + 195 frame #16: 0x4b4da435 WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke.411 + 35 frame #17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame #18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame #19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame #20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame #21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame #22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame #23: 0x453cb067 Foundation`____addOperations_block_invoke_2 + 20 frame #24: 0x65dedf49 libdispatch.dylib`_dispatch_block_async_invoke2 + 77 frame #25: 0x65de4461 libdispatch.dylib`_dispatch_block_async_invoke_and_release + 17 frame #26: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #27: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame #28: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame #29: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame #30: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame #31: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame #32: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` which is a thread in a "light" detach state (aka. coop detach), where we only unset the domain: https://github.com/mono/mono/blob/4cefdcb7ce2d939ee78fb45d1b4913eb3bc064fd/mono/metadata/threads.c#L6084-L6111 Fixes #17926
monojenkins
pushed a commit
to monojenkins/mono
that referenced
this pull request
Dec 10, 2019
When the debugger tries to suspend all the VM threads, it can happen with cooperative-suspend that it tries to suspend a thread that has previously been attached, but then did a "light" detach (that only unsets the domain). With the domain set to `NULL`, looking up a JitInfo for a given `ip` will result into a crash, but it isn't even necessarily needed for the purpose of suspending a thread. More details: Consider the following: ``` (lldb) c error: Process is running. Use 'process interrupt' to pause execution. Process 12832 stopped * thread mono#9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 2713 MonoDomain *domain = (MonoDomain *) mono_thread_info_get_suspend_state (info)->unwind_data [MONO_UNWIND_DATA_DOMAIN]; 2714 if (!domain) { 2715 /* not attached */ -> 2716 ji = NULL; 2717 } else { 2718 ji = mono_jit_info_table_find_internal ( domain, MONO_CONTEXT_GET_IP (&mono_thread_info_get_suspend_state (info)->ctx), TRUE, TRUE); 2719 } Target 0: (WatchWCSessionAppWatchOSExtension) stopped. (lldb) bt * thread mono#9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 * frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 frame mono#1: 0x004e177b WatchWCSessionAppWatchOSExtension`mono_thread_info_safe_suspend_and_run(id=0xb0767000, interrupt_kernel=0, callback=(WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical at debugger-agent.c:2708), user_data=0xb04dc718) at mono-threads.c:1358:19 frame mono#2: 0x00222799 WatchWCSessionAppWatchOSExtension`notify_thread(key=0x03994508, value=0x81378c00, user_data=0x00000000) at debugger-agent.c:2747:2 frame mono#3: 0x00355bd8 WatchWCSessionAppWatchOSExtension`mono_g_hash_table_foreach(hash=0x8007b4e0, func=(WatchWCSessionAppWatchOSExtension`notify_thread at debugger-agent.c:2733), user_data=0x00000000) at mono-hash.c:310:4 frame mono#4: 0x0021e955 WatchWCSessionAppWatchOSExtension`suspend_vm at debugger-agent.c:2844:3 frame mono#5: 0x00225ff0 WatchWCSessionAppWatchOSExtension`process_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0, il_offset=0, ctx=0x00000000, events=0x805b28e0, suspend_policy=2) at debugger-agent.c:4012:3 frame mono#6: 0x00227c7c WatchWCSessionAppWatchOSExtension`process_profiler_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0) at debugger-agent.c:4072:2 frame mono#7: 0x0021b174 WatchWCSessionAppWatchOSExtension`thread_startup(prof=0x00000000, tid=2957889536) at debugger-agent.c:4149:2 frame mono#8: 0x0037912d WatchWCSessionAppWatchOSExtension`mono_profiler_raise_thread_started(tid=2957889536) at profiler-events.h:103:1 frame mono#9: 0x003d53da WatchWCSessionAppWatchOSExtension`fire_attach_profiler_events(tid=0xb04dd000) at threads.c:1120:2 frame mono#10: 0x003d4d83 WatchWCSessionAppWatchOSExtension`mono_thread_attach(domain=0x801750a0) at threads.c:1547:2 frame mono#11: 0x003df1a1 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop_internal(domain=0x801750a0, cookie=0xb04dcc0c, stackdata=0xb04dcba8) at threads.c:6008:3 frame mono#12: 0x003df287 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop(domain=0x00000000, dummy=0xb04dcc0c) at threads.c:6045:9 frame mono#13: 0x005034b8 WatchWCSessionAppWatchOSExtension`::xamarin_switch_gchandle(self=0x80762c20, to_weak=false) at runtime.m:1805:2 frame mono#14: 0x005065c1 WatchWCSessionAppWatchOSExtension`::xamarin_retain_trampoline(self=0x80762c20, sel="retain") at trampolines.m:693:2 frame mono#15: 0x657ea520 libobjc.A.dylib`objc_retain + 64 frame mono#16: 0x4b4d9caa WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke + 279 frame mono#17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame mono#18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame mono#19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame mono#20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame mono#21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame mono#22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame mono#23: 0x453cb26e Foundation`____addOperations_block_invoke_4 + 20 frame mono#24: 0x65de007b libdispatch.dylib`_dispatch_call_block_and_release + 15 frame mono#25: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#26: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame mono#27: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame mono#28: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame mono#29: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame mono#30: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame mono#31: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` Going further, `info` is about this thread: ``` (lldb) p/x *(int *)(((char *) info->node.key) + 0xa0) (int) $2 = 0x01243f93 (lldb) thread list Process 12832 stopped thread mono#1: tid = 0x1243ee1, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_303', queue = 'com.apple.main-thread' thread mono#2: tid = 0x1243ee6, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10 thread mono#3: tid = 0x1243ee7, 0x65f81aea libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread mono#4: tid = 0x1243ee9, 0x65f7e3d2 libsystem_kernel.dylib`semaphore_wait_trap + 10, name = 'Finalizer' thread mono#5: tid = 0x1243eea, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10, name = 'Debugger agent' thread mono#6: tid = 0x1243f1d, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'com.apple.uikit.eventfetch-thread' thread mono#8: tid = 0x1243f93, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * thread mono#9: tid = 0x12443a9, 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 thread mono#10: tid = 0x1244581, 0x65f7fd32 libsystem_kernel.dylib`__workq_kernreturn + 10 (lldb) thread select 8 * thread mono#8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 libsystem_kernel.dylib`mach_msg_trap: -> 0x65f7e396 <+10>: retl 0x65f7e397 <+11>: nop libsystem_kernel.dylib`mach_msg_overwrite_trap: 0x65f7e398 <+0>: movl $0xffffffe0, %eax ; imm = 0xFFFFFFE0 0x65f7e39d <+5>: calll 0x65f85f44 ; _sysenter_trap (lldb) bt * thread mono#8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 frame mono#1: 0x65f7e8ff libsystem_kernel.dylib`mach_msg + 47 frame mono#2: 0x66079679 libxpc.dylib`_xpc_send_serializer + 104 frame mono#3: 0x660794da libxpc.dylib`_xpc_pipe_simpleroutine + 80 frame mono#4: 0x66079852 libxpc.dylib`xpc_pipe_simpleroutine + 43 frame mono#5: 0x66043a8f libsystem_trace.dylib`___os_activity_stream_reflect_block_invoke_2 + 30 frame mono#6: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#7: 0x65de3d71 libdispatch.dylib`_dispatch_block_invoke_direct + 257 frame mono#8: 0x65de3c62 libdispatch.dylib`dispatch_block_perform + 112 frame mono#9: 0x6604349a libsystem_trace.dylib`_os_activity_stream_reflect + 725 frame mono#10: 0x6604ef19 libsystem_trace.dylib`_os_log_impl_stream + 468 frame mono#11: 0x6604e44d libsystem_trace.dylib`_os_log_impl_flatten_and_send + 6410 frame mono#12: 0x6604cb3b libsystem_trace.dylib`_os_log + 137 frame mono#13: 0x6604f4aa libsystem_trace.dylib`_os_log_impl + 31 frame mono#14: 0x4b4eb4e9 WatchConnectivity`WCSerializePayloadDictionary + 393 frame mono#15: 0x4b4d7c4d WatchConnectivity`-[WCSession onqueue_sendResponseDictionary:identifier:] + 195 frame mono#16: 0x4b4da435 WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke.411 + 35 frame mono#17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame mono#18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame mono#19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame mono#20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame mono#21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame mono#22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame mono#23: 0x453cb067 Foundation`____addOperations_block_invoke_2 + 20 frame mono#24: 0x65dedf49 libdispatch.dylib`_dispatch_block_async_invoke2 + 77 frame mono#25: 0x65de4461 libdispatch.dylib`_dispatch_block_async_invoke_and_release + 17 frame mono#26: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#27: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame mono#28: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame mono#29: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame mono#30: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame mono#31: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame mono#32: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` which is a thread in a "light" detach state (aka. coop detach), where we only unset the domain: https://github.com/mono/mono/blob/4cefdcb7ce2d939ee78fb45d1b4913eb3bc064fd/mono/metadata/threads.c#L6084-L6111 Fixes mono#17926
monojenkins
pushed a commit
to monojenkins/mono
that referenced
this pull request
Dec 10, 2019
When the debugger tries to suspend all the VM threads, it can happen with cooperative-suspend that it tries to suspend a thread that has previously been attached, but then did a "light" detach (that only unsets the domain). With the domain set to `NULL`, looking up a JitInfo for a given `ip` will result into a crash, but it isn't even necessarily needed for the purpose of suspending a thread. More details: Consider the following: ``` (lldb) c error: Process is running. Use 'process interrupt' to pause execution. Process 12832 stopped * thread mono#9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 2713 MonoDomain *domain = (MonoDomain *) mono_thread_info_get_suspend_state (info)->unwind_data [MONO_UNWIND_DATA_DOMAIN]; 2714 if (!domain) { 2715 /* not attached */ -> 2716 ji = NULL; 2717 } else { 2718 ji = mono_jit_info_table_find_internal ( domain, MONO_CONTEXT_GET_IP (&mono_thread_info_get_suspend_state (info)->ctx), TRUE, TRUE); 2719 } Target 0: (WatchWCSessionAppWatchOSExtension) stopped. (lldb) bt * thread mono#9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 * frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 frame mono#1: 0x004e177b WatchWCSessionAppWatchOSExtension`mono_thread_info_safe_suspend_and_run(id=0xb0767000, interrupt_kernel=0, callback=(WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical at debugger-agent.c:2708), user_data=0xb04dc718) at mono-threads.c:1358:19 frame mono#2: 0x00222799 WatchWCSessionAppWatchOSExtension`notify_thread(key=0x03994508, value=0x81378c00, user_data=0x00000000) at debugger-agent.c:2747:2 frame mono#3: 0x00355bd8 WatchWCSessionAppWatchOSExtension`mono_g_hash_table_foreach(hash=0x8007b4e0, func=(WatchWCSessionAppWatchOSExtension`notify_thread at debugger-agent.c:2733), user_data=0x00000000) at mono-hash.c:310:4 frame mono#4: 0x0021e955 WatchWCSessionAppWatchOSExtension`suspend_vm at debugger-agent.c:2844:3 frame mono#5: 0x00225ff0 WatchWCSessionAppWatchOSExtension`process_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0, il_offset=0, ctx=0x00000000, events=0x805b28e0, suspend_policy=2) at debugger-agent.c:4012:3 frame mono#6: 0x00227c7c WatchWCSessionAppWatchOSExtension`process_profiler_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0) at debugger-agent.c:4072:2 frame mono#7: 0x0021b174 WatchWCSessionAppWatchOSExtension`thread_startup(prof=0x00000000, tid=2957889536) at debugger-agent.c:4149:2 frame mono#8: 0x0037912d WatchWCSessionAppWatchOSExtension`mono_profiler_raise_thread_started(tid=2957889536) at profiler-events.h:103:1 frame mono#9: 0x003d53da WatchWCSessionAppWatchOSExtension`fire_attach_profiler_events(tid=0xb04dd000) at threads.c:1120:2 frame mono#10: 0x003d4d83 WatchWCSessionAppWatchOSExtension`mono_thread_attach(domain=0x801750a0) at threads.c:1547:2 frame mono#11: 0x003df1a1 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop_internal(domain=0x801750a0, cookie=0xb04dcc0c, stackdata=0xb04dcba8) at threads.c:6008:3 frame mono#12: 0x003df287 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop(domain=0x00000000, dummy=0xb04dcc0c) at threads.c:6045:9 frame mono#13: 0x005034b8 WatchWCSessionAppWatchOSExtension`::xamarin_switch_gchandle(self=0x80762c20, to_weak=false) at runtime.m:1805:2 frame mono#14: 0x005065c1 WatchWCSessionAppWatchOSExtension`::xamarin_retain_trampoline(self=0x80762c20, sel="retain") at trampolines.m:693:2 frame mono#15: 0x657ea520 libobjc.A.dylib`objc_retain + 64 frame mono#16: 0x4b4d9caa WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke + 279 frame mono#17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame mono#18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame mono#19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame mono#20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame mono#21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame mono#22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame mono#23: 0x453cb26e Foundation`____addOperations_block_invoke_4 + 20 frame mono#24: 0x65de007b libdispatch.dylib`_dispatch_call_block_and_release + 15 frame mono#25: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#26: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame mono#27: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame mono#28: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame mono#29: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame mono#30: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame mono#31: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` Going further, `info` is about this thread: ``` (lldb) p/x *(int *)(((char *) info->node.key) + 0xa0) (int) $2 = 0x01243f93 (lldb) thread list Process 12832 stopped thread mono#1: tid = 0x1243ee1, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_303', queue = 'com.apple.main-thread' thread mono#2: tid = 0x1243ee6, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10 thread mono#3: tid = 0x1243ee7, 0x65f81aea libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread mono#4: tid = 0x1243ee9, 0x65f7e3d2 libsystem_kernel.dylib`semaphore_wait_trap + 10, name = 'Finalizer' thread mono#5: tid = 0x1243eea, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10, name = 'Debugger agent' thread mono#6: tid = 0x1243f1d, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'com.apple.uikit.eventfetch-thread' thread mono#8: tid = 0x1243f93, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * thread mono#9: tid = 0x12443a9, 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 thread mono#10: tid = 0x1244581, 0x65f7fd32 libsystem_kernel.dylib`__workq_kernreturn + 10 (lldb) thread select 8 * thread mono#8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 libsystem_kernel.dylib`mach_msg_trap: -> 0x65f7e396 <+10>: retl 0x65f7e397 <+11>: nop libsystem_kernel.dylib`mach_msg_overwrite_trap: 0x65f7e398 <+0>: movl $0xffffffe0, %eax ; imm = 0xFFFFFFE0 0x65f7e39d <+5>: calll 0x65f85f44 ; _sysenter_trap (lldb) bt * thread mono#8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 frame mono#1: 0x65f7e8ff libsystem_kernel.dylib`mach_msg + 47 frame mono#2: 0x66079679 libxpc.dylib`_xpc_send_serializer + 104 frame mono#3: 0x660794da libxpc.dylib`_xpc_pipe_simpleroutine + 80 frame mono#4: 0x66079852 libxpc.dylib`xpc_pipe_simpleroutine + 43 frame mono#5: 0x66043a8f libsystem_trace.dylib`___os_activity_stream_reflect_block_invoke_2 + 30 frame mono#6: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#7: 0x65de3d71 libdispatch.dylib`_dispatch_block_invoke_direct + 257 frame mono#8: 0x65de3c62 libdispatch.dylib`dispatch_block_perform + 112 frame mono#9: 0x6604349a libsystem_trace.dylib`_os_activity_stream_reflect + 725 frame mono#10: 0x6604ef19 libsystem_trace.dylib`_os_log_impl_stream + 468 frame mono#11: 0x6604e44d libsystem_trace.dylib`_os_log_impl_flatten_and_send + 6410 frame mono#12: 0x6604cb3b libsystem_trace.dylib`_os_log + 137 frame mono#13: 0x6604f4aa libsystem_trace.dylib`_os_log_impl + 31 frame mono#14: 0x4b4eb4e9 WatchConnectivity`WCSerializePayloadDictionary + 393 frame mono#15: 0x4b4d7c4d WatchConnectivity`-[WCSession onqueue_sendResponseDictionary:identifier:] + 195 frame mono#16: 0x4b4da435 WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke.411 + 35 frame mono#17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame mono#18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame mono#19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame mono#20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame mono#21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame mono#22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame mono#23: 0x453cb067 Foundation`____addOperations_block_invoke_2 + 20 frame mono#24: 0x65dedf49 libdispatch.dylib`_dispatch_block_async_invoke2 + 77 frame mono#25: 0x65de4461 libdispatch.dylib`_dispatch_block_async_invoke_and_release + 17 frame mono#26: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#27: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame mono#28: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame mono#29: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame mono#30: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame mono#31: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame mono#32: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` which is a thread in a "light" detach state (aka. coop detach), where we only unset the domain: https://github.com/mono/mono/blob/4cefdcb7ce2d939ee78fb45d1b4913eb3bc064fd/mono/metadata/threads.c#L6084-L6111 Fixes mono#17926
monojenkins
added a commit
that referenced
this pull request
Dec 10, 2019
[2019-12] [debugger] skip suspend for unattached threads When the debugger tries to suspend all the VM threads, it can happen with cooperative-suspend that it tries to suspend a thread that has previously been attached, but then did a "light" detach (that only unsets the domain). With the domain set to `NULL`, looking up a JitInfo for a given `ip` will result into a crash, but it isn't even necessarily needed for the purpose of suspending a thread. More details: Consider the following: ``` (lldb) c error: Process is running. Use 'process interrupt' to pause execution. Process 12832 stopped * thread #9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 2713 MonoDomain *domain = (MonoDomain *) mono_thread_info_get_suspend_state (info)->unwind_data [MONO_UNWIND_DATA_DOMAIN]; 2714 if (!domain) { 2715 /* not attached */ -> 2716 ji = NULL; 2717 } else { 2718 ji = mono_jit_info_table_find_internal ( domain, MONO_CONTEXT_GET_IP (&mono_thread_info_get_suspend_state (info)->ctx), TRUE, TRUE); 2719 } Target 0: (WatchWCSessionAppWatchOSExtension) stopped. (lldb) bt * thread #9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 * frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 frame #1: 0x004e177b WatchWCSessionAppWatchOSExtension`mono_thread_info_safe_suspend_and_run(id=0xb0767000, interrupt_kernel=0, callback=(WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical at debugger-agent.c:2708), user_data=0xb04dc718) at mono-threads.c:1358:19 frame #2: 0x00222799 WatchWCSessionAppWatchOSExtension`notify_thread(key=0x03994508, value=0x81378c00, user_data=0x00000000) at debugger-agent.c:2747:2 frame #3: 0x00355bd8 WatchWCSessionAppWatchOSExtension`mono_g_hash_table_foreach(hash=0x8007b4e0, func=(WatchWCSessionAppWatchOSExtension`notify_thread at debugger-agent.c:2733), user_data=0x00000000) at mono-hash.c:310:4 frame #4: 0x0021e955 WatchWCSessionAppWatchOSExtension`suspend_vm at debugger-agent.c:2844:3 frame #5: 0x00225ff0 WatchWCSessionAppWatchOSExtension`process_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0, il_offset=0, ctx=0x00000000, events=0x805b28e0, suspend_policy=2) at debugger-agent.c:4012:3 frame #6: 0x00227c7c WatchWCSessionAppWatchOSExtension`process_profiler_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0) at debugger-agent.c:4072:2 frame #7: 0x0021b174 WatchWCSessionAppWatchOSExtension`thread_startup(prof=0x00000000, tid=2957889536) at debugger-agent.c:4149:2 frame #8: 0x0037912d WatchWCSessionAppWatchOSExtension`mono_profiler_raise_thread_started(tid=2957889536) at profiler-events.h:103:1 frame #9: 0x003d53da WatchWCSessionAppWatchOSExtension`fire_attach_profiler_events(tid=0xb04dd000) at threads.c:1120:2 frame #10: 0x003d4d83 WatchWCSessionAppWatchOSExtension`mono_thread_attach(domain=0x801750a0) at threads.c:1547:2 frame #11: 0x003df1a1 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop_internal(domain=0x801750a0, cookie=0xb04dcc0c, stackdata=0xb04dcba8) at threads.c:6008:3 frame #12: 0x003df287 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop(domain=0x00000000, dummy=0xb04dcc0c) at threads.c:6045:9 frame #13: 0x005034b8 WatchWCSessionAppWatchOSExtension`::xamarin_switch_gchandle(self=0x80762c20, to_weak=false) at runtime.m:1805:2 frame #14: 0x005065c1 WatchWCSessionAppWatchOSExtension`::xamarin_retain_trampoline(self=0x80762c20, sel="retain") at trampolines.m:693:2 frame #15: 0x657ea520 libobjc.A.dylib`objc_retain + 64 frame #16: 0x4b4d9caa WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke + 279 frame #17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame #18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame #19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame #20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame #21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame #22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame #23: 0x453cb26e Foundation`____addOperations_block_invoke_4 + 20 frame #24: 0x65de007b libdispatch.dylib`_dispatch_call_block_and_release + 15 frame #25: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #26: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame #27: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame #28: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame #29: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame #30: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame #31: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` Going further, `info` is about this thread: ``` (lldb) p/x *(int *)(((char *) info->node.key) + 0xa0) (int) $2 = 0x01243f93 (lldb) thread list Process 12832 stopped thread #1: tid = 0x1243ee1, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_303', queue = 'com.apple.main-thread' thread #2: tid = 0x1243ee6, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10 thread #3: tid = 0x1243ee7, 0x65f81aea libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread #4: tid = 0x1243ee9, 0x65f7e3d2 libsystem_kernel.dylib`semaphore_wait_trap + 10, name = 'Finalizer' thread #5: tid = 0x1243eea, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10, name = 'Debugger agent' thread #6: tid = 0x1243f1d, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'com.apple.uikit.eventfetch-thread' thread #8: tid = 0x1243f93, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * thread #9: tid = 0x12443a9, 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 thread #10: tid = 0x1244581, 0x65f7fd32 libsystem_kernel.dylib`__workq_kernreturn + 10 (lldb) thread select 8 * thread #8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 libsystem_kernel.dylib`mach_msg_trap: -> 0x65f7e396 <+10>: retl 0x65f7e397 <+11>: nop libsystem_kernel.dylib`mach_msg_overwrite_trap: 0x65f7e398 <+0>: movl $0xffffffe0, %eax ; imm = 0xFFFFFFE0 0x65f7e39d <+5>: calll 0x65f85f44 ; _sysenter_trap (lldb) bt * thread #8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 frame #1: 0x65f7e8ff libsystem_kernel.dylib`mach_msg + 47 frame #2: 0x66079679 libxpc.dylib`_xpc_send_serializer + 104 frame #3: 0x660794da libxpc.dylib`_xpc_pipe_simpleroutine + 80 frame #4: 0x66079852 libxpc.dylib`xpc_pipe_simpleroutine + 43 frame #5: 0x66043a8f libsystem_trace.dylib`___os_activity_stream_reflect_block_invoke_2 + 30 frame #6: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #7: 0x65de3d71 libdispatch.dylib`_dispatch_block_invoke_direct + 257 frame #8: 0x65de3c62 libdispatch.dylib`dispatch_block_perform + 112 frame #9: 0x6604349a libsystem_trace.dylib`_os_activity_stream_reflect + 725 frame #10: 0x6604ef19 libsystem_trace.dylib`_os_log_impl_stream + 468 frame #11: 0x6604e44d libsystem_trace.dylib`_os_log_impl_flatten_and_send + 6410 frame #12: 0x6604cb3b libsystem_trace.dylib`_os_log + 137 frame #13: 0x6604f4aa libsystem_trace.dylib`_os_log_impl + 31 frame #14: 0x4b4eb4e9 WatchConnectivity`WCSerializePayloadDictionary + 393 frame #15: 0x4b4d7c4d WatchConnectivity`-[WCSession onqueue_sendResponseDictionary:identifier:] + 195 frame #16: 0x4b4da435 WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke.411 + 35 frame #17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame #18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame #19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame #20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame #21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame #22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame #23: 0x453cb067 Foundation`____addOperations_block_invoke_2 + 20 frame #24: 0x65dedf49 libdispatch.dylib`_dispatch_block_async_invoke2 + 77 frame #25: 0x65de4461 libdispatch.dylib`_dispatch_block_async_invoke_and_release + 17 frame #26: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #27: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame #28: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame #29: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame #30: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame #31: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame #32: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` which is a thread in a "light" detach state (aka. coop detach), where we only unset the domain: https://github.com/mono/mono/blob/4cefdcb7ce2d939ee78fb45d1b4913eb3bc064fd/mono/metadata/threads.c#L6084-L6111 Fixes #17926 <!-- Thank you for your Pull Request! If you are new to contributing to Mono, please try to do your best at conforming to our coding guidelines http://www.mono-project.com/community/contributing/coding-guidelines/ but don't worry if you get something wrong. One of the project members will help you to get things landed. Does your pull request fix any of the existing issues? Please use the following format: Fixes #issue-number --> Backport of #18105. /cc @lewurm
lambdageek
pushed a commit
that referenced
this pull request
Dec 10, 2019
When the debugger tries to suspend all the VM threads, it can happen with cooperative-suspend that it tries to suspend a thread that has previously been attached, but then did a "light" detach (that only unsets the domain). With the domain set to `NULL`, looking up a JitInfo for a given `ip` will result into a crash, but it isn't even necessarily needed for the purpose of suspending a thread. More details: Consider the following: ``` (lldb) c error: Process is running. Use 'process interrupt' to pause execution. Process 12832 stopped * thread #9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 2713 MonoDomain *domain = (MonoDomain *) mono_thread_info_get_suspend_state (info)->unwind_data [MONO_UNWIND_DATA_DOMAIN]; 2714 if (!domain) { 2715 /* not attached */ -> 2716 ji = NULL; 2717 } else { 2718 ji = mono_jit_info_table_find_internal ( domain, MONO_CONTEXT_GET_IP (&mono_thread_info_get_suspend_state (info)->ctx), TRUE, TRUE); 2719 } Target 0: (WatchWCSessionAppWatchOSExtension) stopped. (lldb) bt * thread #9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 * frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 frame #1: 0x004e177b WatchWCSessionAppWatchOSExtension`mono_thread_info_safe_suspend_and_run(id=0xb0767000, interrupt_kernel=0, callback=(WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical at debugger-agent.c:2708), user_data=0xb04dc718) at mono-threads.c:1358:19 frame #2: 0x00222799 WatchWCSessionAppWatchOSExtension`notify_thread(key=0x03994508, value=0x81378c00, user_data=0x00000000) at debugger-agent.c:2747:2 frame #3: 0x00355bd8 WatchWCSessionAppWatchOSExtension`mono_g_hash_table_foreach(hash=0x8007b4e0, func=(WatchWCSessionAppWatchOSExtension`notify_thread at debugger-agent.c:2733), user_data=0x00000000) at mono-hash.c:310:4 frame #4: 0x0021e955 WatchWCSessionAppWatchOSExtension`suspend_vm at debugger-agent.c:2844:3 frame #5: 0x00225ff0 WatchWCSessionAppWatchOSExtension`process_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0, il_offset=0, ctx=0x00000000, events=0x805b28e0, suspend_policy=2) at debugger-agent.c:4012:3 frame #6: 0x00227c7c WatchWCSessionAppWatchOSExtension`process_profiler_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0) at debugger-agent.c:4072:2 frame #7: 0x0021b174 WatchWCSessionAppWatchOSExtension`thread_startup(prof=0x00000000, tid=2957889536) at debugger-agent.c:4149:2 frame #8: 0x0037912d WatchWCSessionAppWatchOSExtension`mono_profiler_raise_thread_started(tid=2957889536) at profiler-events.h:103:1 frame #9: 0x003d53da WatchWCSessionAppWatchOSExtension`fire_attach_profiler_events(tid=0xb04dd000) at threads.c:1120:2 frame #10: 0x003d4d83 WatchWCSessionAppWatchOSExtension`mono_thread_attach(domain=0x801750a0) at threads.c:1547:2 frame #11: 0x003df1a1 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop_internal(domain=0x801750a0, cookie=0xb04dcc0c, stackdata=0xb04dcba8) at threads.c:6008:3 frame #12: 0x003df287 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop(domain=0x00000000, dummy=0xb04dcc0c) at threads.c:6045:9 frame #13: 0x005034b8 WatchWCSessionAppWatchOSExtension`::xamarin_switch_gchandle(self=0x80762c20, to_weak=false) at runtime.m:1805:2 frame #14: 0x005065c1 WatchWCSessionAppWatchOSExtension`::xamarin_retain_trampoline(self=0x80762c20, sel="retain") at trampolines.m:693:2 frame #15: 0x657ea520 libobjc.A.dylib`objc_retain + 64 frame #16: 0x4b4d9caa WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke + 279 frame #17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame #18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame #19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame #20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame #21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame #22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame #23: 0x453cb26e Foundation`____addOperations_block_invoke_4 + 20 frame #24: 0x65de007b libdispatch.dylib`_dispatch_call_block_and_release + 15 frame #25: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #26: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame #27: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame #28: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame #29: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame #30: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame #31: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` Going further, `info` is about this thread: ``` (lldb) p/x *(int *)(((char *) info->node.key) + 0xa0) (int) $2 = 0x01243f93 (lldb) thread list Process 12832 stopped thread #1: tid = 0x1243ee1, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_303', queue = 'com.apple.main-thread' thread #2: tid = 0x1243ee6, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10 thread #3: tid = 0x1243ee7, 0x65f81aea libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread #4: tid = 0x1243ee9, 0x65f7e3d2 libsystem_kernel.dylib`semaphore_wait_trap + 10, name = 'Finalizer' thread #5: tid = 0x1243eea, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10, name = 'Debugger agent' thread #6: tid = 0x1243f1d, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'com.apple.uikit.eventfetch-thread' thread #8: tid = 0x1243f93, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * thread #9: tid = 0x12443a9, 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 thread #10: tid = 0x1244581, 0x65f7fd32 libsystem_kernel.dylib`__workq_kernreturn + 10 (lldb) thread select 8 * thread #8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 libsystem_kernel.dylib`mach_msg_trap: -> 0x65f7e396 <+10>: retl 0x65f7e397 <+11>: nop libsystem_kernel.dylib`mach_msg_overwrite_trap: 0x65f7e398 <+0>: movl $0xffffffe0, %eax ; imm = 0xFFFFFFE0 0x65f7e39d <+5>: calll 0x65f85f44 ; _sysenter_trap (lldb) bt * thread #8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 frame #1: 0x65f7e8ff libsystem_kernel.dylib`mach_msg + 47 frame #2: 0x66079679 libxpc.dylib`_xpc_send_serializer + 104 frame #3: 0x660794da libxpc.dylib`_xpc_pipe_simpleroutine + 80 frame #4: 0x66079852 libxpc.dylib`xpc_pipe_simpleroutine + 43 frame #5: 0x66043a8f libsystem_trace.dylib`___os_activity_stream_reflect_block_invoke_2 + 30 frame #6: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #7: 0x65de3d71 libdispatch.dylib`_dispatch_block_invoke_direct + 257 frame #8: 0x65de3c62 libdispatch.dylib`dispatch_block_perform + 112 frame #9: 0x6604349a libsystem_trace.dylib`_os_activity_stream_reflect + 725 frame #10: 0x6604ef19 libsystem_trace.dylib`_os_log_impl_stream + 468 frame #11: 0x6604e44d libsystem_trace.dylib`_os_log_impl_flatten_and_send + 6410 frame #12: 0x6604cb3b libsystem_trace.dylib`_os_log + 137 frame #13: 0x6604f4aa libsystem_trace.dylib`_os_log_impl + 31 frame #14: 0x4b4eb4e9 WatchConnectivity`WCSerializePayloadDictionary + 393 frame #15: 0x4b4d7c4d WatchConnectivity`-[WCSession onqueue_sendResponseDictionary:identifier:] + 195 frame #16: 0x4b4da435 WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke.411 + 35 frame #17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame #18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame #19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame #20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame #21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame #22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame #23: 0x453cb067 Foundation`____addOperations_block_invoke_2 + 20 frame #24: 0x65dedf49 libdispatch.dylib`_dispatch_block_async_invoke2 + 77 frame #25: 0x65de4461 libdispatch.dylib`_dispatch_block_async_invoke_and_release + 17 frame #26: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #27: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame #28: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame #29: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame #30: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame #31: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame #32: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` which is a thread in a "light" detach state (aka. coop detach), where we only unset the domain: https://github.com/mono/mono/blob/4cefdcb7ce2d939ee78fb45d1b4913eb3bc064fd/mono/metadata/threads.c#L6084-L6111 Fixes #17926
monojenkins
pushed a commit
to monojenkins/mono
that referenced
this pull request
Dec 11, 2019
When the debugger tries to suspend all the VM threads, it can happen with cooperative-suspend that it tries to suspend a thread that has previously been attached, but then did a "light" detach (that only unsets the domain). With the domain set to `NULL`, looking up a JitInfo for a given `ip` will result into a crash, but it isn't even necessarily needed for the purpose of suspending a thread. More details: Consider the following: ``` (lldb) c error: Process is running. Use 'process interrupt' to pause execution. Process 12832 stopped * thread mono#9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 2713 MonoDomain *domain = (MonoDomain *) mono_thread_info_get_suspend_state (info)->unwind_data [MONO_UNWIND_DATA_DOMAIN]; 2714 if (!domain) { 2715 /* not attached */ -> 2716 ji = NULL; 2717 } else { 2718 ji = mono_jit_info_table_find_internal ( domain, MONO_CONTEXT_GET_IP (&mono_thread_info_get_suspend_state (info)->ctx), TRUE, TRUE); 2719 } Target 0: (WatchWCSessionAppWatchOSExtension) stopped. (lldb) bt * thread mono#9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 * frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 frame mono#1: 0x004e177b WatchWCSessionAppWatchOSExtension`mono_thread_info_safe_suspend_and_run(id=0xb0767000, interrupt_kernel=0, callback=(WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical at debugger-agent.c:2708), user_data=0xb04dc718) at mono-threads.c:1358:19 frame mono#2: 0x00222799 WatchWCSessionAppWatchOSExtension`notify_thread(key=0x03994508, value=0x81378c00, user_data=0x00000000) at debugger-agent.c:2747:2 frame mono#3: 0x00355bd8 WatchWCSessionAppWatchOSExtension`mono_g_hash_table_foreach(hash=0x8007b4e0, func=(WatchWCSessionAppWatchOSExtension`notify_thread at debugger-agent.c:2733), user_data=0x00000000) at mono-hash.c:310:4 frame mono#4: 0x0021e955 WatchWCSessionAppWatchOSExtension`suspend_vm at debugger-agent.c:2844:3 frame mono#5: 0x00225ff0 WatchWCSessionAppWatchOSExtension`process_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0, il_offset=0, ctx=0x00000000, events=0x805b28e0, suspend_policy=2) at debugger-agent.c:4012:3 frame mono#6: 0x00227c7c WatchWCSessionAppWatchOSExtension`process_profiler_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0) at debugger-agent.c:4072:2 frame mono#7: 0x0021b174 WatchWCSessionAppWatchOSExtension`thread_startup(prof=0x00000000, tid=2957889536) at debugger-agent.c:4149:2 frame mono#8: 0x0037912d WatchWCSessionAppWatchOSExtension`mono_profiler_raise_thread_started(tid=2957889536) at profiler-events.h:103:1 frame mono#9: 0x003d53da WatchWCSessionAppWatchOSExtension`fire_attach_profiler_events(tid=0xb04dd000) at threads.c:1120:2 frame mono#10: 0x003d4d83 WatchWCSessionAppWatchOSExtension`mono_thread_attach(domain=0x801750a0) at threads.c:1547:2 frame mono#11: 0x003df1a1 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop_internal(domain=0x801750a0, cookie=0xb04dcc0c, stackdata=0xb04dcba8) at threads.c:6008:3 frame mono#12: 0x003df287 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop(domain=0x00000000, dummy=0xb04dcc0c) at threads.c:6045:9 frame mono#13: 0x005034b8 WatchWCSessionAppWatchOSExtension`::xamarin_switch_gchandle(self=0x80762c20, to_weak=false) at runtime.m:1805:2 frame mono#14: 0x005065c1 WatchWCSessionAppWatchOSExtension`::xamarin_retain_trampoline(self=0x80762c20, sel="retain") at trampolines.m:693:2 frame mono#15: 0x657ea520 libobjc.A.dylib`objc_retain + 64 frame mono#16: 0x4b4d9caa WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke + 279 frame mono#17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame mono#18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame mono#19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame mono#20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame mono#21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame mono#22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame mono#23: 0x453cb26e Foundation`____addOperations_block_invoke_4 + 20 frame mono#24: 0x65de007b libdispatch.dylib`_dispatch_call_block_and_release + 15 frame mono#25: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#26: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame mono#27: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame mono#28: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame mono#29: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame mono#30: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame mono#31: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` Going further, `info` is about this thread: ``` (lldb) p/x *(int *)(((char *) info->node.key) + 0xa0) (int) $2 = 0x01243f93 (lldb) thread list Process 12832 stopped thread mono#1: tid = 0x1243ee1, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_303', queue = 'com.apple.main-thread' thread mono#2: tid = 0x1243ee6, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10 thread mono#3: tid = 0x1243ee7, 0x65f81aea libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread mono#4: tid = 0x1243ee9, 0x65f7e3d2 libsystem_kernel.dylib`semaphore_wait_trap + 10, name = 'Finalizer' thread mono#5: tid = 0x1243eea, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10, name = 'Debugger agent' thread mono#6: tid = 0x1243f1d, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'com.apple.uikit.eventfetch-thread' thread mono#8: tid = 0x1243f93, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * thread mono#9: tid = 0x12443a9, 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 thread mono#10: tid = 0x1244581, 0x65f7fd32 libsystem_kernel.dylib`__workq_kernreturn + 10 (lldb) thread select 8 * thread mono#8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 libsystem_kernel.dylib`mach_msg_trap: -> 0x65f7e396 <+10>: retl 0x65f7e397 <+11>: nop libsystem_kernel.dylib`mach_msg_overwrite_trap: 0x65f7e398 <+0>: movl $0xffffffe0, %eax ; imm = 0xFFFFFFE0 0x65f7e39d <+5>: calll 0x65f85f44 ; _sysenter_trap (lldb) bt * thread mono#8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 frame mono#1: 0x65f7e8ff libsystem_kernel.dylib`mach_msg + 47 frame mono#2: 0x66079679 libxpc.dylib`_xpc_send_serializer + 104 frame mono#3: 0x660794da libxpc.dylib`_xpc_pipe_simpleroutine + 80 frame mono#4: 0x66079852 libxpc.dylib`xpc_pipe_simpleroutine + 43 frame mono#5: 0x66043a8f libsystem_trace.dylib`___os_activity_stream_reflect_block_invoke_2 + 30 frame mono#6: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#7: 0x65de3d71 libdispatch.dylib`_dispatch_block_invoke_direct + 257 frame mono#8: 0x65de3c62 libdispatch.dylib`dispatch_block_perform + 112 frame mono#9: 0x6604349a libsystem_trace.dylib`_os_activity_stream_reflect + 725 frame mono#10: 0x6604ef19 libsystem_trace.dylib`_os_log_impl_stream + 468 frame mono#11: 0x6604e44d libsystem_trace.dylib`_os_log_impl_flatten_and_send + 6410 frame mono#12: 0x6604cb3b libsystem_trace.dylib`_os_log + 137 frame mono#13: 0x6604f4aa libsystem_trace.dylib`_os_log_impl + 31 frame mono#14: 0x4b4eb4e9 WatchConnectivity`WCSerializePayloadDictionary + 393 frame mono#15: 0x4b4d7c4d WatchConnectivity`-[WCSession onqueue_sendResponseDictionary:identifier:] + 195 frame mono#16: 0x4b4da435 WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke.411 + 35 frame mono#17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame mono#18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame mono#19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame mono#20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame mono#21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame mono#22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame mono#23: 0x453cb067 Foundation`____addOperations_block_invoke_2 + 20 frame mono#24: 0x65dedf49 libdispatch.dylib`_dispatch_block_async_invoke2 + 77 frame mono#25: 0x65de4461 libdispatch.dylib`_dispatch_block_async_invoke_and_release + 17 frame mono#26: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono#27: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame mono#28: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame mono#29: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame mono#30: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame mono#31: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame mono#32: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` which is a thread in a "light" detach state (aka. coop detach), where we only unset the domain: https://github.com/mono/mono/blob/4cefdcb7ce2d939ee78fb45d1b4913eb3bc064fd/mono/metadata/threads.c#L6084-L6111 Fixes mono#17926
monojenkins
added a commit
that referenced
this pull request
Dec 12, 2019
[2019-08] [debugger] skip suspend for unattached threads When the debugger tries to suspend all the VM threads, it can happen with cooperative-suspend that it tries to suspend a thread that has previously been attached, but then did a "light" detach (that only unsets the domain). With the domain set to `NULL`, looking up a JitInfo for a given `ip` will result into a crash, but it isn't even necessarily needed for the purpose of suspending a thread. More details: Consider the following: ``` (lldb) c error: Process is running. Use 'process interrupt' to pause execution. Process 12832 stopped * thread #9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 2713 MonoDomain *domain = (MonoDomain *) mono_thread_info_get_suspend_state (info)->unwind_data [MONO_UNWIND_DATA_DOMAIN]; 2714 if (!domain) { 2715 /* not attached */ -> 2716 ji = NULL; 2717 } else { 2718 ji = mono_jit_info_table_find_internal ( domain, MONO_CONTEXT_GET_IP (&mono_thread_info_get_suspend_state (info)->ctx), TRUE, TRUE); 2719 } Target 0: (WatchWCSessionAppWatchOSExtension) stopped. (lldb) bt * thread #9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 * frame #0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 frame #1: 0x004e177b WatchWCSessionAppWatchOSExtension`mono_thread_info_safe_suspend_and_run(id=0xb0767000, interrupt_kernel=0, callback=(WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical at debugger-agent.c:2708), user_data=0xb04dc718) at mono-threads.c:1358:19 frame #2: 0x00222799 WatchWCSessionAppWatchOSExtension`notify_thread(key=0x03994508, value=0x81378c00, user_data=0x00000000) at debugger-agent.c:2747:2 frame #3: 0x00355bd8 WatchWCSessionAppWatchOSExtension`mono_g_hash_table_foreach(hash=0x8007b4e0, func=(WatchWCSessionAppWatchOSExtension`notify_thread at debugger-agent.c:2733), user_data=0x00000000) at mono-hash.c:310:4 frame #4: 0x0021e955 WatchWCSessionAppWatchOSExtension`suspend_vm at debugger-agent.c:2844:3 frame #5: 0x00225ff0 WatchWCSessionAppWatchOSExtension`process_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0, il_offset=0, ctx=0x00000000, events=0x805b28e0, suspend_policy=2) at debugger-agent.c:4012:3 frame #6: 0x00227c7c WatchWCSessionAppWatchOSExtension`process_profiler_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0) at debugger-agent.c:4072:2 frame #7: 0x0021b174 WatchWCSessionAppWatchOSExtension`thread_startup(prof=0x00000000, tid=2957889536) at debugger-agent.c:4149:2 frame #8: 0x0037912d WatchWCSessionAppWatchOSExtension`mono_profiler_raise_thread_started(tid=2957889536) at profiler-events.h:103:1 frame #9: 0x003d53da WatchWCSessionAppWatchOSExtension`fire_attach_profiler_events(tid=0xb04dd000) at threads.c:1120:2 frame #10: 0x003d4d83 WatchWCSessionAppWatchOSExtension`mono_thread_attach(domain=0x801750a0) at threads.c:1547:2 frame #11: 0x003df1a1 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop_internal(domain=0x801750a0, cookie=0xb04dcc0c, stackdata=0xb04dcba8) at threads.c:6008:3 frame #12: 0x003df287 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop(domain=0x00000000, dummy=0xb04dcc0c) at threads.c:6045:9 frame #13: 0x005034b8 WatchWCSessionAppWatchOSExtension`::xamarin_switch_gchandle(self=0x80762c20, to_weak=false) at runtime.m:1805:2 frame #14: 0x005065c1 WatchWCSessionAppWatchOSExtension`::xamarin_retain_trampoline(self=0x80762c20, sel="retain") at trampolines.m:693:2 frame #15: 0x657ea520 libobjc.A.dylib`objc_retain + 64 frame #16: 0x4b4d9caa WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke + 279 frame #17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame #18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame #19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame #20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame #21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame #22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame #23: 0x453cb26e Foundation`____addOperations_block_invoke_4 + 20 frame #24: 0x65de007b libdispatch.dylib`_dispatch_call_block_and_release + 15 frame #25: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #26: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame #27: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame #28: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame #29: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame #30: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame #31: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` Going further, `info` is about this thread: ``` (lldb) p/x *(int *)(((char *) info->node.key) + 0xa0) (int) $2 = 0x01243f93 (lldb) thread list Process 12832 stopped thread #1: tid = 0x1243ee1, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_303', queue = 'com.apple.main-thread' thread #2: tid = 0x1243ee6, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10 thread #3: tid = 0x1243ee7, 0x65f81aea libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread #4: tid = 0x1243ee9, 0x65f7e3d2 libsystem_kernel.dylib`semaphore_wait_trap + 10, name = 'Finalizer' thread #5: tid = 0x1243eea, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10, name = 'Debugger agent' thread #6: tid = 0x1243f1d, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'com.apple.uikit.eventfetch-thread' thread #8: tid = 0x1243f93, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * thread #9: tid = 0x12443a9, 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 thread #10: tid = 0x1244581, 0x65f7fd32 libsystem_kernel.dylib`__workq_kernreturn + 10 (lldb) thread select 8 * thread #8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 libsystem_kernel.dylib`mach_msg_trap: -> 0x65f7e396 <+10>: retl 0x65f7e397 <+11>: nop libsystem_kernel.dylib`mach_msg_overwrite_trap: 0x65f7e398 <+0>: movl $0xffffffe0, %eax ; imm = 0xFFFFFFE0 0x65f7e39d <+5>: calll 0x65f85f44 ; _sysenter_trap (lldb) bt * thread #8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * frame #0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 frame #1: 0x65f7e8ff libsystem_kernel.dylib`mach_msg + 47 frame #2: 0x66079679 libxpc.dylib`_xpc_send_serializer + 104 frame #3: 0x660794da libxpc.dylib`_xpc_pipe_simpleroutine + 80 frame #4: 0x66079852 libxpc.dylib`xpc_pipe_simpleroutine + 43 frame #5: 0x66043a8f libsystem_trace.dylib`___os_activity_stream_reflect_block_invoke_2 + 30 frame #6: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #7: 0x65de3d71 libdispatch.dylib`_dispatch_block_invoke_direct + 257 frame #8: 0x65de3c62 libdispatch.dylib`dispatch_block_perform + 112 frame #9: 0x6604349a libsystem_trace.dylib`_os_activity_stream_reflect + 725 frame #10: 0x6604ef19 libsystem_trace.dylib`_os_log_impl_stream + 468 frame #11: 0x6604e44d libsystem_trace.dylib`_os_log_impl_flatten_and_send + 6410 frame #12: 0x6604cb3b libsystem_trace.dylib`_os_log + 137 frame #13: 0x6604f4aa libsystem_trace.dylib`_os_log_impl + 31 frame #14: 0x4b4eb4e9 WatchConnectivity`WCSerializePayloadDictionary + 393 frame #15: 0x4b4d7c4d WatchConnectivity`-[WCSession onqueue_sendResponseDictionary:identifier:] + 195 frame #16: 0x4b4da435 WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke.411 + 35 frame #17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame #18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame #19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame #20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame #21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame #22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame #23: 0x453cb067 Foundation`____addOperations_block_invoke_2 + 20 frame #24: 0x65dedf49 libdispatch.dylib`_dispatch_block_async_invoke2 + 77 frame #25: 0x65de4461 libdispatch.dylib`_dispatch_block_async_invoke_and_release + 17 frame #26: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame #27: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame #28: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame #29: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame #30: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame #31: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame #32: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` which is a thread in a "light" detach state (aka. coop detach), where we only unset the domain: https://github.com/mono/mono/blob/4cefdcb7ce2d939ee78fb45d1b4913eb3bc064fd/mono/metadata/threads.c#L6084-L6111 Fixes #17926 <!-- Thank you for your Pull Request! If you are new to contributing to Mono, please try to do your best at conforming to our coding guidelines http://www.mono-project.com/community/contributing/coding-guidelines/ but don't worry if you get something wrong. One of the project members will help you to get things landed. Does your pull request fix any of the existing issues? Please use the following format: Fixes #issue-number --> Backport of #18105. /cc @lewurm
ManickaP
pushed a commit
to ManickaP/runtime
that referenced
this pull request
Jan 20, 2020
…no#16973) * [threads] clear small_id_key TLS when unregistering a thread Fixes ``` * thread mono/mono#12, name = 'tid_a507', stop reason = EXC_BREAKPOINT (code=1, subcode=0x1be66144) * frame mono/mono#0: 0x1be66144 libsystem_c.dylib`__abort + 184 frame mono/mono#1: 0x1be6608c libsystem_c.dylib`abort + 152 frame mono/mono#2: 0x003e1fa0 monotouchtest`log_callback(log_domain=0x00000000, log_level="error", message="* Assertion at ../../../../../mono/utils/hazard-pointer.c:158, condition `mono_bitset_test_fast (small_id_table, id)' not met\n", fatal=4, user_data=0x00000000) at runtime.m:1251:3 frame mono/mono#3: 0x003abf44 monotouchtest`monoeg_g_logv_nofree(log_domain=0x00000000, log_level=G_LOG_LEVEL_ERROR, format=<unavailable>, args=<unavailable>) at goutput.c:149:2 [opt] frame mono/mono#4: 0x003abfb4 monotouchtest`monoeg_assertion_message(format=<unavailable>) at goutput.c:184:22 [opt] frame mono/mono#5: 0x003904dc monotouchtest`mono_thread_small_id_free(id=<unavailable>) at hazard-pointer.c:0:2 [opt] frame mono/mono#6: 0x003a0a74 monotouchtest`unregister_thread(arg=0x15c88400) at mono-threads.c:588:2 [opt] frame mono/mono#7: 0x00336110 monotouchtest`mono_thread_detach_if_exiting at threads.c:1571:4 [opt] frame mono/mono#8: 0x003e7a14 monotouchtest`::xamarin_release_trampoline(self=0x166452f0, sel="release") at trampolines.m:644:3 frame mono/mono#9: 0x001cdc40 monotouchtest`::-[__Xamarin_NSTimerActionDispatcher release](self=0x166452f0, _cmd="release") at registrar.m:83445:3 frame mono/mono#10: 0x1ce2ae68 Foundation`_timerRelease + 80 frame mono/mono#11: 0x1c31b56c CoreFoundation`CFRunLoopTimerInvalidate + 612 frame mono/mono#12: 0x1c31a554 CoreFoundation`__CFRunLoopTimerDeallocate + 32 frame mono/mono#13: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame mono/mono#14: 0x1c2be6e8 CoreFoundation`__CFArrayReleaseValues + 500 frame mono/mono#15: 0x1c2be4c4 CoreFoundation`CFArrayRemoveAllValues + 104 frame mono/mono#16: 0x1c31ff64 CoreFoundation`__CFSetApplyFunction_block_invoke + 24 frame mono/mono#17: 0x1c3b2e18 CoreFoundation`CFBasicHashApply + 116 frame mono/mono#18: 0x1c31ff10 CoreFoundation`CFSetApplyFunction + 160 frame mono/mono#19: 0x1c3152cc CoreFoundation`__CFRunLoopDeallocate + 204 frame mono/mono#20: 0x1c31dde4 CoreFoundation`_CFRelease + 220 frame mono/mono#21: 0x1c304a80 CoreFoundation`__CFTSDFinalize + 144 frame mono/mono#22: 0x1bfa324c libsystem_pthread.dylib`_pthread_tsd_cleanup + 644 frame mono/mono#23: 0x1bf9cc08 libsystem_pthread.dylib`_pthread_exit + 80 frame mono/mono#24: 0x1bf9af24 libsystem_pthread.dylib`pthread_exit + 36 frame mono/mono#25: 0x0039df84 monotouchtest`mono_threads_platform_exit(exit_code=<unavailable>) at mono-threads-posix.c:145:2 [opt] frame mono/mono#26: 0x0033bb84 monotouchtest`start_wrapper(data=0x1609e1c0) at threads.c:1296:2 [opt] frame mono/mono#27: 0x1bf9b914 libsystem_pthread.dylib`_pthread_body + 128 frame mono/mono#28: 0x1bf9b874 libsystem_pthread.dylib`_pthread_start + 44 frame mono/mono#29: 0x1bfa3b94 libsystem_pthread.dylib`thread_start + 4 ``` * Update mono/utils/mono-threads.c Co-Authored-By: Aleksey Kliger (λgeek) <akliger@gmail.com> Commit migrated from mono/mono@749493d
ManickaP
pushed a commit
to ManickaP/runtime
that referenced
this pull request
Jan 20, 2020
When the debugger tries to suspend all the VM threads, it can happen with cooperative-suspend that it tries to suspend a thread that has previously been attached, but then did a "light" detach (that only unsets the domain). With the domain set to `NULL`, looking up a JitInfo for a given `ip` will result into a crash, but it isn't even necessarily needed for the purpose of suspending a thread. More details: Consider the following: ``` (lldb) c error: Process is running. Use 'process interrupt' to pause execution. Process 12832 stopped * thread mono/mono#9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 frame mono/mono#0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 2713 MonoDomain *domain = (MonoDomain *) mono_thread_info_get_suspend_state (info)->unwind_data [MONO_UNWIND_DATA_DOMAIN]; 2714 if (!domain) { 2715 /* not attached */ -> 2716 ji = NULL; 2717 } else { 2718 ji = mono_jit_info_table_find_internal ( domain, MONO_CONTEXT_GET_IP (&mono_thread_info_get_suspend_state (info)->ctx), TRUE, TRUE); 2719 } Target 0: (WatchWCSessionAppWatchOSExtension) stopped. (lldb) bt * thread mono/mono#9, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 * frame mono/mono#0: 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6 frame mono/mono#1: 0x004e177b WatchWCSessionAppWatchOSExtension`mono_thread_info_safe_suspend_and_run(id=0xb0767000, interrupt_kernel=0, callback=(WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical at debugger-agent.c:2708), user_data=0xb04dc718) at mono-threads.c:1358:19 frame mono/mono#2: 0x00222799 WatchWCSessionAppWatchOSExtension`notify_thread(key=0x03994508, value=0x81378c00, user_data=0x00000000) at debugger-agent.c:2747:2 frame mono/mono#3: 0x00355bd8 WatchWCSessionAppWatchOSExtension`mono_g_hash_table_foreach(hash=0x8007b4e0, func=(WatchWCSessionAppWatchOSExtension`notify_thread at debugger-agent.c:2733), user_data=0x00000000) at mono-hash.c:310:4 frame mono/mono#4: 0x0021e955 WatchWCSessionAppWatchOSExtension`suspend_vm at debugger-agent.c:2844:3 frame mono/mono#5: 0x00225ff0 WatchWCSessionAppWatchOSExtension`process_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0, il_offset=0, ctx=0x00000000, events=0x805b28e0, suspend_policy=2) at debugger-agent.c:4012:3 frame mono/mono#6: 0x00227c7c WatchWCSessionAppWatchOSExtension`process_profiler_event(event=EVENT_KIND_THREAD_START, arg=0x039945d0) at debugger-agent.c:4072:2 frame mono/mono#7: 0x0021b174 WatchWCSessionAppWatchOSExtension`thread_startup(prof=0x00000000, tid=2957889536) at debugger-agent.c:4149:2 frame mono/mono#8: 0x0037912d WatchWCSessionAppWatchOSExtension`mono_profiler_raise_thread_started(tid=2957889536) at profiler-events.h:103:1 frame mono/mono#9: 0x003d53da WatchWCSessionAppWatchOSExtension`fire_attach_profiler_events(tid=0xb04dd000) at threads.c:1120:2 frame mono/mono#10: 0x003d4d83 WatchWCSessionAppWatchOSExtension`mono_thread_attach(domain=0x801750a0) at threads.c:1547:2 frame mono/mono#11: 0x003df1a1 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop_internal(domain=0x801750a0, cookie=0xb04dcc0c, stackdata=0xb04dcba8) at threads.c:6008:3 frame mono/mono#12: 0x003df287 WatchWCSessionAppWatchOSExtension`mono_threads_attach_coop(domain=0x00000000, dummy=0xb04dcc0c) at threads.c:6045:9 frame mono/mono#13: 0x005034b8 WatchWCSessionAppWatchOSExtension`::xamarin_switch_gchandle(self=0x80762c20, to_weak=false) at runtime.m:1805:2 frame mono/mono#14: 0x005065c1 WatchWCSessionAppWatchOSExtension`::xamarin_retain_trampoline(self=0x80762c20, sel="retain") at trampolines.m:693:2 frame mono/mono#15: 0x657ea520 libobjc.A.dylib`objc_retain + 64 frame mono/mono#16: 0x4b4d9caa WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke + 279 frame mono/mono#17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame mono/mono#18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame mono/mono#19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame mono/mono#20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame mono/mono#21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame mono/mono#22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame mono/mono#23: 0x453cb26e Foundation`____addOperations_block_invoke_4 + 20 frame mono/mono#24: 0x65de007b libdispatch.dylib`_dispatch_call_block_and_release + 15 frame mono/mono#25: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono/mono#26: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame mono/mono#27: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame mono/mono#28: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame mono/mono#29: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame mono/mono#30: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame mono/mono#31: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` Going further, `info` is about this thread: ``` (lldb) p/x *(int *)(((char *) info->node.key) + 0xa0) (int) $2 = 0x01243f93 (lldb) thread list Process 12832 stopped thread mono/mono#1: tid = 0x1243ee1, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_303', queue = 'com.apple.main-thread' thread mono/mono#2: tid = 0x1243ee6, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10 thread mono/mono#3: tid = 0x1243ee7, 0x65f81aea libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread mono/mono#4: tid = 0x1243ee9, 0x65f7e3d2 libsystem_kernel.dylib`semaphore_wait_trap + 10, name = 'Finalizer' thread mono/mono#5: tid = 0x1243eea, 0x65f816e2 libsystem_kernel.dylib`__recvfrom + 10, name = 'Debugger agent' thread mono/mono#6: tid = 0x1243f1d, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'com.apple.uikit.eventfetch-thread' thread mono/mono#8: tid = 0x1243f93, 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * thread mono/mono#9: tid = 0x12443a9, 0x00222870 WatchWCSessionAppWatchOSExtension`debugger_interrupt_critical(info=0x81365400, user_data=0xb04dc718) at debugger-agent.c:2716:6, name = 'tid_a31f', queue = 'NSOperationQueue 0x8069b670 (QOS: UTILITY)', stop reason = breakpoint 1.1 thread mono/mono#10: tid = 0x1244581, 0x65f7fd32 libsystem_kernel.dylib`__workq_kernreturn + 10 (lldb) thread select 8 * thread mono/mono#8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' frame mono/mono#0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 libsystem_kernel.dylib`mach_msg_trap: -> 0x65f7e396 <+10>: retl 0x65f7e397 <+11>: nop libsystem_kernel.dylib`mach_msg_overwrite_trap: 0x65f7e398 <+0>: movl $0xffffffe0, %eax ; imm = 0xFFFFFFE0 0x65f7e39d <+5>: calll 0x65f85f44 ; _sysenter_trap (lldb) bt * thread mono/mono#8, name = 'tid_6d0f', queue = 'NSOperationQueue 0x8069b300 (QOS: UTILITY)' * frame mono/mono#0: 0x65f7e396 libsystem_kernel.dylib`mach_msg_trap + 10 frame mono/mono#1: 0x65f7e8ff libsystem_kernel.dylib`mach_msg + 47 frame mono/mono#2: 0x66079679 libxpc.dylib`_xpc_send_serializer + 104 frame mono/mono#3: 0x660794da libxpc.dylib`_xpc_pipe_simpleroutine + 80 frame mono/mono#4: 0x66079852 libxpc.dylib`xpc_pipe_simpleroutine + 43 frame mono/mono#5: 0x66043a8f libsystem_trace.dylib`___os_activity_stream_reflect_block_invoke_2 + 30 frame mono/mono#6: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono/mono#7: 0x65de3d71 libdispatch.dylib`_dispatch_block_invoke_direct + 257 frame mono/mono#8: 0x65de3c62 libdispatch.dylib`dispatch_block_perform + 112 frame mono/mono#9: 0x6604349a libsystem_trace.dylib`_os_activity_stream_reflect + 725 frame mono/mono#10: 0x6604ef19 libsystem_trace.dylib`_os_log_impl_stream + 468 frame mono/mono#11: 0x6604e44d libsystem_trace.dylib`_os_log_impl_flatten_and_send + 6410 frame mono/mono#12: 0x6604cb3b libsystem_trace.dylib`_os_log + 137 frame mono/mono#13: 0x6604f4aa libsystem_trace.dylib`_os_log_impl + 31 frame mono/mono#14: 0x4b4eb4e9 WatchConnectivity`WCSerializePayloadDictionary + 393 frame mono/mono#15: 0x4b4d7c4d WatchConnectivity`-[WCSession onqueue_sendResponseDictionary:identifier:] + 195 frame mono/mono#16: 0x4b4da435 WatchConnectivity`__66-[WCSession onqueue_handleDictionaryMessageRequest:withPairingID:]_block_invoke.411 + 35 frame mono/mono#17: 0x453c7df7 Foundation`__NSBLOCKOPERATION_IS_CALLING_OUT_TO_A_BLOCK__ + 12 frame mono/mono#18: 0x453c7cf4 Foundation`-[NSBlockOperation main] + 88 frame mono/mono#19: 0x453cacee Foundation`__NSOPERATION_IS_INVOKING_MAIN__ + 27 frame mono/mono#20: 0x453c6ebd Foundation`-[NSOperation start] + 835 frame mono/mono#21: 0x453cb606 Foundation`__NSOPERATIONQUEUE_IS_STARTING_AN_OPERATION__ + 27 frame mono/mono#22: 0x453cb12e Foundation`__NSOQSchedule_f + 194 frame mono/mono#23: 0x453cb067 Foundation`____addOperations_block_invoke_2 + 20 frame mono/mono#24: 0x65dedf49 libdispatch.dylib`_dispatch_block_async_invoke2 + 77 frame mono/mono#25: 0x65de4461 libdispatch.dylib`_dispatch_block_async_invoke_and_release + 17 frame mono/mono#26: 0x65de126f libdispatch.dylib`_dispatch_client_callout + 14 frame mono/mono#27: 0x65de3788 libdispatch.dylib`_dispatch_continuation_pop + 421 frame mono/mono#28: 0x65de2ee3 libdispatch.dylib`_dispatch_async_redirect_invoke + 818 frame mono/mono#29: 0x65df087d libdispatch.dylib`_dispatch_root_queue_drain + 354 frame mono/mono#30: 0x65df0ff3 libdispatch.dylib`_dispatch_worker_thread2 + 109 frame mono/mono#31: 0x66024fa0 libsystem_pthread.dylib`_pthread_wqthread + 208 frame mono/mono#32: 0x66024e44 libsystem_pthread.dylib`start_wqthread + 36 ``` which is a thread in a "light" detach state (aka. coop detach), where we only unset the domain: https://github.com/mono/mono/blob/mono/mono@4cefdcb7ce2d939ee78fb45d1b4913eb3bc064fd/mono/metadata/threads.c#L6084-L6111 Fixes mono/mono#17926 Commit migrated from mono/mono@80b1e10
picenka21
pushed a commit
to picenka21/runtime
that referenced
this pull request
Feb 18, 2022
Reverts mono/mono@5e23a77 It seems to cause a crash during msbuild tests: ``` xunit -> Microsoft.Build.Engine.UnitTests... Stacktrace: Native stacktrace: 0 mono 0x0017cad4 mono_handle_native_crash + 308 1 mono 0x001e2b03 sigabrt_signal_handler + 147 2 libsystem_platform.dylib 0x920a8deb _sigtramp + 43 3 ??? 0xffffffff 0x0 + 4294967295 4 libsystem_c.dylib 0x940bb27c abort + 155 5 mono 0x0036886d mono_log_write_logfile + 381 6 mono 0x003630d2 structured_log_adapter + 50 7 mono 0x00380d1b monoeg_assertion_message + 107 8 mono 0x0033863d major_scan_object_with_evacuation + 3373 9 mono 0x0033b3d0 drain_gray_stack + 6608 10 mono 0x0032df57 finish_gray_stack + 151 11 mono 0x0032d3c6 major_finish_collection + 118 12 mono 0x00329909 major_do_collection + 169 13 mono 0x003288bd sgen_perform_collection + 605 14 mono 0x0032a90b sgen_gc_collect + 75 15 mono 0x002d5c4d unload_thread_main + 861 16 mono 0x002abb6b start_wrapper + 795 17 libsystem_pthread.dylib 0x9ae6d5fb _pthread_body + 144 18 libsystem_pthread.dylib 0x9ae6d485 _pthread_struct_init + 0 19 libsystem_pthread.dylib 0x9ae72cf2 thread_start + 34 Debug info from gdb: (lldb) command source -s 0 '/tmp/mono-gdb-commands.2tso9f' Executing commands in '/tmp/mono-gdb-commands.2tso9f'. (lldb) process attach --pid 2037 2017-06-02 13:07:23.000 lldb[2093:282f] Metadata.framework [Error]: couldn't get the client port Process 2037 stopped * thread mono/mono#1, name = 'tid_507', queue = 'com.apple.main-thread', stop reason = signal SIGSTOP frame mono/mono#0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 libsystem_kernel.dylib`__psynch_cvwait: -> 0x923cc7ca <+10>: jae 0x923cc7da ; <+26> 0x923cc7cc <+12>: calll 0x923cc7d1 ; <+17> 0x923cc7d1 <+17>: popl %edx 0x923cc7d2 <+18>: movl 0xe0b084f(%edx), %edx Executable module set to "/Users/builder/data/lanes/2716/mono-mac-sdk/external/bockbuild/stage/bin/mono". Architecture set to: i386-apple-macosx. (lldb) thread list Process 2037 stopped * thread mono/mono#1: tid = 0x530e96a, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'tid_507', queue = 'com.apple.main-thread', stop reason = signal SIGSTOP thread mono/mono#2: tid = 0x530e96b, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread mono/mono#3: tid = 0x530e96c, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'SGen worker' thread mono/mono#4: tid = 0x530e96d, 0x923c7fb6 libsystem_kernel.dylib`semaphore_wait_trap + 10, name = 'Finalizer' thread mono/mono#5: tid = 0x530e96e, 0x923cd992 libsystem_kernel.dylib`kevent64 + 10, queue = 'com.apple.libdispatch-manager' thread mono/mono#6: tid = 0x530ea26, 0x923ccace libsystem_kernel.dylib`__select + 10, name = 'tid_5a03' thread mono/mono#7: tid = 0x530edf1, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'tid_4007' thread mono/mono#8: tid = 0x530edf2, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'Threadpool worker' thread mono/mono#9: tid = 0x530edf3, 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10, name = 'Threadpool worker' thread mono/mono#10: tid = 0x530edf4, 0x923ccff2 libsystem_kernel.dylib`__wait4 + 10, name = 'Domain unloader' (lldb) thread backtrace all * thread mono/mono#1, name = 'tid_507', queue = 'com.apple.main-thread', stop reason = signal SIGSTOP * frame mono/mono#0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame mono/mono#1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame mono/mono#2: 0x9ae71bd9 libsystem_pthread.dylib`pthread_cond_wait$UNIX2003 + 71 frame mono/mono#3: 0x00361ea9 mono`mono_os_event_wait_multiple + 505 frame mono/mono#4: 0x00361ca5 mono`mono_os_event_wait_one + 53 frame mono/mono#5: 0x00376b49 mono`mono_thread_info_wait_one_handle + 41 frame mono/mono#6: 0x002d51b5 mono`mono_domain_try_unload + 485 frame mono/mono#7: 0x002d4f6a mono`ves_icall_System_AppDomain_InternalUnload + 90 frame mono/mono#8: 0x05bf9ee0 frame mono/mono#9: 0x018ce01d mscorlib.dll.dylib`System_AppDomain_Unload_System_AppDomain + 45 frame mono/mono#10: 0x05bf9d60 frame mono/mono#11: 0x05bf9ccc frame mono/mono#12: 0x05bf9d04 frame mono/mono#13: 0x05bf9c90 frame mono/mono#14: 0x05bf996d frame mono/mono#15: 0x02e7d171 frame mono/mono#16: 0x005c26d4 frame mono/mono#17: 0x005b6878 frame mono/mono#18: 0x005b6b7a frame mono/mono#19: 0x000c38a8 mono`mono_jit_runtime_invoke + 1592 frame mono/mono#20: 0x002e43fe mono`do_runtime_invoke + 94 frame mono/mono#21: 0x002e7de3 mono`do_exec_main_checked + 147 frame mono/mono#22: 0x002e69a5 mono`mono_runtime_run_main_checked + 69 frame mono/mono#23: 0x0013b687 mono`mono_jit_exec + 311 frame mono/mono#24: 0x0013e2b2 mono`mono_main + 10114 frame mono/mono#25: 0x000b22db mono`main + 2011 frame mono/mono#26: 0x000b1af5 mono`start + 53 thread mono/mono#2, name = 'SGen worker' frame mono/mono#0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame mono/mono#1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame mono/mono#2: 0x9ae71bd9 libsystem_pthread.dylib`pthread_cond_wait$UNIX2003 + 71 frame mono/mono#3: 0x0035f0e9 mono`thread_func + 249 frame mono/mono#4: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame mono/mono#5: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame mono/mono#6: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread mono/mono#3, name = 'SGen worker' frame mono/mono#0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame mono/mono#1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame mono/mono#2: 0x9ae71bd9 libsystem_pthread.dylib`pthread_cond_wait$UNIX2003 + 71 frame mono/mono#3: 0x0035f0e9 mono`thread_func + 249 frame mono/mono#4: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame mono/mono#5: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame mono/mono#6: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread mono/mono#4, name = 'Finalizer' frame mono/mono#0: 0x923c7fb6 libsystem_kernel.dylib`semaphore_wait_trap + 10 frame mono/mono#1: 0x002dbeb6 mono`finalizer_thread + 278 frame mono/mono#2: 0x002abb6b mono`start_wrapper + 795 frame mono/mono#3: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame mono/mono#4: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame mono/mono#5: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread mono/mono#5, queue = 'com.apple.libdispatch-manager' frame mono/mono#0: 0x923cd992 libsystem_kernel.dylib`kevent64 + 10 frame mono/mono#1: 0x91b5c899 libdispatch.dylib`_dispatch_mgr_invoke + 238 frame mono/mono#2: 0x91b5c532 libdispatch.dylib`_dispatch_mgr_thread + 52 thread mono/mono#6, name = 'tid_5a03' frame mono/mono#0: 0x923ccace libsystem_kernel.dylib`__select + 10 frame mono/mono#1: 0x0036df29 mono`mono_poll + 409 frame mono/mono#2: 0x002b482f mono`poll_event_wait + 111 frame mono/mono#3: 0x002b345f mono`selector_thread + 1439 frame mono/mono#4: 0x002abb6b mono`start_wrapper + 795 frame mono/mono#5: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame mono/mono#6: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame mono/mono#7: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread mono/mono#7, name = 'tid_4007' frame mono/mono#0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame mono/mono#1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame mono/mono#2: 0x9ae71c25 libsystem_pthread.dylib`pthread_cond_timedwait$UNIX2003 + 71 frame mono/mono#3: 0x003760f3 mono`mono_thread_info_sleep + 979 frame mono/mono#4: 0x002b1a86 mono`monitor_thread + 262 frame mono/mono#5: 0x002abb6b mono`start_wrapper + 795 frame mono/mono#6: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame mono/mono#7: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame mono/mono#8: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread mono/mono#8, name = 'Threadpool worker' frame mono/mono#0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame mono/mono#1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame mono/mono#2: 0x9ae71c25 libsystem_pthread.dylib`pthread_cond_timedwait$UNIX2003 + 71 frame mono/mono#3: 0x002b12e0 mono`worker_thread + 1024 frame mono/mono#4: 0x002abb6b mono`start_wrapper + 795 frame mono/mono#5: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame mono/mono#6: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame mono/mono#7: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread mono/mono#9, name = 'Threadpool worker' frame mono/mono#0: 0x923cc7ca libsystem_kernel.dylib`__psynch_cvwait + 10 frame mono/mono#1: 0x9ae6fd1d libsystem_pthread.dylib`_pthread_cond_wait + 728 frame mono/mono#2: 0x9ae71c25 libsystem_pthread.dylib`pthread_cond_timedwait$UNIX2003 + 71 frame mono/mono#3: 0x002b12e0 mono`worker_thread + 1024 frame mono/mono#4: 0x002abb6b mono`start_wrapper + 795 frame mono/mono#5: 0x9ae6d5fb libsystem_pthread.dylib`_pthread_body + 144 frame mono/mono#6: 0x9ae6d485 libsystem_pthread.dylib`_pthread_start + 130 frame mono/mono#7: 0x9ae72cf2 libsystem_pthread.dylib`thread_start + 34 thread mono/mono#10, name = 'Domain unloader' frame mono/mono#0: 0x923ccff2 libsystem_kernel.dylib`__wait4 + 10 frame mono/mono#1: 0x940d9ea5 libsystem_c.dylib`waitpid$UNIX2003 + 48 frame mono/mono#2: 0x0017cba7 mono`mono_handle_native_crash + 519 frame mono/mono#3: 0x001e2b03 mono`sigabrt_signal_handler + 147 frame mono/mono#4: 0x920a8deb libsystem_platform.dylib`_sigtramp + 43 (lldb) detach Process 2037 detached (lldb) quit ================================================================= Got a SIGABRT while executing native code. This usually indicates a fatal error in the mono runtime or one of the native libraries used by your application. ================================================================= ``` Commit migrated from mono/mono@d30c17f
This pull request was closed.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
bug fix for 653192