Sporadic crashes in opcode_F_ARROW
Imported from http://bugzilla.roxen.com/bugzilla/show_bug.cgi?id=4868
Reported by Jonas Wallden jonasw@roxen.com
This is a Pike on OS X/PPC problem that's been observed repeatedly over a long period of time in 7.8. It's happening during startup of Roxen CMS and normally disappears on next restart.
Exception: EXC_BAD_ACCESS (0x0001) Codes: KERN_PROTECTION_FAILURE (0x0002) at 0x0000001e
Thread 0 Crashed:
0 <<00000000>> 0x03000df8 0 + 50335224
1 roxen 0x0001c5dc mega_apply + 192 (interpret.c:2218)
2 roxen 0x000dd05c object_index_no_free + 320 (object.c:1374)
3 roxen 0x00016368 opcode_F_ARROW + 104 (interpret_functions.h:1842)
4 <<00000000>> 0x03001a30 0 + 50338352
5 roxen 0x0001f860 apply_low_safe_and_stupid + 820 (interpret.c:2404)
6 roxen 0x0014e19c eval_low + 256 (las.c:5270)
7 roxen 0x00157fd8 optimize + 1956 (las.c:1988)
8 roxen 0x0015ed6c dooptcode + 132 (las.c:5196)
9 roxen 0x00005f6c yyparse + 9396 (language.yacc:1087)
10 roxen 0x001047dc run_pass2 + 736 (program.c:3628)
11 roxen 0x00106490 f_compilation_compile + 824 (program.c:8563)
12 roxen 0x0001b2f8 low_mega_apply + 2244 (apply_low.h:388)
13 roxen 0x0001c5c4 mega_apply + 168 (interpret.c:2211)
14 roxen 0x000eff2c f_compilation_env_compile + 124 (program.c:7677)
15 roxen 0x0001b2f8 low_mega_apply + 2244 (apply_low.h:388)
16 roxen 0x0001c5c4 mega_apply + 168 (interpret.c:2211)
17 <<00000000>> 0x01297c2c 0 + 19495980
18 roxen 0x000186f0 catching_eval_instruction + 160 (interpret.c:2246)
19 roxen 0x0001fb5c jump_opcode_F_CATCH + 412 (interpret_functions.h:1287)
20 <<00000000>> 0x007fe6bc 0 + 8382140
21 roxen 0x0001c5dc mega_apply + 192 (interpret.c:2218)
22 roxen 0x0014743c svalue_is_true + 308 (svalue.c:550)
23 roxen 0x00013c50 test_opcode_F_BRANCH_WHEN_ZERO + 96 (interpret_functions.h:1118)
24 <<00000000>> 0x010ea894 0 + 17737876
25 roxen 0x0001c5dc mega_apply + 192 (interpret.c:2218)
26 roxen 0x000dd05c object_index_no_free + 320 (object.c:1374)
27 <<00000000>> 0x010ed240 0 + 17748544
28 roxen 0x0001c5dc mega_apply + 192 (interpret.c:2218)
29 roxen 0x000dd05c object_index_no_free + 320 (object.c:1374)
30 roxen 0x000ebdf4 f_index + 132 (operators.c:181)
31 roxen 0x00154628 index_node + 1204 (las.c:1672)
32 roxen 0x0000c548 yyparse + 35472 (language.yacc:3897)
33 roxen 0x00105e84 run_pass1 + 912 (program.c:8030)
34 roxen 0x00106404 f_compilation_compile + 684 (program.c:8542)
35 roxen 0x0001b2f8 low_mega_apply + 2244 (apply_low.h:388)
36 roxen 0x0001c5c4 mega_apply + 168 (interpret.c:2211)
37 roxen 0x000eff2c f_compilation_env_compile + 124 (program.c:7677)
38 roxen 0x0001b2f8 low_mega_apply + 2244 (apply_low.h:388)
39 roxen 0x0001c5c4 mega_apply + 168 (interpret.c:2211)
40 <<00000000>> 0x01299658 0 + 19502680
41 roxen 0x000186f0 catching_eval_instruction + 160 (interpret.c:2246)
42 roxen 0x0001fb5c jump_opcode_F_CATCH + 412 (interpret_functions.h:1287)
43 <<00000000>> 0x021d7f00 0 + 35487488
44 roxen 0x0001c5dc mega_apply + 192 (interpret.c:2218)
45 roxen 0x000e6f90 o_cast + 2148 (operators.c:687)
46 roxen 0x000e7ac4 f_cast + 72 (operators.c:913)
47 <<00000000>> 0x02a39628 0 + 44275240
48 roxen 0x000186f0 catching_eval_instruction + 160 (interpret.c:2246)
49 roxen 0x0001fb5c jump_opcode_F_CATCH + 412 (interpret_functions.h:1287)
50 <<00000000>> 0x021bd72c 0 + 35378988
51 roxen 0x0001c5dc mega_apply + 192 (interpret.c:2218)
52 roxen 0x00053e8c backend_do_call_outs + 1024 (backend.cmod:876)
53 roxen 0x00055ee0 f_PollDeviceBackend_cq__backtick_28_29 + 1780 (backend.cmod:3406)
54 roxen 0x0001b2f8 low_mega_apply + 2244 (apply_low.h:388)
55 roxen 0x0001edb4 jump_opcode_F_CALL_FUNCTION_AND_POP + 100 (interpret_functions.h:2068)
56 <<00000000>> 0x012ab138 0 + 19575096
57 roxen 0x000186f0 catching_eval_instruction + 160 (interpret.c:2246)
58 roxen 0x0001fb5c jump_opcode_F_CATCH + 412 (interpret_functions.h:1287)
59 <<00000000>> 0x012a9d90 0 + 19570064
60 roxen 0x0001c5dc mega_apply + 192 (interpret.c:2218)
61 roxen 0x00002d04 main + 3096 (main.c:621)
62 roxen 0x00001d0c _start + 760
63 roxen 0x00001a10 start + 48
Thread 0 crashed with PPC Thread State 64: srr0: 0x0000000003000df8 srr1: 0x100000000200f030 vrsave: 0x0000000000000000 cr: 0x42008444 xer: 0x0000000000000000 lr: 0x000000000000f3d0 ctr: 0x0000000003000df4 r0: 0x000000000001c5dc r1: 0x00000000bfff6df0 r2: 0x0000000000294660 r3: 0x0000000003000df4 r4: 0x00000000000000dc r5: 0x00000000000186a0 r6: 0x0000000000000006 r7: 0x0000000000000000 r8: 0x0000000000294660 r9: 0x0000000000294660 r10: 0x0000000000000013 r11: 0x000000000000000a r12: 0x0000000000000012 r13: 0x000000000000011a r14: 0x0000000000000000 r15: 0x0000000000294660 r16: 0x00000000002ace14 r17: 0x0000000000000018 r18: 0x00000000ffffffff r19: 0x0000000001817ed0 r20: 0x0000000000000000 r21: 0x0000000000000000 r22: 0x0000000000000449 r23: 0x0000000001e0add8 r24: 0x0000000000000008 r25: 0x0000000000000000 r26: 0x0000000000000016 r27: 0x0000000001d8c9d8 r28: 0x00000000bfff6f50 r29: 0x0000000000294660 r30: 0x0000000003000df4 r31: 0x000000000000f3d0
The corresponding startup log for Roxen says:
Enabling all modules for Test Platform... Start script terminating.
For historical reference, this is the crash I caught back in Sept 2008 (from InfoKOM 629415). The topmost stack frames are a bit different but opcode_F_ARROW and below is more or less identical:
Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x0000000048bbc606 Crashed Thread: 0
Thread 0 Crashed:
0 ??? 0x023fb9d8 0 + 37730776
1 pike 0x00016a6c opcode_F_ARROW + 100 (interpret_functions.h:1843)
2 pike 0x0001f8f4 apply_low_safe_and_stupid + 816 (interpret.c:2391)
3 pike 0x0014ac54 eval_low + 252 (las.c:5270)
4 pike 0x00154ac0 optimize + 1976 (las.c:1989)
5 pike 0x0015b84c dooptcode + 128 (las.c:5196)
6 pike 0x000068e8 yyparse + 9408 (language.yacc:1080)
7 pike 0x00101a40 run_pass2 + 732 (program.c:8011)
8 pike 0x001036f4 f_compilation_compile + 820 (program.c:8474)
9 pike 0x0001b494 low_mega_apply + 2104 (apply_low.h:225)
10 pike 0x0001c67c mega_apply + 164 (interpret.c:2201)
11 pike 0x000ed3d8 f_compilation_env_compile + 120 (program.c:7589)
12 pike 0x0001b494 low_mega_apply + 2104 (apply_low.h:225)
13 pike 0x0001c67c mega_apply + 164 (interpret.c:2201)
14 ??? 0x0067cc28 0 + 6802472
15 pike 0x00018a20 catching_eval_instruction + 96 (interpret.c:2233)
16 pike 0x0001fc20 jump_opcode_F_CATCH + 456 (interpret_functions.h:1287)
[...]