Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fuzz-linux shards are crashing due to assertion violation #60092

Closed
derekxu16 opened this issue Feb 10, 2025 · 0 comments
Closed

fuzz-linux shards are crashing due to assertion violation #60092

derekxu16 opened this issue Feb 10, 2025 · 0 comments
Assignees
@rmacnak-google
Labels
area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends. gardening

Comments

@derekxu16
Copy link
Member

For example:

../../runtime/vm/compiler/assembler/assembler_arm64.h: 2345: error: expected: (rd != ZR) && (rn != ZR)
version=3.8.0-edge (main) (Unknown timestamp) on "linux_simarm64"
pid=14340, thread=14472, isolate_group=main(0x55d4fa18c0d0), isolate=(nil)((nil))
os=linux, arch=arm64, comp=yes, sim=yes
isolate_instructions=55d4efbbc0e0, vm_instructions=55d4efbbc0e0
fp=7f7ab067c140, sp=7f7ab067c010, pc=55d4f02b440c
  pc 0x000055d4f02b440c fp 0x00007f7ab067c140 dart::Profiler::DumpStackTrace+0x7c
  pc 0x000055d4efbbc2d4 fp 0x00007f7ab067c220 dart::Assert::Fail+0x84
  pc 0x000055d4f0367845 fp 0x00007f7ab067c270 dart::compiler::Assembler::AddSubHelper+0x1d5
  pc 0x000055d4f04a22ff fp 0x00007f7ab067c2c0 dart::compiler::Assembler::SmiTagAndBranchIfOverflow+0xbf
  pc 0x000055d4f04a1587 fp 0x00007f7ab067c390 dart::BinarySmiOpInstr::EmitNativeCode+0x1067
  pc 0x000055d4f05c4d09 fp 0x00007f7ab067c460 dart::compiler::GraphIntrinsifier::GraphIntrinsify+0x5f9
  pc 0x000055d4f05c93ed fp 0x00007f7ab067c4c0 dart::compiler::Intrinsifier::Intrinsify+0x2d
  pc 0x000055d4f044f663 fp 0x00007f7ab067c510 dart::FlowGraphCompiler::TryIntrinsifyHelper+0x83
  pc 0x000055d4f044f5ce fp 0x00007f7ab067c530 dart::FlowGraphCompiler::TryIntrinsify+0xe
  pc 0x000055d4f0470d4c fp 0x00007f7ab067c570 dart::FunctionEntryInstr::EmitNativeCode+0xdc
  pc 0x000055d4f044c035 fp 0x00007f7ab067c6e0 dart::FlowGraphCompiler::VisitBlocks+0x3b5
  pc 0x000055d4f044bbae fp 0x00007f7ab067c710 dart::FlowGraphCompiler::CompileGraph+0x2e
  pc 0x000055d4f054ee3d fp 0x00007f7ab067c720 dart::CompilerPass_GenerateCode::DoBody+0xd
  pc 0x000055d4f054d3bd fp 0x00007f7ab067c7f0 dart::CompilerPass::Run+0x18d
  pc 0x000055d4f036ecd2 fp 0x00007f7ab067cf10 dart::CompileParsedFunctionHelper::Compile+0x612
  pc 0x000055d4f036f85c fp 0x00007f7ab067d810 dart::CompileFunctionHelper+0x47c
  pc 0x000055d4f036f3ba fp 0x00007f7ab067d8a0 dart::Compiler::CompileFunction+0xaa
  pc 0x000055d4f01de5b8 fp 0x00007f7ab067d8d0 dart::Function::EnsureHasCodeNoThrow+0x78
  pc 0x000055d4f01de3d8 fp 0x00007f7ab067d900 dart::Function::EnsureHasCode+0x88
  pc 0x000055d4f036d722 fp 0x00007f7ab067e070 dart::DRT_CompileFunction+0x212
  pc 0x000055d4f031e5fb fp 0x00007f7ab067e1d0 dart::Simulator::DoRedirectedCall+0xdb
  pc 0x000055d4f0324ed5 fp 0x00007f7ab067e290 dart::Simulator::ExecuteNoTrace+0x245
  pc 0x000055d4f0325523 fp 0x00007f7ab067e370 dart::Simulator::Call+0x383
  pc 0x000055d4f00ec978 fp 0x00007f7ab067e3f0 dart::DartEntry::InvokeFunction+0x198
  pc 0x000055d4f00ef49a fp 0x00007f7ab067e450 dart::DartLibraryCalls::HandleMessage+0x13a
  pc 0x000055d4f012a50f fp 0x00007f7ab067ebe0 dart::IsolateMessageHandler::HandleMessage+0x3cf
  pc 0x000055d4f016a33d fp 0x00007f7ab067ec70 dart::MessageHandler::HandleMessages+0x1ed
  pc 0x000055d4f016aebb fp 0x00007f7ab067ecd0 dart::MessageHandler::TaskCallback+0x2cb
  pc 0x000055d4f035064f fp 0x00007f7ab067ed50 dart::ThreadPool::WorkerLoop+0x15f
  pc 0x000055d4f0350f3d fp 0x00007f7ab067eda0 dart::ThreadPool::Worker::Main+0x11d
  pc 0x000055d4f02ade16 fp 0x00007f7ab067eef0 dart::ThreadStart+0x106
-- End of DumpStackTrace
  pc 0x0000000000000000 fp 0x00007f7ab183dc78 sp 0x0000000000000000 [Stub] CallToRuntime
  pc 0x00007f7ab1a03e30 fp 0x00007f7ab183dca8 sp 0x00007f7ab183dc88 [Stub] LazyCompile
  pc 0x00007f7ab15dcffc fp 0x00007f7ab183dd28 sp 0x00007f7ab183dcb8 [Unoptimized] X1.foo1_1
  pc 0x00007f7ab0505a48 fp 0x00007f7ab183dda0 sp 0x00007f7ab183dd38 [Unoptimized] main
  pc 0x00007f7ab15ab5ec fp 0x00007f7ab183ddc8 sp 0x00007f7ab183ddb0 [Unoptimized] main
  pc 0x00007f7ab15ab484 fp 0x00007f7ab183de28 sp 0x00007f7ab183ddd8 [Unoptimized] [email protected]:call
  pc 0x00007f7ab15a9850 fp 0x00007f7ab183de68 sp 0x00007f7ab183de38 [Unoptimized] _delayEntrypointInvocation@1026248.<anonymous closure>
  pc 0x00007f7ab15a9410 fp 0x00007f7ab183ded0 sp 0x00007f7ab183de78 [Unoptimized] [email protected]:call
  pc 0x00007f7ab15a76a0 fp 0x00007f7ab183df28 sp 0x00007f7ab183dee0 [Unoptimized] _RawReceivePort@1026248._handleMessage@1026248
  pc 0x00007f7ab1a04404 fp 0x00007f7ab183e000 sp 0x00007f7ab183df38 [Stub] InvokeDartCode
=== Crash occurred when compiling dart:core__IntegerImplementation@0150898_>>> in unoptimized JIT mode in unknown pass
=== Flow Graph not available

https://logs.chromium.org/logs/dart/buildbucket/cr-buildbucket/8723356051079029425/+/u/collect_shards/dartfuzz_-_generated_programs_shard_1/task_stdout_stderr:_dartfuzz_-_generated_programs_shard_1

I see that this assertion was changed in f2d70ce. Can you take a look @alexmarkov?
@derekxu16 derekxu16 added area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends. gardening labels Feb 10, 2025
copybara-service bot pushed a commit that referenced this issue Feb 10, 2025
@rmacnak-google
[vm, compiler] Fix assert assembling add/subs with extended register.
4cf27cc 
This is not symmetric with add/sub, accepting ZR instead of CSP.

TEST=vm/cc/Assembler_CmpExtReg, dartfuzz
Bug: #60092
Change-Id: Icc24f7883a113eac504fd8fc29c0d6f781cb7657
Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/408901
Reviewed-by: Alexander Markov <[email protected]>
Commit-Queue: Ryan Macnak <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@rmacnak-google rmacnak-google

Labels
area-vm Use area-vm for VM related issues, including code coverage, and the AOT and JIT backends. gardening
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@derekxu16 @rmacnak-google @alexmarkov