Bug 39325 - coverage crashes when profiling nunit-console
Summary: coverage crashes when profiling nunit-console
Status: RESOLVED FIXED
Alias: None
Product: Runtime
Classification: Mono
Component: General ()
Version: 4.2.0 (C6)
Hardware: PC Mac OS
: --- normal
Target Milestone: ---
Assignee: iain
URL:
Depends on:
Blocks:
 
Reported: 2016-03-03 16:52 UTC by iain
Modified: 2016-04-02 22:29 UTC (History)
4 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report on GitHub or Developer Community with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:
Status:
RESOLVED FIXED

Description iain 2016-03-03 16:52:10 UTC
When obtaining coverage from nunit-console Mono crashes in various places.

(lldb) thread list
Process 47855 stopped
* thread #1: tid = 0x5ba413, 0x905dee16 libsystem_kernel.dylib`__wait4 + 10, queue = 'com.apple.main-thread', stop reason = signal SIGSTOP
  thread #2: tid = 0x5ba416, 0x905de512 libsystem_kernel.dylib`__psynch_cvwait + 10
  thread #3: tid = 0x5ba418, 0x905d8a0a libsystem_kernel.dylib`semaphore_wait_trap + 10
  thread #4: tid = 0x5ba419, 0x905df8ce libsystem_kernel.dylib`kevent64 + 10, queue = 'com.apple.libdispatch-manager'
  thread #5: tid = 0x5ba41a, 0x002a5b45 mono`mono_lock_free_queue_dequeue(q=0x786169a8) + 101 at lock-free-queue.c:224
  thread #6: tid = 0x5ba41d, 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
  thread #7: tid = 0x5ba41e, 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
  thread #8: tid = 0x5ba429, 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
  thread #9: tid = 0x5ba42a, 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
(lldb) thread backtrace all
mono was compiled with optimization - stepping may behave oddly; variables may not be available.
* thread #1: tid = 0x5ba413, 0x905dee16 libsystem_kernel.dylib`__wait4 + 10, queue = 'com.apple.main-thread', stop reason = signal SIGSTOP
  * frame #0: 0x905dee16 libsystem_kernel.dylib`__wait4 + 10
    frame #1: 0x91aa9b0d libsystem_c.dylib`waitpid$UNIX2003 + 48
    frame #2: 0x0010cf2d mono`mono_handle_native_sigsegv(signal=11, ctx=0x00767fe0, info=0x00767fa0) + 541 at mini-exceptions.c:2193 [opt]
    frame #3: 0x00159482 mono`mono_arch_handle_altstack_exception(sigctx=<unavailable>, siginfo=<unavailable>, fault_addr=<unavailable>, stack_ovf=0) + 162 at exceptions-x86.c:1097 [opt]
    frame #4: 0x0005a40e mono`mono_sigsegv_signal_handler(_dummy=<unavailable>, _info=<unavailable>, context=<unavailable>) + 446 at mini-runtime.c:2471 [opt]
    frame #5: 0x9525e03b libsystem_platform.dylib`_sigtramp + 43
    frame #6: 0x00167688 mono`mono_type_get_name_recurse(type=0x00000000, str=0x001682c9, is_recursed=2067113120, format=2042667008) + 600 at class.c:429 [opt]
    frame #7: 0x00167ad9 mono`mono_type_get_name [inlined] mono_type_get_name_full(type=0x7b35a4a0, format=MONO_TYPE_NAME_FORMAT_IL) + 40 at class.c:527 [opt]
    frame #8: 0x00167ab1 mono`mono_type_get_name(type=0x7b35a4a0) + 17 at class.c:554 [opt]
    frame #9: 0x004c5eac libmono-profiler-log.0.dylib`build_class_buffer(key=0x7b35a420, value=0x79c0a000, userdata=<unavailable>) + 60 at proflog.c:3445 [opt]
    frame #10: 0x002ac150 mono`mono_conc_hashtable_foreach(hash_table=<unavailable>, func=<unavailable>, userdata=<unavailable>) + 80 at mono-conc-hashtable.c:365 [opt]
    frame #11: 0x004ba226 libmono-profiler-log.0.dylib`log_shutdown [inlined] dump_coverage(prof=0x78616970) + 120 at proflog.c:3545 [opt]
    frame #12: 0x004ba1ae libmono-profiler-log.0.dylib`log_shutdown(prof=0x78616970) + 46 at proflog.c:3851 [opt]
    frame #13: 0x001ec262 mono`mono_profiler_shutdown + 50 at profiler.c:813 [opt]
    frame #14: 0x0005d61a mono`mini_cleanup(domain=0x78708460) + 778 at mini-runtime.c:3455 [opt]
    frame #15: 0x000d7f61 mono`mono_main(argc=<unavailable>, argv=<unavailable>) + 8001 at driver.c:2083 [opt]
    frame #16: 0x0004fb50 mono`main [inlined] mono_main_with_options(argc=<unavailable>, argv=<unavailable>) + 768 at main.c:94 [opt]
    frame #17: 0x0004f86d mono`main(argc=<unavailable>, argv=<unavailable>) + 29 at main.c:125 [opt]
    frame #18: 0x0004f845 mono`start + 53

  thread #2: tid = 0x5ba416, 0x905de512 libsystem_kernel.dylib`__psynch_cvwait + 10
    frame #0: 0x905de512 libsystem_kernel.dylib`__psynch_cvwait + 10
    frame #1: 0x92144163 libsystem_pthread.dylib`_pthread_cond_wait + 726
    frame #2: 0x92147528 libsystem_pthread.dylib`pthread_cond_wait$UNIX2003 + 71
    frame #3: 0x002807e2 mono`thread_func(thread_data=0x00000000) + 466 at sgen-thread-pool.c:118 [opt]
    frame #4: 0x92143c25 libsystem_pthread.dylib`_pthread_body + 138
    frame #5: 0x92143b9b libsystem_pthread.dylib`_pthread_start + 162
    frame #6: 0x92140e32 libsystem_pthread.dylib`thread_start + 34

  thread #3: tid = 0x5ba418, 0x905d8a0a libsystem_kernel.dylib`semaphore_wait_trap + 10
    frame #0: 0x905d8a0a libsystem_kernel.dylib`semaphore_wait_trap + 10
    frame #1: 0x002a32da mono`mono_sem_wait(sem=0x00383090, alertable=1) + 26 at mono-semaphore.c:109 [opt]
    frame #2: 0x0022040e mono`finalizer_thread(unused=0x00000000) + 158 at gc.c:1096 [opt]
    frame #3: 0x001fa451 mono`start_wrapper [inlined] start_wrapper_internal + 516 at threads.c:725 [opt]
    frame #4: 0x001fa24d mono`start_wrapper(data=<unavailable>) + 29 at threads.c:772 [opt]
    frame #5: 0x002aae70 mono`inner_start_thread(arg=<unavailable>) + 240 at mono-threads-posix.c:97 [opt]
    frame #6: 0x92143c25 libsystem_pthread.dylib`_pthread_body + 138
    frame #7: 0x92143b9b libsystem_pthread.dylib`_pthread_start + 162
    frame #8: 0x92140e32 libsystem_pthread.dylib`thread_start + 34

  thread #4: tid = 0x5ba419, 0x905df8ce libsystem_kernel.dylib`kevent64 + 10, queue = 'com.apple.libdispatch-manager'
    frame #0: 0x905df8ce libsystem_kernel.dylib`kevent64 + 10
    frame #1: 0x9364fce3 libdispatch.dylib`_dispatch_mgr_invoke + 245
    frame #2: 0x9364f8c6 libdispatch.dylib`_dispatch_mgr_thread + 52

  thread #5: tid = 0x5ba41a, 0x002a5b45 mono`mono_lock_free_queue_dequeue(q=0x786169a8) + 101 at lock-free-queue.c:224
    frame #0: 0x002a5b45 mono`mono_lock_free_queue_dequeue(q=0x786169a8) + 101 at lock-free-queue.c:224 [opt]
    frame #1: 0x004c3072 libmono-profiler-log.0.dylib`writer_thread(arg=0x002a5aee) + 434 at proflog.c:4164 [opt]
    frame #2: 0x92143c25 libsystem_pthread.dylib`_pthread_body + 138
    frame #3: 0x92143b9b libsystem_pthread.dylib`_pthread_start + 162
    frame #4: 0x92140e32 libsystem_pthread.dylib`thread_start + 34

  thread #6: tid = 0x5ba41d, 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #0: 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #1: 0x9214372a libsystem_pthread.dylib`_pthread_wqthread + 939
    frame #2: 0x92140e0e libsystem_pthread.dylib`start_wqthread + 30

  thread #7: tid = 0x5ba41e, 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #0: 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #1: 0x9214372a libsystem_pthread.dylib`_pthread_wqthread + 939
    frame #2: 0x92140e0e libsystem_pthread.dylib`start_wqthread + 30

  thread #8: tid = 0x5ba429, 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #0: 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #1: 0x9214372a libsystem_pthread.dylib`_pthread_wqthread + 939
    frame #2: 0x92140e0e libsystem_pthread.dylib`start_wqthread + 30

  thread #9: tid = 0x5ba42a, 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #0: 0x905dee6a libsystem_kernel.dylib`__workq_kernreturn + 10
    frame #1: 0x9214372a libsystem_pthread.dylib`_pthread_wqthread + 939
    frame #2: 0x92140e0e libsystem_pthread.dylib`start_wqthread + 30
(lldb) detach

=================================================================
Got a SIGSEGV while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries 
used by your application.
=================================================================

(lldb) quit
Process 47855 detached
Abort trap: 6
Comment 1 iain 2016-03-03 16:56:48 UTC
Crashes have been reported at both

https://github.com/mono/mono/blob/mono-4.2.0-branch/mono/profiler/proflog.c#L3445
https://github.com/mono/mono/blob/mono-4.2.0-branch/mono/profiler/proflog.c#L3514

which are both coming from mono_conc_hashtable, so it might be something to do with the objects in those tables being freed too early
Comment 2 iain 2016-03-03 17:13:08 UTC
Happens with both 4.2.0 and master
Comment 3 iain 2016-03-04 12:02:53 UTC
Fix submitted as https://github.com/mono/mono/pull/2720
Comment 4 Alex Rønne Petersen 2016-04-02 22:29:25 UTC
PR merged, marking as fixed.