[3.0.0] Segfault while building on ARMv7

  • Done
  • quality assurance status badge
Details
One participant
  • Ludovic Courtès
Owner
unassigned
Submitted by
Ludovic Courtès
Severity
important
Merged with
L
L
Ludovic Courtès wrote on 20 Jan 2020 17:33
(address . bug-Guile@gnu.org)
87a76igk9f.fsf@gnu.org
Hello,

Building 3.0.0 with Guix on ARMv7 reproducibly fails:

Toggle snippet (34 lines)
BOOTSTRAP GUILEC language/cps/loop-instrumentation.go
wrote `language/cps/loop-instrumentation.go'
BOOTSTRAP GUILEC language/cps/peel-loops.go
wrote `language/cps/effects-analysis.go'
BOOTSTRAP GUILEC language/cps/prune-top-level-scopes.go
wrote `language/cps/licm.go'
BOOTSTRAP GUILEC language/cps/reify-primitives.go
wrote `language/cps/prune-top-level-scopes.go'
BOOTSTRAP GUILEC language/cps/renumber.go
wrote `language/cps/peel-loops.go'
BOOTSTRAP GUILEC language/cps/rotate-loops.go
wrote `language/cps/reify-primitives.go'
BOOTSTRAP GUILEC language/cps/optimize.go
wrote `language/cps/renumber.go'
BOOTSTRAP GUILEC language/cps/simplify.go
wrote `language/cps/rotate-loops.go'
BOOTSTRAP GUILEC language/cps/self-references.go
wrote `language/cps/optimize.go'
BOOTSTRAP GUILEC language/cps/slot-allocation.go
wrote `language/cps/self-references.go'
BOOTSTRAP GUILEC language/cps/spec.go
wrote `language/cps/simplify.go'
BOOTSTRAP GUILEC language/cps/specialize-primcalls.go
wrote `language/cps/spec.go'
BOOTSTRAP GUILEC language/cps/specialize-numbers.go
/gnu/store/nvkn00kq4x4g5wjjjvjj6rhzs0ihihxl-bash-minimal-5.0.7/bin/bash: line 6: 23019 Segmentation fault (core dumped) GUILE_AUTO_COMPILE=0 ../meta/build-env guild compile --target="arm-unknown-linux-gnueabihf" -O1 -Oresolve-primitives -L "/tmp/guix-build-guile-next-3.0.0.drv-0/guile-3.0.0/module" -L "/tmp/guix-build-guile-next-3.0.0.drv-0/guile-3.0.0/guile-readline" -o "language/cps/specialize-primcalls.go" "../module/language/cps/specialize-primcalls.scm"
make[2]: *** [Makefile:1931: language/cps/specialize-primcalls.go] Error 139
make[2]: *** Waiting for unfinished jobs....
wrote `language/cps/slot-allocation.go'
wrote `language/cps/specialize-numbers.go'
make[2]: Leaving directory '/tmp/guix-build-guile-next-3.0.0.drv-0/guile-3.0.0/bootstrap'
make[1]: *** [Makefile:1849: all-recursive] Error 1

It seems to always happen while building ‘specialize-primcalls.go’.

(See

The backtrace is unfortunately not all that readable:

Toggle snippet (109 lines)
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0xf5c67b74 in ?? ()
[Current thread is 1 (Thread 0xf7fe8010 (LWP 23019))]
(gdb) bt
#0 0xf5c67b74 in ?? ()
#1 0xf7f3ffcc in scm_jit_enter_mcode (thread=0xdedc20,
mcode=0xf5c67a00 " 8\r\032(-@\360c\203%i\250B\300\362_\203\240`\245m") at jit.c:5725
#2 0xf7093a40 in ?? ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
(gdb) info threads
Id Target Id Frame
* 1 Thread 0xf7fe8010 (LWP 23019) 0xf5c67b74 in ?? ()
2 Thread 0xf7894460 (LWP 23042) 0xf7e8f034 in __libc_do_syscall ()
from /gnu/store/n7c20pjm6q1xq1gqjqzzys1yk9fy7n1k-glibc-2.29/lib/libpthread.so.0
3 Thread 0xf69a5460 (LWP 23045) 0xf7e8f034 in __libc_do_syscall ()
from /gnu/store/n7c20pjm6q1xq1gqjqzzys1yk9fy7n1k-glibc-2.29/lib/libpthread.so.0
(gdb) frame 0
#0 0xf5c67b74 in ?? ()
(gdb) disassemble 0xf5c67a00,+500
Dump of assembler code from 0xf5c67a00 to 0xf5c67bf4:
0xf5c67a00: subs r0, #32
0xf5c67a02: subs r5, r1, r0
0xf5c67a04: cmp r5, #40 ; 0x28
0xf5c67a06: bne.w 0xf5c680d0
0xf5c67a0a: ldr r5, [r4, #16]
0xf5c67a0c: cmp r0, r5
0xf5c67a0e: blt.w 0xf5c680d0
0xf5c67a12: str r0, [r4, #8]
0xf5c67a14: ldr r5, [r4, #88] ; 0x58
0xf5c67a16: cmp r5, #0
0xf5c67a18: beq.w 0xf5c68102
0xf5c67a1c: ldrt r6, [r5]
0xf5c67a20: str r6, [r4, #88] ; 0x58
0xf5c67a22: str r5, [r0, #24]
0xf5c67a24: movw r5, #1293 ; 0x50d
0xf5c67a28: movs r6, #0
0xf5c67a2a: str r5, [r0, #16]
0xf5c67a2c: str r6, [r0, #20]
0xf5c67a2e: ldr r5, [r0, #24]
0xf5c67a30: ldr r6, [r0, #16]
0xf5c67a32: str r6, [r5, #0]
0xf5c67a34: ldr r5, [r0, #32]
0xf5c67a36: ldr r5, [r5, #4]
0xf5c67a38: str r5, [r0, #16]
[…]
0xf5c67b5e: cmp r5, #0
0xf5c67b60: ble.w 0xf5c67fce
0xf5c67b64: ldr r5, [r0, #32]
0xf5c67b66: ldr r5, [r5, #20]
0xf5c67b68: str r5, [r0, #16]
0xf5c67b6a: ldr r5, [r0, #16]
0xf5c67b6c: ldr r5, [r5, #4]
0xf5c67b6e: str r5, [r0, #16]
0xf5c67b70: mov.w r12, #0
=> 0xf5c67b74: ldrt r5, [r12]
0xf5c67b78: str r5, [r0, #8]
0xf5c67b7a: ldr r5, [r0, #8]
0xf5c67b7c: ldr r6, [r0, #16]
0xf5c67b7e: cmp r5, r6
0xf5c67b80: bne.w 0xf5c67f80
[…]
(gdb) info registers
r0 0xf7093a20 4144577056
r1 0xf7093a48 4144577096
r2 0x0 0
r3 0xf7a24001 4154605569
r4 0x74e00 478720
r5 0xdedc20 14605344
r6 0x0 0
r7 0xf5c67a00 4123425280
r8 0x0 0
r9 0x0 0
r10 0xf7fc4bdc 4160506844
r11 0xf7fb5000 4160442368
r12 0x0 0
sp 0xfffedc50 0xfffedc50
lr 0xf7f3ffcd -135004211
pc 0xf5c67b74 0xf5c67b74
cpsr 0x200f0030 537854000
fpscr 0x60000000 1610612736
(gdb) frame 1
#1 0xf7f3ffcc in scm_jit_enter_mcode (thread=0xdedc20,
mcode=0xf5c67a00 " 8\r\032(-@\360c\203%i\250B\300\362_\203\240`\245m") at jit.c:5725
5725 enter_mcode (thread, mcode);
(gdb) info locals
No locals.
(gdb) p *thread
$2 = {next_thread = 0x5, vm = {ip = 0xdecd50, sp = 0x324602ae, fp = 0xdebc50, stack_limit = 0x30d,
compare_result = 72 'H', apply_hook_enabled = 130 '\202', return_hook_enabled = 82 'R',
next_hook_enabled = 1 '\001', abort_hook_enabled = 192 '\300', disable_mcode = 159 '\237', engine = 166 '\246',
unused = 1 '\001', stack_size = 15218, stack_bottom = 0x20d, apply_hook = 0x1528240, return_hook = 0x1a69fc0,
next_hook = 0x0, abort_hook = 0x5, stack_top = 0xdecd68, overflow_handler_stack = 0x28f45b3e,
registers = 0xdebc58, mra_after_abort = 0x20045 "", trace_level = -140048256}, pending_asyncs = 0x116ab78,
block_asyncs = 22184512, freelists = {0x20045, 0xf7a707ec, 0x1162bf8, 0x1528248, 0x5, 0x248360, 0x30999e00,
0xdebc60, 0x20d, 0x1528250, 0x1a69fc0, 0x0, 0x20045, 0xf7a70880, 0x1167440, 0x1528250, 0x5, 0xdecd80, 0x181aface,
0xdebc68, 0x20d, 0x1528258, 0x1a69fc0, 0x0, 0x20045, 0xf7a70880, 0x1167460, 0x1528258, 0x5, 0x248370, 0x91c2f1f,
0xdebc70}, pointerless_freelists = {0x30d, 0x7f1720, 0x1a69fc0, 0x1496, 0x30d, 0xdedd50, 0x96, 0x16, 0x5,
0x789740, 0x3275b29e, 0xdebc78, 0x30d, 0xdedd50, 0x16, 0x3fffffe, 0x30d, 0xdedd50, 0x96, 0x3fe, 0x5, 0xdecd98,
0x3afba8fc, 0xdebc80, 0x30d, 0x7f1720, 0x96, 0x16, 0x20d, 0x1528260, 0x1a69fc0, 0x0}, handle = 0x5,
pthread = 14601648, result = 0x38a97220, exited = 14597256, guile_mode = 131141, needs_unregister = -140048256,
wake = 0x1162128, sleep_cond = {__data = {{__wseq = 95281925316411917, __wseq32 = {__low = 525,
__high = 22184552}}, {__g1_start = 27697088, __g1_start32 = {__low = 27697088, __high = 0}}, __g_refs = {5,
7903072}, __g_size = {67881032, 14597264}, __g1_orig_size = 131141, __wrefs = 4154919040, __g_signals = {
18228776, 22184552}},
__size = "\r\002\000\000h\202R\001\300\237\246\001\000\000\000\000\005\000\000\000`\227x\000H\310\v\004\220\274\336\000E\000\002\000\200\b\247\367(&\026\001h\202R\001", __align = 95281925316411917}, sleep_pipe = {525, 22184560},
dynamic_state = 0xa, dynstack = {base = 0x0, top = 0x5, limit = 0x789780}, continuation_root = 0x2db7da0c,
continuation_base = 0xdebc98, base = 0x20d, jit_state = 0xdede20}

Unfortunately I’m unable to reproduce the bug outside Guix’s build
environment, even with ASLR disabled (what guix-daemon does).

I wonder if that could be the same issue as

I’ll happily take suggestions as to what debug info would be useful and
what I could bisect!

Ludo’.
L
L
Ludovic Courtès wrote on 20 Jan 2020 18:09
(address . 39208@debbugs.gnu.org)
87pnfef420.fsf@gnu.org
Ludovic Courtès <ludo@gnu.org> skribis:

Toggle quote (3 lines)
> Unfortunately I’m unable to reproduce the bug outside Guix’s build
> environment, even with ASLR disabled (what guix-daemon does).

I finally managed to reproduce it with from the failed-build tree:

rm -vf bootstrap/language/cps/{slot-allocation,specialize-numbers,specialize-primcalls,spec}.go
GUILE_JIT_LOG=4 /run/current-system/profile/bin/linux32 -R make

which shows:

Toggle snippet (63 lines)
jit: entering mcode: 0xf7a5d1c0
jit: exited mcode
jit: entering mcode: 0xf7a5d1c0
jit: exited mcode
jit: entering mcode: 0xf7956ca0
jit: exited mcode
jit: entering mcode: 0xf791a9f0
jit: exited mcode
jit: entering mcode: 0xf78b03d0
jit: exited mcode
jit: entering mcode: 0xf7a5d1c0
jit: exited mcode
jit: entering mcode: 0xf79407bb
jit: exited mcode
jit: entering mcode: 0xf7a5d1c0
jit: exited mcode
jit: entering mcode: 0xf79407bb
jit: exited mcode
jit: entering mcode: 0xf7a5d1c0
jit: exited mcode
jit: vcode: start=0xf5fe95d4,+203 entry=+0
jit: mcode: 0xf5c3eac0,+2288
jit: entering mcode: 0xf5c3eac0
jit: exited mcode
jit: vcode: start=0xf5fe9900,+203 entry=+0
jit: mcode: 0xf5c3f3b0,+2288
jit: entering mcode: 0xf5c3f3b0
jit: exited mcode
jit: vcode: start=0xf5fe9c2c,+203 entry=+0
jit: mcode: 0xf5c3fca0,+2288
jit: entering mcode: 0xf5c3fca0
jit: exited mcode
jit: vcode: start=0xf5fe9f58,+203 entry=+0
jit: mcode: 0xf5c40590,+2288
jit: entering mcode: 0xf5c40590
jit: exited mcode
jit: vcode: start=0xf5fea284,+203 entry=+0
jit: mcode: 0xf5c40e80,+2288
jit: entering mcode: 0xf5c40e80
jit: exited mcode
jit: vcode: start=0xf5fea5b0,+203 entry=+0
jit: mcode: 0xf5c41770,+2288
jit: entering mcode: 0xf5c41770
jit: exited mcode
jit: vcode: start=0xf5fea8dc,+203 entry=+0
jit: mcode: 0xf5c42060,+2288
jit: entering mcode: 0xf5c42060
jit: exited mcode
jit: vcode: start=0xf5feac08,+203 entry=+0
jit: mcode: 0xf5c42950,+2288
jit: entering mcode: 0xf5c42950
jit: exited mcode
jit: vcode: start=0xf5feaf34,+203 entry=+0
jit: mcode: 0xf5c43240,+2288
jit: entering mcode: 0xf5c43240
jit: exited mcode
jit: vcode: start=0xf5feb260,+203 entry=+0
jit: mcode: 0xf5c43b30,+2280
jit: entering mcode: 0xf5c43b30
/gnu/store/nvkn00kq4x4g5wjjjvjj6rhzs0ihihxl-bash-minimal-5.0.7/bin/bash: line 6: 13151 Segmentation fault (core dumped) GUILE_AUTO_COMPILE=0 ../meta/build-env guild compile --target="arm-unknown-linux-gnueabihf" -O1 -Oresolve-primitives -L "/tmp/guix-build-guile-next-3.0.0.drv-0/guile-3.0.0/module" -L "/tmp/guix-build-guile-next-3.0.0.drv-0/guile-3.0.0/guile-readline" -o "language/cps/slot-allocation.go" "../module/language/cps/slot-allocation.scm"
make[2]: *** [Makefile:1931: language/cps/slot-allocation.go] Error 139

Backtrace:

Toggle snippet (80 lines)
#0 0xf5c43ca4 in ?? ()
[Current thread is 1 (Thread 0xf7fe8010 (LWP 13151))]
(gdb) bt
#0 0xf5c43ca4 in ?? ()
#1 0xf7f3ffcc in scm_jit_enter_mcode (thread=0x74fe10,
mcode=0xf5c43b30 " 8\r\032(-@\360c\203%i\250B\300\362_\203\240`\245m") at jit.c:5725
#2 0x00021048 in ?? ()
Backtrace stopped: previous frame identical to this frame (corrupt stack?)
(gdb) disassemble 0xf5c43b30,+2280
Dump of assembler code from 0xf5c43b30 to 0xf5c44418:
0xf5c43b30: subs r0, #32
0xf5c43b32: subs r5, r1, r0
0xf5c43b34: cmp r5, #40 ; 0x28
0xf5c43b36: bne.w 0xf5c44200
0xf5c43b3a: ldr r5, [r4, #16]
0xf5c43b3c: cmp r0, r5
0xf5c43b3e: blt.w 0xf5c44200
0xf5c43b42: str r0, [r4, #8]
0xf5c43b44: ldr r5, [r4, #88] ; 0x58
0xf5c43b46: cmp r5, #0
0xf5c43b48: beq.w 0xf5c44232
0xf5c43b4c: ldrt r6, [r5]
0xf5c43b50: str r6, [r4, #88] ; 0x58
0xf5c43b52: str r5, [r0, #24]
0xf5c43b54: movw r5, #1293 ; 0x50d
0xf5c43b58: movs r6, #0
[…]
0xf5c43c52: and.w r5, r5, #127 ; 0x7f
0xf5c43c56: cmp r5, #13
0xf5c43c58: bne.w 0xf5c4411e
0xf5c43c5c: ldr r5, [r0, #32]
0xf5c43c5e: ldr r5, [r5, #20]
0xf5c43c60: str r5, [r0, #16]
0xf5c43c62: ldr r5, [r0, #16]
0xf5c43c64: ldrt r5, [r5]
0xf5c43c68: str r5, [r0, #16]
0xf5c43c6a: eors r5, r5
0xf5c43c6c: str r5, [r0, #20]
0xf5c43c6e: ldr r5, [r0, #16]
0xf5c43c70: ldr r6, [r0, #20]
0xf5c43c72: lsls r2, r6, #24
0xf5c43c74: lsrs r6, r6, #8
0xf5c43c76: lsrs r5, r5, #8
0xf5c43c78: adds r5, r5, r2
0xf5c43c7a: str r5, [r0, #16]
0xf5c43c7c: str r6, [r0, #20]
0xf5c43c7e: ldr r5, [r0, #16]
0xf5c43c80: ldr r6, [r0, #20]
0xf5c43c82: cmp r6, #0
0xf5c43c84: blt.w 0xf5c440fe
0xf5c43c88: cmp r6, #0
0xf5c43c8a: bne.w 0xf5c43c94
0xf5c43c8e: cmp r5, #0
0xf5c43c90: ble.w 0xf5c440fe
0xf5c43c94: ldr r5, [r0, #32]
0xf5c43c96: ldr r5, [r5, #20]
0xf5c43c98: str r5, [r0, #16]
0xf5c43c9a: ldr r5, [r0, #16]
0xf5c43c9c: ldr r5, [r5, #4]
0xf5c43c9e: str r5, [r0, #16]
0xf5c43ca0: mov.w r12, #0
=> 0xf5c43ca4: ldrt r5, [r12]
0xf5c43ca8: str r5, [r0, #8]
[…]
0xf5c443fc: ands r0, r6
0xf5c443fe: ; <UNDEFINED> instruction: 0xf7a24f00
0xf5c44402: mov pc, r7
0xf5c44404: ands r0, r6
0xf5c44406: ; <UNDEFINED> instruction: 0xf7a24f00
0xf5c4440a: mov pc, r7
0xf5c4440c: ands r0, r6
0xf5c4440e: ; <UNDEFINED> instruction: 0xf7a24f00
0xf5c44412: mov pc, r7
0xf5c44414: ands r0, r6
0xf5c44416: ; <UNDEFINED> instruction: 0xf7a20000
End of assembler dump.
(gdb) p $r12
$1 = 0

Apparently r12 is JIT_TMP0.

Anyway, it seems that I have an environment in which to reproduce and
debug it now.

Ludo’.
L
L
Ludovic Courtès wrote on 22 Jan 2020 15:11
control message for bug #39208
(address . control@debbugs.gnu.org)
87tv4nbmxi.fsf@gnu.org
severity 39208 important
quit
L
L
Ludovic Courtès wrote on 11 Mar 2020 21:21
Re: bug#39208: [3.0.0] Segfault while building on ARMv7
(address . 39208-done@debbugs.gnu.org)
87y2s6fxsg.fsf@gnu.org
Hi,

Ludovic Courtès <ludo@gnu.org> skribis:

Toggle quote (35 lines)
> Building 3.0.0 with Guix on ARMv7 reproducibly fails:
>
> BOOTSTRAP GUILEC language/cps/loop-instrumentation.go
> wrote `language/cps/loop-instrumentation.go'
> BOOTSTRAP GUILEC language/cps/peel-loops.go
> wrote `language/cps/effects-analysis.go'
> BOOTSTRAP GUILEC language/cps/prune-top-level-scopes.go
> wrote `language/cps/licm.go'
> BOOTSTRAP GUILEC language/cps/reify-primitives.go
> wrote `language/cps/prune-top-level-scopes.go'
> BOOTSTRAP GUILEC language/cps/renumber.go
> wrote `language/cps/peel-loops.go'
> BOOTSTRAP GUILEC language/cps/rotate-loops.go
> wrote `language/cps/reify-primitives.go'
> BOOTSTRAP GUILEC language/cps/optimize.go
> wrote `language/cps/renumber.go'
> BOOTSTRAP GUILEC language/cps/simplify.go
> wrote `language/cps/rotate-loops.go'
> BOOTSTRAP GUILEC language/cps/self-references.go
> wrote `language/cps/optimize.go'
> BOOTSTRAP GUILEC language/cps/slot-allocation.go
> wrote `language/cps/self-references.go'
> BOOTSTRAP GUILEC language/cps/spec.go
> wrote `language/cps/simplify.go'
> BOOTSTRAP GUILEC language/cps/specialize-primcalls.go
> wrote `language/cps/spec.go'
> BOOTSTRAP GUILEC language/cps/specialize-numbers.go
> /gnu/store/nvkn00kq4x4g5wjjjvjj6rhzs0ihihxl-bash-minimal-5.0.7/bin/bash: line 6: 23019 Segmentation fault (core dumped) GUILE_AUTO_COMPILE=0 ../meta/build-env guild compile --target="arm-unknown-linux-gnueabihf" -O1 -Oresolve-primitives -L "/tmp/guix-build-guile-next-3.0.0.drv-0/guile-3.0.0/module" -L "/tmp/guix-build-guile-next-3.0.0.drv-0/guile-3.0.0/guile-readline" -o "language/cps/specialize-primcalls.go" "../module/language/cps/specialize-primcalls.scm"
> make[2]: *** [Makefile:1931: language/cps/specialize-primcalls.go] Error 139
> make[2]: *** Waiting for unfinished jobs....
> wrote `language/cps/slot-allocation.go'
> wrote `language/cps/specialize-numbers.go'
> make[2]: Leaving directory '/tmp/guix-build-guile-next-3.0.0.drv-0/guile-3.0.0/bootstrap'
> make[1]: *** [Makefile:1849: all-recursive] Error 1

This also is fixed by commit 7c17655cd3d859bf0c5a86d9782a7788205fc05a

\o/

Ludo’.
Closed
L
L
Ludovic Courtès wrote on 12 Mar 2020 17:01
control message for bug #39266
(address . control@debbugs.gnu.org)
878sk5sgt1.fsf@gnu.org
merge 39266 39208
quit
?
Your comment

This issue is archived.

To comment on this conversation send an email to 39208@debbugs.gnu.org

To respond to this issue using the mumi CLI, first switch to it
mumi current 39208
Then, you may apply the latest patchset in this issue (with sign off)
mumi am -- -s
Or, compose a reply to this issue
mumi compose
Or, send patches to this issue
mumi send-email *.patch