[erlang-questions] beam[8449]: segfault at 0 ip 0000000000437e10 sp 00007fffce250948 error 4 in beam[400000+174000]
Eric Liang
eric.l.2046@REDACTED
Tue May 25 05:24:57 CEST 2010
On 05/24/2010 09:14 PM, Mikael Pettersson wrote:
> Liang Yupeng wrote:
>
>> Thanks for your reply, Mikael. Yes, it is beam.smp and 64-bit one.
>>
> I have some doubts about that, see below.
>
>
>>> 3. what tools (esp. gcc version) was this built with?
>>>
>>>
>> I install erlang by the command apt-get:
>>
> ...
>
>> Is this OK? Should I install a new beam-vm by source to get some debug info?
>>
> Run `strings -a /path/to/beam | fgrep GCC | sort -u'
> (where /path/to/beam is the path to the beam executable).
>
sunny@REDACTED:~$ strings -a /usr/lib/erlang/erts-5.7.2/bin/beam |
fgrep GCC | sort -u
sunny@REDACTED:~$ strings -a /usr/lib/erlang/erts-5.7.2/bin/beam.smp |
fgrep GCC | sort -u
sunny@REDACTED:~$
You see, neither beam nor beam.smp contains the string like GCC. :(
>
>>> 4. using gdb or objdump on the `beam' executable, can you
>>> provide a disassembly of the procedure surrounding 0x437e10?
>>>
>> sunny@REDACTED:~$ objdump -D /usr/lib/erlang/erts-5.7.2/bin/beam.smp >
>> beam.smp.objdump
>> sunny@REDACTED:~$ cat beam.smp.objdump | grep -C 10 437e1
>> 437deb: 48 83 c4 38 add $0x38,%rsp
>> 437def: e9 8c fa ff ff jmpq 437880
>> <erts_alcu_realloc_thr_spec>
>> 437df4: be 36 7e 55 00 mov $0x557e36,%esi
>> 437df9: 89 c7 mov %eax,%edi
>> 437dfb: e8 70 50 00 00 callq 43ce70
>> <erts_thr_fatal_error>
>>
>> 0000000000437e00 <erts_alcu_realloc_ts>:
>> 437e00: 4c 89 6c 24 e8 mov %r13,-0x18(%rsp)
>> 437e05: 4c 8d ae 28 01 00 00 lea 0x128(%rsi),%r13
>> 437e0c: 48 89 5c 24 d0 mov %rbx,-0x30(%rsp)
>> 437e11: 48 89 6c 24 d8 mov %rbp,-0x28(%rsp)
>> 437e16: 4c 89 64 24 e0 mov %r12,-0x20(%rsp)
>> 437e1b: 48 89 f3 mov %rsi,%rbx
>> 437e1e: 4c 89 74 24 f0 mov %r14,-0x10(%rsp)
>> 437e23: 4c 89 7c 24 f8 mov %r15,-0x8(%rsp)
>> 437e28: 41 89 fe mov %edi,%r14d
>> 437e2b: 48 83 ec 38 sub $0x38,%rsp
>> 437e2f: 4c 89 ef mov %r13,%rdi
>> 437e32: 48 89 d5 mov %rdx,%rbp
>> 437e35: 49 89 cc mov %rcx,%r12
>> 437e38: e8 e3 f1 fe ff callq 427020
>> <pthread_mutex_lock@REDACTED>
>> 437e3d: 85 c0 test %eax,%eax
>> 437e3f: 0f 85 ae 02 00 00 jne 4380f3
>> <erts_alcu_realloc_ts+0x2f3>
>> 437e45: 48 85 ed test %rbp,%rbp
>>
>> Is these lines enough?
>>
> This makes me suspect even more that the crash is in an instance of
> the uni-processor beam executable, not the beam.smp executable.
> There are two signs for that:
> 1. The kernel message refers to the executable as `beam' not `beam.smp'.
>
You are right. After looking back the benchmark process, I found the
process:
sunny 4796 0.9 1.8 134320 76444 ? Sl 10:58 0:00
/usr/lib/erlang/erts-5.7.2/bin/beam -A 256 -P 250000 -- -root
/usr/lib/erlang -progname erl -- -home /home/sunny -noshell -noinput
-noshell -noinput -master tsung_controller@REDACTED -name
os_mon@REDACTED -s slave slave_start
tsung_controller@REDACTED slave_waiter_2 -rsh ssh -noshell
-noinput -setcookie tsung -smp disable
This is a tsung monitor process which was started by the tsung
controller to get the information from dev-3.
> 2. The above disassembly from beam.smp doesn't HAVE any instruction starting
> at 0x437e10.
>
> So please do the objdump and grep thing again but on the plain `beam' executable.
>
sunny@REDACTED:~/commands$ objdump -D
/usr/lib/erlang/erts-5.7.2/bin/beam > beam.objdump
sunny@REDACTED:~/commands$ cat beam.objdump | grep -C 10 437e10
437ddd: e9 35 ff ff ff jmpq 437d17
<erts_gfalc_init+0x317>
437de2: 66 0f 1f 44 00 00 nopw 0x0(%rax,%rax,1)
437de8: 48 2d 20 e2 00 00 sub $0xe220,%rax
437dee: 31 d2 xor %edx,%edx
437df0: 48 f7 b7 10 03 00 00 divq 0x310(%rdi)
437df7: 05 c0 00 00 00 add $0xc0,%eax
437dfc: e9 16 ff ff ff jmpq 437d17
<erts_gfalc_init+0x317>
437e01: 66 66 66 66 66 66 2e nopw %cs:0x0(%rax,%rax,1)
437e08: 0f 1f 84 00 00 00 00
437e0f: 00
437e10: 4c 8b 06 mov (%rsi),%r8
437e13: 49 83 e0 f8 and $0xfffffffffffffff8,%r8
437e17: 49 81 f8 1f 02 00 00 cmp $0x21f,%r8
437e1e: 77 40 ja 437e60
<erts_gfalc_init+0x460>
437e20: 49 8d 50 e0 lea -0x20(%r8),%rdx
437e24: 48 c1 ea 03 shr $0x3,%rdx
437e28: 4c 8b 4e 08 mov 0x8(%rsi),%r9
437e2c: 4d 85 c9 test %r9,%r9
437e2f: 74 4f je 437e80
<erts_gfalc_init+0x480>
437e31: 48 8b 46 10 mov 0x10(%rsi),%rax
437e35: 49 89 41 10 mov %rax,0x10(%r9)
--
437fae: e8 ed fb ff ff callq 437ba0
<erts_gfalc_init+0x1a0>
437fb3: 4d 85 e4 test %r12,%r12
437fb6: 48 89 c3 mov %rax,%rbx
437fb9: 74 10 je 437fcb
<erts_gfalc_init+0x5cb>
437fbb: 48 8b 00 mov (%rax),%rax
437fbe: 48 83 e0 f8 and $0xfffffffffffffff8,%rax
437fc2: 49 39 c7 cmp %rax,%r15
437fc5: 0f 86 95 00 00 00 jbe 438060
<erts_gfalc_init+0x660>
437fcb: 48 89 de mov %rbx,%rsi
437fce: 48 89 ef mov %rbp,%rdi
437fd1: e8 3a fe ff ff callq 437e10
<erts_gfalc_init+0x410>
437fd6: 48 89 d8 mov %rbx,%rax
437fd9: 48 8b 5c 24 08 mov 0x8(%rsp),%rbx
437fde: 48 8b 6c 24 10 mov 0x10(%rsp),%rbp
437fe3: 4c 8b 64 24 18 mov 0x18(%rsp),%r12
437fe8: 4c 8b 6c 24 20 mov 0x20(%rsp),%r13
437fed: 4c 8b 74 24 28 mov 0x28(%rsp),%r14
437ff2: 4c 8b 7c 24 30 mov 0x30(%rsp),%r15
437ff7: 48 83 c4 38 add $0x38,%rsp
437ffb: c3 retq
437ffc: 0f 1f 40 00 nopl 0x0(%rax)
--
438081: 74 54 je 4380d7
<erts_gfalc_init+0x6d7>
438083: 4d 85 e4 test %r12,%r12
438086: 74 0c je 438094
<erts_gfalc_init+0x694>
438088: 48 8b 10 mov (%rax),%rdx
43808b: 48 83 e2 f8 and $0xfffffffffffffff8,%rdx
43808f: 4c 39 fa cmp %r15,%rdx
438092: 73 cc jae 438060
<erts_gfalc_init+0x660>
438094: 48 89 c6 mov %rax,%rsi
438097: 48 89 ef mov %rbp,%rdi
43809a: 48 89 04 24 mov %rax,(%rsp)
43809e: e8 6d fd ff ff callq 437e10
<erts_gfalc_init+0x410>
4380a3: 48 8b 04 24 mov (%rsp),%rax
4380a7: e9 2d ff ff ff jmpq 437fd9
<erts_gfalc_init+0x5d9>
4380ac: 0f 1f 40 00 nopl 0x0(%rax)
4380b0: 4c 8d ae e0 dd ff ff lea -0x2220(%rsi),%r13
4380b7: 48 ba ab aa aa aa aa mov $0xaaaaaaaaaaaaaaab,%rdx
4380be: aa aa aa
4380c1: 4c 89 e8 mov %r13,%rax
4380c4: 48 f7 e2 mul %rdx
4380c7: 48 c1 ea 09 shr $0x9,%rdx
4380cb: 44 8d aa 80 00 00 00 lea 0x80(%rdx),%r13d
--
438302: 48 c7 83 b0 00 00 00 movq $0x1000,0xb0(%rbx)
438309: 00 10 00 00
43830d: 48 c7 83 b8 00 00 00 movq $0x18,0xb8(%rbx)
438314: 18 00 00 00
438318: 48 c7 43 28 2f 60 53 movq $0x53602f,0x28(%rbx)
43831f: 00
438320: 48 c7 83 e8 00 00 00 movq $0x437f40,0xe8(%rbx)
438327: 40 7f 43 00
43832b: 48 c7 83 f0 00 00 00 movq $0x437d00,0xf0(%rbx)
438332: 00 7d 43 00
438336: 48 c7 83 f8 00 00 00 movq $0x437e10,0xf8(%rbx)
43833d: 10 7e 43 00
438341: 48 c7 83 00 01 00 00 movq $0x438480,0x100(%rbx)
438348: 80 84 43 00
43834c: 48 c7 83 08 01 00 00 movq $0x0,0x108(%rbx)
438353: 00 00 00 00
438357: 48 c7 83 10 01 00 00 movq $0x438100,0x110(%rbx)
43835e: 00 81 43 00
438362: 48 c7 83 18 01 00 00 movq $0x438100,0x118(%rbx)
438369: 00 81 43 00
43836d: 48 c7 83 20 01 00 00 movq $0x4385c0,0x120(%rbx)
Well, the beam does have the instructions starting at 0x437e10.
By the way, would you mind tell me where to get the beam vm sources? (or
erts sources if there is an address)
Thanks,
Eric
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20100525/322b7e37/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 261 bytes
Desc: OpenPGP digital signature
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20100525/322b7e37/attachment.bin>
More information about the erlang-questions
mailing list