Bug 58344 - SIMD crash using System.Numerics.Vector
Summary: SIMD crash using System.Numerics.Vector
Status: RESOLVED FIXED
Alias: None
Product: Runtime
Classification: Mono
Component: JIT (show other bugs)
Version: 5.2 (2017-04)
Hardware: PC Mac OS
: --- normal
Target Milestone: ---
Assignee: Bugzilla
URL:
Depends on:
Blocks:
 
Reported: 2017-07-24 21:39 UTC by Larry Ewing [MSFT]
Modified: 2017-07-24 22:34 UTC (History)
3 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report on GitHub or Developer Community with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:
Status:
RESOLVED FIXED

Description Larry Ewing [MSFT] 2017-07-24 21:39:04 UTC
I'm getting a crash in the SIMD intrinsic code emitter when doing some simple operations on
a Vector3.  I haven't been able to isolate a simple test case but I can avoid the crash by
making sure that I store a Vector3 property in a local variable before operating on it.

Thread 0 Crashed:: tid_307  Dispatch queue: com.apple.main-thread
0   libsystem_kernel.dylib        	0x00007fff9ec54d42 __pthread_kill + 10
1   libsystem_pthread.dylib       	0x00007fff9ed42457 pthread_kill + 90
2   libsystem_c.dylib             	0x00007fff9ebba420 abort + 129
3   com.xamarin.Inspector         	0x000000010697efbb mono_handle_native_crash + 603 (mini-exceptions.c:2548)
4   libsystem_platform.dylib      	0x00007fff9ed35b3a _sigtramp + 26
5   dyld                          	0x0000000114e9f551 ImageLoaderMachOCompressed::resolve(ImageLoader::LinkContext const&, char const*, unsigned char, long, ImageLoader const**, ImageLoaderMachOCompressed::LastLookup*, bool) + 273
6   libsystem_c.dylib             	0x00007fff9ebba420 abort + 129
7   com.xamarin.Inspector         	0x0000000106890ea0 log_callback(char const*, char const*, char const*, int, void*) + 64 (runtime.m:1100)
8   com.xamarin.Inspector         	0x0000000106b33263 monoeg_g_logv + 83 (goutput.c:116)
9   com.xamarin.Inspector         	0x0000000106b3347f monoeg_assertion_message + 143 (goutput.c:137)
10  com.xamarin.Inspector         	0x00000001069a391f get_simd_vreg_or_expanded_scalar + 511
11  com.xamarin.Inspector         	0x00000001069a364c simd_intrinsic_emit_binary_op + 44 (simd-intrinsics.c:1193)
12  com.xamarin.Inspector         	0x000000010699ec6d mono_emit_simd_intrinsics + 1485 (simd-intrinsics.c:2036)
13  com.xamarin.Inspector         	0x000000010694261b mini_emit_inst_for_method + 3771 (method-to-ir.c:6173)
14  com.xamarin.Inspector         	0x000000010691c018 mono_method_to_ir + 42824 (method-to-ir.c:9057)
15  com.xamarin.Inspector         	0x00000001069995ac mini_method_compile + 2908 (mini.c:3466)
16  com.xamarin.Inspector         	0x000000010699c795 mono_jit_compile_method_inner + 773 (mini.c:4191)
17  com.xamarin.Inspector         	0x000000010698c034 mono_jit_compile_method_with_opt + 660 (mini-runtime.c:1886)
18  com.xamarin.Inspector         	0x0000000106992406 common_call_trampoline + 1174 (mini-trampolines.c:704)
19  com.xamarin.Inspector         	0x0000000106991f39 mono_magic_trampoline + 73 (mini-trampolines.c:834)
20  ???                           	0x000000010900039e 0 + 4445963166
21  ???                           	0x0000000142c56290 0 + 5415199376
22  com.xamarin.Inspector         	0x000000010698f894 mono_jit_runtime_invoke + 1316 (mini-runtime.c:2546)
23  com.xamarin.Inspector         	0x0000000106a57df8 do_runtime_invoke + 88 (object.c:2829)
24  com.xamarin.Inspector         	0x0000000106a57d70 mono_runtime_invoke + 208 (object.c:2983)
25  com.xamarin.Inspector         	0x0000000106bcc9b2 native_to_managed_trampoline_382(objc_object*, objc_selector*, _MonoMethod**, NSEvent*, unsigned int) + 578 (registrar.m:23161)
26  com.xamarin.Inspector         	0x0000000106bccb38 -[InspectSCNView scrollWheel:] + 56 (registrar.m:44001)
27  com.apple.AppKit              	0x00007fff8779dd25 -[NSWindow(NSEventRouting) _reallySendEvent:isDelayedEvent:] + 6735
28  com.apple.AppKit              	0x00007fff8779bf0a -[NSWindow(NSEventRouting) sendEvent:] + 541
29  com.apple.AppKit              	0x00007fff87620a92 -[NSApplication(NSEvent) sendEvent:] + 2186
30  com.apple.AppKit              	0x00007fff86e9b427 -[NSApplication run] + 1002
31  com.apple.AppKit              	0x00007fff86e65e0e NSApplicationMain + 1237
32  ???                           	0x000000010e8b9702 0 + 4538996482
33  ???                           	0x000000010cbde48d 0 + 4508738701
34  com.xamarin.Inspector         	0x000000010698f894 mono_jit_runtime_invoke + 1316 (mini-runtime.c:2546)
35  com.xamarin.Inspector         	0x0000000106a57df8 do_runtime_invoke + 88 (object.c:2829)
36  com.xamarin.Inspector         	0x0000000106a5b299 do_exec_main_checked + 137 (object.c:4624)
37  com.xamarin.Inspector         	0x00000001068f4a7f mono_jit_exec + 287 (driver.g.c:1040)
38  com.xamarin.Inspector         	0x00000001068f7293 mono_main + 9187 (driver.g.c:2248)
39  com.xamarin.Inspector         	0x000000010689915e xamarin_main + 1182 (launcher.m:662)
40  com.xamarin.Inspector         	0x000000010689a0b4 main + 36 (launcher.m:680)
41  libdyld.dylib                 	0x00007fff9eb26235 start + 1
Comment 1 Larry Ewing [MSFT] 2017-07-24 22:16:40 UTC
Here is the --verbose output at the point of failure

2017-07-24 17:09:07.376 Xamarin Workbooks[72462:7909622] Method System.nfloat AppKit.NSEvent:get_ScrollingDeltaY () emitted at 0x138460520 to 0x1384605b8 (code length 152) [Xamarin Workbooks.exe]
2017-07-24 17:09:07.376 Xamarin Workbooks[72462:7909622] converting method void Xamarin.Interactive.Camera.Dolly`2<SceneKit.SCNQuaternion, CoreGraphics.CGPoint>:Pan3 (System.Numerics.Vector3)
2017-07-24 17:09:07.376 Xamarin Workbooks[72462:7909622] warning: get_simd_vreg:: could not infer source simd vreg for op
 vcall_membase [R24 + 0x70] R20 <- [Xamarin.Interactive.Camera.Dolly`2<SceneKit.SCNQuaternion, CoreGraphics.CGPoint>:get_Position ()] [%rdi <- R22] [%rsi <- R23] clobbers: c
2017-07-24 17:09:07.376 Xamarin Workbooks[72462:7909622] error: * Assertion: should not be reached at /Users/builder/data/lanes/4991/494fcbcf/source/xamarin-macios/external/mono/mono/mini/simd-intrinsics.c:838
Stacktrace:

  at <unknown> <0xffffffff>
  at Xamarin.Interactive.Client.Mac.ViewInspector.InspectorSCNView.ScrollWheel (AppKit.NSEvent) [0x00060] in /Users/lewing/Source/inspector/Clients/Xamarin.Interactive.Client.Mac/ViewInspector/InspectorSCNView.cs:144
  at (wrapper runtime-invoke) <Module>.runtime_invoke_void__this___object (object,intptr,intptr,intptr) [0x00022] in <880d757b2bcf45658254ed4057e00ad0>:0
  at <unknown> <0xffffffff>
  at (wrapper managed-to-native) AppKit.NSApplication.NSApplicationMain (int,string[]) [0x0005a] in <653ae31ee54341a090651b4a9522dc3f>:0
  at AppKit.NSApplication.Main (string[]) [0x00041] in /Users/builder/data/lanes/4991/494fcbcf/source/xamarin-macios/src/AppKit/NSApplication.cs:100
  at Xamarin.Interactive.Client.Mac.Entry.Main (string[]) [0x00007] in /Users/lewing/Source/inspector/Clients/Xamarin.Interactive.Client.Mac/Entry.cs:18
  at (wrapper runtime-invoke) <Module>.runtime_invoke_void_object (object,intptr,intptr,intptr) [0x00051] in <880d757b2bcf45658254ed4057e00ad0>:0

Native stacktrace:

	0   Xamarin Workbooks                   0x0000000102a85e61 mono_handle_native_crash + 257
	1   libsystem_platform.dylib            0x00007fff9ed35b3a _sigtramp + 26
	2   ???                                 0x000000000000003c 0x0 + 60
	3   libsystem_c.dylib                   0x00007fff9ebba420 abort + 129
	4   Xamarin Workbooks                   0x0000000102997ea0 _ZL12log_callbackPKcS0_S0_iPv + 64
	5   Xamarin Workbooks                   0x0000000102c3a263 monoeg_g_logv + 83
	6   Xamarin Workbooks                   0x0000000102c3a47f monoeg_assertion_message + 143
	7   Xamarin Workbooks                   0x0000000102aaa91f get_simd_vreg_or_expanded_scalar + 511
	8   Xamarin Workbooks                   0x0000000102aaa64c simd_intrinsic_emit_binary_op + 44
	9   Xamarin Workbooks                   0x0000000102aa5c6d mono_emit_simd_intrinsics + 1485
	10  Xamarin Workbooks                   0x0000000102a4961b mini_emit_inst_for_method + 3771
	11  Xamarin Workbooks                   0x0000000102a23018 mono_method_to_ir + 42824
	12  Xamarin Workbooks                   0x0000000102aa05ac mini_method_compile + 2908
	13  Xamarin Workbooks                   0x0000000102aa3795 mono_jit_compile_method_inner + 773
	14  Xamarin Workbooks                   0x0000000102a93034 mono_jit_compile_method_with_opt + 660
	15  Xamarin Workbooks                   0x0000000102a99406 common_call_trampoline + 1174
	16  Xamarin Workbooks                   0x0000000102a98f39 mono_magic_trampoline + 73
	17  ???                                 0x0000000105ef939e 0x0 + 4394554270
	18  ???                                 0x0000000138460347 0x0 + 5239079751
	19  Xamarin Workbooks                   0x0000000102a96894 mono_jit_runtime_invoke + 1316
	20  Xamarin Workbooks                   0x0000000102b5edf8 do_runtime_invoke + 88
	21  Xamarin Workbooks                   0x0000000102b5ed06 mono_runtime_invoke + 102
	22  Xamarin Workbooks                   0x0000000102cd39b2 _ZL32native_to_managed_trampoline_382P11objc_objectP13objc_selectorPP11_MonoMethodP7NSEventj + 578
	23  Xamarin Workbooks                   0x0000000102cd3b38 -[InspectSCNView scrollWheel:] + 56
	24  AppKit                              0x00007fff8779dd25 -[NSWindow(NSEventRouting) _reallySendEvent:isDelayedEvent:] + 6735
	25  AppKit                              0x00007fff8779bf0a -[NSWindow(NSEventRouting) sendEvent:] + 541
	26  AppKit                              0x00007fff87620a92 -[NSApplication(NSEvent) sendEvent:] + 2186
	27  AppKit                              0x00007fff86e9b427 -[NSApplication run] + 1002
	28  AppKit                              0x00007fff86e65e0e NSApplicationMain + 1237
	29  ???                                 0x00000001097e799e 0x0 + 4454250910
	30  ???                                 0x00000001097e7804 0x0 + 4454250500
	31  Xamarin Workbooks                   0x0000000102a96894 mono_jit_runtime_invoke + 1316
	32  Xamarin Workbooks                   0x0000000102b5edf8 do_runtime_invoke + 88
	33  Xamarin Workbooks                   0x0000000102b62299 do_exec_main_checked + 137
	34  Xamarin Workbooks                   0x00000001029fba7f mono_jit_exec + 287
	35  Xamarin Workbooks                   0x00000001029fe293 mono_main + 9187
	36  Xamarin Workbooks                   0x00000001029a015e xamarin_main + 1182
	37  Xamarin Workbooks                   0x00000001029a10b4 main + 36
	38  libdyld.dylib                       0x00007fff9eb26235 start + 1

Debug info from gdb:

(lldb) command source -s 0 '/tmp/mono-gdb-commands.XTn5Yp'
Executing commands in '/tmp/mono-gdb-commands.XTn5Yp'.
(lldb) process attach --pid 72462
Process 72462 stopped
* thread #1, name = 'tid_307', queue = 'com.apple.main-thread', stop reason = signal SIGSTOP
    frame #0: 0x00007fff9ec553ee libsystem_kernel.dylib`__wait4 + 10
libsystem_kernel.dylib`__wait4:
->  0x7fff9ec553ee <+10>: jae    0x7fff9ec553f8            ; <+20>
    0x7fff9ec553f0 <+12>: movq   %rax, %rdi
    0x7fff9ec553f3 <+15>: jmp    0x7fff9ec4dcd4            ; cerror
    0x7fff9ec553f8 <+20>: retq
Comment 2 Larry Ewing [MSFT] 2017-07-24 22:22:19 UTC
in this trace the crashing code is

public void Pan3 (Vector3 offset)
            => Position += offset;

whereas this version works fine

public void Pan2 (Vector3 offset)
        {
            var e = Position;
            Console.WriteLine (e);
            e += offset;
            Position = e;
        }
Comment 3 Larry Ewing [MSFT] 2017-07-24 22:26:44 UTC
With MONO_VERBOSE_METHOD=Pan3 we get:

2017-07-24 17:21:27.503 Xamarin Workbooks[72547:7926575] converting method void Xamarin.Interactive.Camera.Dolly`2<SceneKit.SCNQuaternion, CoreGraphics.CGPoint>:Pan3 (System.Numerics.Vector3)
2017-07-24 17:21:27.503 Xamarin Workbooks[72547:7926575] creating vars
2017-07-24 17:21:27.503 Xamarin Workbooks[72547:7926575] created temp 0 (R16) of type System.IntPtr
2017-07-24 17:21:27.503 Xamarin Workbooks[72547:7926575] created temp 1 (R17) of type System.Numerics.Vector3
	this:  arg R16 <-
	arg [0]:  arg R17 <-
2017-07-24 17:21:27.503 Xamarin Workbooks[72547:7926575] creating locals
2017-07-24 17:21:27.503 Xamarin Workbooks[72547:7926575] locals done
method to IR Xamarin.Interactive.Camera.Dolly`2<SceneKit.SCNQuaternion, CoreGraphics.CGPoint>:Pan3 (System.Numerics.Vector3)
converting (in B2: stack: 0) IL_0000: ldarg.0   
converting (in B2: stack: 1) IL_0001: ldarg.0   
converting (in B2: stack: 2) IL_0002: callvirt  0x0a00072d
2017-07-24 17:21:27.503 Xamarin Workbooks[72547:7926575] created temp 2 (R20) of type System.Numerics.Vector3
converting (in B2: stack: 2) IL_0007: ldarg.1   
converting (in B2: stack: 3) IL_0008: call      0x0a000730
  SIMD intrinsic System.Numerics.Vector3:op_Addition (System.Numerics.Vector3,System.Numerics.Vector3)
2017-07-24 17:21:27.503 Xamarin Workbooks[72547:7926575] warning: get_simd_vreg:: could not infer source simd vreg for op
 vcall_membase [R24 + 0x70] R20 <- [Xamarin.Interactive.Camera.Dolly`2<SceneKit.SCNQuaternion, CoreGraphics.CGPoint>:get_Position ()] [%rdi <- R22] [%rsi <- R23] clobbers: c
2017-07-24 17:21:27.503 Xamarin Workbooks[72547:7926575] error: * Assertion: should not be reached at /Users/builder/data/lanes/4991/494fcbcf/source/xamarin-macios/external/mono/mono/mini/simd-intrinsics.c:838
Stacktrace:

  at <unknown> <0xffffffff>
  at Xamarin.Interactive.Client.Mac.ViewInspector.InspectorSCNView.ScrollWheel (AppKit.NSEvent) [0x00060] in /Users/lewing/Source/inspector/Clients/Xamarin.Interactive.Client.Mac/ViewInspector/InspectorSCNView.cs:144
  at (wrapper runtime-invoke) <Module>.runtime_invoke_void__this___object (object,intptr,intptr,intptr) [0x00022] in <880d757b2bcf45658254ed4057e00ad0>:0
  at <unknown> <0xffffffff>
  at (wrapper managed-to-native) AppKit.NSApplication.NSApplicationMain (int,string[]) [0x0005a] in <653ae31ee54341a090651b4a9522dc3f>:0
  at AppKit.NSApplication.Main (string[]) [0x00041] in /Users/builder/data/lanes/4991/494fcbcf/source/xamarin-macios/src/AppKit/NSApplication.cs:100
  at Xamarin.Interactive.Client.Mac.Entry.Main (string[]) [0x00007] in /Users/lewing/Source/inspector/Clients/Xamarin.Interactive.Client.Mac/Entry.cs:18
  at (wrapper runtime-invoke) <Module>.runtime_invoke_void_object (object,intptr,intptr,intptr) [0x00051] in <880d757b2bcf45658254ed4057e00ad0>:0

Native stacktrace:

	0   Xamarin Workbooks                   0x0000000103551e61 mono_handle_native_crash + 257
	1   libsystem_platform.dylib            0x00007fff9ed35b3a _sigtramp + 26
	2   ???                                 0x000000010754d551 0x0 + 4417967441
	3   libsystem_c.dylib                   0x00007fff9ebba420 abort + 129
	4   Xamarin Workbooks                   0x0000000103463ea0 _ZL12log_callbackPKcS0_S0_iPv + 64
	5   Xamarin Workbooks                   0x0000000103706263 monoeg_g_logv + 83
	6   Xamarin Workbooks                   0x000000010370647f monoeg_assertion_message + 143
	7   Xamarin Workbooks                   0x000000010357691f get_simd_vreg_or_expanded_scalar + 511
	8   Xamarin Workbooks                   0x000000010357664c simd_intrinsic_emit_binary_op + 44
	9   Xamarin Workbooks                   0x0000000103571c6d mono_emit_simd_intrinsics + 1485
	10  Xamarin Workbooks                   0x000000010351561b mini_emit_inst_for_method + 3771
	11  Xamarin Workbooks                   0x00000001034ef018 mono_method_to_ir + 42824
	12  Xamarin Workbooks                   0x000000010356c5ac mini_method_compile + 2908
	13  Xamarin Workbooks                   0x000000010356f795 mono_jit_compile_method_inner + 773
	14  Xamarin Workbooks                   0x000000010355f034 mono_jit_compile_method_with_opt + 660
	15  Xamarin Workbooks                   0x0000000103565406 common_call_trampoline + 1174
	16  Xamarin Workbooks                   0x0000000103564f39 mono_magic_trampoline + 73
	17  ???                                 0x0000000103d2039e 0x0 + 4359062430
	18  ???                                 0x000000013f246df7 0x0 + 5354319351
	19  Xamarin Workbooks                   0x0000000103562894 mono_jit_runtime_invoke + 1316
	20  Xamarin Workbooks                   0x000000010362adf8 do_runtime_invoke + 88
	21  Xamarin Workbooks                   0x000000010362ad06 mono_runtime_invoke + 102
	22  Xamarin Workbooks                   0x000000010379f9b2 _ZL32native_to_managed_trampoline_382P11objc_objectP13objc_selectorPP11_MonoMethodP7NSEventj + 578
	23  Xamarin Workbooks                   0x000000010379fb38 -[InspectSCNView scrollWheel:] + 56
	24  AppKit                              0x00007fff8779dd25 -[NSWindow(NSEventRouting) _reallySendEvent:isDelayedEvent:] + 6735
	25  AppKit                              0x00007fff8779bf0a -[NSWindow(NSEventRouting) sendEvent:] + 541
	26  AppKit                              0x00007fff87620a92 -[NSApplication(NSEvent) sendEvent:] + 2186
	27  AppKit                              0x00007fff86e9b427 -[NSApplication run] + 1002
	28  AppKit                              0x00007fff86e65e0e NSApplicationMain + 1237
	29  ???                                 0x00000001074d599e 0x0 + 4417477022
	30  ???                                 0x00000001074d5804 0x0 + 4417476612
	31  Xamarin Workbooks                   0x0000000103562894 mono_jit_runtime_invoke + 1316
	32  Xamarin Workbooks                   0x000000010362adf8 do_runtime_invoke + 88
	33  Xamarin Workbooks                   0x000000010362e299 do_exec_main_checked + 137
	34  Xamarin Workbooks                   0x00000001034c7a7f mono_jit_exec + 287
	35  Xamarin Workbooks                   0x00000001034ca293 mono_main + 9187
	36  Xamarin Workbooks                   0x000000010346c15e xamarin_main + 1182
	37  Xamarin Workbooks                   0x000000010346d0b4 main + 36
	38  libdyld.dylib                       0x00007fff9eb26235 start + 1

Debug info from gdb:

(lldb) command source -s 0 '/tmp/mono-gdb-commands.bC5Wuy'
Executing commands in '/tmp/mono-gdb-commands.bC5Wuy'.
(lldb) process attach --pid 72547
Process 72547 stopped
* thread #1, name = 'tid_307', queue = 'com.apple.main-thread', stop reason = signal SIGSTOP
    frame #0: 0x00007fff9ec553ee libsystem_kernel.dylib`__wait4 + 10
libsystem_kernel.dylib`__wait4:
->  0x7fff9ec553ee <+10>: jae    0x7fff9ec553f8            ; <+20>
    0x7fff9ec553f0 <+12>: movq   %rax, %rdi
    0x7fff9ec553f3 <+15>: jmp    0x7fff9ec4dcd4            ; cerror
    0x7fff9ec553f8 <+20>: retq
Comment 4 Zoltan Varga 2017-07-24 22:30:38 UTC
Testcase:
<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
using System;
using System.Numerics;

public class Tests
{
	public virtual Vector3 Position { get; set; }

	public void foo (Vector3 offset) => Position += offset;

	public static void Main () {
		var o = new Tests ();
		o.foo (new Vector3 (1, 2, 3));
	}
}
>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Comment 5 Zoltan Varga 2017-07-24 22:34:39 UTC
Fixed in mono master/2017-06 by 11ce9cab628ff32f55c2d34996b90a174ee189fa.