dartfuzz Profiler::SampleThread crash #62183
Description
https://ci.chromium.org/ui/p/dart/builders/ci.sandbox/fuzz-linux/4916/overview
swarming_bot_logs: 2025-12-06 03:38:07.586: run_command(['/b/s/w/ir/out/ReleaseX64/dart', 'runtime/tools/dartfuzz/dartfuzz_test.dart', '--isolates', '8', '--no-show-stats', '--time', '1800', '--shards=50', '--shard=28', '--output-directory=/b/s/w/ioft8bcf7r'], /b/s/w/ir, 3600.0, 30.0, False, Containment<NONE, 0, 0>)
SHARD 28 OF 50
**
**** Dart Fuzz Testing Session
**
Fuzz Version : 1.101
Dart SDK Revision :
Isolates : 8
Tests : 1000
Time : 1800 seconds
True Divergence : true
Show Stats : false
Dart Dev : .
Isolate (/b/s/w/it8j26i93t/dart_fuzzWKHCVN) NO-FP NO-FFI FLAT : JIT-ReleaseX64C - JIT-ReleaseSIMARM64: start
Isolate (/b/s/w/it8j26i93t/dart_fuzzYMVQSW) NO-FP NO-FFI FLAT : JIT-ReleaseX64C - JIT-ReleaseSIMARM64: start
Isolate (/b/s/w/it8j26i93t/dart_fuzzJMRSFK) NO-FP NO-FFI FLAT : JIT-DebugSIMARM64C - JIT-ReleaseX64: start
Isolate (/b/s/w/it8j26i93t/dart_fuzzLJNTXE) NO-FP NO-FFI FLAT : JIT-DebugSIMARM - JIT-DebugSIMARM64C: start
Isolate (/b/s/w/it8j26i93t/dart_fuzzJZSULD) NO-FP NO-FFI FLAT : JIT-ReleaseSIMRISCV64 - JIT-ReleaseSIMARM: start
Isolate (/b/s/w/it8j26i93t/dart_fuzzEZSBUH) NO-FP NO-FFI FLAT : JIT-ReleaseSIMARM64C - AOT-DebugX64C: start
Isolate (/b/s/w/it8j26i93t/dart_fuzzBODYCC) NO-FP NO-FFI FLAT : JIT-ReleaseSIMARM - AOT-DebugX64C: start
Isolate (/b/s/w/it8j26i93t/dart_fuzzAUNUCH) NO-FP NO-FFI NO-FLAT : JIT-DebugSIMRISCV32 - AOT-DebugX64: start
Isolate (/b/s/w/it8j26i93t/dart_fuzzYMVQSW) NO-FP NO-FFI FLAT : JIT-ReleaseX64C - JIT-ReleaseSIMARM64: !DIVERGENCE! 1.101:763142532 (0 vs -11)
fail2:
-11
===== CRASH =====
si_signo=Segmentation fault(11), si_code=SEGV_MAPERR(1), si_addr=0x8
version=3.11.0-edge (main) (Unknown timestamp) on "linux_simarm64"
pid=687512, thread=687596, isolate_group=main(0x63c7cc236180), isolate=main(0x63c7cc216a50)
os=linux, arch=arm64, comp=no, sim=yes
isolate_instructions=63c7c119ada0, vm_instructions=63c7c119ada0
fp=7fe9fc37dba0, sp=7fe9fc37db80, pc=63c7c142f941
pc 0x000063c7c142f941 fp 0x00007fe9fc37dba0 dart::ProfilerDartStackWalker::walk+0x111
pc 0x000063c7c142fe1a fp 0x00007fe9fc37dce0 dart::Profiler::SampleThread+0x44a
pc 0x000063c7c148a795 fp 0x00007fe9fc37de30 dart::ThreadInterrupterLinux::ThreadInterruptSignalHandler+0xb5
pc 0x00007fea26842520 fp 0x00007fe9fc37e480 /lib/x86_64-linux-gnu/libc.so.6+0x42520
pc 0x000063c7c1474500 fp 0x00007fe9fc37e540 dart::Simulator::ExecuteNoTrace+0x370
pc 0x000063c7c147490d fp 0x00007fe9fc37e5f0 dart::Simulator::Call+0x26d
pc 0x000063c7c135a04d fp 0x00007fe9fc37e670 dart::DartEntry::InvokeFunction+0x1cd
pc 0x000063c7c135ba1d fp 0x00007fe9fc37e6b0 dart::DartLibraryCalls::HandleMessage+0x11d
pc 0x000063c7c137abc6 fp 0x00007fe9fc37ec40 dart::IsolateMessageHandler::HandleMessage+0x336
pc 0x000063c7c139db80 fp 0x00007fe9fc37ecb0 dart::MessageHandler::HandleMessages+0x130
pc 0x000063c7c139df70 fp 0x00007fe9fc37ed00 dart::MessageHandler::TaskCallback+0x1e0
pc 0x000063c7c148b057 fp 0x00007fe9fc37ed60 dart::ThreadPool::WorkerLoop+0x117
pc 0x000063c7c148b2b2 fp 0x00007fe9fc37ed90 dart::ThreadPool::Worker::Main+0x72
pc 0x000063c7c142b629 fp 0x00007fe9fc37ee50 dart::ThreadStart+0xd9
-- End of DumpStackTrace
-- BEGIN REPRODUCE --
DART SDK REVISION:
dart runtime/tools/dartfuzz/dartfuzz.dart --no-fp --no-ffi --flat --seed 763142532 fuzz.dart
-- RUN 1 --
out/ReleaseX64C/dart --profiler --runtime_allocate_spill_tlab --inlining_callee_size_threshold=167 --no_intrinsify --old_gen_heap_size=128 /b/s/w/it8j26i93t/dart_fuzzYMVQSW/fuzz.dart
-- RUN 2 --
out/ReleaseSIMARM64/dart --profiler --max_profile_depth=229 --sample_buffer_duration=33 --old_gen_heap_size=128 /b/s/w/it8j26i93t/dart_fuzzYMVQSW/fuzz.dart
-- END REPRODUCE --