[Mono-bugs] [Bug 45817][Maj] Changed - nullref when initing multi-bounded arrays
bugzilla-daemon@bugzilla.ximian.com
bugzilla-daemon@bugzilla.ximian.com
Fri, 26 Sep 2003 01:42:50 -0400 (EDT)
Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.
Changed by mass@akuma.org.
http://bugzilla.ximian.com/show_bug.cgi?id=45817
--- shadow/45817 2003-07-10 10:30:10.000000000 -0400
+++ shadow/45817.tmp.26017 2003-09-26 01:42:50.000000000 -0400
@@ -475,6 +475,70 @@
in <0x00037> 00 TestInitialize.testinit:.cctor ()
--- End of inner exception stack trace ---
------- Additional Comments From bmaurer@users.sf.net 2003-07-10 10:30 -------
*** Bug 45990 has been marked as a duplicate of this bug. ***
+
+------- Additional Comments From mass@akuma.org 2003-09-26 01:42 -------
+YATC:
+using System;
+
+public class T
+{
+ public static int Main()
+ {
+ string[,] tab = create();
+ return tab.GetLength(0);
+ }
+
+ public static string[,] create()
+ {
+ string[,] tab = {
+ { "a" }, { "b" }, { "c" }, { "d" }, { "e" }, { "f" }, { "g" }, { "h" },
+ { "i" }, { "j" }, { "k" }, { "l" }, { "m" }, { "n" }, { "o" }, { "p" },
+ { "q" }, { "r" }, { "s" }, { "t" }, { "u" }, { "v" }, { "w" }, { "x" },
+ { "y" }, { "z" }, { "1" }, { "2" }, { "3" }, { "4" }, { "5" }, { "6" },
+ };
+ return tab;
+ }
+}
+
+
+Removing the last (32nd) value lets it work. On my system, it gives an
+Unhandled Exception: System.IndexOutOfRangeException: Array index is
+out of range
+in [0x00008] (at /home/mass/src/mono/test7.cs:19) .T:create ()
+in [0x00000] (at /home/mass/src/mono/test7.cs:7) .T:Main ()
+
+the behavior also changes depending on whether I specify --debug and
+the number of -v's I add to the mono runtime.
+
+The most interesting error happens right towards what I assume to be
+the end of register allocation:
+
+processing: 6 call R8 <- clobbers: c
+ assigned dreg %eax to dest R8
+ freeable %eax (R8) (born in 6)
+processing: 5 x86_push_imm
+processing: 4 x86_push_imm
+processing: 3 x86_push_imm
+processing: 2 iconst %esi <-
+processing: 1 store_membase_imm %ebp <-
+
+** (test7.exe:6084): WARNING **: unknown opcode ldarg.s in
+mono_arch_output_basic_block()
+
+
+** ERROR **: file mini-x86.c: line 2955
+(mono_arch_output_basic_block): should not be reached
+aborting...
+
+I've tried changing the dimensions of the array around; for all the
+configurations I tried, [n,m] breaks if n*m >= 32.
+
+IMHO signs point towards a buffer overflow, possibly during register
+allocation. I'm really not familiar enough with the mono code or code
+generation to truely confirm this.
+
+I believe it would be much faster for someone with more experience to
+solve this bug.