[Mono-bugs] [Bug 77774][Nor] Changed - amd64: Sigsegv with boo interpreter

bugzilla-daemon at bugzilla.ximian.com bugzilla-daemon at bugzilla.ximian.com
Mon Mar 13 14:40:28 EST 2006 

Please do not reply to this email- if you want to comment on the bug, go to the
URL shown below and enter your comments there.

Changed by miguel at ximian.com.

http://bugzilla.ximian.com/show_bug.cgi?id=77774

--- shadow/77774	2006-03-13 13:42:12.000000000 -0500
+++ shadow/77774.tmp.703	2006-03-13 14:40:28.000000000 -0500
@@ -1,17 +1,17 @@
 Bug#: 77774
 Product: Mono: Runtime
 Version: 1.1
 OS: unknown
 OS Details: gentoo - amd64
-Status: REOPENED   
+Status: NEW   
 Resolution: 
 Severity: Unknown
 Priority: Normal
 Component: JIT
-AssignedTo: lupus at ximian.com                            
+AssignedTo: vargaz at gmail.com                            
 ReportedBy: psofa.psofa at gmail.com               
 QAContact: mono-bugs at ximian.com
 TargetMilestone: ---
 URL: 
 Cc: 
 Summary: amd64: Sigsegv with boo interpreter
@@ -167,6 +167,89 @@
 /home/builder/t/install/lib/mono/gac/policy.0.5.Boo.Lang.resources/0.0.0.0_en-us_32c39770e9a21a67/policy.0.5.Boo.Lang.resources.dll
 
 So it fails silently after that, although the source of the problem
 seems to the be the earlier NullReference which does not happen on x86
 
 
+
+------- Additional Comments From miguel at ximian.com  2006-03-13 14:40 -------
+Update: building with the latest Boo (instead of the Boo I had on my
+box from packages) produces a crash:
+
+
+(gdb) mono_backtrace 10
+#0 0x40233ff0 in  System.Type:get_Attributes () + 0x18 (0x40233fd8
+0x40233ff5) [0x2aaaab74be60 - tt.exe]#2  0x0000000000eb41f0 in ?? ()
+#3  0x00002aaaac2c0ed0 in ?? ()
+#4  0x0000000000000000 in ?? ()
+#4 0x40291d67 in  System.Type:get_IsPublic () + 0x17 (0x40291d50
+0x40291d85) [0x2aaaab74be60 - tt.exe]#6  0x00002aaaac100c60 in ?? ()
+#7  0x00002aaaac3676c0 in ?? ()
+#7 0x4028bf62 in  System.IO.SynchronizedWriter:WriteLine
+(string,object) + 0x4a (0x4028bf18 0x4028bf80) [0x2aaaab74be60 -
+tt.exe]#8 0x402919c2 in 
+Boo.Lang.Compiler.Steps.InitializeNameResolutionService:OrganizeAssemblyTypes
+(System.Reflection.Assembly) + 0xc2 (0x40291900 0x40291a86)
+[0x2aaaab74be60 - tt.exe]#10 0x00002aaaabf3e258 in ?? ()
+
+(gdb) p mono_pmip (0x40233ff0)
+$19 = 0xec46f0 " System.Type:get_Attributes () + 0x18 (0x40233fd8
+0x40233ff5) [0x2aaaab74be60 - tt.exe]"
+(gdb) x/20i 0x40233fd8
+0x40233fd8:     sub    $0x18,%rsp
+0x40233fdc:     mov    %rdi,(%rsp)
+0x40233fe0:     mov    (%rsp),%rax
+0x40233fe4:     mov    %rax,%rdi
+0x40233fe7:     mov    (%rax),%rax
+0x40233fea:     callq  *0x578(%rax)
+0x40233ff0:     add    $0x18,%rsp
+0x40233ff4:     retq
+
+The code for this chunk is in class/corlib/Type.cs, and it just
+delegates that to a virtual method in MonoType.cs.
+
+Now, the issue is that Boo has executed this code before a number of
+times, at least once before:
+
+I believe this is right:
+
+(gdb) x/g $rsp-20
+0x7fff(gdb) p *((MonoObject *)0x00002aaaac0a0f18)->vtable->klass
+$21 = {image = 0x6c0b30, enum_basetype = 0x0, element_class =
+0x879090, cast_class = 0x879090, rank = 0 '\0', inited = 1,
+  init_pending = 0, size_inited = 1, valuetype = 0, enumtype = 0,
+blittable = 0, unicode = 0, wastypebuilder = 0, min_align = 8,
+  packing_size = 0, ghcimpl = 0, has_finalize = 0, marshalbyref = 1,
+contextbound = 0, delegate = 0, gc_descr_inited = 1,
+  has_cctor = 0, dummy = 0, has_references = 1, has_static_refs = 0,
+no_special_static_fields = 0, exception_type = 0 '\0',
+  exception_data = 0x0, declsec_flags = 0, parent = 0x751150,
+nested_in = 0x0, nested_classes = 0x0, type_token = 33555010,
+  name = 0x2aaaab8ee868 "SynchronizedWriter", name_space =
+0x2aaaab8ec4d4 "System.IO", supertypes = 0x8791d0, idepth = 4,
+  interface_count = 0, interface_id = 0, max_interface_id = 10,
+interface_offsets = 0x78379c, interfaces = 0x0, instance_size = 56,
+  class_size = 0, vtable_size = 50, flags = 1056768, field = {first =
+1535, count = 2}, method = {first = 7213, count = 42},
+  property = {first = 0, count = 0}, event = {first = 0, count = 0},
+marshal_info = 0x0, fields = 0x864790, properties = 0x0,
+  events = 0x0, methods = 0x864800, this_arg = {data = {klass =
+0x879090, type = 0x879090, array = 0x879090, method = 0x879090,
+      generic_param = 0x879090, generic_class = 0x879090}, attrs = 0,
+type = 18, num_mods = 0, byref = 1, pinned = 0,
+    modifiers = 0x87917c}, byval_arg = {data = {klass = 0x879090, type
+= 0x879090, array = 0x879090, method = 0x879090,
+      generic_param = 0x879090, generic_class = 0x879090}, attrs = 0,
+type = 18, num_mods = 0, byref = 0, pinned = 0,
+    modifiers = 0x87918c}, generic_class = 0x0, generic_container =
+0x0, reflection_info = 0x0, gc_descr = 0x3c00000000000001,
+  runtime_info = 0x864950, vtable = 0x87b510}
+ffffe8cc: 0x40017cd300002aaa
+
+It appears as if the vtable entry for 0x578 is empty:
+(gdb) x/g 0x00002aaaac0a0f18 + 0x578
+0x2aaaac0a1490: 0x0000000000000000
+
+This in Boo happens while looping over all the types returned by an
+assembly that seems to have been created internally (its called "input1").
+
+I am using Mono 1.1.13.4 for these tests.

More information about the mono-bugs mailing list