[Mono-bugs] [Bug 562009] [verifier] SIGSEGV in mono_method_signature on a bad assembly

bugzilla_noreply at novell.com bugzilla_noreply at novell.com
Mon Dec 6 11:27:34 EST 2010 

https://bugzilla.novell.com/show_bug.cgi?id=562009

https://bugzilla.novell.com/show_bug.cgi?id=562009#c6


Sebastien Pouliot <spouliot at novell.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|RESOLVED                    |REOPENED
            Version|2.6.x                       |SVN
         Resolution|FIXED                       |

--- Comment #6 from Sebastien Pouliot <spouliot at novell.com> 2010-12-06 16:27:32 UTC ---
I'm hitting my same (local) assert again - likely a similar case (i.e. not a
regression).

[mono] ~/git/moon/fuzz @ MONO_PATH=./bin gdb --args pedump --verify all
bin/System.Windows.Browser.sigabrt.111637.dll
GNU gdb (GDB) SUSE (7.1-3.12)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i586-suse-linux".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /opt/mono/bin/pedump...done.
(gdb) run
Starting program: /opt/mono/bin/pedump --verify all
bin/System.Windows.Browser.sigabrt.111637.dll
Missing separate debuginfo for /lib/ld-linux.so.2
Try: zypper install -C
"debuginfo(build-id)=fbaee3f5e15417f014dc59b0561eb7192ff04c5c"
Missing separate debuginfo for /lib/libm.so.6
Try: zypper install -C
"debuginfo(build-id)=cea8cd6cde71d5c31abbfd61e716cf37338e92f3"
Missing separate debuginfo for /lib/librt.so.1
Try: zypper install -C
"debuginfo(build-id)=bbf8c6d2b93765386aea68bdc7705f0ed559fa4d"
Missing separate debuginfo for /lib/libdl.so.2
Try: zypper install -C
"debuginfo(build-id)=580696b460256b20961976ebf3b100e5a4c03c10"
Missing separate debuginfo for /lib/libpthread.so.0
Try: zypper install -C
"debuginfo(build-id)=9f6e60de92fe5ba3711a0b7188a194d4a3bf790c"
[Thread debugging using libthread_db enabled]
Missing separate debuginfo for /lib/libc.so.6
Try: zypper install -C
"debuginfo(build-id)=694c111567b7c83a6f1b97bb28f6687dbd0d3057"
me [11] it [1e] -- '0'
* Assertion at loader.c:2204, condition `m' not met


Program received signal SIGABRT, Aborted.
0xffffe424 in __kernel_vsyscall ()
(gdb) bt
#0  0xffffe424 in __kernel_vsyscall ()
#1  0xb7e2e7ff in raise () from /lib/libc.so.6
#2  0xb7e30140 in abort () from /lib/libc.so.6
#3  0x08198a3a in monoeg_g_logv (log_domain=0x0, log_level=G_LOG_LEVEL_ERROR,
format=0x81a75d4 "* Assertion at %s:%d, condition `%s' not met\n", 
    args=0xbfffec34 "wt\032\b\234\b") at goutput.c:134
#4  0x08198ab9 in monoeg_assertion_message (format=0x81a75d4 "* Assertion at
%s:%d, condition `%s' not met\n") at goutput.c:154
#5  0x0807d197 in mono_method_signature_checked (m=0x0, error=0xbfffed2c) at
loader.c:2204
#6  0x080b8f54 in mono_verifier_verify_methodimpl_row (image=0x8261508, row=1,
error=0xbfffed2c) at metadata-verify.c:4269
#7  0x080a4d95 in mono_class_get_overrides_full (image=0x8261508,
type_token=33554460, overrides=0xbfffee40, num_overrides=0xbfffee3c,
generic_context=0x0)
    at metadata.c:5658
#8  0x0805eff1 in mono_class_setup_vtable_full (class=0x828a814,
in_setup=0x827f508) at class.c:3456
#9  0x0805ee3d in mono_class_setup_vtable (class=0x828a814) at class.c:3392
#10 0x08050c20 in verify_image_file (fname=0xbffff29c
"bin/System.Windows.Browser.sigabrt.111637.dll") at pedump.c:488
#11 0x0805146f in main (argc=4, argv=0xbffff034) at pedump.c:700
(gdb) up 6
#6  0x080b8f54 in mono_verifier_verify_methodimpl_row (image=0x8261508, row=1,
error=0xbfffed2c) at metadata-verify.c:4269
4269        if (!(decl_sig = mono_method_signature_checked (declaration,
error))) {
(gdb) p declaration
$1 = (MonoMethod *) 0x0


Looks like the following

    declaration = method_from_method_def_or_ref (image, data
[MONO_METHODIMPL_DECLARATION], NULL);
    if (mono_loader_get_last_error ()) {
        mono_loader_clear_error ();
        mono_error_set_bad_image (error, image, "Invalid methodimpl declaration
for row %x", row);
        return FALSE;
    }

can return NULL without setting an error, which leads to a SEGSIGV later (or a
SIGABRT in my case).

-- 
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

More information about the mono-bugs mailing list