[Mono-bugs] [Bug 560330] [verifier] abort in mono_metadata_token_from_dor on bad assembly

Wed Jan 6 08:51:01 EST 2010

http://bugzilla.novell.com/show_bug.cgi?id=560330

http://bugzilla.novell.com/show_bug.cgi?id=560330#c3

Sebastien Pouliot <spouliot at novell.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #330761|0                           |1
        is obsolete|                            |

--- Comment #3 from Sebastien Pouliot <spouliot at novell.com> 2010-01-06 13:50:59 UTC ---
Created an attachment (id=335155)
 --> (http://bugzilla.novell.com/attachment.cgi?id=335155)
assembly to reproduce crash

Well it did not take long to find another case ;-) this time with the
2.1/moonlight profile. note: only x86_64 tested this morning.

MONO_PATH=/opt/mono/lib/moonlight/plugin/ gdb --args pedump --verify all
System.Xml.sigabrt.7096.dll

** ERROR:(metadata.c:3242):mono_metadata_token_from_dor: code should not be
reached
[New Thread 0x7f98e3030710 (LWP 25937)]

Program received signal SIGABRT, Aborted.
[Switching to Thread 0x7f98e3030710 (LWP 25937)]
0x00007f98e1b9d5c5 in raise () from /lib64/libc.so.6
(gdb) bt
#0  0x00007f98e1b9d5c5 in raise () from /lib64/libc.so.6
#1  0x00007f98e1b9ebb3 in abort () from /lib64/libc.so.6
#2  0x00007f98e29cb2c7 in g_assertion_message () from
/usr/lib64/libglib-2.0.so.0
#3  0x000000000045a0f2 in mono_metadata_token_from_dor (dor_index=3) at
metadata.c:3242
#4  0x0000000000456a20 in mono_metadata_parse_typedef_or_ref (m=0x8ac240, 
    ptr=0x7f98e1ae193d
"\n\a\006\b\b\b\003\003\021\200�\005\a\001\022\201�\005\a\001\022\201\230\006\a\002\002\021\200\230\006\a\002\016\021\200\230\f\a\005\022\201l\002\034\022u\022\200�\002\035\005\002\035\003\003",
rptr=0x7fffeb0504a8) at metadata.c:1215
#5  0x0000000000456a93 in mono_metadata_parse_custom_mod (m=0x8ac240,
dest=0x7fffeb050440, 
    ptr=0x7f98e1ae193b
"\037\003\n\a\006\b\b\b\003\003\021\200�\005\a\001\022\201�\005\a\001\022\201\230\006\a\002\002\021\200\230\006\a\002\016\021\200\230\f\a\005\022\201l\002\034\022u\022\200�\002\035\005\002\035\003\003",
rptr=0x7fffeb0504a8) at metadata.c:1237
#6  0x0000000000457219 in mono_metadata_parse_type_full (m=0x8ac240,
container=0x0, mode=MONO_PARSE_LOCAL, opt_attrs=0, 
    ptr=0x7f98e1ae193b
"\037\003\n\a\006\b\b\b\003\003\021\200�\005\a\001\022\201�\005\a\001\022\201\230\006\a\002\002\021\200\230\006\a\002\016\021\200\230\f\a\005\022\201l\002\034\022u\022\200�\002\035\005\002\035\003\003",
rptr=0x7fffeb050540) at metadata.c:1574
#7  0x0000000000459d3d in mono_metadata_parse_mh_full (m=0x8ac240,
container=0x0, ptr=0x7f98e1acfcd4 "\003\027(>\002") at metadata.c:3031
#8  0x000000000043a23d in mono_method_get_header (method=0x952e98) at
loader.c:2277
#9  0x00000000004ca342 in mono_method_verify (method=0x952e98, level=135) at
verify.c:4945
#10 0x000000000040e79f in dump_verify_info (image=0x8ac240, flags=135) at
pedump.c:375
#11 0x000000000040f4f1 in main (argc=4, argv=0x7fffeb050e98) at pedump.c:730
(gdb) up 3
#3  0x000000000045a0f2 in mono_metadata_token_from_dor (dor_index=3) at
metadata.c:3242
3242            g_assert_not_reached ();
(gdb) up
#4  0x0000000000456a20 in mono_metadata_parse_typedef_or_ref (m=0x8ac240, 
    ptr=0x7f98e1ae193d
"\n\a\006\b\b\b\003\003\021\200�\005\a\001\022\201�\005\a\001\022\201\230\006\a\002\002\021\200\230\006\a\002\016\021\200\230\f\a\005\022\201l\002\034\022u\022\200�\002\035\005\002\035\003\003",
rptr=0x7fffeb0504a8) at metadata.c:1215
1215        return mono_metadata_token_from_dor (token);
(gdb) p m->name
$1 = 0x87ff00 "/home/poupou/svn/moon-3-0/fuzz/bin/System.Xml.sigabrt.7096dll"
(gdb) p token
$2 = 3

-- 
Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.