[Mono-bugs] [Bug 651682] New: [verifier] SIGABRT in mono_metadata_decode_row

bugzilla_noreply at novell.com bugzilla_noreply at novell.com
Fri Nov 5 11:38:02 EDT 2010 

https://bugzilla.novell.com/show_bug.cgi?id=651682

https://bugzilla.novell.com/show_bug.cgi?id=651682#c0


           Summary: [verifier] SIGABRT in mono_metadata_decode_row
    Classification: Mono
           Product: Mono: Runtime
           Version: SVN
          Platform: x86
        OS/Version: openSUSE 11.3
            Status: NEW
          Severity: Normal
          Priority: P5 - None
         Component: verifier
        AssignedTo: rkumpera at novell.com
        ReportedBy: spouliot at novell.com
         QAContact: mono-bugs at lists.ximian.com
          Found By: ---
           Blocker: ---


Created an attachment (id=398793)
 --> (http://bugzilla.novell.com/attachment.cgi?id=398793)
assembly to reproduce abort

MONO_PATH=./bin gdb --args pedump --verify all
bin/Microsoft.VisualBasic.sigabrt.4655.dll

* Assertion at metadata.c:966, condition `idx >= 0' not met


Program received signal SIGABRT, Aborted.
0xffffe424 in __kernel_vsyscall ()
(gdb) bt
#0  0xffffe424 in __kernel_vsyscall ()
#1  0xb7e2e7ff in raise () from /lib/libc.so.6
#2  0xb7e30140 in abort () from /lib/libc.so.6
#3  0x08199c86 in monoeg_g_logv (log_domain=0x0, log_level=G_LOG_LEVEL_ERROR,
format=0x81aceb0 "* Assertion at %s:%d, condition `%s' not met\n", 
    args=0xbfffea04 "\242\316\032\b\306\003") at goutput.c:134
#4  0x08199d05 in monoeg_assertion_message (format=0x81aceb0 "* Assertion at
%s:%d, condition `%s' not met\n") at goutput.c:154
#5  0x0809cbd9 in mono_metadata_decode_row (t=0x8290618, idx=-1,
res=0xbfffea68, res_size=1) at metadata.c:966
#6  0x080a120c in mono_metadata_parse_mh_full (m=0x82904e8, container=0x0,
ptr=0xb7bd08a8 "") at metadata.c:3494
#7  0x0807da39 in mono_method_get_header (method=0x82ad14c) at loader.c:2417
#8  0x081150b9 in mono_method_verify (method=0x82ad14c, level=135) at
verify.c:4545
#9  0x080508a2 in dump_verify_info (image=0x82904e8, flags=135) at pedump.c:369
#10 0x0805167c in main (argc=4, argv=0xbffff034) at pedump.c:735
(gdb) up 5
#5  0x0809cbd9 in mono_metadata_decode_row (t=0x8290618, idx=-1,
res=0xbfffea68, res_size=1) at metadata.c:966
966        g_assert (idx >= 0);
(gdb) up
#6  0x080a120c in mono_metadata_parse_mh_full (m=0x82904e8, container=0x0,
ptr=0xb7bd08a8 "") at metadata.c:3494
3494            mono_metadata_decode_row (t, idx, cols, 1);

Note that there's already a check
        if (idx >= t->rows)
            return NULL;
in mono_metadata_decode_row which guards against the
    g_assert (idx < t->rows);
so maybe this condition (< 0) should also be checked by the caller ? 
or a *_checked function should spot this to avoid duplicated checks

-- 
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

More information about the mono-bugs mailing list