[Mono-bugs] [Bug 560834] [verifier] SIGSEGV in method_from_methodspec on a bad assembly

bugzilla_noreply at novell.com bugzilla_noreply at novell.com
Wed Nov 17 09:46:34 EST 2010


https://bugzilla.novell.com/show_bug.cgi?id=560834

https://bugzilla.novell.com/show_bug.cgi?id=560834#c5


Sebastien Pouliot <spouliot at novell.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
 Attachment #331065|0                           |1
        is obsolete|                            |
 Attachment #354708|0                           |1
        is obsolete|                            |
 Attachment #377440|0                           |1
        is obsolete|                            |

--- Comment #5 from Sebastien Pouliot <spouliot at novell.com> 2010-11-17 14:46:32 UTC ---
Created an attachment (id=400812)
 --> (http://bugzilla.novell.com/attachment.cgi?id=400812)
assembly to reproduce abort

note: I have, locally, a SIGABRT since I have an additional assert to help
fuzzing - but the SIGSEGV would still occur.

loader.c:1082
    g_assert (inst); // 560834
    if (context && inst->is_open) {
..

[mono] ~/git/moon/fuzz @ MONO_PATH=./bin gdb --args pedump --verify all
bin/System.Windows.Browser.sigabrt.23686.dll
GNU gdb (GDB) SUSE (7.1-3.12)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "i586-suse-linux".
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>...
Reading symbols from /opt/mono/bin/pedump...done.
(gdb) run
Starting program: /opt/mono/bin/pedump --verify all
bin/System.Windows.Browser.sigabrt.23686.dll
Missing separate debuginfo for /lib/ld-linux.so.2
Try: zypper install -C
"debuginfo(build-id)=fbaee3f5e15417f014dc59b0561eb7192ff04c5c"
Missing separate debuginfo for /lib/libm.so.6
Try: zypper install -C
"debuginfo(build-id)=cea8cd6cde71d5c31abbfd61e716cf37338e92f3"
Missing separate debuginfo for /lib/librt.so.1
Try: zypper install -C
"debuginfo(build-id)=bbf8c6d2b93765386aea68bdc7705f0ed559fa4d"
Missing separate debuginfo for /lib/libdl.so.2
Try: zypper install -C
"debuginfo(build-id)=580696b460256b20961976ebf3b100e5a4c03c10"
Missing separate debuginfo for /lib/libpthread.so.0
Try: zypper install -C
"debuginfo(build-id)=9f6e60de92fe5ba3711a0b7188a194d4a3bf790c"
[Thread debugging using libthread_db enabled]
Missing separate debuginfo for /lib/libc.so.6
Try: zypper install -C
"debuginfo(build-id)=694c111567b7c83a6f1b97bb28f6687dbd0d3057"
me [12] it [15] -- 'System.Collections.Generic.Dictionary`2'
* Assertion at loader.c:1082, condition `inst' not met


Program received signal SIGABRT, Aborted.
0xffffe424 in __kernel_vsyscall ()
(gdb) bt
#0  0xffffe424 in __kernel_vsyscall ()
#1  0xb7e2e7ff in raise () from /lib/libc.so.6
#2  0xb7e30140 in abort () from /lib/libc.so.6
#3  0x0819a4f2 in monoeg_g_logv (log_domain=0x0, log_level=G_LOG_LEVEL_ERROR,
format=0x81a9f34 "* Assertion at %s:%d, condition `%s' not met\n", 
    args=0xbfffe814 "ם\032\b:\004") at goutput.c:134
#4  0x0819a571 in monoeg_assertion_message (format=0x81a9f34 "* Assertion at
%s:%d, condition `%s' not met\n") at goutput.c:154
#5  0x0807ab32 in method_from_methodspec (image=0x828db58, context=0x82a6f84,
idx=2) at loader.c:1082
#6  0x0807bb04 in mono_get_method_from_token (image=0x828db58, token=721420290,
klass=0x0, context=0x82a6f84, used_context=0xbfffe9d4) at loader.c:1572
#7  0x0807bfd1 in mono_get_method_full (image=0x828db58, token=721420290,
klass=0x0, context=0x82a6f84) at loader.c:1695
#8  0x08106f10 in verifier_load_method (ctx=0xbfffeb2c, token=721420290,
opcode=0x81bb59a "call") at verify.c:930
#9  0x0810c5fa in do_invoke_method (ctx=0xbfffeb2c, method_token=721420290,
virtual=0) at verify.c:2932
#10 0x08117f8a in mono_method_verify (method=0x82a6eac, level=135) at
verify.c:5095
#11 0x080508a2 in dump_verify_info (image=0x828db58, flags=135) at pedump.c:369
#12 0x0805167c in main (argc=4, argv=0xbffff034) at pedump.c:735

-- 
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.


More information about the mono-bugs mailing list