http://bugzilla.novell.com/show_bug.cgi?id=601982
http://bugzilla.novell.com/show_bug.cgi?id=601982#c0 Summary: SIGSEGV in mono_compile_create_var / mono_type_is_long Classification: Mono Product: Mono: Runtime Version: SVN Platform: x86-64 OS/Version: openSUSE 11.2 Status: NEW Severity: Normal Priority: P5 - None Component: JIT AssignedTo: [email protected] ReportedBy: [email protected] QAContact: [email protected] Found By: --- Blocker: --- Created an attachment (id=358656) --> (http://bugzilla.novell.com/attachment.cgi?id=358656) assembly that cause the sigsegv gdb --args mono --security=core-clr --compile-all bin/System.Xml.sigabrt.8429.dll .. Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff62c5910 (LWP 14487)] 0x0000000000419daa in mono_compile_create_var (cfg=0xd8e010, type=0xbf9120, opcode=326) at mini.c:1033 1033 if (mono_type_is_long (type)) (gdb) p type $1 = (MonoType *) 0xbf9120 (gdb) p *type $2 = {data = {klass = "System.Xml.XmlTokenizedType", type = 0xbf9058, array = 0xbf9058, method = 0xbf9058, generic_param = 0xbf9058, generic_class = 0xbf9058}, attrs = 0, type = MONO_TYPE_VALUETYPE, num_mods = 0, byref = 0, pinned = 0, modifiers = 0xbf912c} (gdb) bt #0 0x0000000000419daa in mono_compile_create_var (cfg=0xd8e010, type=0xbf9120, opcode=326) at mini.c:1033 #1 0x000000000041e3c1 in mono_compile_create_vars (cfg=0xd8e010) at mini.c:2973 #2 0x00000000004218db in mini_method_compile (method="System.Xml.XmlSchemaDatatype:get_TokenizedType ()", opts=51472895, domain=0x7ffff7e7dd48, run_cctors= 0, compile_aot=0, parts=0) at mini.c:4040 #3 0x00000000004ac6ca in compile_all_methods_thread_main (args=0x7fffffffdbb0) at driver.c:879 #4 0x000000000063db1c in start_wrapper (data=0xabd780) at threads.c:747 #5 0x000000000066db83 in thread_start_routine (args=0xa9f968) at wthreads.c:285 #6 0x000000000069ff7d in GC_start_routine (arg=0x7ffff7e2afc0) at pthread_support.c:1390 #7 0x00007ffff709c65d in start_thread (arg=<value optimized out>) at pthread_create.c:297 #8 0x00007ffff6e0be1d in clone () from /lib64/libc.so.6 #9 0x0000000000000000 in ?? () The issue is that mono_type_get_underlying_type can return NULL and the macro does not check for a NULL value. #define mono_type_is_long(type) (!(type)->byref && ((mono_type_get_underlying_type (type)->type == MONO_TYPE_I8) || (mono_type_get_underlying_type (type)->type == MONO_TYPE_U8))) (gdb) p mono_type_get_underlying_type (type) $3 = (MonoType *) 0x0 This either needs to be detected earlier (verifier) or the macro needs to deal with the NULL value. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the QA contact for the bug. _______________________________________________ mono-bugs maillist - [email protected] http://lists.ximian.com/mailman/listinfo/mono-bugs
