Bug 6112 - AOT: Crash in imt_thunks
Summary: AOT: Crash in imt_thunks
Alias: None
Product: Runtime
Classification: Mono
Component: General ()
Version: unspecified
Hardware: PC Windows
: --- normal
Target Milestone: ---
Assignee: Bugzilla
Depends on:
Reported: 2012-07-13 09:58 UTC by Virgile Bello
Modified: 2012-07-16 12:15 UTC (History)
3 users (show)

Is this bug a regression?: ---
Last known good build:

File reproducing the issue. (780 bytes, text/plain)
2012-07-13 09:58 UTC, Virgile Bello

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.

Please create a new report on GitHub or Developer Community with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:

Description Virgile Bello 2012-07-13 09:58:56 UTC
Created attachment 2192 [details]
File reproducing the issue.

Attached file reproduces the issue (happens only in full AOT).
Crashes happen in "imt_thunks" (output: Trace/breakpoint trap (core dumped))

I investigated little bit in mono internals and found it was due to imt_thunks. Checked imt_thunks assembly code (seems good) and generated/called IMT thunks.

Basically, it seems the issue is that, in this test case, IEnumerable<A>.get_Current() is the method registered registered in IMT, but IEnumerable<object>.get_Current() is the one requested (probably due to contravariance).

Note that interestingly, it fails only when requesting the second item (second call to IEnumerable<object>.get_Current(), first one seems OK). Actually in this case the bug only happens when collection has more than 1 element.

It also happened in some other cases as well that seemed related to collections/enumerables, easily triggered when using Linq and/or using collections (not sure yet how much will be working by fixing this specific test).

I plan to try to fix it next week when I get back to work, but if someone happens to know better the internals and how to fix it quickly, some hints/confirmation/help would be welcome!
Comment 1 Zoltan Varga 2012-07-15 09:00:02 UTC
Fixed in master.
Comment 2 Virgile Bello 2012-07-15 22:32:28 UTC
Thank for your help, saw the fix.
However I couldn't test it because I run in x64 full aot, do you think it's possible to fix it for x64 as well?
Comment 3 Zoltan Varga 2012-07-15 23:14:09 UTC
Should be fixed.
Comment 4 Virgile Bello 2012-07-16 11:34:08 UTC
Thanks for your help, looks good!

I could test it and there was a small compilation error (mono_x86_patch renamed to mono_amd64_patch) and also I removed extra indirection (amd64_mov_reg_membase => amd64_alu_reg_imm: causing crash).

I fixed it in pull request: https://github.com/mono/mono/pull/391
Please merge it if it looks good to you!
Comment 5 Zoltan Varga 2012-07-16 12:15:22 UTC
-> fixed.