Bug 30741

Summary: MemoryMappedFiles from reference source is causing segfaults
Product: [Mono] Class Libraries Reporter: Dylan Borg <borgdylan>
Component: System.CoreAssignee: marcos.henrich
Status: RESOLVED FIXED    
Severity: normal CC: alex.koeplinger, borgdylan, kumpera, masafa, mono-bugs+mono
Priority: ---    
Version: master   
Target Milestone: Untriaged   
Hardware: PC   
OS: Linux   
Tags: Is this bug a regression?: ---
Last known good build:

Description Dylan Borg 2015-06-03 14:23:20 UTC
After switching the Memory Mapped Files support to being provided by the reference source, a segfault happens when this API is used.

Stacktrace:

  at <unknown> <0xffffffff>
  at (wrapper managed-to-native) System.IO.MemoryMappedFiles.MemoryMapImpl.OpenHandleInternal (intptr,string,long&,System.IO.MemoryMappedFiles.MemoryMappedFileAccess,System.IO.MemoryMappedFiles.MemoryMappedFileOptions,int&) <0xffffffff>
  at System.IO.MemoryMappedFiles.MemoryMapImpl.OpenHandle (intptr,string,long&,System.IO.MemoryMappedFiles.MemoryMappedFileAccess,System.IO.MemoryMappedFiles.MemoryMappedFileOptions) <0x00043>
  at System.IO.MemoryMappedFiles.MemoryMappedFile.CreateFromFile (System.IO.FileStream,string,long,System.IO.MemoryMappedFiles.MemoryMappedFileAccess,System.IO.MemoryMappedFiles.MemoryMappedFileSecurity,System.IO.HandleInheritability,bool) <0x000db>
  at (wrapper runtime-invoke) <Module>.runtime_invoke_object_object_object_long_int_object_int_byte (object,intptr,intptr,intptr) <0xffffffff>
  at <unknown> <0xffffffff>
  at (wrapper managed-to-native) System.Reflection.MonoMethod.InternalInvoke (System.Reflection.MonoMethod,object,object[],System.Exception&) <0xffffffff>
  at System.Reflection.MonoMethod.Invoke (object,System.Reflection.BindingFlags,System.Reflection.Binder,object[],System.Globalization.CultureInfo) <0x0009e>
  at System.Reflection.MethodBase.Invoke (object,object[]) <0x00046>
  at System.Reflection.Internal.MemoryMapLightUp.CreateMemoryMap (System.IO.Stream) <0x00247>
  at System.Reflection.Internal.StreamMemoryBlockProvider.TryCreateMemoryMappedFileBlock (long,int,System.Reflection.Internal.MemoryMappedFileBlock&) <0x0004b>
  at System.Reflection.Internal.StreamMemoryBlockProvider.GetMemoryBlockImpl (int,int) <0x0007b>
  at System.Reflection.Internal.MemoryBlockProvider.GetMemoryBlock (int,int) <0x00065>
  at System.Reflection.PortableExecutable.PEReader.GetMetadataBlock () <0x0006f>
  at System.Reflection.PortableExecutable.PEReader.GetMetadata () <0x00013>
  at System.Reflection.Metadata.PEReaderExtensions.GetMetadataReader (System.Reflection.PortableExecutable.PEReader,System.Reflection.Metadata.MetadataReaderOptions,System.Reflection.Metadata.MetadataStringDecoder) <0x00027>
  at System.Reflection.Metadata.PEReaderExtensions.GetMetadataReader (System.Reflection.PortableExecutable.PEReader) <0x00023>
  at Microsoft.Framework.PackageManager.Utils.LockFileUtils.IsAssemblyServiceable (string) <0x0011f>
  at Microsoft.Framework.PackageManager.Utils.LockFileUtils.CreateLockFileLibrary (Microsoft.Framework.Runtime.DependencyManagement.LockFileLibrary,NuGet.IPackagePathResolver,NuGet.IPackage,string) <0x00393>
  at Microsoft.Framework.PackageManager.RestoreCommand.WriteLockFile (Microsoft.Framework.Runtime.DependencyManagement.LockFile,string,Microsoft.Framework.Runtime.Project,System.Collections.Generic.List`1<Microsoft.Framework.PackageManager.GraphItem>,NuGet.PackageRepository,System.Collections.Generic.IEnumerable`1<Microsoft.Framework.PackageManager.RestoreCommand/TargetContext>) <0x00753>
  at Microsoft.Framework.PackageManager.RestoreCommand.<RestoreForProject>d__77.MoveNext () <0x030cb>
  at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start<Microsoft.Framework.PackageManager.RestoreCommand/<RestoreForProject>d__77> (Microsoft.Framework.PackageManager.RestoreCommand/<RestoreForProject>d__77&) <0x0012b>
  at System.Runtime.CompilerServices.AsyncTaskMethodBuilder<System.Boolean>.Start<Microsoft.Framework.PackageManager.RestoreCommand/<RestoreForProject>d__77> (Microsoft.Framework.PackageManager.RestoreCommand/<RestoreForProject>d__77&) <0x00017>
  at Microsoft.Framework.PackageManager.RestoreCommand.RestoreForProject (string,string,string) <0x0020f>
  at Microsoft.Framework.PackageManager.RestoreCommand.<>c__DisplayClass76_0.<<Execute>b__1>d.MoveNext () <0x00083>
  at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start<Microsoft.Framework.PackageManager.RestoreCommand/<>c__DisplayClass76_0/<<Execute>b__1>d> (Microsoft.Framework.PackageManager.RestoreCommand/<>c__DisplayClass76_0/<<Execute>b__1>d&) <0x00103>
  at System.Runtime.CompilerServices.AsyncTaskMethodBuilder<System.Threading.Tasks.VoidTaskResult>.Start<Microsoft.Framework.PackageManager.RestoreCommand/<>c__DisplayClass76_0/<<Execute>b__1>d> (Microsoft.Framework.PackageManager.RestoreCommand/<>c__DisplayClass76_0/<<Execute>b__1>d&) <0x00017>
  at System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start<Microsoft.Framework.PackageManager.RestoreCommand/<>c__DisplayClass76_0/<<Execute>b__1>d> (Microsoft.Framework.PackageManager.RestoreCommand/<>c__DisplayClass76_0/<<Execute>b__1>d&) <0x00017>
  at Microsoft.Framework.PackageManager.RestoreCommand.<>c__DisplayClass76_0.<Execute>b__1 (string) <0x0018b>
  at Microsoft.Framework.PackageManager.RestoreCommand.<Execute>d__76.MoveNext () <0x0075a>
  at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start<Microsoft.Framework.PackageManager.RestoreCommand/<Execute>d__76> (Microsoft.Framework.PackageManager.RestoreCommand/<Execute>d__76&) <0x000f7>
  at System.Runtime.CompilerServices.AsyncTaskMethodBuilder<System.Boolean>.Start<Microsoft.Framework.PackageManager.RestoreCommand/<Execute>d__76> (Microsoft.Framework.PackageManager.RestoreCommand/<Execute>d__76&) <0x00017>
  at Microsoft.Framework.PackageManager.RestoreCommand.Execute (string) <0x0018f>
  at Microsoft.Framework.PackageManager.RestoreCommand.<Execute>d__75.MoveNext () <0x00233>
  at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start<Microsoft.Framework.PackageManager.RestoreCommand/<Execute>d__75> (Microsoft.Framework.PackageManager.RestoreCommand/<Execute>d__75&) <0x0010b>
  at System.Runtime.CompilerServices.AsyncTaskMethodBuilder<System.Boolean>.Start<Microsoft.Framework.PackageManager.RestoreCommand/<Execute>d__75> (Microsoft.Framework.PackageManager.RestoreCommand/<Execute>d__75&) <0x00017>
  at Microsoft.Framework.PackageManager.RestoreCommand.Execute () <0x0016b>
  at Microsoft.Framework.PackageManager.RestoreConsoleCommand.<>c__DisplayClass0_0.<<Register>b__1>d.MoveNext () <0x001cb>
  at System.Runtime.CompilerServices.AsyncMethodBuilderCore.Start<Microsoft.Framework.PackageManager.RestoreConsoleCommand/<>c__DisplayClass0_0/<<Register>b__1>d> (Microsoft.Framework.PackageManager.RestoreConsoleCommand/<>c__DisplayClass0_0/<<Register>b__1>d&) <0x000ff>
  at System.Runtime.CompilerServices.AsyncTaskMethodBuilder<System.Int32>.Start<Microsoft.Framework.PackageManager.RestoreConsoleCommand/<>c__DisplayClass0_0/<<Register>b__1>d> (Microsoft.Framework.PackageManager.RestoreConsoleCommand/<>c__DisplayClass0_0/<<Register>b__1>d&) <0x00017>
  at Microsoft.Framework.PackageManager.RestoreConsoleCommand.<>c__DisplayClass0_0.<Register>b__1 () <0x0014f>
  at Microsoft.Framework.Runtime.Common.CommandLine.CommandLineApplication.<>c__DisplayClass68_0.<OnExecute>b__0 () <0x00014>
  at Microsoft.Framework.Runtime.Common.CommandLine.CommandLineApplication.Execute (string[]) <0x007a2>
  at Microsoft.Framework.PackageManager.Program.Main (string[]) <0x004a3>
  at (wrapper runtime-invoke) <Module>.runtime_invoke_int__this___object (object,intptr,intptr,intptr) <0xffffffff>
  at <unknown> <0xffffffff>
  at (wrapper managed-to-native) System.Reflection.MonoMethod.InternalInvoke (System.Reflection.MonoMethod,object,object[],System.Exception&) <0xffffffff>
  at System.Reflection.MonoMethod.Invoke (object,System.Reflection.BindingFlags,System.Reflection.Binder,object[],System.Globalization.CultureInfo) <0x0009e>
  at System.Reflection.MethodBase.Invoke (object,object[]) <0x00046>
  at Microsoft.Framework.Runtime.Common.EntryPointExecutor.Execute (System.Reflection.Assembly,string[],System.IServiceProvider) <0x00103>
  at dnx.host.Bootstrapper.RunAsync (System.Collections.Generic.List`1<string>,Microsoft.Framework.Runtime.IRuntimeEnvironment) <0x0035f>
  at dnx.host.RuntimeBootstrapper.ExecuteAsync (string[]) <0x007b3>
  at dnx.host.RuntimeBootstrapper.Execute (string[]) <0x0004f>
  at EntryPoint.Main (string[]) <0x002c3>
  at (wrapper runtime-invoke) <Module>.runtime_invoke_int_object (object,intptr,intptr,intptr) <0xffffffff>

Native stacktrace:

	mono() [0x80ec5b0]
	mono() [0x813508e]
	mono() [0x806ad45]
	[0xb7757bc8]
	mono() [0x826c2ee]
	mono() [0x826b6bd]
	mono() [0x826b638]
	mono() [0x81dbc5f]
	[0xb351156c]
	[0xb35114a4]
	[0xb351110c]
	[0xb35113d4]
	mono() [0x806a868]

Debug info from gdb:

Could not attach to process.  If your uid matches the uid of the target
process, check the setting of /proc/sys/kernel/yama/ptrace_scope, or try
again as the root user.  For more details, see /etc/sysctl.d/10-ptrace.conf
ptrace: Operation not permitted.
No threads.

=================================================================
Got a SIGSEGV while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries 
used by your application.
=================================================================

Aborted (core dumped)
Comment 1 marcos.henrich 2015-06-04 05:41:23 UTC
Recently we changed mono to use referencesource System.IO.UnmanagedMemoryAccessor.

MemoryMappedFile.CreateFromFile is used by many tests that are passing. 
It is possible we are not testing something.

Could you please provide details in how to reproduce this bug?
Comment 2 Dylan Borg 2015-06-04 05:59:33 UTC
For me it sufficed to try restoring packages using the asp.net 5 tooling i,e "dnu restore" for a project. That failed with this seg fault.
Comment 3 marcos.henrich 2015-06-04 07:37:59 UTC
I was not able to reproduce the issue.

Below are the commands I did to replicate the issue.

MONO_PREFIX=$(pwd)/install
./autogen.sh --enable-nls=no --prefix=$MONO_PREFIX
make -j8
make install

export LD_LIBRARY_PATH=$MONO_PREFIX/lib:$LD_LIBRARY_PATH
export C_INCLUDE_PATH=$MONO_PREFIX/include
export ACLOCAL_PATH=$MONO_PREFIX/share/aclocal
export PKG_CONFIG_PATH=$MONO_PREFIX/lib/pkgconfig
export PATH=$MONO_PREFIX/bin:$PATH
export MONO_GAC_PREFIX=$MONO_PREFIX

cd /asp/project
source dnvm.sh
dnu restore

No seg fault, instead "Restore Complete".
Comment 4 Dylan Borg 2015-06-04 09:06:42 UTC
Strangely enough I can only reproduce it with teh beta 4 dnx

dnvm install 1.0.0-beta4
dnvm use 1.0.0-beta4
dnu restore

With the latest DNX the issue seems to not exist as you have seen. However, without the new MemoryMappedFiles, the beta4 DNX restores OK. This may be a Microsoft bug rather than a mono bug.
Comment 5 Dylan Borg 2015-06-06 10:48:21 UTC
The issue has occurred again, this time while publishing.
Comment 6 Dylan Borg 2015-06-06 10:52:09 UTC
This was reproduced on the latest DNX
dnvm upgrade -u
dnu publish --configuration Release --no-source --runtime active
Comment 7 Alexander Köplinger 2015-06-09 07:14:35 UTC
Another report of the issue: https://bugzilla.xamarin.com/show_bug.cgi?id=30825.
I can't repro it with the demo file he linked in that report on mono master though.
Comment 8 Dylan Borg 2015-06-09 08:38:42 UTC
Are you on x86 or on x64? It may be CPU architecture specific.
Comment 9 Alexander Köplinger 2015-06-09 09:03:00 UTC
I'm on x64.
Comment 10 Dylan Borg 2015-06-09 11:42:54 UTC
While I am on x86. It may be architecture linked after all.
Comment 11 marcos.henrich 2015-06-15 12:49:48 UTC
@dylan thanks for the info, I was able to reproduce it.
Should be fixed by the following pull request:
https://github.com/mono/mono/pull/1876
Comment 12 marcos.henrich 2015-06-16 05:16:14 UTC
Fixed in master 7f3b76a32ffa62a98597ad871e088181cbf67651.
https://github.com/mono/mono/commit/7f3b76a32ffa62a98597ad871e088181cbf67651