Bug 13544 - --enable-big-arrays is broken
Summary: --enable-big-arrays is broken
Status: NEW
Alias: None
Product: Runtime
Classification: Mono
Component: GC (show other bugs)
Version: unspecified
Hardware: PC Linux
: Low normal
Target Milestone: ---
Assignee: Bugzilla
URL:
Depends on:
Blocks:
 
Reported: 2013-07-28 15:17 UTC by Steffen Kieß
Modified: 2016-03-08 13:23 UTC (History)
5 users (show)

See Also:
Tags:
Is this bug a regression?: ---
Last known good build:


Attachments

Description Steffen Kieß 2013-07-28 15:17:41 UTC
The range checks in the newarr instruction don't work and the size value is converted to int32 at some point (even with --enable-big-arrays).

Test case:

using System;
public class A {
  public static void CheckAlloc (long l) {
    try {
      Console.WriteLine (new byte[l].LongLength);
    } catch (Exception e) {
      Console.WriteLine (e.Message);
    }
  }
  public static void Main () {
    CheckAlloc (5000000000);
    CheckAlloc (4000000000);
    CheckAlloc (-1);
    CheckAlloc (-4000000000);
    CheckAlloc (-6000000000);
  }
}

Result on current master with --enable-big-arrays:
705032704
-294967296
-1
294967296
-1705032704

Result on current master without --enable-big-arrays:
705032704
Number overflow.
Number overflow.
294967296
Number overflow.


Expected result with --enable-big-arrays:
5000000000
4000000000
Number overflow.
Number overflow.
Number overflow.

Expected result without --enable-big-arrays:
Number overflow.
Number overflow.
Number overflow.
Number overflow.
Number overflow.
Comment 1 Zoltan Varga 2013-07-28 21:08:48 UTC
Fixed the overflow checking in the normal case, --enable-big-arrays still remains broken.
Comment 2 Robert van der Boon 2016-03-08 13:23:57 UTC
Not sure if this is related to --enable-big-arrays or not, but the LongLength should never return negative numbers.
At the very least the LongLength property could be changed from
return Length;
to
return (long)(uint)Length;
which would solve some problems with multi-dimensional arrays as well:
now "new byte[int.MaxValue/2,4].LongLength" returns -4 instead of uint.MaxValue-4.

Note You need to log in before you can comment on or make changes to this bug.