Bug 23954 - Missing checks for overlapping reference and non-reference fields.
Summary: Missing checks for overlapping reference and non-reference fields.
Status: CONFIRMED
Alias: None
Product: Runtime
Classification: Mono
Component: GC (show other bugs)
Version: 3.8.0
Hardware: PC Linux
: --- normal
Target Milestone: ---
Assignee: Bugzilla
URL:
Depends on:
Blocks:
 
Reported: 2014-10-21 08:48 UTC by Craig Minihan
Modified: 2017-09-06 14:45 UTC (History)
5 users (show)

See Also:
Tags:
Is this bug a regression?: ---
Last known good build:


Attachments

Description Craig Minihan 2014-10-21 08:48:49 UTC
SGen fails when collecting a class with LayoutKind.Explicit.

Example code:

using System;

namespace TestExplictLayout
{
    [System.Runtime.InteropServices.StructLayout(System.Runtime.InteropServices.LayoutKind.Explicit)]
    class ExplicitLayout
    {
        [System.Runtime.InteropServices.FieldOffset(0)]
        public long @signed;

        [System.Runtime.InteropServices.FieldOffset(0)]
        public string Text;
    }

    class MainClass
    {
        public static void Main(string[] args)
        {
            var array = new ExplicitLayout[10000];

            for (int i = 0; i < array.Length; i++)
            {
                array[i] = new ExplicitLayout();
                array[i].@signed = i;
            }

            GC.Collect();
        }
    }
}

Mono/Sgen will crash with an exception on the invoke of GC.Collect. Most likely it is trying to collect the Text string member which isn't a valid reference.
Comment 1 Zoltan Varga 2014-10-22 17:34:51 UTC
This is by design, the GC expects that fields that hold references contain valid values.
Comment 2 Craig Minihan 2014-10-22 17:53:45 UTC
Ok, so I guess the major difference with .NET is that it throws a TypeLoadException at start up rather than throwing in the GC when it sees the bad reference.

The full MS exception message at program start is:
Could not load type 'TestExplictLayout.ExplicitLayout' from assembly 'ConsoleApplication2, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null' because it contains an object field at offset 0 that is incorrectly aligned or overlapped by a non-object field.
Comment 3 Zoltan Varga 2014-10-22 18:00:44 UTC
We should probably do the same.
Comment 4 Craig Minihan 2014-10-22 18:05:10 UTC
I guess at least the app gets a chance to catch the System.Exception and report some meaningful info to the user then - always useful!
Comment 5 Zoltan Varga 2014-10-22 18:21:35 UTC
Fixed in mono master 8d9f05ea9a943ff1a36bb0ef3dd0521853d3a489.
Comment 6 Zoltan Varga 2014-10-28 17:08:00 UTC
The fix has to be reverted as apparently too much real-life code depends on this.
Comment 7 Rodrigo Kumpera 2014-11-12 11:43:12 UTC
You can enable the verifier to check for this.

Note You need to log in before you can comment on or make changes to this bug.