Bug 60233 - Assertion in dynamic-image.c after 792b5367cd3a6ffa1a192c4d2d7ace3509cbb646
Summary: Assertion in dynamic-image.c after 792b5367cd3a6ffa1a192c4d2d7ace3509cbb646
Alias: None
Product: Runtime
Classification: Mono
Component: Reflection (show other bugs)
Version: 5.4 (2017-06)
Hardware: All All
: --- major
Target Milestone: 15.4 SR2
Assignee: Aleksey Kliger
Depends on:
Reported: 2017-10-17 13:59 UTC by Neale Ferguson
Modified: 2017-10-18 15:54 UTC (History)
5 users (show)

Is this bug a regression?: Yes
Last known good build:

Standalone reproduction (2.13 KB, text/plain)
2017-10-17 20:17 UTC, Aleksey Kliger

Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.

Please create a new report on GitHub or Developer Community with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:

Description Neale Ferguson 2017-10-17 13:59:53 UTC
We have an Ilgenerator that will do a lot of Reflection.Emit calls to generate our IDO classes. The trunk is generating the attached error. This code worked fine prior to the commit and works under .NET.

I noticed we are doing some event handler emits and was wondering if that's a problem given some of the changes related to reflecting on events?

Calling the method that adds the event handlers :
         ilGenerator.Emit(OpCodes.Call, PropertyChangedNotifierType.GetMethod("AddPropertyEventHandlers", BindingFlags.Instance | BindingFlags.NonPublic));

enerated IDO class for Drms.Shared.Common.Core.Remotable.InputDataObjects.Generated.PipeConvectiveLayerIdo.
* Assertion at dynamic-image.c:209, condition `prev == MONO_HANDLE_RAW (obj)' not met


  at <unknown> <0xffffffff>
  at (wrapper managed-to-native) System.Reflection.Emit.ModuleBuilder.getToken (System.Reflection.Emit.ModuleBuilder,object,bool) [0x0000b] in <258b0a913e4547aa8fbdc738ade7688a>:0
  at System.Reflection.Emit.ModuleBuilder.GetToken (System.Reflection.MemberInfo,bool) [0x00061] in <258b0a913e4547aa8fbdc738ade7688a>:0
  at System.Reflection.Emit.ModuleBuilderTokenGenerator.GetToken (System.Reflection.MemberInfo,bool) [0x00000] in <258b0a913e4547aa8fbdc738ade7688a>:0
  at System.Reflection.Emit.ILGenerator.Emit (System.Reflection.Emit.OpCode,System.Reflection.MethodInfo) [0x0004e] in <258b0a913e4547aa8fbdc738ade7688a>:0
  at Drms.Shared.Common.IdoGenerator.IdoGenerator.InitializeRealScalarProperty (System.Type,System.Reflection.Emit.ILGenerator,System.Reflection.Emit.FieldBuilder,System.Xml.Linq.XElement,System.Xml.Linq.XElement) [0x00111] in <94a9196a0a3c4cc08e57c8d4ef5b70ca>:0
  at Drms.Shared.Common.IdoGenerator.IdoGenerator.InitializeProperty (System.Reflection.Emit.TypeBuilder,System.Reflection.Emit.ILGenerator,System.Xml.Linq.XElement) [0x00186] in <94a9196a0a3c4cc08e57c8d4ef5b70ca>:0
  at Drms.Shared.Common.IdoGenerator.IdoGenerator.CreateConstructor (System.Reflection.Emit.TypeBuilder,System.Xml.Linq.XElement) [0x00190] in <94a9196a0a3c4cc08e57c8d4ef5b70ca>:0
  at Drms.Shared.Common.IdoGenerator.IdoGenerator.CreateIdoClass (System.Xml.Linq.XElement,System.Reflection.Emit.ModuleBuilder,int&) [0x00272] in <94a9196a0a3c4cc08e57c8d4ef5b70ca>:0
  at Drms.Shared.Common.IdoGenerator.IdoGenerator.GenerateIdoAssembly (string,string) [0x000be] in <94a9196a0a3c4cc08e57c8d4ef5b70ca>:0
  at Drms.Tools.IdoGenerator.IdoGeneratorLauncher.Run (bool) [0x0003e] in <a2df2dd89b5e4caeb02bda27ae3f4f1f>:0
  at Drms.Tools.IdoGenerator.Program.Main (string[]) [0x000a3] in <a2df2dd89b5e4caeb02bda27ae3f4f1f>:0
  at (wrapper runtime-invoke) <Module>.runtime_invoke_int_object (object,intptr,intptr,intptr) [0x00054] in <a2df2dd89b5e4caeb02bda27ae3f4f1f>:0
00400000-007c3000 r-xp 00000000 fd:00 138002377                          /opt/mono/bin/mono-sgen
009c3000-009c4000 r--p 003c3000 fd:00 138002377                          /opt/mono/bin/mono-sgen
009c4000-009c7000 rw-p 003c4000 fd:00 138002377                          /opt/mono/bin/mono-sgen
009c7000-00a1e000 rw-p 00000000 00:00 0
01e73000-022a5000 rw-p 00000000 00:00 0                                  [heap]
40ccb000-40cdb000 rwxp 00000000 00:00 0
41c7e000-41cce000 rwxp 00000000 00:00 0
7ff928000000-7ff928021000 rw-p 00000000 00:00 0
7ff928021000-7ff92c000000 ---p 00000000 00:00 0
7ff92f400000-7ff92f500000 rw-p 00000000 00:00 0
7ff92f5f9000-7ff92f6f1000 r--p 00000000 fd:00 72784430                   /opt/mono/lib/mono/gac/System.Core/
7ff92f6f1000-7ff92fde2000 r-xp 00000000 fd:00 3596753                    /opt/mono/lib/mono/4.5/mscorlib.dll.so
7ff92fde2000-7ff92ffe1000 ---p 006f1000 fd:00 3596753                    /opt/mono/lib/mono/4.5/mscorlib.dll.so
7ff92ffe1000-7ff92ffe2000 r--p 006f0000 fd:00 3596753                    /opt/mono/lib/mono/4.5/mscorlib.dll.so
7ff92ffe2000-7ff92ffe3000 rw-p 006f1000 fd:00 3596753                    /opt/mono/lib/mono/4.5/mscorlib.dll.so
7ff92ffe3000-7ff940000000 rw-p 00000000 00:00 0
7ff940038000-7ff940085000 r--p 00000000 fd:00 201645453                  /opt/mono/lib/mono/gac/Mono.Security/
7ff940085000-7ff940323000 r--p 00000000 fd:00 72784422                   /opt/mono/lib/mono/gac/System/
7ff940323000-7ff9403a2000 r--p 00000000 08:11 1705436                    /build/COFLOW2/Bin/redhat6/x64/intel/Release/CoFlow.Sdk.v1.0.dll
7ff9403a2000-7ff9406a3000 r--p 00000000 fd:00 201645456                  /opt/mono/lib/mono/gac/System.Xml/
7ff9406a3000-7ff9406ac000 ---p 00000000 00:00 0
7ff9406ac000-7ff9408a4000 rw-p 00000000 00:00 0                          [stack:25730]
7ff9408a4000-7ff940c5a000 r--p 00000000 fd:00 3596751                    /opt/mono/lib/mono/4.5/mscorlib.dll
7ff940c5a000-7ff941c5a000 rw-p 00000000 00:00 0
7ff941c5a000-7ff941c5b000 ---p 00000000 00:00 0
7ff941c5b000-7ff94245b000 rw-p 00000000 00:00 0                          [stack:25729]
7ff94245b000-7ff948984000 r--p 00000000 fd:00 201335330                  /usr/lib/locale/locale-archive
7ff948984000-7ff948b3a000 r-xp 00000000 fd:00 201335338                  /usr/lib64/libc-2.17.so
7ff948b3a000-7ff948d3a000 ---p 001b6000 fd:00 201335338                  /usr/lib64/libc-2.17.so
7ff948d3a000-7ff948d3e000 r--p 001b6000 fd:00 201335338                  /usr/lib64/libc-2.17.so
7ff948d3e000-7ff948d40000 rw-p 001ba000 fd:00 201335338                  /usr/lib64/libc-2.17.so
7ff948d40000-7ff948d45000 rw-p 00000000 00:00 0
7ff948d45000-7ff948d5a000 r-xp 00000000 fd:00 222473339                  /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7ff948d5a000-7ff948f59000 ---p 00015000 fd:00 222473339                  /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7ff948f59000-7ff948f5a000 r--p 00014000 fd:00 222473339                  /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7ff948f5a000-7ff948f5b000 rw-p 00015000 fd:00 222473339                  /usr/lib64/libgcc_s-4.8.5-20150702.so.1
7ff948f5b000-7ff948f72000 r-xp 00000000 fd:00 201335364                  /usr/lib64/libpthread-2.17.so
7ff948f72000-7ff949171000 ---p 00017000 fd:00 201335364                  /usr/lib64/libpthread-2.17.so
7ff949171000-7ff949172000 r--p 00016000 fd:00 201335364                  /usr/lib64/libpthread-2.17.so
7ff949172000-7ff949173000 rw-p 00017000 fd:00 201335364                  /usr/lib64/libpthread-2.17.so
7ff949173000-7ff949177000 rw-p 00000000 00:00 0
7ff949177000-7ff949179000 r-xp 00000000 fd:00 201335344                  /usr/lib64/libdl-2.17.so
7ff949179000-7ff949379000 ---p 00002000 fd:00 201335344                  /usr/lib64/libdl-2.17.so
7ff949379000-7ff94937a000 r--p 00002000 fd:00 201335344                  /usr/lib64/libdl-2.17.so
7ff94937a000-7ff94937b000 rw-p 00003000 fd:00 201335344                  /usr/lib64/libdl-2.17.so
7ff94937b000-7ff949382000 r-xp 00000000 fd:00 201335368                  /usr/lib64/librt-2.17.so
7ff949382000-7ff949581000 ---p 00007000 fd:00 201335368                  /usr/lib64/librt-2.17.so
7ff949581000-7ff949582000 r--p 00006000 fd:00 201335368                  /usr/lib64/librt-2.17.so
7ff949582000-7ff949583000 rw-p 00007000 fd:00 201335368                  /usr/lib64/librt-2.17.so
7ff949583000-7ff949683000 r-xp 00000000 fd:00 201335346                  /usr/lib64/libm-2.17.so
7ff949683000-7ff949883000 ---p 00100000 fd:00 201335346                  /usr/lib64/libm-2.17.so
7ff949883000-7ff949884000 r--p 00100000 fd:00 201335346                  /usr/lib64/libm-2.17.so
7ff949884000-7ff949885000 rw-p 00101000 fd:00 201335346                  /usr/lib64/libm-2.17.so
7ff949885000-7ff9498a5000 r-xp 00000000 fd:00 201335329                  /usr/lib64/ld-2.17.so
7ff9498ab000-7ff9498b6000 r--p 00000000 08:11 1705474                    /build/COFLOW2/Bin/redhat6/x64/intel/Release/Drms.Shared.Common.Core.Enums.dll
7ff9498b6000-7ff9498cb000 r--p 00000000 fd:00 72784450                   /opt/mono/lib/mono/gac/System.ComponentModel.DataAnnotations/
7ff9498cb000-7ff9498e9000 r--p 00000000 fd:00 72784558                   /opt/mono/lib/mono/gac/System.Xml.Linq/
7ff9498e9000-7ff9498f6000 r--p 00000000 08:11 1705509                    /build/COFLOW2/Bin/redhat6/x64/intel/Release/Drms.Shared.Common.IdoGenerator.dll
7ff9498f6000-7ff9499a8000 rw-p 00000000 00:00 0
7ff9499ac000-7ff949a1f000 rw-p 00000000 00:00 0
7ff949a1f000-7ff949a7e000 ---p 00000000 00:00 0
7ff949a7e000-7ff949a83000 rw-p 00000000 00:00 0
7ff949a86000-7ff949a93000 rw-p 00000000 00:00 0
7ff949a93000-7ff949a9b000 r--p 00000000 08:11 1705512                    /build/COFLOW2/Bin/redhat6/x64/intel/Release/Drms.Tools.IdoGenerator.exe
7ff949a9b000-7ff949aa2000 rw-p 00000000 00:00 0
7ff949aa2000-7ff949aa3000 rw-s 00000000 00:12 1815138                    /dev/shm/mono.25728
7ff949aa3000-7ff949aa4000 rw-p 00000000 00:00 0
7ff949aa4000-7ff949aa5000 r--p 0001f000 fd:00 201335329                  /usr/lib64/ld-2.17.so
7ff949aa5000-7ff949aa6000 rw-p 00020000 fd:00 201335329                  /usr/lib64/ld-2.17.so
7ff949aa6000-7ff949aa7000 rw-p 00000000 00:00 0
7ffe9c3f7000-7ffe9c3ff000 ---p 00000000 00:00 0
7ffe9cbd5000-7ffe9cbf6000 rw-p 00000000 00:00 0                          [stack]
7ffe9cbf6000-7ffe9cbf8000 r-xp 00000000 00:00 0                          [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

Native stacktrace:

        mono() [0x4b413a]
        /lib64/libpthread.so.0(+0xf370) [0x7ff948f6a370]
        /lib64/libc.so.6(gsignal+0x37) [0x7ff9489b91d7]
        /lib64/libc.so.6(abort+0x148) [0x7ff9489ba8c8]
        mono() [0x67f824]
        mono(monoeg_g_logv+0x40) [0x693520]
        mono(monoeg_assertion_message+0x96) [0x693676]
        mono() [0x607234]
        mono() [0x60a62f]

Debug info from gdb:

warning: File "/opt/mono/bin/mono-sgen-gdb.py" auto-loading has been declined by your `auto-load safe-path' set to "$debugdir:$datadir/auto-load:/usr/bin/mono-gdb.py".
To enable execution of this file add
        add-auto-load-safe-path /opt/mono/bin/mono-sgen-gdb.py
line to your configuration file "/root/.gdbinit".
To completely disable this security protection add
        set auto-load safe-path /
line to your configuration file "/root/.gdbinit".
For more information about this security protection see the
"Auto-loading safe path" section in the GDB manual.  E.g., run from the shell:
        info "(gdb)Auto-loading safe path"
[New LWP 25730]
[New LWP 25729]
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
0x00007ff948f69f19 in waitpid () from /lib64/libpthread.so.0
  Id   Target Id         Frame
  3    Thread 0x7ff94245a700 (LWP 25729) "SGen worker" 0x00007ff948f666d5 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
  2    Thread 0x7ff9408a3700 (LWP 25730) "Finalizer" 0x00007ff948f6879b in do_futex_wait.constprop.1 () from /lib64/libpthread.so.0
* 1    Thread 0x7ff949a7e780 (LWP 25728) "mono" 0x00007ff948f69f19 in waitpid () from /lib64/libpthread.so.0

Thread 3 (Thread 0x7ff94245a700 (LWP 25729)):
#0  0x00007ff948f666d5 in pthread_cond_wait@@GLIBC_2.3.2 () from /lib64/libpthread.so.0
#1  0x00000000006759cf in mono_os_cond_wait (mutex=0xa1b120 <lock>, cond=0xa1b0e0 <work_cond>) at ../../mono/utils/mono-os-mutex.h:173
#2  get_work (job=<synthetic pointer>, do_idle=<synthetic pointer>, work_context=<synthetic pointer>, worker_index=0) at sgen-thread-pool.c:165
#3  thread_func (data=<optimized out>) at sgen-thread-pool.c:196
#4  0x00007ff948f62dc5 in start_thread () from /lib64/libpthread.so.0
#5  0x00007ff948a7b73d in clone () from /lib64/libc.so.6

Thread 2 (Thread 0x7ff9408a3700 (LWP 25730)):
#0  0x00007ff948f6879b in do_futex_wait.constprop.1 () from /lib64/libpthread.so.0
#1  0x00007ff948f6882f in __new_sem_wait_slow.constprop.0 () from /lib64/libpthread.so.0
#2  0x00007ff948f688cb in sem_wait@@GLIBC_2.2.5 () from /lib64/libpthread.so.0
#3  0x000000000061d8d7 in mono_os_sem_wait (flags=MONO_SEM_FLAGS_ALERTABLE, sem=0xa0c240 <finalizer_sem>) at ../../mono/utils/mono-os-semaphore.h:210
#4  mono_coop_sem_wait (flags=MONO_SEM_FLAGS_ALERTABLE, sem=0xa0c240 <finalizer_sem>) at ../../mono/utils/mono-coop-semaphore.h:43
#5  finalizer_thread (unused=unused@entry=0x0) at gc.c:864
#6  0x00000000005e1dea in start_wrapper_internal (stack_ptr=<optimized out>, start_info=0x0) at threads.c:982
#7  start_wrapper (data=0x1ee1400) at threads.c:1044
#8  0x00007ff948f62dc5 in start_thread () from /lib64/libpthread.so.0
#9  0x00007ff948a7b73d in clone () from /lib64/libc.so.6

Thread 1 (Thread 0x7ff949a7e780 (LWP 25728)):
#0  0x00007ff948f69f19 in waitpid () from /lib64/libpthread.so.0
#1  0x00000000004b420e in mono_handle_native_crash (signal=0x6bcea6 "SIGABRT", ctx=<optimized out>, info=<optimized out>) at mini-exceptions.c:2740
#2  <signal handler called>
#3  0x00007ff9489b91d7 in raise () from /lib64/libc.so.6
#4  0x00007ff9489ba8c8 in abort () from /lib64/libc.so.6
#5  0x000000000067f824 in mono_log_write_logfile (log_domain=<optimized out>, level=<optimized out>, hdr=<optimized out>, message=0x22880d0 "* Assertion at dynamic-image.c:209, condition `prev == MONO_HANDLE_RAW (obj)' not met\n") at mono-log-common.c:135
#6  0x0000000000693520 in monoeg_g_logv (log_domain=log_domain@entry=0x0, log_level=log_level@entry=G_LOG_LEVEL_ERROR, format=format@entry=0x69c8b8 "* Assertion at %s:%d, condition `%s' not met\n", args=args@entry=0x7ffe9cbf2cf8) at goutput.c:115
#7  0x0000000000693676 in monoeg_assertion_message (format=format@entry=0x69c8b8 "* Assertion at %s:%d, condition `%s' not met\n") at goutput.c:135
#8  0x0000000000607234 in mono_dynamic_image_register_token (assembly=assembly@entry=0x2038cb0, token=token@entry=167772165, obj=obj@entry=0x1e7e880, how_collide=1) at dynamic-image.c:209
#9  0x000000000060a62f in mono_image_create_token (assembly=0x2038cb0, obj=0x1e7e880, create_open_instance=<optimized out>, register_token=1, error=<optimized out>) at sre.c:1201
#10 0x0000000041cb46f1 in ?? ()
#11 0x00007ff9499a4eb0 in ?? ()
#12 0x0000000000000000 in ?? ()

Got a SIGABRT while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries
used by your application.

If we comment all this code out and reran and everything worked great. Do we need this check? If so then why does it still work even when this check is commented out?  This is a sample of the code that is executing with some of the emits before :

// Assigning the name
         // Pushing the instance on the stack
         // Pushing the value of the property backing field into the stack
         ilGenerator.Emit(OpCodes.Ldfld, fieldBuilder);
         // Pushing the scalar name string into the stack
         XAttribute nameAttribute = realScalarDefinitionElement.Attribute("Name");
         string defaultScalarName = propertyElement.Element("DisplayName") != null
            ? propertyElement.Element("DisplayName").Value
            : propertyElement.Attribute("Name").Value;
         string scalarName = nameAttribute != null ? nameAttribute.Value : defaultScalarName;
         ilGenerator.Emit(OpCodes.Ldstr, scalarName);
         // Setting the scalar name string into the property
         ilGenerator.Emit(OpCodes.Callvirt, scalarType.GetProperty("Name").GetSetMethod());  -> crashed on this line. 

It looks like they are doing an assert to see if the method info passed in is in the cache and if it is then verify it’s the same one passed in but I'm not sure how we would be doing something wrong. This is what we are doing:

The class that contains the method is declared like this:
     private static readonly Assembly SdkIdoAssembly = Assembly.Load(new AssemblyName(SdkIdoAssemblyName));

      // Getting the IDO types without including a reference to their project in this one
     private static readonly Type RealScalarIdoType = SdkIdoAssembly.GetType("CoFlow.Sdk.InputDataObjects.RealScalarIdo");

then we are doing this:
         ilGenerator.Emit(OpCodes.Ldstr, scalarName);
         // Setting the scalar name string into the property
         ilGenerator.Emit(OpCodes.Callvirt, RealScalarIdoType.GetProperty("Name").GetSetMethod()); -> I think  it’s the "name" methodinfo that causing the crash

Is there something about this that could be tripping it up , note that it doesn’t do it for all of them but it seems like just this one?

As for the class itself, its defined like this

    [ClassValidation("IsUnitCompatibleWithQuantity", Properties="Unit, QuantityName", ErrorMessage="The unit '{0}' is not compatible with quantity '{1}'.")]
    [MappedType("Drms.Server.DomainModel.DataContainers.RealScalar", "Drms.Server.DomainModel.DataContainers")]
    public class RealScalarIdo : ScalarIdo<double>, IRealScalar

[ClassValidation("IsInsideInterval", Properties="Value, LowerBound, UpperBound", ErrorMessage="The provided value '{0}' is outside the allowed bounds [{1}, {2}].")]
    [ClassValidation("IsStrictlyInsideInterval", Properties="Value, StrictLowerBound, StrictUpperBound", ErrorMessage="The provided value '{0}' is outside the allowed strict bounds [{1}, {2}].")]
    public abstract class ScalarIdo<T> : UserInputDataObject, IFormattable, IComparable
    where T : struct, IComparable
        private string m_name;

        public string Name

It’s the Name property method info that its giving the assert on where its saying its in the cache but not the same as the one passed in, is there something about this that could cause it problems. Could it be something to do with emit using callvirt? Could it be something about the static nature of everything being used here?

For the class its failing on it looks like this:

   [MappedType("Drms.Server.DomainModel.DataContainers.RealScalar", "Drms.Server.DomainModel.DataContainers")]
   public class ConstrainableRealScalarIdo : RealScalarIdo

   [MappedType("Drms.Server.DomainModel.DataContainers.RealScalar", "Drms.Server.DomainModel.DataContainers")]
   [ClassValidation("IsUnitCompatibleWithQuantity", Properties = "Unit, QuantityName", ErrorMessage = "The unit '{0}' is not compatible with quantity '{1}'.")]
   public class RealScalarIdo : ScalarIdo<double>, IRealScalar

   [ClassValidation("IsInsideInterval", Properties = "Value, LowerBound, UpperBound", ErrorMessage = "The provided value '{0}' is outside the allowed bounds [{1}, {2}].")]
   [ClassValidation("IsStrictlyInsideInterval", Properties = "Value, StrictLowerBound, StrictUpperBound", ErrorMessage = "The provided value '{0}' is outside the allowed strict bounds [{1}, {2}].")]
   public abstract class ScalarIdo<T> : UserInputDataObject, IFormattable, IComparable where T : struct, IComparable

     private string m_name = String.Empty;

      public string Name

When we call to generate the il code, it works find if we pass in a RealScalarIdo doing the il code for the Name property but when we do it on the ConstraintableRealScalarIdo we get the error. Im wondering maybe something about the inheritance hierarchy that might be the problem? This is the il call

            ilGenerator.Emit(OpCodes.Callvirt, scalarType.GetProperty("Name").GetSetMethod());  

when scalartype is RealScalarIdo it works fine but if its ConstrainableRealScalarIdo we get the assert error.
Comment 1 Alex Earl 2017-10-17 16:50:36 UTC
This is a duplicate of https://bugzilla.xamarin.com/show_bug.cgi?id=59364 I believe.
Comment 2 Neale Ferguson 2017-10-17 18:40:05 UTC
We have built from master and appear to have that fix applied but the problem persists.
Comment 3 Ludovic Henry 2017-10-17 19:00:23 UTC
Aleksey, could you please take a look at that one? Thank you
Comment 4 Neale Ferguson 2017-10-17 19:21:55 UTC
Thinking of how our case differs from the other bug: In our situation we have a base class with the property  "Name", then there's a derived class, then another derived class from the derived class. If a property called "Name" is created in the derived class then everything works. It seems like trying to access a property that is more than 1 level deep in the inheritance seems to cause this assertion error.
Comment 5 Neale Ferguson 2017-10-17 19:36:44 UTC
I'm not sure if it's significant but if I look at the prev and MONO_HANDLE_RAW(obj) addresses. I find that each has the same vtable field:

(gdb) p *(MonoObject *) 0x7f993d54c388 <-- prev
$2 = {vtable = vtable(0x2ae9b68), synchronisation = 0x0}
(gdb) p *(MonoObject *) 0x27d8a48 <-- obj
$3 = {vtable = vtable(0x2ac31d8), synchronisation = 0x7f993d5aceb0}
(gdb) p *(MonoObject *) 0x7f9935dfe898 <-- MONO_HANDLE_RAW(obj)
$4 = {vtable = vtable(0x2ae9b68), synchronisation = 0x0}
Comment 6 Aleksey Kliger 2017-10-17 19:41:01 UTC
Neale, if you still have them in the debugger, could you cast them to MonoReflectionMethod and get the MonoReflectionMethod:method and MonoReflectionMethod:reftype.  Something like:

(gdb) p *((MonoReflectionMethod*)0xFOOBAR)->method
(gdb) p ((MonoReflectionMethod*)0xFOOBAR)->reftype

For both obj and prev.
Comment 7 Aleksey Kliger 2017-10-17 19:41:51 UTC
I mean for MONO_HANDLE_RAW (obj) and prev
Comment 8 Neale Ferguson 2017-10-17 20:03:40 UTC
p *((MonoReflectionMethod*)0x7f993d54c388)->method
$9 = {flags = 2182, iflags = 0, token = 100665697, klass = 0x28a5cd8, signature = 0x2b318c0, name = 0x7f99331f49ec <Address 0x7f99331f49ec out of bounds>,
  inline_info = 0, inline_failure = 0, wrapper_type = 0, string_ctor = 0, save_lmf = 0, dynamic = 0, sre_method = 0, is_generic = 0, is_inflated = 1,
  skip_visibility = 0, verification_success = 0, slot = -1}

p *((MonoReflectionMethod*)0x7f993d54c388)->reftype
$10 = {object = {vtable = vtable(0x27ed678), synchronisation = 0x0}, type = {class, 0x28a4cf8}}

p *((MonoReflectionMethod*)0x7f9935dfe898)->method
$11 = {flags = 2182, iflags = 0, token = 100665697, klass = 0x28a5cd8, signature = 0x2b318c0, name = 0x7f99331f49ec <Address 0x7f99331f49ec out of bounds>,
  inline_info = 0, inline_failure = 0, wrapper_type = 0, string_ctor = 0, save_lmf = 0, dynamic = 0, sre_method = 0, is_generic = 0, is_inflated = 1,
  skip_visibility = 0, verification_success = 0, slot = -1}

p *((MonoReflectionMethod*)0x7f9935dfe898)->reftype
$12 = {object = {vtable = vtable(0x27ed678), synchronisation = 0x0}, type = {class, 0x28a61b8}}
Comment 9 Aleksey Kliger 2017-10-17 20:17:56 UTC
Created attachment 25341 [details]
Standalone reproduction

Thanks Neale,

Attaching a standalone reproduction.

It's something about setters on properties.  Same symptom as before (bug 59364) : you have to reflect the same MonoMethod in two different ways - via two different reflected types.
Comment 10 Aleksey Kliger 2017-10-17 22:35:10 UTC
Oof. It's not setters, it's the generic base class.
Comment 11 Aleksey Kliger 2017-10-17 23:16:50 UTC
Fixes for master and 2017-06 (nee 5.4.x.x) are at https://github.com/mono/mono/pull/5813 and https://github.com/mono/mono/pull/5814, respectively.

cherrypicking for 2017-10 and 2017-08 in progress...
Comment 12 Neale Ferguson 2017-10-18 02:50:06 UTC