[Mono-bugs] [Bug 475859] New: Mono runtime crashes using 'long' index out of range for array

bugzilla_noreply at novell.com bugzilla_noreply at novell.com
Fri Feb 13 16:26:19 EST 2009 

https://bugzilla.novell.com/show_bug.cgi?id=475859


           Summary: Mono runtime crashes using 'long' index out of range
                    for array
    Classification: Mono
           Product: Mono: Runtime
           Version: unspecified
          Platform: x86
        OS/Version: Linux
            Status: NEW
          Severity: Normal
          Priority: P5 - None
         Component: JIT
        AssignedTo: lupus at novell.com
        ReportedBy: jaebird at gmail.com
         QAContact: mono-bugs at lists.ximian.com
          Found By: ---


User-Agent:       Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.6)
Gecko/2009020911 Ubuntu/8.10 (intrepid) Firefox/3.0.6

When using an int, the runtime throws the IndexOutOfRangeException exception.
When using a long, the runtime asserts:
ERROR:mini-codegen.c:1061:mono_local_regalloc: assertion failed: (reginfo
[ins->sreg2].born_in > 0)

Reproducible: Always

Steps to Reproduce:
Run this sample with badIndex as both an int or long:

class Program
{
    public static void Main()
    {
        //const int badIndex = 1;
        const long badIndex = 1;

        string[] smallArray = new string[1];
        string result = smallArray[badIndex];
    }
}
Actual Results:  
**
ERROR:mini-codegen.c:1061:mono_local_regalloc: assertion failed: (reginfo
[ins->sreg2].born_in > 0)
Stacktrace:


Native stacktrace:

    /opt/mono/bin/mono [0x80f89f4]
    [0x4001a410]
    /lib/tls/i686/cmov/libc.so.6(abort+0x188) [0x40169268]
    /usr/lib/libglib-2.0.so.0(g_assertion_message+0x123) [0x40098b73]
    /usr/lib/libglib-2.0.so.0 [0x4009909d]
    /opt/mono/bin/mono [0x80fc3cc]
    /opt/mono/bin/mono [0x80604bc]
    /opt/mono/bin/mono [0x808a9cb]
    /opt/mono/bin/mono [0x808b9d9]
    /opt/mono/bin/mono [0x808c250]
    /opt/mono/bin/mono(mono_runtime_exec_main+0xe5) [0x81d5995]
    /opt/mono/bin/mono(mono_runtime_run_main+0x16b) [0x81d610b]
    /opt/mono/bin/mono(mono_main+0x18ea) [0x80e22aa]
    /opt/mono/bin/mono [0x805b231]
    /lib/tls/i686/cmov/libc.so.6(__libc_start_main+0xe5) [0x40152685]
    /opt/mono/bin/mono [0x805b161]

Debug info from gdb:

Cannot access memory at address 0x3090
[Thread debugging using libthread_db enabled]
[New Thread 0x402c5240 (LWP 12432)]
[New Thread 0x40c95b90 (LWP 12436)]
[New Thread 0x40b74b90 (LWP 12435)]
0x4001a430 in __kernel_vsyscall ()
  3 Thread 0x40b74b90 (LWP 12435)  0x4001a430 in __kernel_vsyscall ()
  2 Thread 0x40c95b90 (LWP 12436)  0x4001a430 in __kernel_vsyscall ()
  1 Thread 0x402c5240 (LWP 12432)  0x4001a430 in __kernel_vsyscall ()

Thread 3 (Thread 0x40b74b90 (LWP 12435)):
#0  0x4001a430 in __kernel_vsyscall ()
#1  0x4010a906 in nanosleep () from /lib/tls/i686/cmov/libpthread.so.0
#2  0x081f3ae8 in collection_thread (unused=0x0) at collection.c:34
#3  0x4010350f in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#4  0x4021da0e in clone () from /lib/tls/i686/cmov/libc.so.6

Thread 2 (Thread 0x40c95b90 (LWP 12436)):
#0  0x4001a430 in __kernel_vsyscall ()
#1  0x40109405 in sem_wait@@GLIBC_2.1 ()
   from /lib/tls/i686/cmov/libpthread.so.0
#2  0x081ed299 in finalizer_thread (unused=0x0) at gc.c:928
#3  0x0816a988 in start_wrapper (data=0x96628e8) at threads.c:620
#4  0x081f2d26 in thread_start_routine (args=0x9655ab4) at threads.c:279
#5  0x082212cc in GC_start_routine (arg=0x35f20) at pthread_support.c:1382
#6  0x4010350f in start_thread () from /lib/tls/i686/cmov/libpthread.so.0
#7  0x4021da0e in clone () from /lib/tls/i686/cmov/libc.so.6

Thread 1 (Thread 0x402c5240 (LWP 12432)):
#0  0x4001a430 in __kernel_vsyscall ()
#1  0x4010a10b in read () from /lib/tls/i686/cmov/libpthread.so.0
#2  0x080f8b96 in mono_handle_native_sigsegv (signal=6, ctx=0xbfb48fec)
    at /usr/include/bits/unistd.h:45
#3  <signal handler called>
#4  0x4001a430 in __kernel_vsyscall ()
#5  0x401678a0 in raise () from /lib/tls/i686/cmov/libc.so.6
#6  0x40169268 in abort () from /lib/tls/i686/cmov/libc.so.6
#7  0x40098b73 in g_assertion_message () from /usr/lib/libglib-2.0.so.0
#8  0x4009909d in g_assertion_message_expr () from /usr/lib/libglib-2.0.so.0
#9  0x080fc3cc in mono_local_regalloc (cfg=0x9681500, bb=0x9681af4)
    at mini-codegen.c:1061
#10 0x080604bc in mono_codegen (cfg=0x9681500) at mini.c:11932
#11 0x0808a9cb in mini_method_compile (method=0x9635eb4, opts=64055807, 
    domain=0x34ee0, run_cctors=<value optimized out>, 
    compile_aot=<value optimized out>, parts=0) at mini.c:12807
#12 0x0808b9d9 in mono_jit_compile_method (method=0x9635eb4) at mini.c:13134
#13 0x0808c250 in mono_jit_runtime_invoke (method=0x9635eb4, obj=0x0, 
    params=0xbfb49848, exc=0x0) at mini.c:13476
#14 0x081d5995 in mono_runtime_exec_main (method=0x9635eb4, args=0x3be70, 
    exc=0x0) at object.c:3299
#15 0x081d610b in mono_runtime_run_main (method=0x9635eb4, argc=-1078683480, 
    argv=0xbfb49aac, exc=0x0) at object.c:3084
#16 0x080e22aa in mono_main (argc=3, argv=0xbfb49aa4) at driver.c:968
#17 0x0805b231 in main (argc=) at main.c:34
#0  0x4001a430 in __kernel_vsyscall ()

=================================================================
Got a SIGABRT while executing native code. This usually indicates
a fatal error in the mono runtime or one of the native libraries 
used by your application.
=================================================================


The application was terminated by a signal: SIGABRT

Expected Results:  
Unhandled Exception: System.IndexOutOfRangeException: Array index is out of
range.
  at Program.Main () [0x00007] in
/home/topaz/Projects/crash_bug/crash_bug/Main.cs:9

-- 
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.

More information about the mono-bugs mailing list