Bug 12186 - Crash in Marshal.StructureToPtr with unaligned fields in base classes.
Summary: Crash in Marshal.StructureToPtr with unaligned fields in base classes.
Status: RESOLVED NOT_ON_ROADMAP
Alias: None
Product: Runtime
Classification: Mono
Component: General ()
Version: unspecified
Hardware: PC Mac OS
: --- normal
Target Milestone: ---
Assignee: Bugzilla
URL:
Depends on:
Blocks:
 
Reported: 2013-05-09 17:01 UTC by Rolf Bjarne Kvinge [MSFT]
Modified: 2013-05-14 15:42 UTC (History)
5 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:


Attachments
test.cs (615 bytes, application/octet-stream)
2013-05-09 17:01 UTC, Rolf Bjarne Kvinge [MSFT]
Details


Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report on GitHub or Developer Community with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:
Status:
RESOLVED NOT_ON_ROADMAP

Description Rolf Bjarne Kvinge [MSFT] 2013-05-09 17:01:03 UTC
Created attachment 3942 [details]
test.cs

Compile & run the attached test code.

Result: Crash.

#5  <signal handler called>
#6  mono_string_to_utf8_checked (s=0xc0000000, error=0xbffff668) at object.c:5553
#7  0x001bcd20 in mono_string_to_utf8 (s=0xc0000000) at object.c:5525
#8  0x0013d7a8 in mono_string_to_byvalstr (dst=0x596b41, src=0xc0000000, size=64) at marshal.c:985
#9  0x0047d28a in ?? ()
#10 0x0047d19c in ?? ()
#11 0x0047d23f in ?? ()
#12 0x0000ddfd in mono_jit_runtime_invoke (method=0xbccd84, obj=0x0, params=0xbffff87c, exc=0x0) at mini.c:6302
#13 0x001be46e in mono_runtime_invoke (method=0xbccd84, obj=0x0, params=0xbffff87c, exc=0x0) at object.c:2827
#14 0x0014512e in ves_icall_System_Runtime_InteropServices_Marshal_StructureToPtr (dst=0x596b40, delete_old=0 '\0', obj=0x473df0) at marshal.c:11568
#15 0x0047d134 in ?? ()
#16 0x0047cdf4 in ?? ()
#17 0x0047ce97 in ?? ()
#18 0x0000ddfd in mono_jit_runtime_invoke (method=0xb6f21c, obj=0x0, params=0xbffff9a8, exc=0x0) at mini.c:6302
#19 0x001be46e in mono_runtime_invoke (method=0xb6f21c, obj=0x0, params=0xbffff9a8, exc=0x0) at object.c:2827
#20 0x001c2844 in mono_runtime_exec_main (method=0xb6f21c, args=0x474e00, exc=0x0) at object.c:4061
#21 0x001c2bb5 in mono_runtime_run_main (method=0xb6f21c, argc=0, argv=0xbffffbb0, exc=0x0) at object.c:3685
#22 0x00075765 in mono_jit_exec (domain=0x46fe00, assembly=0x5963b0, argc=1, argv=0xbffffbb0) at driver.c:955
#23 0x00077d5f in mono_main (argc=2, argv=0xbffffbac) at driver.c:1014
#24 0x00001b4e in main (argc=2, argv=0xbffffbac) at main.c:96
Comment 1 Zoltan Varga 2013-05-12 11:36:49 UTC
The Pack=1 in the derived structure causes the string field to be unaligned, leading to the crash.
Comment 2 Miguel de Icaza [MSFT] 2013-05-14 15:42:29 UTC
I suspect this code can not work in practice.

My suggestion is that instead of depending on P/Invoke machine to work for this, that you use the underlying Marshal APIs to manually move data back and forth.