Bug 8251 - Inappropriate stackunderflow detected by pedump and when running through mono
Summary: Inappropriate stackunderflow detected by pedump and when running through mono
Status: RESOLVED FEATURE
Alias: None
Product: Runtime
Classification: Mono
Component: Verifier ()
Version: unspecified
Hardware: PC Linux
: --- normal
Target Milestone: ---
Assignee: Bugzilla
URL:
Depends on:
Blocks:
 
Reported: 2012-11-06 17:04 UTC by Jordan Earls
Modified: 2012-11-07 14:17 UTC (History)
3 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:


Attachments
(do not use) assembled test case (2.00 KB, application/octet-stream)
2012-11-06 17:04 UTC, Jordan Earls
Details
Easy to read IL (763 bytes, text/plain)
2012-11-06 17:05 UTC, Jordan Earls
Details
compiled test case (passes .Net PEVerify) (2.00 KB, application/x-msdos-program)
2012-11-07 12:31 UTC, Jordan Earls
Details
Easy to read IL code for test case (796 bytes, text/plain)
2012-11-07 12:32 UTC, Jordan Earls
Details


Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report on GitHub or Developer Community with your current version information, steps to reproduce, and relevant error messages or log files if you are hitting an issue that looks similar to this resolved bug and you do not yet see a matching new report.

Related Links:
Status:
RESOLVED FEATURE

Description Jordan Earls 2012-11-06 17:04:31 UTC
Created attachment 2873 [details]
(do not use) assembled test case

Description of Problem: It would appear there is a bug around switch statements and the stack. This causes an `invalid IL code` `InvalidProgramException` when running such a program from mono as well as causing PEVerify to fail with the error "stack underflow, required 1 but have 0 .. " 


To reproduce:

The problem surfaces when any IL code has something similar to this control-flow:

switch(first, second)
first: ldc.i4 1
br.s somewhere
popit: pop
br.s second

somewhere: ldc.i4 1
brfalse somewhere2
somewhere2: br.s popit //at this point, the stack will always contain 1 element

second:
ret




Actual Results:
$ mono foo.exe
Unhandled Exception: System.InvalidProgramException: Invalid IL code in HelloWorld.Program:Main (string[]): IL_0020: pop      
     
[ERROR] FATAL UNHANDLED EXCEPTION: System.InvalidProgramException: Invalid IL code in HelloWorld.Program:Main (string[]): IL_0020: pop      
     
     
$ peverify foo.exe
In method: HelloWorld.Program::Main(string[])
Error: Stack underflow, required 1, but have 0 at 0x0020
Error count: 1


Expected Results:
No peverify error nor exceptions thrown from mono.exe

How often does this happen? 
All the time

Additional Information:
Tested on multiple systems running 2.8.2 including Ubuntu and Arch Linux. Same example tested on extremely old version of mono and it worked (1.x)
Comment 1 Jordan Earls 2012-11-06 17:05:09 UTC
Created attachment 2874 [details]
Easy to read IL
Comment 2 Jordan Earls 2012-11-07 12:31:38 UTC
Created attachment 2877 [details]
compiled test case (passes .Net PEVerify)
Comment 3 Jordan Earls 2012-11-07 12:32:16 UTC
Created attachment 2878 [details]
Easy to read IL code for test case
Comment 4 Jordan Earls 2012-11-07 12:33:04 UTC
Woops, first set of attachments didn't PEVerify on .Net either due to an unrelated problem. This set does (and still yields the same errors on Mono)
Comment 5 Jordan Earls 2012-11-07 13:42:09 UTC
Looking in the ECMA spec Partition III 1.7.5 on Backward Branch Constraints appears to indicate this IL as non-conformant. I guess this "bug" report should be changed to a feature depending on if Mono wants to implement this non-conforming behavior
Comment 6 Zoltan Varga 2012-11-07 14:17:51 UTC
Yes, this is not valid IL, the IL stack needs to be empty at the targets of backward branches. MS.NET supports some cases which are not valid IL, but we don't support this particular case.
-> NOTABUG.