Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bad data can cause ILVerify to throw NRE #63221

Closed
masonwheeler opened this issue Dec 30, 2021 · 6 comments · Fixed by #63222
Closed

Bad data can cause ILVerify to throw NRE #63221

masonwheeler opened this issue Dec 30, 2021 · 6 comments · Fixed by #63222
Labels
area-Tools-ILVerification Issues related to ilverify tool and IL verification in general untriaged New issue has not been triaged by the area owner

Comments

@masonwheeler
Copy link
Contributor

masonwheeler commented Dec 30, 2021
edited by CyrusNajmabadi
Loading

Description

While attempting to use ILVerify to diagnose a compiler output problem, it instead blew up in my face, dumping a NullReferenceException stack trace on me.

Reproduction Steps

  1. Install .NET 5.
  2. Install ILVerify.
  3. Download this test case and unzip it to a new folder.
  4. Open PowerShell and CD to that folder.
  5. ilverify .\testcase.dll -r "C:\Program Files\dotnet\shared\Microsoft.NETCore.App\5.0.13\*.dll" (Adjust .NET 5 path as needed)

Expected behavior

A correct program should not throw "boneheaded exceptions."

A diagnostic tool should provide helpful diagnostic information about the nature of errors encountered.

Actual behavior

Error: System.NullReferenceException: Object reference not set to an instance of an object.
at ILVerify.ILVerifyTypeSystemContext.VerifyModuleName(String simpleName, EcmaModule module)
at ILVerify.ILVerifyTypeSystemContext.ResolveAssemblyOrNetmodule(String simpleName, String verificationName, IAssemblyDesc containingAssembly, Boolean throwIfNotFound)
at ILVerify.ILVerifyTypeSystemContext.ResolveAssembly(AssemblyName name, Boolean throwIfNotFound)
at Internal.TypeSystem.Ecma.EcmaModule.ResolveAssemblyReference(AssemblyReferenceHandle handle)
at Internal.TypeSystem.Ecma.EcmaModule.EcmaObjectLookupHashtable.CreateValueFromKey(EntityHandle handle)
at Internal.TypeSystem.LockFreeReaderHashtable`2.CreateValueAndEnsureValueIsInTable(TKey key)
at Internal.TypeSystem.Ecma.EcmaModule.GetObject(EntityHandle handle, NotFoundBehavior notFoundBehavior)
at Internal.TypeSystem.Ecma.EcmaModule.ResolveTypeReference(TypeReferenceHandle handle)
at Internal.TypeSystem.Ecma.EcmaModule.EcmaObjectLookupHashtable.CreateValueFromKey(EntityHandle handle)
at Internal.TypeSystem.LockFreeReaderHashtable`2.CreateValueAndEnsureValueIsInTable(TKey key)
at Internal.TypeSystem.Ecma.EcmaModule.GetObject(EntityHandle handle, NotFoundBehavior notFoundBehavior)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ResolveHandle(EntityHandle handle)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseTypeImpl(SignatureTypeCode typeCode)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseType(SignatureTypeCode typeCode)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseTypeImpl()
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseType()
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseTypeImpl(SignatureTypeCode typeCode)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseType(SignatureTypeCode typeCode)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseTypeImpl()
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseType()
at Internal.TypeSystem.Ecma.EcmaModule.ResolveTypeSpecification(TypeSpecificationHandle handle)
at Internal.TypeSystem.Ecma.EcmaModule.EcmaObjectLookupHashtable.CreateValueFromKey(EntityHandle handle)
at Internal.TypeSystem.LockFreeReaderHashtable`2.CreateValueAndEnsureValueIsInTable(TKey key)
at Internal.TypeSystem.Ecma.EcmaModule.GetObject(EntityHandle handle, NotFoundBehavior notFoundBehavior)
at Internal.TypeSystem.Ecma.EcmaModule.GetType(EntityHandle handle)
at Internal.TypeSystem.Ecma.EcmaType.InitializeBaseType()
at Internal.TypeSystem.Ecma.EcmaType.get_BaseType()
at Internal.TypeSystem.TypeDesc.get_IsDelegate()
at Internal.IL.ILImporter.ImportCall(ILOpcode opcode, Int32 token)
at Internal.IL.ILImporter.ImportBasicBlock(BasicBlock basicBlock)
at Internal.IL.ILImporter.ImportBasicBlocks()
at Internal.IL.ILImporter.Verify()
at ILVerify.Verifier.VerifyMethod(EcmaModule module, MethodIL methodIL, MethodDefinitionHandle methodHandle)
at ILVerify.Verifier.VerifyMethods(EcmaModule module, IEnumerable`1 methodHandles)+MoveNext()
at ILVerify.Verifier.Verify(PEReader peReader, MethodDefinitionHandle methodHandle)+MoveNext()
at ILVerify.Program.VerifyMethods(PEReader peReader, EcmaModule module, String path, Int32& numErrors, Int32& verifiedMethodCounter, Int32& methodCounter)
at ILVerify.Program.VerifyAssembly(PEReader peReader, EcmaModule module, String path)
at ILVerify.Program.Run()
at ILVerify.Program.Run(Options options)

Configuration

.NET 5, Windows 10, x64
@dotnet-issue-labeler dotnet-issue-labeler bot added the untriaged New issue has not been triaged by the area owner label Dec 30, 2021
@dotnet-issue-labeler
Copy link

I couldn't figure out the best area label to add to this issue. If you have write-permissions please help me learn by adding exactly one area label.

@masonwheeler masonwheeler mentioned this issue Dec 30, 2021
Open
@masonwheeler
Copy link
Contributor Author

masonwheeler commented Dec 30, 2021
edited
Loading

This is caused by ILVerifyTypeSystemContext.ResolveAssemblyOrNetmodule being called with throwIfNotFound: false coming from a few stack frames up. If it were true, the code would check the not-found module and report useful information. Which raises the question, why does this option even exist that guarantees the program will crash rather than report useful information?

@masonwheeler masonwheeler mentioned this issue Dec 30, 2021
Merged
@ghost ghost added the in-pr There is an active PR which will close this issue when it is merged label Dec 30, 2021
@jkotas jkotas added the area-Tools-ILVerification Issues related to ilverify tool and IL verification in general label Dec 30, 2021
@ghost
Copy link

ghost commented Dec 30, 2021

Tagging subscribers to this area: @JulieLeeMSFT
See info in area-owners.md if you want to be subscribed.

Issue Details

Description

While attempting to use ILVerify to diagnose a compiler output problem, it instead blew up in my face, dumping a NullReferenceException stack trace on me.

Reproduction Steps

  1. Install .NET 5.
  2. Install ILVerify.
  3. Download this test case and unzip it to a new folder.
  4. Open PowerShell and CD to that folder.
  5. ilverify .\testcase.dll -r "C:\Program Files\dotnet\shared\Microsoft.NETCore.App\5.0.13\*.dll" (Adjust .NET 5 path as needed)

Expected behavior

A correct program should not throw "boneheaded exceptions."

A diagnostic tool should provide helpful diagnostic information about the nature of errors encountered.

Actual behavior

Error: System.NullReferenceException: Object reference not set to an instance of an object.
at ILVerify.ILVerifyTypeSystemContext.VerifyModuleName(String simpleName, EcmaModule module)
at ILVerify.ILVerifyTypeSystemContext.ResolveAssemblyOrNetmodule(String simpleName, String verificationName, IAssemblyDesc containingAssembly, Boolean throwIfNotFound)
at ILVerify.ILVerifyTypeSystemContext.ResolveAssembly(AssemblyName name, Boolean throwIfNotFound)
at Internal.TypeSystem.Ecma.EcmaModule.ResolveAssemblyReference(AssemblyReferenceHandle handle)
at Internal.TypeSystem.Ecma.EcmaModule.EcmaObjectLookupHashtable.CreateValueFromKey(EntityHandle handle)
at Internal.TypeSystem.LockFreeReaderHashtable`2.CreateValueAndEnsureValueIsInTable(TKey key)
at Internal.TypeSystem.Ecma.EcmaModule.GetObject(EntityHandle handle, NotFoundBehavior notFoundBehavior)
at Internal.TypeSystem.Ecma.EcmaModule.ResolveTypeReference(TypeReferenceHandle handle)
at Internal.TypeSystem.Ecma.EcmaModule.EcmaObjectLookupHashtable.CreateValueFromKey(EntityHandle handle)
at Internal.TypeSystem.LockFreeReaderHashtable`2.CreateValueAndEnsureValueIsInTable(TKey key)
at Internal.TypeSystem.Ecma.EcmaModule.GetObject(EntityHandle handle, NotFoundBehavior notFoundBehavior)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ResolveHandle(EntityHandle handle)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseTypeImpl(SignatureTypeCode typeCode)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseType(SignatureTypeCode typeCode)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseTypeImpl()
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseType()
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseTypeImpl(SignatureTypeCode typeCode)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseType(SignatureTypeCode typeCode)
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseTypeImpl()
at Internal.TypeSystem.Ecma.EcmaSignatureParser.ParseType()
at Internal.TypeSystem.Ecma.EcmaModule.ResolveTypeSpecification(TypeSpecificationHandle handle)
at Internal.TypeSystem.Ecma.EcmaModule.EcmaObjectLookupHashtable.CreateValueFromKey(EntityHandle handle)
at Internal.TypeSystem.LockFreeReaderHashtable`2.CreateValueAndEnsureValueIsInTable(TKey key)
at Internal.TypeSystem.Ecma.EcmaModule.GetObject(EntityHandle handle, NotFoundBehavior notFoundBehavior)
at Internal.TypeSystem.Ecma.EcmaModule.GetType(EntityHandle handle)
at Internal.TypeSystem.Ecma.EcmaType.InitializeBaseType()
at Internal.TypeSystem.Ecma.EcmaType.get_BaseType()
at Internal.TypeSystem.TypeDesc.get_IsDelegate()
at Internal.IL.ILImporter.ImportCall(ILOpcode opcode, Int32 token)
at Internal.IL.ILImporter.ImportBasicBlock(BasicBlock basicBlock)
at Internal.IL.ILImporter.ImportBasicBlocks()
at Internal.IL.ILImporter.Verify()
at ILVerify.Verifier.VerifyMethod(EcmaModule module, MethodIL methodIL, MethodDefinitionHandle methodHandle)
at ILVerify.Verifier.VerifyMethods(EcmaModule module, IEnumerable`1 methodHandles)+MoveNext()
at ILVerify.Verifier.Verify(PEReader peReader, MethodDefinitionHandle methodHandle)+MoveNext()
at ILVerify.Program.VerifyMethods(PEReader peReader, EcmaModule module, String path, Int32& numErrors, Int32& verifiedMethodCounter, Int32& methodCounter)
at ILVerify.Program.VerifyAssembly(PEReader peReader, EcmaModule module, String path)
at ILVerify.Program.Run()
at ILVerify.Program.Run(Options options)

Configuration

.NET 5, Windows 10, x64

Author: masonwheeler
Assignees: -
Labels:

untriaged, area-ILVerification, in pr
Milestone: -

@jkotas
Copy link
Member

jkotas commented Dec 30, 2021

Duplicate of #62711

@jkotas jkotas marked this as a duplicate of #62711 Dec 30, 2021
@ghost ghost removed the in-pr There is an active PR which will close this issue when it is merged label Dec 30, 2021
@MichalPetryka
Copy link
Contributor

Is there some nightly feed with a fix for this issue available?

@jkotas
Copy link
Member

jkotas commented Jan 9, 2022

Yes, it should be in the nightly dotnet7 feed.

It is prerelease package so you need to specify --prerelease to pick it up: dotnet tool install dotnet-ilverify --prerelease

@jkotas jkotas mentioned this issue Jan 21, 2022
Closed
@ghost ghost locked as resolved and limited conversation to collaborators Feb 8, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
area-Tools-ILVerification Issues related to ilverify tool and IL verification in general untriaged New issue has not been triaged by the area owner
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fixing a crash bug
3 participants
@jkotas @masonwheeler @MichalPetryka