-
Notifications
You must be signed in to change notification settings - Fork 4.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
"free(): invalid pointer" with AnsiStringMarshaller compiled with crossgen2 #54820
Comments
cc @mangod9 This is the problem with AnsiBSTRMarshaler that have discussed this over email |
Hey @gbalykov , I am trying to repro this issue, but I am not getting the
|
Forgot to mention that I'm seeing this on linux, both x64 and armel. x64 build command: ./build.sh --arch x64 --runtimeConfiguration Release --librariesConfiguration Release --subset clr+libs Invoked crossgen2 command (--inputbubble or -O do not have any effect): ./corerun ./crossgen2/crossgen2.dll -r:`pwd`/*.dll -o:`pwd`/ndirect/ndirect.ni.dll `pwd`/ndirect/ndirect.dll --inputbubble --verbose Commits on which this reproduces: c139d00, 911640b. Then with R2RDump I obtained native code. Actually, you can use PR #54847 with next small change, I've just verified that it reproduces crash: diff --git a/src/coreclr/tools/aot/ILCompiler.ReadyToRun/Interop/IL/Marshaller.ReadyToRun.cs b/src/coreclr/tools/aot/ILCompiler.ReadyToRun/Interop/IL/Marshaller.ReadyToRun.cs
index e02bbbe8f2d..e4f218a1949 100644
--- a/src/coreclr/tools/aot/ILCompiler.ReadyToRun/Interop/IL/Marshaller.ReadyToRun.cs
+++ b/src/coreclr/tools/aot/ILCompiler.ReadyToRun/Interop/IL/Marshaller.ReadyToRun.cs
@@ -155,7 +155,8 @@ public static bool IsMarshallingNotSupported(MethodDesc targetMethod)
if (marshallers[i].GetType() == typeof(NotSupportedMarshaller)
// TODO: AnsiStringMarshaller can be allowed when it's logic is fixed,
// currently it leads to free(): invalid pointer
- || marshallers[i].GetType() == typeof(AnsiStringMarshaller))
+// || marshallers[i].GetType() == typeof(AnsiStringMarshaller))
+ )
return true;
}
|
hmm, yeah I do have your changes. I can get it to repro, except R2RDump seems to be incorrectly resolving methoddefs in my case hence I couldnt see the calls to |
@jkotas - I believe you previously mentioned that on Linux we shouldn't be using AnsiBSTRMarshaler at all, does that mean there's some problem with the existing marshaller implementation - I don't see any Windows vs. Linux conditional logic there? |
|
Correct, runtime/src/libraries/System.Private.CoreLib/src/System/Runtime/InteropServices/Marshal.Unix.cs Line 7 in 57bfe47
|
Also /cc @MichalStrehovsky who was according to my recollection the original implementor of the Crossgen2 PInvoke marshallers. |
It doesn't look right to be calling into BStr marshalling at all. This should rather all call into CStrMarshaller. The generated IL should basically correspond to what ILCSTRMarshaler in ilmarshalers.cpp does. |
cc @AaronRobinsonMSFT This touches on the problem of creating marshalling helpers that can be used by all runtime, crossgen and source generators. |
Description
If marshalling ilstub compilation is allowed in crossgen2, ansi string marshalling for string allocated in native code leads to "free(): invalid pointer".
Problem is related to
out string
argument marshalling, which tries to freenative_pointer - sizeof(void*)
.However, it seems that this problem might arise in SPC.dll even without any changes in crossgen2 because currently all such ilstubs are compiled, see GeneratesPInvoke:
Simple example to reproduce:
c# part:
native part, compiled with
gcc -shared -fPIC 1.c -o tmp.so
Output:
Native code of compiled ilstub, which crashes:
Patch to allow marshalling ilstub compilation:
More detailed description
This problem happens inside
System.StubHelpers.AnsiBSTRMarshaler.ClearNative
, which tries to cleanup bstr buffer, and subtractssizeof(void*)
from ptr (Marshal.FreeBSTR
in Marshal.Unix.cs actually performs subtraction). This itself happens becauseSystem.StubHelpers.AnsiBSTRMarshaler.ConvertToManaged
for some reason ignores non-bstr buffers. However, pointer returned from native code is not bstr, but a simple buffer. So, incorrect pointer is passed to free.cc @alpencolt @jkotas
The text was updated successfully, but these errors were encountered: