[release/8.0-staging] [mono][interp] Fix incorrect stack type information #94966
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
Assume we have a basic block that it is a forward branch destination, then its stack type information will be initialized at the moment of branching (let's say there is a value of type Obj1). If later in the code we reach this bblock by falling through (let's say the current stack contains a value of Obj2), the current stack state will be copied from the original state, with the type Obj1. If later on we do a virtual call, we will try to devirtualize it as if this is Obj1 which is incorrect, since the fallthrough path would produce an Obj2. This commit adds missing checks for removing type information if we have different types on the execution types on incoming paths.
github-actions
bot
requested review from
BrzVlad,
vargaz and
kotlarmilos
as code owners
|
Tagging subscribers to this area: @BrzVlad, @kotlarmilos Issue DetailsBackport of #94923 to release/8.0-staging Customer ImpactTestingRiskIMPORTANT: If this backport is for a servicing release, please verify that:
|
lewing
approved these changes
Nov 19, 2023
leecow
added
Servicing-approved
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Backport of #94923 to release/8.0-staging
/cc @lewing @BrzVlad
Customer Impact
In certain situations, the interpreter would devirtualize to wrong method, leading usually to crashes. This seems to be more likely to happen in situations involving the ternary conditional operator (where the two paths produce different object types) followed by a virtual call. This is also a regression from .net 7.
Testing
Tested the fix on testcase reproducing the issue. CI tests for any potential regressions.
Risk
Low risk. Fix only removes type information in a certain situation, fix should have few side effects.