Skip to content

JIT: Improper handling of GC structs with undone promotion in tailcall-to-loop optimization #81081

New issue
New issue
Closed
#81083
Closed
JIT: Improper handling of GC structs with undone promotion in tailcall-to-loop optimization#81081
#81083
Assignees
jakobbotsch
Labels
area-CodeGen-coreclrCLR JIT compiler in src/coreclr/src/jit and related components such as SuperPMIin-prThere is an active PR which will close this issue when it is merged
Milestone
8.0.0
@jakobbotsch

Description

@jakobbotsch
jakobbotsch
opened on Jan 24, 2023
class Program
{
    static void Main()
    {
        Test(1234, default);
    }

    static int Test(int count, S16 s)
    {
        object o = "1234";
        if (count == 0 || o.GetHashCode() == 1234)
            return 42;

        return Test(count - 1, s);
    }

    struct S16
    {
        public object A, B;
    }
}

Run with DOTNET_JitNoInline=1 on win-x64. Result:

Assert failure(PID 13352 [0x00003428], Thread: 36112 [0x8d10]): Assertion failed '!parentStruct->lvUndoneStructPromotion' in 'Program:Test(int,Program+S16):int' during 'Mark local vars' (IL size 35; hash 0x046a6981; FullOpts)

    File: C:\dev\dotnet\runtime\src\coreclr\jit\lclvars.cpp Line: 4295
    Image: C:\dev\dotnet\runtime4\artifacts\tests\coreclr\windows.x64.Checked\Tests\Core_Root\corerun.exe

The problem is that the tailcall-to-loop optimization tries to zero out the copy created for the promotion of s, but that promotion was undone.

Metadata

Metadata

Assignees

Labels

area-CodeGen-coreclrCLR JIT compiler in src/coreclr/src/jit and related components such as SuperPMIin-prThere is an active PR which will close this issue when it is merged

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions