Fix GetTypeByName to find cached generic instantiations#1412
Merged
leculver merged 1 commit intomicrosoft:mainfrom Apr 4, 2026
Merged
Fix GetTypeByName to find cached generic instantiations#1412leculver merged 1 commit intomicrosoft:mainfrom
leculver merged 1 commit intomicrosoft:mainfrom
Conversation
GetTypeByName only searched TypeDef maps, missing generic instantiations (e.g. LinkedListNode<System.String>) that were already constructed during heap enumeration. Add TryGetCachedTypeByName to ClrTypeFactory that searches all cached types by name, and use it as a fallback in ClrHeap.GetTypeByName. This improves field type resolution for generic types where: - The type argument is itself a generic instantiation - The concrete generic type needs to be found by constructed name - The field signature's GenericInstantiation or Var elements need resolved concrete types that aren't in any module's TypeDef map Add regression tests verifying all LinkedListNode fields have non-null types and that GetTypeByName finds constructed generic instantiations.
brianrob
approved these changes
Apr 3, 2026
Member
brianrob
left a comment
There was a problem hiding this comment.
One question below, but approving in case it's not relevant.
| ClrObject node = heap.EnumerateObjects() | ||
| .FirstOrDefault(o => o.Type?.Name?.Contains("LinkedListNode<System.String>") == true); | ||
|
|
||
| Assert.True(node.IsValid, "Could not find LinkedListNode<string> on the heap."); |
Member
There was a problem hiding this comment.
Not sure if this is relevant, but would it make sense to include the IsValid check in the lambda in addition to the assert here? Or is this a failure if you ever find an invalid one?
Contributor
Author
There was a problem hiding this comment.
ClrObject is actually a struct, so FirstOrDefault can return an empty ClrObject where isvalid is false. This is basically a nullcheck.
max-charlamb
added a commit
to dotnet/runtime
that referenced
this pull request
Apr 14, 2026
## Summary Fix two reference counting bugs in the legacy DAC's `DefaultCOMImpl` template class, remove the corresponding compat workaround in the cDAC, bump clrmd, and implement `CLRDATA_REQUEST_REVISION` in the cDAC. > [!NOTE] > This PR description was generated with the help of Copilot. ## Sibling PRs: - dotnet/diagnostics#5789 (merged) — Bump clrmd in diagnostics, adapt to 4.x API changes - microsoft/clrmd#1414 (merged) — Fix `ParseGenericTypeArgumentNames` for nested generic types - microsoft/clrmd#1416 (merged) — Fall back to MethodTable when generic type resolution produces a placeholder ## Bug 1: `Release()` uses post-decrement (dacimpl.h) `DefaultCOMImpl::Release()` used post-decrement (`mRef--`) instead of pre-decrement (`--mRef`): ```cpp // Before (bug): ULONG res = mRef--; // captures value BEFORE decrement if (res == 0) // never true when mRef was 1 delete this; // object is never freed ``` Per the [IUnknown::Release contract](https://learn.microsoft.com/en-us/windows/win32/api/unknwn/nf-unknwn-iunknown-release), `Release` must return the **new** reference count and free the object when it reaches 0. The post-decrement meant objects were never freed — a memory leak affecting all `DefaultCOMImpl`-derived classes (`DacHandleWalker`, `DacStackReferenceWalker`, `DacMemoryEnumerator` subclasses, `DacMethodTableSlotEnumerator`, `DacStackReferenceErrorEnum`). ## Bug 2: `DacMethodTableSlotEnumerator` missing `QueryInterface` (request.cpp) `GetMethodTableSlotEnumerator` returned the object via raw pointer assignment without calling `QueryInterface`/`AddRef`, leaving `mRef` at 0: ```cpp // Before (bug): *enumerator = methodTableSlotEnumerator; // mRef stays 0 ``` Every other `DefaultCOMImpl` subclass correctly uses `QueryInterface` before returning, which calls `AddRef` to give the caller an owning reference. Fixed to match that pattern. ## cDAC compat removal (SOSDacImpl.cs) The cDAC's `GetHandleEnum` and `GetHandleEnumForTypes` previously called `ComInterfaceMarshaller.ConvertToUnmanaged` to intentionally leak a ref count, matching the legacy DAC's broken behavior. Now that the legacy bug is fixed, this compat workaround is removed. ## Version bump and cDAC revision - Bumps `CLRDATA_REQUEST_REVISION` from 9 to 10 in the legacy DAC so that ClrMD can detect the fixed ref counting behavior via `IXCLRDataProcess::Request`. - Implements `CLRDATA_REQUEST_REVISION` directly in the cDAC's `SOSDacImpl.IXCLRDataProcess.Request` (with DEBUG validation against the legacy DAC) so consumers get the correct revision without requiring the legacy DAC fallback. ## ClrMD bump Updates `Microsoft.Diagnostics.Runtime` from `3.1.512801` to `4.0.0-beta.26210.1`. The new version includes: - CLRDATA_REQUEST_REVISION 10 detection to avoid double-freeing (microsoft/clrmd#1398) - `ParseGenericTypeArgumentNames` fix for nested generic types (microsoft/clrmd#1414) - `GetTypeByName` cached generic instantiation fix (microsoft/clrmd#1412) - Canon fallback to MethodTable for compiler-generated types (microsoft/clrmd#1416) ## cdacstress.cpp double Release removal Removes the compensating double `pEnum->Release()` in `CollectStackRefs` that was working around the broken post-decrement in `DefaultCOMImpl::Release()`. --------- Co-authored-by: Max Charlamb <maxcharlamb@microsoft.com> Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
GetTypeByName only searched TypeDef maps, missing generic instantiations (e.g. LinkedListNode<System.String>) that were already constructed during heap enumeration. Add TryGetCachedTypeByName to ClrTypeFactory that searches all cached types by name, and use it as a fallback in ClrHeap.GetTypeByName.
This improves field type resolution for generic types where:
Add regression tests verifying all LinkedListNode fields have non-null types and that GetTypeByName finds constructed generic instantiations.
Fixes #1396 .