[release/10.0-rc1] JIT: fix issue with EH clause class types for fault/filters from C++/CLI (#118905)

github-actions[bot] · AndyAyersMS · web-flow · commit 13f9524ec430 · 2025-08-21T08:37:49.000-07:00
* JIT: fix issue with EH clause class types for fault/filters from C++/CLI C++/CLI appears to leave the CORINFO_EH_CLAUSE ClassToken/FilterOffset union set to some nonzero value for fault/filter clauses. The JIT currently just passes this value along to the runtime. If a method with such a nonzero field is inlined into a dynamic method, this trips up a check in the runtime where a nonzero entry for such a field is interpreted as a class handle, even for fault/filter clauses where it should be ignored. Tolerate this by zeroing the field in the JIT. Note this could not have happened in pre .NET10 as methods with EH could not be inlined, so a dynamic method would never see such an EH clause, and in non-dynamic methods this field is ignored for faults and filters. Fixes #118837. * review feedback * zero eh table on alloc/realloc --------- Co-authored-by: Andy Ayers <andya@microsoft.com>
diff --git a/src/coreclr/jit/fgbasic.cpp b/src/coreclr/jit/fgbasic.cpp
@@ -3741,31 +3741,32 @@ void Compiler::fgFindBasicBlocks()
         }
         else
         {
-            HBtab->ebdTyp = clause.ClassToken;
-
-            /* Set bbCatchTyp as appropriate */
-
+            // Set ebdTyp and bbCatchTyp as appropriate
+            //
             if (clause.Flags & CORINFO_EH_CLAUSE_FINALLY)
             {
                 hndBegBB->bbCatchTyp = BBCT_FINALLY;
+                HBtab->ebdTyp        = 0;
             }
             else
             {
                 if (clause.Flags & CORINFO_EH_CLAUSE_FAULT)
                 {
                     hndBegBB->bbCatchTyp = BBCT_FAULT;
+                    HBtab->ebdTyp        = 0;
                 }
                 else
                 {
-                    hndBegBB->bbCatchTyp = clause.ClassToken;
-
                     // These values should be non-zero value that will
                     // not collide with real tokens for bbCatchTyp
                     if (clause.ClassToken == 0)
                     {
                         BADCODE("Exception catch type is Null");
                     }
 
+                    hndBegBB->bbCatchTyp = clause.ClassToken;
+                    HBtab->ebdTyp        = clause.ClassToken;
+
                     noway_assert(clause.ClassToken != BBCT_FAULT);
                     noway_assert(clause.ClassToken != BBCT_FINALLY);
                     noway_assert(clause.ClassToken != BBCT_FILTER);
diff --git a/src/coreclr/jit/jiteh.cpp b/src/coreclr/jit/jiteh.cpp
@@ -1522,6 +1522,8 @@ void Compiler::fgAllocEHTable()
 
     compHndBBtab = new (this, CMK_BasicBlock) EHblkDsc[compHndBBtabAllocCount];
 
+    memset(compHndBBtab, 0, compHndBBtabAllocCount * sizeof(*compHndBBtab));
+
     compHndBBtabCount = info.compXcptnsCount;
 }
 
@@ -1883,6 +1885,10 @@ EHblkDsc* Compiler::fgTryAddEHTableEntries(unsigned XTnum, unsigned count, bool
 
         EHblkDsc* newTable = new (this, CMK_BasicBlock) EHblkDsc[compHndBBtabAllocCount];
 
+        // Zero the storage
+
+        memset(newTable, 0, compHndBBtabAllocCount * sizeof(*compHndBBtab));
+
         // Move over the stuff before the new entries
 
         memcpy_s(newTable, compHndBBtabAllocCount * sizeof(*compHndBBtab), compHndBBtab, XTnum * sizeof(*compHndBBtab));
diff --git a/src/coreclr/tools/aot/ILCompiler.ReadyToRun/JitInterface/CorInfoImpl.ReadyToRun.cs b/src/coreclr/tools/aot/ILCompiler.ReadyToRun/JitInterface/CorInfoImpl.ReadyToRun.cs
@@ -3117,8 +3117,8 @@ private void setEHcount(uint cEH)
 
         private void setEHinfo(uint EHnumber, ref CORINFO_EH_CLAUSE clause)
         {
-            // Filters don't have class token in the clause.ClassTokenOrOffset
-            if ((clause.Flags & CORINFO_EH_CLAUSE_FLAGS.CORINFO_EH_CLAUSE_FILTER) == 0)
+            // Filters, finallys, and faults don't have class token in the clause.ClassTokenOrOffset
+            if ((clause.Flags & (CORINFO_EH_CLAUSE_FLAGS.CORINFO_EH_CLAUSE_FILTER | CORINFO_EH_CLAUSE_FLAGS.CORINFO_EH_CLAUSE_FINALLY | CORINFO_EH_CLAUSE_FLAGS.CORINFO_EH_CLAUSE_FAULT)) == 0)
             {
                 if (clause.ClassTokenOrOffset != 0)
                 {
diff --git a/src/coreclr/vm/jitinterface.cpp b/src/coreclr/vm/jitinterface.cpp
@@ -12734,7 +12734,7 @@ void CEECodeGenInfo::setEHinfoWorker(
     LOG((LF_EH, LL_INFO1000000, "    FilterOffset  : 0x%08lx  ->  0x%08lx\n",            clause->FilterOffset,  pEHClause->FilterOffset));
 
     if (IsDynamicScope(m_MethodInfo.scope) &&
-        ((pEHClause->Flags & COR_ILEXCEPTION_CLAUSE_FILTER) == 0) &&
+        ((pEHClause->Flags & (COR_ILEXCEPTION_CLAUSE_FILTER | COR_ILEXCEPTION_CLAUSE_FINALLY | COR_ILEXCEPTION_CLAUSE_FAULT)) == 0) &&
         (clause->ClassToken != mdTokenNil))
     {
         ResolvedToken resolved{};

Original file line number	Diff line number	Diff line change
`@@ -3741,31 +3741,32 @@ void Compiler::fgFindBasicBlocks()`
`3741`	`3741`	`}`
`3742`	`3742`	`else`
`3743`	`3743`	`{`
`3744`		`- HBtab->ebdTyp = clause.ClassToken;`
`3745`		`-`
`3746`		`- /* Set bbCatchTyp as appropriate */`
`3747`		`-`
	`3744`	`+ // Set ebdTyp and bbCatchTyp as appropriate`
	`3745`	`+ //`
`3748`	`3746`	`if (clause.Flags & CORINFO_EH_CLAUSE_FINALLY)`
`3749`	`3747`	`{`
`3750`	`3748`	`hndBegBB->bbCatchTyp = BBCT_FINALLY;`
	`3749`	`+ HBtab->ebdTyp = 0;`
`3751`	`3750`	`}`
`3752`	`3751`	`else`
`3753`	`3752`	`{`
`3754`	`3753`	`if (clause.Flags & CORINFO_EH_CLAUSE_FAULT)`
`3755`	`3754`	`{`
`3756`	`3755`	`hndBegBB->bbCatchTyp = BBCT_FAULT;`
	`3756`	`+ HBtab->ebdTyp = 0;`
`3757`	`3757`	`}`
`3758`	`3758`	`else`
`3759`	`3759`	`{`
`3760`		`- hndBegBB->bbCatchTyp = clause.ClassToken;`
`3761`		`-`
`3762`	`3760`	`// These values should be non-zero value that will`
`3763`	`3761`	`// not collide with real tokens for bbCatchTyp`
`3764`	`3762`	`if (clause.ClassToken == 0)`
`3765`	`3763`	`{`
`3766`	`3764`	`BADCODE("Exception catch type is Null");`
`3767`	`3765`	`}`
`3768`	`3766`
	`3767`	`+ hndBegBB->bbCatchTyp = clause.ClassToken;`
	`3768`	`+ HBtab->ebdTyp = clause.ClassToken;`
	`3769`	`+`
`3769`	`3770`	`noway_assert(clause.ClassToken != BBCT_FAULT);`
`3770`	`3771`	`noway_assert(clause.ClassToken != BBCT_FINALLY);`
`3771`	`3772`	`noway_assert(clause.ClassToken != BBCT_FILTER);`
Original file line number	Diff line number	Diff line change
`@@ -3117,8 +3117,8 @@ private void setEHcount(uint cEH)`
`3117`	`3117`
`3118`	`3118`	`private void setEHinfo(uint EHnumber, ref CORINFO_EH_CLAUSE clause)`
`3119`	`3119`	`{`
`3120`		`- // Filters don't have class token in the clause.ClassTokenOrOffset`
`3121`		`- if ((clause.Flags & CORINFO_EH_CLAUSE_FLAGS.CORINFO_EH_CLAUSE_FILTER) == 0)`
	`3120`	`+ // Filters, finallys, and faults don't have class token in the clause.ClassTokenOrOffset`
	`3121`	`+ if ((clause.Flags & (CORINFO_EH_CLAUSE_FLAGS.CORINFO_EH_CLAUSE_FILTER \| CORINFO_EH_CLAUSE_FLAGS.CORINFO_EH_CLAUSE_FINALLY \| CORINFO_EH_CLAUSE_FLAGS.CORINFO_EH_CLAUSE_FAULT)) == 0)`
`3122`	`3122`	`{`
`3123`	`3123`	`if (clause.ClassTokenOrOffset != 0)`
`3124`	`3124`	`{`
Original file line number	Diff line number	Diff line change
`@@ -12734,7 +12734,7 @@ void CEECodeGenInfo::setEHinfoWorker(`
`12734`	`12734`	`LOG((LF_EH, LL_INFO1000000, " FilterOffset : 0x%08lx -> 0x%08lx\n", clause->FilterOffset, pEHClause->FilterOffset));`
`12735`	`12735`
`12736`	`12736`	`if (IsDynamicScope(m_MethodInfo.scope) &&`
`12737`		`- ((pEHClause->Flags & COR_ILEXCEPTION_CLAUSE_FILTER) == 0) &&`
	`12737`	`+ ((pEHClause->Flags & (COR_ILEXCEPTION_CLAUSE_FILTER \| COR_ILEXCEPTION_CLAUSE_FINALLY \| COR_ILEXCEPTION_CLAUSE_FAULT)) == 0) &&`
`12738`	`12738`	`(clause->ClassToken != mdTokenNil))`
`12739`	`12739`	`{`
`12740`	`12740`	`ResolvedToken resolved{};`