Bugfix :: Fix F# exception serialization to preserve fields#19342
Open
Bugfix :: Fix F# exception serialization to preserve fields#19342
Conversation
Contributor
❗ Release notes required
|
T-Gro
force-pushed
the
codegen/fix-exception-serialization
branch
3 times, most recently
from
c9b17c0 to
f6f7424
Compare
Member
Author
|
/azp run fsharp-ci |
|
Azure Pipelines successfully started running 1 pipeline(s). |
T-Gro
force-pushed
the
codegen/fix-exception-serialization
branch
2 times, most recently
from
675d541 to
4b0a72e
Compare
T-Gro
changed the title
Member
|
An edge case, but now this causes a runtime crash due to field name collision with open System
open System.Runtime.Serialization
exception Foo of Message:string
let e = Foo("hello")
let info = SerializationInfo(e.GetType(), FormatterConverter())
let ctx = StreamingContext(StreamingContextStates.All)
e.GetObjectData(info, ctx) |
T-Gro
force-pushed
the
codegen/fix-exception-serialization
branch
from
1b2f39a to
2debec9
Compare
Member
Author
|
Good catch! Fixed in 234f944 — serialization keys now use the backing field name (e.g. Added a dedicated test ( |
Member
Author
|
/azp run fsharp-ci |
|
Azure Pipelines successfully started running 1 pipeline(s). |
abonie
reviewed
Mar 30, 2026
|
|
||
| let events = eventsWhen events (received Finished) | ||
| // Wait for all 10 outdated jobs to be canceled and the new one to finish. | ||
| let events = eventsWhen events (fun e -> countOf Canceled e = 10 && countOf Finished e = 1) |
Member
There was a problem hiding this comment.
Is this related to the rest of the PR?
abonie
approved these changes
Mar 30, 2026
Member
abonie
left a comment
abonie
left a comment
There was a problem hiding this comment.
What happens if exception is serialized with an older compiler and deserialized with one that has these changes? If it's not going to work then perhaps this should be marked as a breaking change? Or not because it wasn't working before either?
| let securityCriticalAttr = | ||
| mkILCustomAttribute (g.attrib_SecurityCriticalAttribute.TypeRef, [], [], []) | ||
|
|
||
| mdef.With(customAttrs = mkILCustomAttrs [ securityCriticalAttr ]) |
Member
There was a problem hiding this comment.
Should this also have CompilerGenerated and DebuggerNonUserCode attributes?
github-project-automation
Bot
moved this from New
to In Progress
in F# Compiler and Tooling
T-Gro
force-pushed
the
codegen/fix-exception-serialization
branch
5 times, most recently
from
773eba0 to
d485a32
Compare
Fixes #878 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The generated GetObjectData override on F# exception types must have the [SecurityCritical] attribute to match the security accessibility of Exception.GetObjectData on .NET Framework. Without this, the CLR rejects the override with 'Inheritance security rules violated', causing FS0193 errors when any project references FSharp.Core (which contains MatchFailureException with the new GetObjectData override). Also update IL baselines and FSharp.Core surface area baseline. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
FSharp.Core has [assembly: SecurityTransparent] which makes all methods transparent. On .NET Framework, transparent methods cannot override SecurityCritical methods (Exception.GetObjectData) nor call SecurityCritical base constructors (Exception(SerializationInfo, StreamingContext)). Skip emitting serialization members for FSharp.Core exceptions. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…, add test FSharp.Core has [assembly: SecurityTransparent]. On .NET Framework, transparent code cannot override SecurityCritical methods (GetObjectData). Without GetObjectData to write fields, the field-restoring ctor would crash. So for FSharp.Core exceptions: - Keep the base-call-only deserialization ctor (status quo, SecuritySafeCritical base) - Skip GetObjectData override (can't override SecurityCritical from transparent) For user exceptions (no SecurityTransparent): - Emit both GetObjectData and field-restoring ctor (full serialization) Add test verifying FSharp.Core MatchFailureException: - Loads without TypeLoadException - Has deserialization ctor - Does NOT have GetObjectData override Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
The compilingFSharpCore guard skips GetObjectData, so the surface area baseline should not include it for MatchFailureException. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…ctors Add deserialization constructor bodies (reading fields from SerializationInfo) and GetObjectData overrides to match the netcore baselines. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Changed eventsWhen condition in 'Cancel running jobs with the same key' test to wait until all 10 outdated jobs are canceled and the new job finishes, instead of stopping at the first Finished event. This prevents race conditions where assertions run before all cancellations complete. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…issue #18411) Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Use IL backing field name (with @ suffix) as the serialization key instead of the property name. This prevents duplicate key crashes when an F# exception field name collides with a key already used by Exception.GetObjectData (e.g., 'exception Foo of Message:string'). The backing field name (e.g., 'Message@', 'Data0@') is guaranteed to not collide with base Exception serialization keys. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Add Issue_878_ExceptionSerialization_MessageFieldCollision test that reproduces the exact edge case where an F# exception field named 'Message' collides with Exception.GetObjectData's 'Message' key. The test verifies: - GetObjectData does not throw with duplicate key - F# field is serialized under backing field name 'Message@' - Base Exception's 'Message' key remains accessible - Full serialization roundtrip preserves the field value Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Eliminate ilBaseOnlyCtorInstrs/ilBaseOnlyCtor block that duplicated ilInstrsForSerialization/ilCtorDefForSerialization by introducing shouldRestoreFields flag - Simplify 3-branch if/elif/else to 2-branch conditional - Remove unused ilPropName parameter from emitSerializationFieldIL callback Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…yIL list Replace the duplicated getActualIL helper and Assert.Contains call with a proper IL fragment in the verifyIL list, verifying the AddValue callvirt instruction is emitted in the GetObjectData method. Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
…rt unrelated AsyncMemoize fix - Add [CompilerGenerated] and [DebuggerNonUserCode] attributes to the generated serialization constructor and GetObjectData override on exception types, matching the pattern used by other compiler-generated methods in IlxGen. - Update verifyIL test to check for the new attributes. - Update all EmittedIL baselines (Nullness, SerializableAttribute) for both netcore and net472, debug and release configurations. - Revert unrelated AsyncMemoize flaky test fix (not part of this PR scope). Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
T-Gro
force-pushed
the
codegen/fix-exception-serialization
branch
from
d485a32 to
bb46647
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes F# exceptions losing their field values during serialization.
Exceptions with fields now emit a
GetObjectDataoverride and a deserialization constructor that save/restore the fields viaSerializationInfo, enabling correctISerializableroundtrips.Note: This fix is primarily relevant for users targeting .NET Framework 4.x or .NET Core ≤7, where
BinaryFormatter/ISerializableserialization is still available. On .NET 8+,StreamingContextis removed and the serialization members are not emitted. The entireISerializableinfrastructure is deprecated (SYSLIB0051) — no modern serializer (System.Text.Json,DataContractSerializer, etc.) usesGetObjectData.FSharp.Core exception caveat: FSharp.Core has
[assembly: SecurityTransparent], which on .NET Framework prevents overriding theSecurityCriticalmethodException.GetObjectData. FSharp.Core exceptions (e.g.MatchFailureException) therefore get only the base-call deserialization constructor (status quo) but not theGetObjectDataoverride. This is tested explicitly. User-defined exceptions are unaffected — they get full serialization support.