diff options
author | Jan Vorlicek <janvorli@microsoft.com> | 2020-01-14 19:34:38 +0100 |
---|---|---|
committer | Anirudh Agnihotry <anirudhagnihotry098@gmail.com> | 2020-01-14 10:34:38 -0800 |
commit | b72ff3bafd1ea7171c1bd9c44f4ca26f498b51f1 (patch) | |
tree | 94dcfbe68200ceb6855bd58f5f526ea7a705198b /src | |
parent | 8c478a8ab700ceb9db632990aa53b304a5186c8e (diff) | |
download | coreclr-b72ff3bafd1ea7171c1bd9c44f4ca26f498b51f1.tar.gz coreclr-b72ff3bafd1ea7171c1bd9c44f4ca26f498b51f1.tar.bz2 coreclr-b72ff3bafd1ea7171c1bd9c44f4ca26f498b51f1.zip |
Port to 3.1 - Fix VirtualMemoryLogging::logRecords overflow (#27958)
when VirtualMemoryLogging::recordNumber increments from LONG_MAX,
it became negative number, and the result of i % MaxRecords became
a number from -127 to 0.
When that happens we will ovewrite CRITICAL_SECTION virtual_critsec
which are stored in bss right before logRecords with garbage data.
Then most likely the process will have a GC hang with one or more
GC threads stuck trying to enter or leave critical section.
The fix is to ensure ULONG value are passed to modulo operation.
Diffstat (limited to 'src')
-rw-r--r-- | src/pal/src/map/virtual.cpp | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/src/pal/src/map/virtual.cpp b/src/pal/src/map/virtual.cpp index ca27b7390c..1b457fbf36 100644 --- a/src/pal/src/map/virtual.cpp +++ b/src/pal/src/map/virtual.cpp @@ -107,7 +107,7 @@ namespace VirtualMemoryLogging // An entry in the in-memory log struct LogRecord { - LONG RecordId; + ULONG RecordId; DWORD Operation; LPVOID CurrentThread; LPVOID RequestedAddress; @@ -118,14 +118,14 @@ namespace VirtualMemoryLogging }; // Maximum number of records in the in-memory log - const LONG MaxRecords = 128; + const ULONG MaxRecords = 128; // Buffer used to store the logged data volatile LogRecord logRecords[MaxRecords]; // Current record number. Use (recordNumber % MaxRecords) to determine // the current position in the circular buffer. - volatile LONG recordNumber = 0; + volatile ULONG recordNumber = 0; // Record an entry in the in-memory log void LogVaOperation( @@ -137,7 +137,7 @@ namespace VirtualMemoryLogging IN LPVOID returnedAddress, IN BOOL result) { - LONG i = InterlockedIncrement(&recordNumber) - 1; + ULONG i = (ULONG)InterlockedIncrement((LONG*)&recordNumber) - 1; LogRecord* curRec = (LogRecord*)&logRecords[i % MaxRecords]; curRec->RecordId = i; |