Fix FailFast message formatting race #56388
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
SystemNative::GenericFailFast uses a global buffer for messages shorter than certain size. When multiple threads call FailFast at the same time, they all use the same buffer, overwriting each other's message. That leads to a problem on Unix when the message is converted to UTF-8 using two calls to WideCharToMultiByte and another thread changes the message to a longer one between those two calls. So the buffer size the first call determines is no longer sufficient.
stephentoub
approved these changes
Jul 27, 2021
danmoseley
reviewed
Jul 27, 2021
| if (pszMessage == NULL) { | ||
| WszOutputDebugString(W("CLR: Managed code called FailFast, but there is not enough memory to print the supplied message.\r\n")); | ||
| } | ||
| else if (cchMessage == 0) { | ||
| WszOutputDebugString(W("CLR: Managed code called FailFast without specifying a reason.\r\n")); | ||
| } | ||
| else { | ||
| WszOutputDebugString(W("CLR: Managed code called FailFast, saying \"")); |
There was a problem hiding this comment.
Not your change, but to be consistent with the other CLR termination messages, this would be ...called FailFast. "));. They all suffix the message after a period.
There was a problem hiding this comment.
I suggest to keep it on one line (ie, space instead of \r\n). That is the existing pattern and it works well with logs and concurrent console output where the two lines can otherwise get separated.
|
I actually made a mistake in handling the OOM case, fixing it now. |
|
I've fixed the issue and also made the message in the OOM case to propagate to the |
janvorli
force-pushed
the
fix-failfast-message-race
branch
from
7d594ca
to
132f2c6
Compare
|
Just curious, in what circumstances do we end up with this "CLR: ... " fail fast message, as opposed to what I get from |
This is just OutputDebugString message in the debugger. It is not printed to the console. The fixed function calls EEPolicy::HandleFatalError at the end which does the regular console printing. |
thaystg
added a commit
to thaystg/runtime
that referenced
this pull request
Jul 28, 2021
…bug_tests * origin/main: (274 commits) Disable test ConnectWithCertificateForDifferentName_Throws (dotnet#56456) Update dependencies from https://github.com/mono/linker build 20210726.2 (dotnet#56374) Cleanup disabled test conditions (dotnet#56381) [mono] Add GC unsafe transition to mono_unhandled_exception (dotnet#56380) don't fail the file extraction when we can't set last write time (dotnet#56370) Properly rebuild optimization data when it changes (dotnet#56397) Make open function calls in coreclr EINTR resilient on macOS (dotnet#56403) Fix dependency from EventLog to TraceSource ref (dotnet#56417) Fix comments in asm with JitDiffableDasm=1 (dotnet#56416) Catch TcpClient ctor exceptions in FtpWebRequest.CreateConnectionAsync (dotnet#56379) Add interop between serializer and DOMs (dotnet#56112) Fix type loader not recognizing overridden method (dotnet#56337) Prevent Segfault in EventPipe on disable (dotnet#56104) Update runtimeconfig.json and deps.json paths when these break past the MAX_PATH threshold (dotnet#56224) Use native allocator instead of pinning when decompressing embedded PDB (dotnet#56336) Specify win-x64 as a valid platform in the microsoft-net-runtime-* workloads for iOS/tvOS/MacCatalyst (dotnet#56311) Fix FailFast message formatting race (dotnet#56388) Try to fix finalizer-based async tests (dotnet#56384) Fix MetricsEventSource tests (dotnet#56382) Remove invalid Castle.DynamicProxy.Internal.AbstractInvocation from ILLink descriptor files (dotnet#56392) ...
thaystg
added a commit
to thaystg/runtime
that referenced
this pull request
Jul 28, 2021
* origin/main: (95 commits) Disable test ConnectWithCertificateForDifferentName_Throws (dotnet#56456) Update dependencies from https://github.com/mono/linker build 20210726.2 (dotnet#56374) Cleanup disabled test conditions (dotnet#56381) [mono] Add GC unsafe transition to mono_unhandled_exception (dotnet#56380) don't fail the file extraction when we can't set last write time (dotnet#56370) Properly rebuild optimization data when it changes (dotnet#56397) Make open function calls in coreclr EINTR resilient on macOS (dotnet#56403) Fix dependency from EventLog to TraceSource ref (dotnet#56417) Fix comments in asm with JitDiffableDasm=1 (dotnet#56416) Catch TcpClient ctor exceptions in FtpWebRequest.CreateConnectionAsync (dotnet#56379) Add interop between serializer and DOMs (dotnet#56112) Fix type loader not recognizing overridden method (dotnet#56337) Prevent Segfault in EventPipe on disable (dotnet#56104) Update runtimeconfig.json and deps.json paths when these break past the MAX_PATH threshold (dotnet#56224) Use native allocator instead of pinning when decompressing embedded PDB (dotnet#56336) Specify win-x64 as a valid platform in the microsoft-net-runtime-* workloads for iOS/tvOS/MacCatalyst (dotnet#56311) Fix FailFast message formatting race (dotnet#56388) Try to fix finalizer-based async tests (dotnet#56384) Fix MetricsEventSource tests (dotnet#56382) Remove invalid Castle.DynamicProxy.Internal.AbstractInvocation from ILLink descriptor files (dotnet#56392) ...
ghost
locked as resolved and limited conversation to collaborators
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SystemNative::GenericFailFast uses a global buffer for messages shorter than certain size.
When multiple threads call FailFast at the same time, they all use the same buffer,
overwriting each other's message. That leads to a problem on Unix when the message is
converted to UTF-8 using two calls to WideCharToMultiByte and another thread changes
the message to a longer one between those two calls. So the buffer size the first
call determines is no longer sufficient.
Close #47096