Make GC Stress 4/8 work with CET #71085
Conversation
This change makes the GC stress 4/8 work without redirection. It also fixes a problem with missing unwinding of the shadow stack pointer that was not discovered before.
| LIMITED_METHOD_CONTRACT; | ||
|
|
||
| #ifdef USE_REDIRECT_FOR_GCSTRESS | ||
| return UseContextBasedThreadRedirection(); |
There was a problem hiding this comment.
Can we just always return false? (and delete all the support for GC stress redirection)
There was a problem hiding this comment.
Unfortunately not. I have originally just undefined the USE_REDIRECT_FOR_GCSTRESS and fixed few places, but I've hit a race problem between another thread redirection and the GC stress running from VEH updating GC references in the context passed to the VEH. I've added various stresslog loggings and found that there is a race when the thread was returning from the VEH and another thread redirected it at that point, the other thread got GetThreadContext with the old values of those GC references. And the context didn't have any of the indicators that would make us not to use it.
I was able to repro it only on the CET enabled machine that has a beta version of Windows, so it could have been caused by a bug that was introduced in that version of Windows. So I've decided to use it only when redirection is disabled (which is currently the case for CET only).
|
|
||
| _ASSERTE(!success && (GetLastError() == ERROR_INSUFFICIENT_BUFFER)); | ||
|
|
||
| PVOID pBuffer = _alloca(contextSize); |
There was a problem hiding this comment.
What is the context size we usually end up with here on current hw? I am wondering whether it would be better to allocate this on heap.
There was a problem hiding this comment.
If it only adds XSAVE_CET_U_FORMAT feature , then this is probably not large.
There was a problem hiding this comment.
The contextSize is 0x4ff.
There was a problem hiding this comment.
The size is really just sizeof(CONTEXT) which is 0x4d8 + sizeof(XSAVE_CET_U_FORMAT) which is 16 bytes + few more bytes.
ghost
locked as resolved and limited conversation to collaborators
This change makes the GC stress 4/8 work without redirection.
It also fixes a problem with missing unwinding of the shadow stack pointer
at few places that was not discovered before. I've found it while testing this
change - it has manifested itself as a shadow stack overflow.
And there is one more fix. The VSD Resolve stub was problematic to unwind
through when
nullreference was passed asthisto it. The stub had apush rdxas the first instruction and the dereference of
thishappened after that. Soin case of the null, the call stack in the vectored exception handler contained
a phantom frame caused by a problem unwinding from the stub. That
caused incorrect updating of the shadow SP. I've fixed it by moving the dereference
before the push.