Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AV on shutdown in finalizer thread #1487

Closed
MichalStrehovsky opened this issue Sep 2, 2021 · 2 comments
Closed

AV on shutdown in finalizer thread #1487

MichalStrehovsky opened this issue Sep 2, 2021 · 2 comments
Labels
area-NativeAOT-coreclr .NET runtime optimized for ahead of time compilation

Comments

@MichalStrehovsky
Copy link
Member

I'm able to sporadically hit an nullref in finalizer thread on Windows with this program:

using System;
using System.Threading;

ThreadPool.QueueUserWorkItem((a) => Console.WriteLine("Hello"));

The main thread is basically done shutting down, but the finalizer thread is still trying to initialize COM and crashes. This might be a CRT bug?

Main thread:

>	ntdll.dll!RtlpAllocateHeapInternal(void * HeapHandle, unsigned __int64 Size, unsigned long Flags, unsigned short Tag) Line 2248	C
 	ntdll.dll!LdrpMapAndSnapDependency(_LDRP_LOAD_CONTEXT * LoadContext) Line 1349	C
 	ntdll.dll!LdrpMapDllWithSectionHandle(_LDRP_LOAD_CONTEXT * LoadContext, void * SectionHandle) Line 1156	C
 	ntdll.dll!LdrpMapDllNtFileName(_LDRP_LOAD_CONTEXT * LoadContext, _UNICODE_STRING * NtFileName) Line 1391	C
 	ntdll.dll!LdrpMapDllFullPath(_LDRP_LOAD_CONTEXT * LoadContext) Line 2203	C
 	ntdll.dll!LdrpProcessWork(_LDRP_LOAD_CONTEXT * LoadContext, unsigned char InPlaceLoad) Line 1857	C
 	ntdll.dll!LdrpLoadDllInternal(_UNICODE_STRING * ModuleName, _LDRP_DLL_PATH * DllPath, unsigned long LoadFlags, _LDR_DLL_LOAD_REASON LoadReason, _LDR_DATA_TABLE_ENTRY * ParentModule, _LDR_DATA_TABLE_ENTRY * RootForwarderModule, _LDR_DATA_TABLE_ENTRY * * Module, long * LoadStatus) Line 534	C
 	ntdll.dll!LdrpLoadDll(const _UNICODE_STRING * DllName, _LDRP_DLL_PATH * DllPath, unsigned long LoadFlags, _LDR_DATA_TABLE_ENTRY * * Module) Line 731	C
 	ntdll.dll!LdrLoadDll(const wchar_t * DllPath, unsigned long * DllCharacteristics, const _UNICODE_STRING * DllName, void * * DllHandle) Line 197	C
 	KernelBase.dll!LoadLibraryExW(const wchar_t * lpwLibFileName, void * hFile, unsigned long dwFlags) Line 1203	C
 	reproNative.exe!try_load_library_from_system_directory(const wchar_t * const name) Line 199	C++
 	reproNative.exe!try_get_module(const `anonymous-namespace'::module_id id) Line 238	C++
 	reproNative.exe!try_get_first_available_module(const `anonymous-namespace'::module_id * const first, const `anonymous-namespace'::module_id * const last) Line 271	C++
 	reproNative.exe!try_get_proc_address_from_first_available_module(const char * const name, const `anonymous-namespace'::module_id * const first_module_id, const `anonymous-namespace'::module_id * const last_module_id) Line 289	C++
 	reproNative.exe!try_get_function(const `anonymous-namespace'::function_id id, const char * const name, const `anonymous-namespace'::module_id * const first_module_id, const `anonymous-namespace'::module_id * const last_module_id) Line 326	C++
 	reproNative.exe!try_get_AppPolicyGetProcessTerminationMethod() Line 377	C++
 	reproNative.exe!__acrt_AppPolicyGetProcessTerminationMethodInternal(AppPolicyProcessTerminationMethod * policy) Line 737	C++
 	reproNative.exe!`__acrt_get_process_end_policy'::`2'::process_end_policy_properties::appmodel_get_policy(AppPolicyProcessTerminationMethod * appmodelPolicy) Line 81	C++
 	reproNative.exe!get_win_policy<`__acrt_get_process_end_policy'::`2'::process_end_policy_properties>(AppPolicyProcessTerminationMethod defaultValue) Line 26	C++
 	reproNative.exe!__acrt_get_process_end_policy() Line 85	C++
 	reproNative.exe!should_call_terminate_process() Line 112	C++
 	reproNative.exe!exit_or_terminate_process(const unsigned int return_code) Line 134	C++
 	reproNative.exe!common_exit(const int return_code, const _crt_exit_cleanup_mode cleanup_mode, const _crt_exit_return_mode return_mode) Line 282	C++
 	reproNative.exe!exit(int return_code) Line 294	C++
 	reproNative.exe!__scrt_common_main_seh() Line 297	C++
 	reproNative.exe!__scrt_common_main() Line 331	C++
 	reproNative.exe!wmainCRTStartup(void * __formal) Line 17	C++

The finalizer thread:

>	[Inline Frame] ntdll.dll!RtlpIncrementCriticalSectionContentionCount(_RTL_CRITICAL_SECTION *) Line 1031	C
 	ntdll.dll!RtlpWaitOnCriticalSection(_RTL_CRITICAL_SECTION * CriticalSection, unsigned long OldLockCount) Line 1568	C
 	ntdll.dll!RtlpEnterCriticalSectionContended(_RTL_CRITICAL_SECTION * CriticalSection) Line 2317	C
 	ntdll.dll!RtlEnterCriticalSection(_RTL_CRITICAL_SECTION * CriticalSection) Line 1923	C
 	reproNative.exe!__acrt_lock(__acrt_lock_id _Lock) Line 55	C++
 	reproNative.exe!heap_alloc_dbg_internal(const unsigned __int64 size, const int block_use, const char * const file_name, const int line_number) Line 309	C++
 	reproNative.exe!heap_alloc_dbg(const unsigned __int64 size, const int block_use, const char * const file_name, const int line_number) Line 450	C++
 	reproNative.exe!_malloc_dbg(unsigned __int64 size, int block_use, const char * file_name, int line_number) Line 496	C++
 	reproNative.exe!malloc(unsigned __int64 size) Line 27	C++
 	reproNative.exe!operator new(unsigned __int64 size) Line 35	C++
 	reproNative.exe!operator new(unsigned __int64 size, const std::nothrow_t & __formal) Line 30	C++
 	reproNative.exe!operator new[](unsigned __int64 size, const std::nothrow_t & x) Line 29	C++
 	reproNative.exe!Thread::SetThreadStaticStorageForModule(Object * pStorage, unsigned int moduleIndex) Line 1323	C++
 	reproNative.exe!RhSetThreadStaticStorageForModule(Array * pStorage, unsigned int moduleIndex) Line 1368	C++
 	reproNative.exe!S_P_CoreLib_Internal_Runtime_ThreadStatics__EnsureThreadStaticStorage() Line 72	Unknown
 	reproNative.exe!S_P_CoreLib_Internal_Runtime_ThreadStatics__GetThreadStaticBaseForTypeSlow() Line 43	Unknown
 	reproNative.exe!S_P_CoreLib_Internal_Runtime_ThreadStatics__GetThreadStaticBaseForType() Line 32	Unknown
 	reproNative.exe!S_P_CoreLib_System_Threading_Thread__InitializeCom() Line 326	Unknown
 	reproNative.exe!S_P_CoreLib_System_Threading_Thread__InitializeComForFinalizerThread() Line 302	Unknown
 	reproNative.exe!S_P_CoreLib_System_Runtime_FinalizerInitRunner__DoInitialize() Line 17	Unknown
 	reproNative.exe!S_P_CoreLib_System_Runtime___Finalizer__ProcessFinalizers() Line 23	Unknown
 	reproNative.exe!FinalizerStart(void * pContext) Line 70	C++

We're hitting an AV in RtlpIncrementCriticalSectionContentionCount because CriticalSection->DebugInfo is null.
@MichalStrehovsky MichalStrehovsky added the area-NativeAOT-coreclr .NET runtime optimized for ahead of time compilation label Sep 2, 2021
@jkotas
Copy link
Member

jkotas commented Sep 2, 2021

Yes, it is CRT bug. It affects debug CRT only.

There are number of issues opened on it, e.g. https://devdiv.visualstudio.com/DevDiv/_workitems/edit/289847 or dotnet/runtime#38317 (comment) . I am not able to tell where or whether it was fixed, but it does not look like something we need to worry about in this repo.

@MichalStrehovsky
Copy link
Member Author

Thank you! I half-expected that if it's a CRT bug, you would have heard of it :).

@jkotas jkotas mentioned this issue Oct 20, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area-NativeAOT-coreclr .NET runtime optimized for ahead of time compilation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jkotas @MichalStrehovsky