throw an exception instead of infinite loop in sort_mark_list#115492
throw an exception instead of infinite loop in sort_mark_list#115492Maoni0 merged 1 commit intodotnet:mainfrom
sort_mark_list#115492Conversation
Maoni0
changed the title
sort_mark_list
There was a problem hiding this comment.
Pull Request Overview
This PR addresses a critical infinite loop issue observed in sort_mark_list due to heap corruption by introducing an exception mechanism when an invalid (zero) region limit is encountered.
- Adds a check for a zero region limit and terminates using FATAL_GC_ERROR() instead of entering an infinite loop.
- Updates the core garbage collection routine to improve production diagnostics when encountering freed regions.
Comments suppressed due to low confidence (1)
src/coreclr/gc/gc.cpp:10798
- Consider verifying that FATAL_GC_ERROR() provides sufficient diagnostic context for production debugging, potentially by enhancing the error message or logging detailed information.
if (region_limit == 0)
|
Tagging subscribers to this area: @dotnet/gc |
Maoni0
force-pushed
the
crash_instead_of_loop
branch
from
f1d09c4 to
059365a
Compare
| // simply throwing an exception. | ||
| if (region_limit == 0) | ||
| { | ||
| FATAL_GC_ERROR(); |
There was a problem hiding this comment.
should we log something here to mention that its probably a heap corruption?
|
/backport to release/8.0-staging |
|
/backport to release/9.0-staging |
|
Started backporting to release/8.0-staging: https://github.com/dotnet/runtime/actions/runs/15006087166 |
|
Started backporting to release/9.0-staging: https://github.com/dotnet/runtime/actions/runs/15006088865 |
2 participants
we had a customer who observed an infinite loop in
sort_mark_listdue to heap corruption - the object that got marked was in a region that was already freed soregion_limitis 0. we detect this and throw an exception which is easier for prod diag than having to deal with an infinite loop.