Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix GC hole in string marshaling #773

Merged
merged 4 commits into from
Mar 20, 2021
Merged

Fix GC hole in string marshaling #773

merged 4 commits into from
Mar 20, 2021

Conversation

filipnavara
Copy link
Contributor

@filipnavara filipnavara commented Mar 18, 2021
edited
Loading

Fixes #768

Fix GC hole where the whole MarshalString object gets moved and makes the HSTRING reference invalid
Fix memory leak and possible memory corruption in exception handling in GetActivationFactory

The implementation of WindowsCreateStringReference takes the header buffer, fills it and then the returned handle is a pointer to the header buffer. It is thus absolutely essential that the header buffer is not moved while the HSTRING instance is alive. This is explicitly called out in the documentation:

The caller must ensure that sourceString and the contents of hstringHeader remain unchanged during the lifetime of the attached HSTRING.

The code was storing the header buffer in unpinned GC memory so the GC was free to move it and it occasionally did so which caused accesses from native code into invalid memory.

Now the solution in the PR is not the most optimal one but it's one that is least disruptive and easy to review. From performance point of view it would make sense to use ref struct and rely on the stack being unmovable.

@filipnavara filipnavara marked this pull request as ready for review March 19, 2021 09:43
@filipnavara

This comment has been minimized.

Sign in to view
@filipnavara filipnavara marked this pull request as draft March 19, 2021 13:35
@filipnavara filipnavara marked this pull request as ready for review March 19, 2021 13:56
@filipnavara
Copy link
Contributor Author

@angelazhangmsft Please give this issue/PR appropriate attention. It's serious enough that it makes CsWinRT totally unusable for us due to random crashes. I am not pushing for accepting my fix verbatim but it's likely affecting all CsWinRT users to certain extent.

@Scottj1s
Copy link
Member

@filipnavara - really appreciate this fix. yes, GC moves had not been considered.

@manodasanW manodasanW merged commit 1ec2628 into microsoft:master Mar 20, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jkoritzinsky jkoritzinsky jkoritzinsky left review comments

@manodasanW manodasanW manodasanW approved these changes

@Scottj1s Scottj1s Scottj1s approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Access Violation in RoGetActivationFactory
4 participants
@filipnavara @Scottj1s @jkoritzinsky @manodasanW