https://bugs.winehq.org/show_bug.cgi?id=37669
Bug ID: 37669 Summary: Resetting a write watch can cause memory access violation in kernel Product: Wine Version: 1.7.32 Hardware: x86 OS: Linux Status: NEW Severity: normal Priority: P2 Component: -unknown Assignee: wine-bugs@winehq.org Reporter: dmitry@baikal.ru Distribution: ---
What happens: heavy multi-threaded network application in one thread reads/writes from/to a socket while in another thread .net GC calls GetWriteWatch with flag WRITE_WATCH_FLAG_RESET on a buffer which was just verified for write access and passed by ws2_32.recv to recvmsg kernel call. While recvmsg waits for incoming data GetWriteWatch resets write watches by clearing VPROT_WRITE access on a buffer passed to recvmsg. That cases recvmsg to return EFAULT which in turn leads to a .net application raising an exception and dying.
This is basically a .net garbage collector causing races in network code which reads/writes to a buffer because reading or writing via a network is much slower than say reading/writing a disk file, but essentially this is a general problem with resetting a write watch while another thread is being dealing with the affected memory range.