mirror of
https://github.com/llvm/llvm-project.git
synced 2025-04-29 12:46:06 +00:00
69ebac7ad6
When ntdll was added to the list of of "interesting DLLs" list (in d58230b9dcb3b312a2da8f874daa0cc8dc27da9b), the intention was not to intercept the "mini CRT" functions it exports. OverrideFunction would only intercept the *first* function it found when searching the list of DLLs, and ntdll was put last in that list. However, after 42cdfbcf3e92466754c175cb0e1e237e9f66749e, OverrideFunction intercepts *all* matching functions in those DLLs. As a side-effect, the runtime would now intercept functions like memset etc. also in ntdll. This causes a problem when ntdll-internal functions like RtlDispatchException call the intercepted memset, which tries to inspect uncommitted shadow memory, raising an exception, and getting stuck in that loop until the stack overflows. Since we never intended to intercept ntdll's memset etc., the simplest fix seems to be to actively ignore ntdll when intercepting those functions. Fixes #114793