Skip to content

Commit

Permalink
i#3046: Fix .NET start address problems (#3461)
Browse files Browse the repository at this point in the history
On recent Windows versions, the loader changes the start address of
the initial thread's CONTEXT.  However, for late injection, DR had
already cached the address to the value set by the kernel, which
crashes.  We solve that by updating the start address register when we
run our takeover code.

Adds a .NET test to the suite.

Fixes #3046
  • Loading branch information
derekbruening authored Mar 19, 2019
1 parent 2996531 commit 9953ebc
Show file tree
Hide file tree
Showing 5 changed files with 83 additions and 1 deletion.
4 changes: 3 additions & 1 deletion core/arch/x86/x86_asm_defines.asm
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/* **********************************************************
* Copyright (c) 2011-2015 Google, Inc. All rights reserved.
* Copyright (c) 2011-2019 Google, Inc. All rights reserved.
* Copyright (c) 2001-2010 VMware, Inc. All rights reserved.
* ********************************************************** */

Expand Down Expand Up @@ -120,6 +120,8 @@
#define is_exiting_OFFSET (dstack_OFFSET+1*ARG_SZ)
#define PUSHGPR_XSP_OFFS (3*ARG_SZ)
#define MCONTEXT_XSP_OFFS (PUSHGPR_XSP_OFFS)
#define MCONTEXT_XCX_OFFS (MCONTEXT_XSP_OFFS + 3*ARG_SZ)
#define MCONTEXT_XAX_OFFS (MCONTEXT_XSP_OFFS + 4*ARG_SZ)
#define PUSH_PRIV_MCXT_PRE_PC_SHIFT (- MCXT_TOTAL_SIMD_SLOTS_SIZE - PRE_XMM_PADDING)

#if defined(WINDOWS) && !defined(X64)
Expand Down
13 changes: 13 additions & 0 deletions core/drlibc/drlibc_x86.asm
Original file line number Diff line number Diff line change
Expand Up @@ -616,6 +616,19 @@ GLOBAL_LABEL(load_dynamo:)
*/
/* two byte NOP to satisfy third party braindead-ness documented in case 3821 */
mov edi, edi
/* Update priv_mcontext_t's xcx/xax in case the target start address was changed
* for .NET (i#3046). LdrpInitializeProcess goes and changes the initial
* thread's CONTEXT.Xcx from what the kernel set (the executable image entry),
* and what inject_into_thread() cached here on the stack, to something like
* MSCOREE!CorExeMain_Exported. We assume no other state was changed: just
* Xcx/Xax. Long-term we'd like to make early injection the default, which
* avoids this problem.
*/
#ifdef X64
mov PTRSZ [MCONTEXT_XCX_OFFS + 4*ARG_SZ + REG_XSP], REG_XCX
#else
mov PTRSZ [MCONTEXT_XAX_OFFS + 4*ARG_SZ + REG_XSP], REG_XAX
#endif
#ifdef LOAD_DYNAMO_DEBUGBREAK
/* having this code in front may hide the problem addressed with the
* above padding */
Expand Down
27 changes: 27 additions & 0 deletions suite/tests/CMakeLists.txt
Original file line number Diff line number Diff line change
Expand Up @@ -236,6 +236,12 @@ if (WIN32)
endif (BIND_EXECUTABLE)
mark_as_advanced(BIND_EXECUTABLE)

# If we up our cmake minimum to 3.8.2 we can use enable_language(CSharp).
find_program(CSC csc.exe DOC "Path to CSharp compiler csc.exe")
if (NOT CSC)
message(STATUS "csc not found: .NET Windows tests will be disabled")
endif ()

# if cygwin or mingw gcc is available, we do some extra tests
find_program(GCC gcc.exe DOC "path to gcc.exe")
if (NOT GCC)
Expand Down Expand Up @@ -864,6 +870,25 @@ function(torunonly test realtest source dr_ops exe_ops)
set(${test}_exe_ops ${exe_ops} PARENT_SCOPE)
endfunction(torunonly)

# macro so the PARENT_SCOPE in torunonly will reach caller of this
macro(tobuild_csharp test source)
if (CSC)
set(exe "${CMAKE_RUNTIME_OUTPUT_DIRECTORY}/${test}.exe")
add_custom_target(${test} ALL DEPENDS ${exe})
if (X64)
set(platform "x64")
else ()
set(platform "x86")
endif ()
set(source_winpath "${CMAKE_CURRENT_SOURCE_DIR}/${source}")
string(REGEX REPLACE "/" "\\\\" source_winpath "${source_winpath}")
add_custom_command(OUTPUT ${exe} DEPENDS ${source}
COMMAND ${CSC} ARGS /debug /platform:${platform} /t:exe /out:${exe}
"${source_winpath}" VERBATIM)
torunonly(${test} ${exe} ${source} "" "")
endif ()
endmacro(tobuild_csharp)

function(tobind target)
if (BIND_EXECUTABLE)
add_custom_command(TARGET ${target}
Expand Down Expand Up @@ -3466,6 +3491,8 @@ else (UNIX)
#tobuild_runall(runall.preunload runall/preunload.runall "")
#tobuild_runall(runall.processchain runall/processchain.runall "")

tobuild_csharp(win32.dotnet win32/dotnet.cs)

# Cross-arch mixedmode/x86_to_x64 test: can only be done via a suite of tests that
# build both 32-bit and 64-bit. We have 32-bit just build, and
# 64-bit then builds and runs both directions.
Expand Down
39 changes: 39 additions & 0 deletions suite/tests/win32/dotnet.cs
Original file line number Diff line number Diff line change
@@ -0,0 +1,39 @@
/* **********************************************************
* Copyright (c) 22019 Google, Inc. All rights reserved.
* **********************************************************/

/*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are met:
*
* * Redistributions of source code must retain the above copyright notice,
* this list of conditions and the following disclaimer.
*
* * Redistributions in binary form must reproduce the above copyright notice,
* this list of conditions and the following disclaimer in the documentation
* and/or other materials provided with the distribution.
*
* * Neither the name of Google, Inc. nor the names of its contributors may be
* used to endorse or promote products derived from this software without
* specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
* AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL VMWARE, INC. OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
* CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH
* DAMAGE.
*/

using System;
class MainProgram
{
static void Main(string[] args) {
Console.WriteLine("Hello world!");
}
}
1 change: 1 addition & 0 deletions suite/tests/win32/dotnet.expect
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Hello world!

0 comments on commit 9953ebc

Please sign in to comment.