Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-8228856

jvm_attach_thread_func() is broken if Control Flow Guard is enabled

    Details

    • Type: Bug
    • Status: Open
    • Priority: P4
    • Resolution: Unresolved
    • Affects Version/s: 11, 13, 14
    • Fix Version/s: tbd
    • Component/s: core-svc
    • Labels:
    • Subcomponent:
    • CPU:
      generic
    • OS:
      windows

      Description

      If Control Flow Guard is enabled for attach.dll (i.e. option /guard:cf is used)
      then any attempt to attach results in a segmentation fault on the side of the
      target jvm. On the side of attaching process an error like listed below is triggered:

      Exception in thread "main" java.lang.InternalError: Remote thread failed for unknown reason (-1073741819)
      at jdk.attach/sun.tools.attach.VirtualMachineImpl.enqueue(Native Method)
      at jdk.attach/sun.tools.attach.VirtualMachineImpl.<init>(VirtualMachineImpl.java:62)
      at jdk.attach/sun.tools.attach.AttachProviderImpl.attachVirtualMachine(AttachProviderImpl.java:69)
      at jdk.attach/com.sun.tools.attach.VirtualMachine.attach(VirtualMachine.java:207)
      at jdk.jcmd/sun.tools.jcmd.JCmd.executeCommandForPid(JCmd.java:113)
      at jdk.jcmd/sun.tools.jcmd.JCmd.main(JCmd.java:97)

      Steps to reproduce:
      * build jdk using vs2017 with extra flags:
        --with-extra-cflags=‘/guard:cf' --with-extra-cxxflags=‘/guard:cf' --with-extra-ldflags=‘/guard:cf’

      * start target jvm:
        ./images/jdk/bin/java.exe -jar ./jdk/demo/jfc/Notepad/Notepad.jar

      * attach to target jvm with jcmd:
        ./images/jdk/bin/jcmd.exe <target_jvm_pid> help

      Suggested solution is to explicitely disable Control Flow Guard machinery
      for jvm_attach_thread_func(), as it is already done for other runtime checks:

      --- a/src/jdk.attach/windows/native/libattach/VirtualMachineImpl.c Tue Jul 30 17:31:29 2019 -0400
      +++ b/src/jdk.attach/windows/native/libattach/VirtualMachineImpl.c Tue Jul 30 22:35:39 2019 -0700
      @@ -99,6 +99,7 @@
        * generated code to contain relative jumps to check functions which make
        * the code position dependent. */
       #pragma runtime_checks ("scu", off)
      +__declspec(guard(nocf))
       DWORD WINAPI jvm_attach_thread_func(DataBlock *pData)
       {
           HINSTANCE h;

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              bae Andrew Brygin
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: