VBox

Timestamp:

Sep 2, 2022 2:04:12 AM (2 years ago)

Author:

vboxsync

Message:

IPRT/nocrt: Fail fast and safer stack corruption. bugref:10261

Location:

trunk/src/VBox/Runtime

Files:

: 4 edited

common/compiler/vcc/stack-vcc.asm (modified) (9 diffs)
common/compiler/vcc/stacksup-vcc.cpp (modified) (6 diffs)
r3/win/init-win.cpp (modified) (5 diffs)
r3/win/internal-r3-win.h (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed

trunk/src/VBox/Runtime/common/compiler/vcc/stack-vcc.asm

-              r96568
+              r96573
 %include "iprt/asmdefs.mac"
 %include "iprt/x86.mac"
+%ifdef RT_ARCH_AMD64
+ %include "iprt/win/context-amd64.mac"
+%else
+ %include "iprt/win/context-x86.mac"
+%endif
 …
 ;*********************************************************************************************************************************
 BEGINCODE
+extern NAME(_RTC_StackVarCorrupted)
+extern NAME(_RTC_SecurityCookieMismatch)
+extern NAME(rtVccStackVarCorrupted)
+extern NAME(rtVccSecurityCookieMismatch)
+extern NAME(rtVccRangeCheckFailed)
 %ifdef RT_ARCH_X86
 extern NAME(_RTC_CheckEspFailed)
+extern NAME(rtVccCheckEspFailed)
 %endif
 …
 %endif
         cmp     dword [xBP + xCX - 4], VARIABLE_MARKER_PRE
         jne     .corrupted
+        jne     rtVccCheckStackVarsFailed
         ; Marker after the variable.
 …
 %endif
         cmp     dword [xBP + xCX], VARIABLE_MARKER_POST
         jne     .corrupted
+        jne     rtVccCheckStackVarsFailed
+        ;
 …
         pop     xBP
         ret
+        ;
+        ; Complain about corrupt variable.
+        ;
+.corrupted:
+ENDPROC_RAW     FASTCALL_NAME(_RTC_CheckStackVars, 8)
+;
+; Sub-function for _RTC_CheckStackVars, for purposes of SEH64 unwinding.
+;
+; Note! While we consider this fatal and will terminate the application, the
+;       compiler guys do not seem to think it is all that horrible and will
+;       report failure, maybe do an int3, and then try continue execution.
+;
+BEGINPROC_RAW   rtVccCheckStackVarsFailed
+        nop     ;push    xBP - done in parent function
+        SEH64_PUSH_xBP
+        mov     xCX, xBP                    ; xCX = caller pStackFrame. xBP free to become frame pointer.
+        mov     xBP, xSP
+        SEH64_SET_FRAME_xBP 0
+        pushf
         push    xAX
+        push    xDX
+        SEH64_PUSH_GREG xAX
+        sub     xSP, CONTEXT_SIZE + 20h
+        SEH64_ALLOCATE_STACK (CONTEXT_SIZE + 20h)
+        SEH64_END_PROLOGUE
+        lea     xAX, [xBP - CONTEXT_SIZE]
+        call    NAME(rtVccCaptureContext)
+        ; rtVccStackVarCorrupted(uint8_t *pbFrame, RTC_VAR_DESC_T const *pVar, PCONTEXT)
+.again:
 %ifdef RT_ARCH_AMD64
+        sub     xSP, 28h
+        mov     xCX, xBP                ; frame pointer + variable descriptor.
+%else
+        push    xBP                     ; save EBP
+        push    xDX                     ; parameter 2 - variable descriptor
+        push    xBP                     ; parameter 1 - frame pointer.
+        lea     xBP, [xSP + 3*xCB]      ; turn it into a frame pointer during the call for better unwind.
+%endif
+        call    NAME(_RTC_StackVarCorrupted)
+%ifdef RT_ARCH_AMD64
+        add     xSP, 28h
+%else
+        add     xSP, xCB * 4            ; parameters
+        pop     xBP
+%endif
+        pop     xDX
+        pop     xAX
+        jmp     .advance
+ENDPROC_RAW     FASTCALL_NAME(_RTC_CheckStackVars, 8)
+        lea     r8, [xBP - CONTEXT_SIZE]
+%else
+        lea     xAX, [xBP - CONTEXT_SIZE]
+        mov     [xSP + 8], xAX
+        mov     [xSP + 4], xDX
+        mov     [xSP], xCX
+%endif
+        call    NAME(rtVccStackVarCorrupted)
+        jmp     .again
+ENDPROC_RAW     rtVccCheckStackVarsFailed
 …
 ; Called to follow up on a 'CMP ESP, EBP' kind of instruction,
 ; expected to report failure if the compare failed.
+;
+; Note! While we consider this fatal and will terminate the application, the
+;       compiler guys do not seem to think it is all that horrible and will
+;       report failure, maybe do an int3, and then try continue execution.
+;
 ALIGNCODE(16)
 …
 .unexpected_esp:
+        push    ebp
+        mov     ebp, esp
+        push    eax
+        push    ecx
+        push    edx
+        ; DECLASM(void) _RTC_CheckEspFailed(uintptr_t uEip, uintptr_t uEsp, uintptr_t uEbp)
+        push    dword [ebp]
+        lea     edx, [ebp + 8]
+        push    edx
+        mov     ecx, [ebp + 8]
+        push    ecx
+        call    NAME(_RTC_CheckEspFailed)
+        pop     edx
+        pop     ecx
+        pop     eax
+        leave
+        ret
+        push    xBP
+        SEH64_PUSH_xBP
+        mov     xBP, xSP
+        SEH64_SET_FRAME_xBP 0
+        pushf
+        push    xAX
+        SEH64_PUSH_GREG xAX
+        sub     xSP, CONTEXT_SIZE + 20h
+        SEH64_ALLOCATE_STACK (CONTEXT_SIZE + 20h)
+        SEH64_END_PROLOGUE
+        lea     xAX, [xBP - CONTEXT_SIZE]
+        call    NAME(rtVccCaptureContext)
+        ; rtVccCheckEspFailed(PCONTEXT)
+.again:
+        lea     xAX, [xBP - CONTEXT_SIZE]
+%ifdef RT_ARCH_AMD64
+        mov     xCX, xAX
+%else
+        mov     [xSP], xAX
+%endif
+        call    NAME(rtVccCheckEspFailed)
+        jmp     .again
 ENDPROC   _RTC_CheckEsp
 %endif ; RT_ARCH_X86
 …
 ;;
 ; Checks if the secuity cookie ok, complaining and terminating if it isn't.
+; Checks if the security cookie ok, complaining and terminating if it isn't.
+;
 ALIGNCODE(16)
 …
         SEH64_END_PROLOGUE
         cmp     xCX, [NAME(__security_cookie) xWrtRIP]
         jne     .corrupted
+        jne     rtVccSecurityCookieFailed
         ;; amd64 version checks if the top 16 bits are zero, we skip that for now.
         ret
+.corrupted:
+ENDPROC_RAW     FASTCALL_NAME(__security_check_cookie, 4)
+; Sub-function for __security_check_cookie, for purposes of SEH64 unwinding.
+BEGINPROC_RAW   rtVccSecurityCookieFailed
+        push    xBP
+        SEH64_PUSH_xBP
+        mov     xBP, xSP
+        SEH64_SET_FRAME_xBP 0
+        pushf
+        push    xAX
+        SEH64_PUSH_GREG xAX
+        sub     xSP, CONTEXT_SIZE + 20h
+        SEH64_ALLOCATE_STACK (CONTEXT_SIZE + 20h)
+        SEH64_END_PROLOGUE
+        lea     xAX, [xBP - CONTEXT_SIZE]
+        call    NAME(rtVccCaptureContext)
+        ; rtVccSecurityCookieMismatch(uCookie, PCONTEXT)
+.again:
 %ifdef RT_ARCH_AMD64
+        jmp     NAME(_RTC_SecurityCookieMismatch)
+%else
+        push    ebp
+        mov     ebp, esp
+        push    ecx
+        call    NAME(_RTC_SecurityCookieMismatch)
+        pop     ecx
+        leave
+        lea     xDX, [xBP - CONTEXT_SIZE]
+%else
+        lea     xAX, [xBP - CONTEXT_SIZE]
+        mov     [xSP + 4], xAX
+        mov     [xSP], xCX
+%endif
+        call    NAME(rtVccSecurityCookieMismatch)
+        jmp     .again
+ENDPROC_RAW     rtVccSecurityCookieFailed
+;;
+; Generated when using /GS - buffer security checks - so, fatal.
+;
+; Doesn't seem to take any parameters.
+;
+BEGINPROC __report_rangecheckfailure
+        push    xBP
+        SEH64_PUSH_xBP
+        mov     xBP, xSP
+        SEH64_SET_FRAME_xBP 0
+        pushf
+        push    xAX
+        SEH64_PUSH_GREG xAX
+        sub     xSP, CONTEXT_SIZE + 20h
+        SEH64_ALLOCATE_STACK (CONTEXT_SIZE + 20h)
+        SEH64_END_PROLOGUE
+        lea     xAX, [xBP - CONTEXT_SIZE]
+        call    NAME(rtVccCaptureContext)
+        ; rtVccRangeCheckFailed(PCONTEXT)
+.again:
+        lea     xAX, [xBP - CONTEXT_SIZE]
+%ifdef RT_ARCH_AMD64
+        mov     xCX, xAX
+%else
+        mov     [xSP], xAX
+%endif
+        call    NAME(rtVccRangeCheckFailed)
+        jmp     .again
+ENDPROC   __report_rangecheckfailure
+%if 0 ; Currently not treating these as completely fatal, just like the
+      ; compiler guys do.  I'm sure the compiler only generate these calls
+      ; if it thinks a variable could be used uninitialized, however I'm not
+      ; really sure if there is a runtime check in addition or if it's an
+      ; action that always will be taken in a code path deemed to be bad.
+      ; Judging from the warnings, the compile time analysis leave lots to be
+      ; desired (lots of false positives).
+;;
+; Not entirely sure how and when the compiler generates these.
+; extern "C" void __cdecl _RTC_UninitUse(const char *pszVar)
+BEGINPROC   _RTC_UninitUse
+        push    xBP
+        SEH64_PUSH_xBP
+        mov     xBP, xSP
+        SEH64_SET_FRAME_xBP 0
+        pushf
+        push    xAX
+        SEH64_PUSH_GREG xAX
+        sub     xSP, CONTEXT_SIZE + 20h
+        SEH64_ALLOCATE_STACK (CONTEXT_SIZE + 20h)
+        SEH64_END_PROLOGUE
+        lea     xAX, [xBP - CONTEXT_SIZE]
+        call    NAME(rtVccCaptureContext)
+        extern NAME(rtVccUninitializedVariableUse)
+        ; rtVccUninitializedVariableUse(const char *pszVar, PCONTEXT)
+.again:
+%ifdef RT_ARCH_AMD64
+        lea     xDX, [xBP - CONTEXT_SIZE]
+%else
+        lea     xAX, [xBP - CONTEXT_SIZE]
+        mov     [xSP + xCB], xAX
+        mov     xAX, [xBP + xCB * 2]
+        mov     [xSP], xAX
+%endif
+        call    NAME(rtVccUninitializedVariableUse)
+        jmp     .again
+ENDPROC     _RTC_UninitUse
+%endif
+;;
+; Internal worker that creates a CONTEXT record for the caller.
+;
+; This expects a old-style stack frame setup, with xBP as base, such that:
+;       xBP+xCB*1:  Return address  -> Rip/Eip
+;       xBP+xCB*0:  Return xBP      -> Rbp/Ebp
+;       xBP-xCB*1:  EFLAGS          -> EFlags
+;       xBP-xCB*2:  Saved xAX       -> Rax/Eax
+;
+; @param    pCtx        xAX     Pointer to a CONTEXT structure.
+;
+BEGINPROC rtVccCaptureContext
+        SEH64_END_PROLOGUE
+%ifdef RT_ARCH_AMD64
+        mov     [xAX + CONTEXT.Rcx], rcx
+        mov     [xAX + CONTEXT.Rdx], rdx
+        mov     rcx, [xBP - xCB*2]
+        mov     [xAX + CONTEXT.Rax], ecx
+        mov     [xAX + CONTEXT.Rbx], rbx
+        lea     rcx, [xBP + xCB*2]
+        mov     [xAX + CONTEXT.Rsp], rcx
+        mov     rdx, [xBP]
+        mov     [xAX + CONTEXT.Rbp], rdx
+        mov     [xAX + CONTEXT.Rdi], rdi
+        mov     [xAX + CONTEXT.Rsi], rsi
+        mov     [xAX + CONTEXT.R8], r8
+        mov     [xAX + CONTEXT.R9], r9
+        mov     [xAX + CONTEXT.R10], r10
+        mov     [xAX + CONTEXT.R11], r11
+        mov     [xAX + CONTEXT.R12], r12
+        mov     [xAX + CONTEXT.R13], r13
+        mov     [xAX + CONTEXT.R14], r14
+        mov     [xAX + CONTEXT.R15], r15
+        mov     rcx, [xBP + xCB*1]
+        mov     [xAX + CONTEXT.Rip], rcx
+        mov     edx, [xBP - xCB*1]
+        mov     [xAX + CONTEXT.EFlags], edx
+        mov     dx, ss
+        mov     [xAX + CONTEXT.SegSs], dx
+        mov     cx, cs
+        mov     [xAX + CONTEXT.SegCs], cx
+        mov     dx, ds
+        mov     [xAX + CONTEXT.SegDs], dx
+        mov     cx, es
+        mov     [xAX + CONTEXT.SegEs], cx
+        mov     dx, fs
+        mov     [xAX + CONTEXT.SegFs], dx
+        mov     cx, gs
+        mov     [xAX + CONTEXT.SegGs], cx
+        mov     dword [xAX + CONTEXT.ContextFlags], CONTEXT_CONTROL | CONTEXT_INTEGER | CONTEXT_SEGMENTS
+        ; Clear stuff we didn't set.
+        xor     edx, edx
+        mov     [xAX + CONTEXT.P1Home], rdx
+        mov     [xAX + CONTEXT.P2Home], rdx
+        mov     [xAX + CONTEXT.P3Home], rdx
+        mov     [xAX + CONTEXT.P4Home], rdx
+        mov     [xAX + CONTEXT.P5Home], rdx
+        mov     [xAX + CONTEXT.P6Home], rdx
+        mov     [xAX + CONTEXT.MxCsr], edx
+        mov     [xAX + CONTEXT.Dr0], rdx
+        mov     [xAX + CONTEXT.Dr1], rdx
+        mov     [xAX + CONTEXT.Dr2], rdx
+        mov     [xAX + CONTEXT.Dr3], rdx
+        mov     [xAX + CONTEXT.Dr6], rdx
+        mov     [xAX + CONTEXT.Dr7], rdx
+        mov     ecx, CONTEXT_size - CONTEXT.FltSave
+        AssertCompile(((CONTEXT_size - CONTEXT.FltSave) % 8) == 0)
+.again:
+        mov     [xAX + CONTEXT.FltSave + xCX - 8], rdx
+        sub     ecx, 8
+        jnz     .again
+        ; Restore edx and ecx.
+        mov     rcx, [xAX + CONTEXT.Rcx]
+        mov     rdx, [xAX + CONTEXT.Rdx]
+%elifdef RT_ARCH_X86
+        mov     [xAX + CONTEXT.Ecx], ecx
+        mov     [xAX + CONTEXT.Edx], edx
+        mov     ecx, [xBP - xCB*2]
+        mov     [xAX + CONTEXT.Eax], ecx
+        mov     [xAX + CONTEXT.Ebx], ebx
+        lea     ecx, [xBP + xCB*2]
+        mov     [xAX + CONTEXT.Esp], ecx
+        mov     edx, [xBP]
+        mov     [xAX + CONTEXT.Ebp], edx
+        mov     [xAX + CONTEXT.Edi], edi
+        mov     [xAX + CONTEXT.Esi], esi
+        mov     ecx, [xBP + xCB]
+        mov     [xAX + CONTEXT.Eip], ecx
+        mov     ecx, [xBP - xCB*1]
+        mov     [xAX + CONTEXT.EFlags], ecx
+        mov     dx, ss
+        movzx   edx, dx
+        mov     [xAX + CONTEXT.SegSs], edx
+        mov     cx, cs
+        movzx   ecx, cx
+        mov     [xAX + CONTEXT.SegCs], ecx
+        mov     dx, ds
+        movzx   edx, dx
+        mov     [xAX + CONTEXT.SegDs], edx
+        mov     cx, es
+        movzx   ecx, cx
+        mov     [xAX + CONTEXT.SegEs], ecx
+        mov     dx, fs
+        movzx   edx, dx
+        mov     [xAX + CONTEXT.SegFs], edx
+        mov     cx, gs
+        movzx   ecx, cx
+        mov     [xAX + CONTEXT.SegGs], ecx
+        mov     dword [xAX + CONTEXT.ContextFlags], CONTEXT_CONTROL | CONTEXT_INTEGER | CONTEXT_SEGMENTS
+        ; Clear stuff we didn't set.
+        xor     edx, edx
+        mov     [xAX + CONTEXT.Dr0], edx
+        mov     [xAX + CONTEXT.Dr1], edx
+        mov     [xAX + CONTEXT.Dr2], edx
+        mov     [xAX + CONTEXT.Dr3], edx
+        mov     [xAX + CONTEXT.Dr6], edx
+        mov     [xAX + CONTEXT.Dr7], edx
+        mov     ecx, CONTEXT_size - CONTEXT.ExtendedRegisters
+.again:
+        mov     [xAX + CONTEXT.ExtendedRegisters + xCX - 4], edx
+        sub     ecx, 4
+        jnz     .again
+        ; Restore edx and ecx.
+        mov     ecx, [xAX + CONTEXT.Ecx]
+        mov     edx, [xAX + CONTEXT.Edx]
+%else
+ %error RT_ARCH
+%endif
         ret
+%endif
+ENDPROC_RAW     FASTCALL_NAME(__security_check_cookie, 4)
+; Not stack related stubs.
+BEGINPROC __report_rangecheckfailure
+        SEH64_END_PROLOGUE
+        int3
+ENDPROC   __report_rangecheckfailure
+ENDPROC   rtVccCaptureContext

trunk/src/VBox/Runtime/common/compiler/vcc/stacksup-vcc.cpp

-              r96420
+              r96573
 #include "internal/compiler-vcc.h"
+#ifdef IN_RING3
+# include <iprt/win/windows.h>
+# include "../../../r3/win/internal-r3-win.h" /* ugly, but need some windows API function pointers */
+#endif
 …
+DECLASM(void) _RTC_StackVarCorrupted(uint8_t *pbFrame, RTC_VAR_DESC_T const *pVar)
+/**
+ * Reports a security error.
+ *
+ * @param   uFastFailCode   The fast fail code.
+ * @param   pCpuCtx         The CPU context at the failure location.
+ */
+static DECL_NO_RETURN(void) rtVccFatalSecurityErrorWithCtx(uint32_t uFastFailCode, PCONTEXT pCpuCtx)
+{
+#ifdef IN_RING3
+    /*
+     * Use the __fastfail() approach if available, it is more secure than the stuff below:
+     */
+    if (g_pfnIsProcessorFeaturePresent && g_pfnIsProcessorFeaturePresent(PF_FASTFAIL_AVAILABLE))
+        __fastfail(uFastFailCode);
+    /*
+     * Fallback for legacy systems.
+     */
+    if (g_pfnIsDebuggerPresent && g_pfnIsDebuggerPresent())
+        __debugbreak();
+    /* If we can, clear the unhandled exception filter and report and unhandled exception. */
+    if (g_pfnSetUnhandledExceptionFilter && g_pfnUnhandledExceptionFilter)
+    {
+        g_pfnSetUnhandledExceptionFilter(NULL);
+        EXCEPTION_RECORD   XcptRec  =
+        {
+            /* .ExceptionCode = */          STATUS_STACK_BUFFER_OVERRUN,
+            /* .ExceptionFlags = */         EXCEPTION_NONCONTINUABLE,
+            /* .ExceptionRecord = */        NULL,
+# ifdef RT_ARCH_AMD64
+            /* .ExceptionAddress = */       (void *)pCpuCtx->Rip,
+# elif defined(RT_ARCH_X86)
+            /* .ExceptionAddress = */       (void *)pCpuCtx->Eip,
+# else
+#  error "Port me!"
+# endif
+            /* .NumberParameters = */       1,
+            /* .ExceptionInformation = */   { uFastFailCode, }
+        };
+        EXCEPTION_POINTERS XcptPtrs = { &XcptRec, pCpuCtx };
+        g_pfnUnhandledExceptionFilter(&XcptPtrs);
+    }
+    for (;;)
+        TerminateProcess(GetCurrentProcess(), STATUS_STACK_BUFFER_OVERRUN);
+#else
+# error "Port ME!"
+#endif
+}
+DECLASM(void) rtVccStackVarCorrupted(uint8_t *pbFrame, RTC_VAR_DESC_T const *pVar, PCONTEXT pCpuCtx)
+{
 #ifdef IPRT_NOCRT_WITHOUT_FATAL_WRITE
 …
     rtNoCrtFatalWriteEnd(RT_STR_TUPLE("\r\n"));
 #endif
     RT_BREAKPOINT();
+}
 DECLASM(void) _RTC_SecurityCookieMismatch(uintptr_t uCookie)
+    rtVccFatalSecurityErrorWithCtx(FAST_FAIL_INCORRECT_STACK, pCpuCtx);
+}
+DECLASM(void) rtVccSecurityCookieMismatch(uintptr_t uCookie, PCONTEXT pCpuCtx)
+{
 #ifdef IPRT_NOCRT_WITHOUT_FATAL_WRITE
 …
     rtNoCrtFatalWriteEnd(RT_STR_TUPLE("\r\n"));
 #endif
     RT_BREAKPOINT();
+    rtVccFatalSecurityErrorWithCtx(FAST_FAIL_STACK_COOKIE_CHECK_FAILURE, pCpuCtx);
+}
 #ifdef RT_ARCH_X86
 DECLASM(void) _RTC_CheckEspFailed(uintptr_t uEip, uintptr_t uEsp, uintptr_t uEbp)
+DECLASM(void) rtVccCheckEspFailed(PCONTEXT pCpuCtx)
+{
 # ifdef IPRT_NOCRT_WITHOUT_FATAL_WRITE
     RTAssertMsg2("\n\n!!ESP check failed!!\n\n"
                  "eip=%p esp=%p ebp=%p\n",
                  uEip, uEsp, uEbp);
+                 pCpuCtx->Eip, pCpuCtx->Esp, pCpuCtx->Ebp);
 # else
     rtNoCrtFatalWriteBegin(RT_STR_TUPLE("\r\n\r\n!!ESP check failed!!\r\n\r\n"
                                        "eip="));
     rtNoCrtFatalWritePtr((void *)uEip);
+    rtNoCrtFatalWritePtr((void *)pCpuCtx->Eip);
     rtNoCrtFatalWrite(RT_STR_TUPLE(" esp="));
     rtNoCrtFatalWritePtr((void *)uEsp);
+    rtNoCrtFatalWritePtr((void *)pCpuCtx->Esp);
     rtNoCrtFatalWrite(RT_STR_TUPLE(" ebp="));
     rtNoCrtFatalWritePtr((void *)uEbp);
+    rtNoCrtFatalWritePtr((void *)pCpuCtx->Ebp);
     rtNoCrtFatalWriteEnd(RT_STR_TUPLE("\r\n"));
 # endif
+    RT_BREAKPOINT();
+}
+#endif
+extern "C" void __cdecl _RTC_UninitUse(const char *pszVar)
+{
+#ifdef IPRT_NOCRT_WITHOUT_FATAL_WRITE
+    RTAssertMsg2("\n\n!!Used uninitialized variable %s at %p!!\n\n",
+                 pszVar ? pszVar : "", ASMReturnAddress());
+#else
+    rtNoCrtFatalWriteBegin(RT_STR_TUPLE("\r\n\r\n!!Used uninitialized variable "));
+    rtNoCrtFatalWriteStr(pszVar);
+    rtNoCrtFatalWrite(RT_STR_TUPLE(" at "));
+    rtNoCrtFatalWritePtr(ASMReturnAddress());
+    rtNoCrtFatalWriteEnd(RT_STR_TUPLE("!!\r\n\r\n"));
+#endif
+    RT_BREAKPOINT();
+}
+    rtVccFatalSecurityErrorWithCtx(FAST_FAIL_INCORRECT_STACK, pCpuCtx);
+}
+#endif
 …
             rtNoCrtFatalWriteEnd(RT_STR_TUPLE("\r\n"));
 #endif
+            RT_BREAKPOINT();
+#ifdef IN_RING3
+            if (g_pfnIsDebuggerPresent && g_pfnIsDebuggerPresent())
+#endif
+                RT_BREAKPOINT();
+        }
         pHead = pHead->pNext;
 …
+}
+/** Whether or not this should be a fatal issue remains to be seen. See
+ *  explanation in stack-vcc.asm.  */
+#if 0
+DECLASM(void) rtVccUninitializedVariableUse(const char *pszVar, PCONTEXT pCpuCtx)
+#else
+extern "C" void __cdecl _RTC_UninitUse(const char *pszVar)
+#endif
+{
+#ifdef IPRT_NOCRT_WITHOUT_FATAL_WRITE
+    RTAssertMsg2("\n\n!!Used uninitialized variable %s at %p!!\n\n",
+                 pszVar ? pszVar : "", ASMReturnAddress());
+#else
+    rtNoCrtFatalWriteBegin(RT_STR_TUPLE("\r\n\r\n!!Used uninitialized variable "));
+    rtNoCrtFatalWriteStr(pszVar);
+    rtNoCrtFatalWrite(RT_STR_TUPLE(" at "));
+    rtNoCrtFatalWritePtr(ASMReturnAddress());
+    rtNoCrtFatalWriteEnd(RT_STR_TUPLE("!!\r\n\r\n"));
+#endif
+#if 0
+    rtVccFatalSecurityErrorWithCtx(FAST_FAIL_FATAL_APP_EXIT, pCpuCtx);
+#else
+# ifdef IN_RING3
+    if (g_pfnIsDebuggerPresent && g_pfnIsDebuggerPresent())
+# endif
+        RT_BREAKPOINT();
+#endif
+}

trunk/src/VBox/Runtime/r3/win/init-win.cpp

-              r96505
+              r96573
 /** The GetCurrentThreadStackLimits API. */
 static PFNGETCURRENTTHREADSTACKLIMITS           g_pfnGetCurrentThreadStackLimits = NULL;
-/** SetUnhandledExceptionFilter. */
-static PFNSETUNHANDLEDEXCEPTIONFILTER           g_pfnSetUnhandledExceptionFilter = NULL;
 /** The previous unhandled exception filter. */
 static LPTOP_LEVEL_EXCEPTION_FILTER             g_pfnUnhandledXcptFilter = NULL;
 …
 DECL_HIDDEN_DATA(decltype(GetQueuedCompletionStatus) *)         g_pfnGetQueuedCompletionStatus = NULL;
 DECL_HIDDEN_DATA(decltype(PostQueuedCompletionStatus) *)        g_pfnPostQueuedCompletionStatus = NULL;
+DECL_HIDDEN_DATA(decltype(IsProcessorFeaturePresent) *)         g_pfnIsProcessorFeaturePresent = NULL;
+DECL_HIDDEN_DATA(decltype(SetUnhandledExceptionFilter) *)       g_pfnSetUnhandledExceptionFilter = NULL;
+DECL_HIDDEN_DATA(decltype(UnhandledExceptionFilter) *)          g_pfnUnhandledExceptionFilter = NULL;
 /** The native ntdll.dll handle. */
 …
      */
     g_pfnGetCurrentThreadStackLimits = (PFNGETCURRENTTHREADSTACKLIMITS)GetProcAddress(g_hModKernel32, "GetCurrentThreadStackLimits");
+    g_pfnSetUnhandledExceptionFilter = (PFNSETUNHANDLEDEXCEPTIONFILTER)GetProcAddress(g_hModKernel32, "SetUnhandledExceptionFilter");
+    g_pfnSetUnhandledExceptionFilter = (decltype(SetUnhandledExceptionFilter) *)GetProcAddress(g_hModKernel32, "SetUnhandledExceptionFilter");
+    g_pfnUnhandledExceptionFilter    = (decltype(UnhandledExceptionFilter) *)   GetProcAddress(g_hModKernel32, "UnhandledExceptionFilter");
     if (g_pfnSetUnhandledExceptionFilter && !g_pfnUnhandledXcptFilter)
+    {
 …
     g_pfnGetQueuedCompletionStatus  = (decltype(GetQueuedCompletionStatus) *) GetProcAddress(g_hModKernel32, "GetQueuedCompletionStatus");
     g_pfnPostQueuedCompletionStatus = (decltype(PostQueuedCompletionStatus) *)GetProcAddress(g_hModKernel32, "PostQueuedCompletionStatus");
+    g_pfnIsProcessorFeaturePresent  = (decltype(IsProcessorFeaturePresent) *) GetProcAddress(g_hModKernel32, "IsProcessorFeaturePresent");
     Assert(g_pfnGetHandleInformation       || g_enmWinVer < kRTWinOSType_NT351);
 …
     Assert(g_pfnGetQueuedCompletionStatus  || g_enmWinVer < kRTWinOSType_NT350);
     Assert(g_pfnPostQueuedCompletionStatus || g_enmWinVer < kRTWinOSType_NT350);
+    Assert(g_pfnIsProcessorFeaturePresent  || g_enmWinVer < kRTWinOSType_NT4);
     /*

trunk/src/VBox/Runtime/r3/win/internal-r3-win.h

-              r96505
+              r96573
 extern DECL_HIDDEN_DATA(decltype(GetQueuedCompletionStatus) *)          g_pfnGetQueuedCompletionStatus;
 extern DECL_HIDDEN_DATA(decltype(PostQueuedCompletionStatus) *)         g_pfnPostQueuedCompletionStatus;
+extern DECL_HIDDEN_DATA(decltype(SetUnhandledExceptionFilter) *)        g_pfnSetUnhandledExceptionFilter;
+extern DECL_HIDDEN_DATA(decltype(UnhandledExceptionFilter) *)           g_pfnUnhandledExceptionFilter;
+extern DECL_HIDDEN_DATA(decltype(IsProcessorFeaturePresent) *)          g_pfnIsProcessorFeaturePresent;

Note: See TracChangeset for help on using the changeset viewer.