Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

runtime: unexpected return pc for runtime.asmstdcall when using syscall18 #45524

Closed
ElMostafaIdrassi opened this issue Apr 12, 2021 · 4 comments
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Milestone

Comments

@ElMostafaIdrassi
Copy link
Contributor

ElMostafaIdrassi commented Apr 12, 2021

What version of Go are you using (go version)?

$ go version
go version go1.16.3 windows/amd64

Does this issue reproduce with the latest release?

Yes.

What operating system and processor architecture are you using (go env)?

Microsoft Windows [version 10.0.19041.867]
64-bit
RAM: 12GB
CPU: Intel(R) Core(TM) i7-8550U @ 1.8GHz

go env Output
$ go env
set GO111MODULE=
set GOARCH=amd64
set GOBIN=
set GOCACHE=C:\Users\idras\AppData\Local\go-build
set GOENV=C:\Users\idras\AppData\Roaming\go\env
set GOEXE=.exe
set GOFLAGS=
set GOHOSTARCH=amd64
set GOHOSTOS=windows
set GOINSECURE=
set GOMODCACHE=C:\Users\idras\go\pkg\mod
set GONOPROXY=
set GONOSUMDB=
set GOOS=windows
set GOPATH=C:\Users\idras\go
set GOPRIVATE=
set GOPROXY=https://proxy.golang.org,direct
set GOROOT=C:\Program Files\Go
set GOSUMDB=sum.golang.org
set GOTMPDIR=
set GOTOOLDIR=C:\Program Files\Go\pkg\tool\windows_amd64
set GOVCS=
set GOVERSION=go1.16.3
set GCCGO=gccgo
set AR=ar
set CC=gcc
set CXX=g++
set CGO_ENABLED=1
set GOMOD=C:\Users\idras\Source\temp\syscall18Bug\go\go.mod
set CGO_CFLAGS=-g -O2
set CGO_CPPFLAGS=
set CGO_CXXFLAGS=-g -O2
set CGO_FFLAGS=-g -O2
set CGO_LDFLAGS=-g -O2
set PKG_CONFIG=pkg-config
set GOGCCFLAGS=-m64 -mthreads -fmessage-length=0 -fdebug-prefix-map=C:\Users\idras\AppData\Local\Temp\go-build234891192=/tmp/go-build -gno-record-gcc-switches

What did you do?

git clone https://github.com/ElMostafaIdrassi/syscall18Bug
cd syscall18Bug/go
go build -v .
longsyscall.exe

The code essentially loads a Sample DLL which exports a single function that accepts 17 arguments, and calls that function using syscall.Syscall18.

What did you expect to see?

I expected the call to succeed.

What did you see instead?

fatal error: unexpected signal during runtime execution
[signal 0x80000003 code=0x0 addr=0x0 pc=0xba76ce]

runtime stack:
runtime: unexpected return pc for runtime.asmstdcall called from 0x7ff9c5eb11b0
stack: frame={sp:0xfeb7ff6b0, fp:0xfeb7ff6c0} stack=[0xfeb604000,0xfeb7ff7a0)
0000000feb7ff5b0:  0000000000b760d9 <runtime.throw+121>  0000000feb7ff628
0000000feb7ff5c0:  0000000000000001  0000000feb7ff628
0000000feb7ff5d0:  0000000000b760d9 <runtime.throw+121>  0000000000cafde0
0000000feb7ff5e0:  0000000feb7ff618  0000000000b762be <runtime.fatalthrow+94>
0000000feb7ff5f0:  0000000feb7ff5f8  0000000000b9f260 <runtime.fatalthrow.func1+0>
0000000feb7ff600:  0000000000cafde0  0000000000b760d9 <runtime.throw+121>
0000000feb7ff610:  0000000feb7ff628  0000000feb7ff648
0000000feb7ff620:  0000000000b760d9 <runtime.throw+121>  0000000feb7ff630
0000000feb7ff630:  0000000000b9f1c0 <runtime.throw.func1+0>  0000000000c15912
0000000feb7ff640:  000000000000002a  0000000feb7ff6a0
0000000feb7ff650:  0000000000b88ab7 <runtime.sigpanic+791>  0000000000c15912
0000000feb7ff660:  000000000000002a  000000c000079ca8
0000000feb7ff670:  0000000000cb0238  0000000000b72b13 <runtime.stdcall+147>
0000000feb7ff680:  0000000000cafde0  0000000000ba76fe <runtime.asmstdcall+94>
0000000feb7ff690:  00000000000c000b  000000c00000a130
0000000feb7ff6a0:  000000c000079e10  0000000000ba76ce <runtime.asmstdcall+46>
0000000feb7ff6b0: <0000000000cb0238 !00007ff9c5eb11b0
0000000feb7ff6c0: >000000c000079d68  000000c000079dc8
0000000feb7ff6d0:  0000000000b7224f <runtime.semawakeup+47>  00007ff9cc8b4a80
0000000feb7ff6e0:  000000000000015c  0000000000000001
0000000feb7ff6f0:  0000000feb7ff710  0000000feb7ff710
0000000feb7ff700:  0000000000b82f45 <runtime.acquirep+69>  000001232acf0108
0000000feb7ff710:  0000000feb7ff730  0000000000b80f7b <runtime.exitsyscallfast_pidle+123>
0000000feb7ff720:  000000c000026000  000000c000026000
0000000feb7ff730:  0000000000cb0238  0000000000ba5b73 <runtime.asmcgocall+115>
0000000feb7ff740:  000001232acfaf01  0000000000000000
0000000feb7ff750:  000000c000026000  000000c000030000
0000000feb7ff760:  000000c000079cd7  0000000000000220
0000000feb7ff770:  000000c000030000  0000000000b7b3a0 <runtime.mstart+0>
0000000feb7ff780:  0000000000000000  0000000000ba3f8c <runtime.rt0_go+332>
0000000feb7ff790:  0000000000000000  0000000000ba3f93 <runtime.rt0_go+339>
runtime.throw(0xc15912, 0x2a)
        C:/Program Files/Go/src/runtime/panic.go:1117 +0x79
runtime.sigpanic()
        C:/Program Files/Go/src/runtime/signal_windows.go:233 +0x317
runtime: unexpected return pc for runtime.asmstdcall called from 0x7ff9c5eb11b0
stack: frame={sp:0xfeb7ff6b0, fp:0xfeb7ff6c0} stack=[0xfeb604000,0xfeb7ff7a0)
0000000feb7ff5b0:  0000000000b760d9 <runtime.throw+121>  0000000feb7ff628
0000000feb7ff5c0:  0000000000000001  0000000feb7ff628
0000000feb7ff5d0:  0000000000b760d9 <runtime.throw+121>  0000000000cafde0
0000000feb7ff5e0:  0000000feb7ff618  0000000000b762be <runtime.fatalthrow+94>
0000000feb7ff5f0:  0000000feb7ff5f8  0000000000b9f260 <runtime.fatalthrow.func1+0>
0000000feb7ff600:  0000000000cafde0  0000000000b760d9 <runtime.throw+121>
0000000feb7ff610:  0000000feb7ff628  0000000feb7ff648
0000000feb7ff620:  0000000000b760d9 <runtime.throw+121>  0000000feb7ff630
0000000feb7ff630:  0000000000b9f1c0 <runtime.throw.func1+0>  0000000000c15912
0000000feb7ff640:  000000000000002a  0000000feb7ff6a0
0000000feb7ff650:  0000000000b88ab7 <runtime.sigpanic+791>  0000000000c15912
0000000feb7ff660:  000000000000002a  000000c000079ca8
0000000feb7ff670:  0000000000cb0238  0000000000b72b13 <runtime.stdcall+147>
0000000feb7ff680:  0000000000cafde0  0000000000ba76fe <runtime.asmstdcall+94>
0000000feb7ff690:  00000000000c000b  000000c00000a130
0000000feb7ff6a0:  000000c000079e10  0000000000ba76ce <runtime.asmstdcall+46>
0000000feb7ff6b0: <0000000000cb0238 !00007ff9c5eb11b0
0000000feb7ff6c0: >000000c000079d68  000000c000079dc8
0000000feb7ff6d0:  0000000000b7224f <runtime.semawakeup+47>  00007ff9cc8b4a80
0000000feb7ff6e0:  000000000000015c  0000000000000001
0000000feb7ff6f0:  0000000feb7ff710  0000000feb7ff710
0000000feb7ff700:  0000000000b82f45 <runtime.acquirep+69>  000001232acf0108
0000000feb7ff710:  0000000feb7ff730  0000000000b80f7b <runtime.exitsyscallfast_pidle+123>
0000000feb7ff720:  000000c000026000  000000c000026000
0000000feb7ff730:  0000000000cb0238  0000000000ba5b73 <runtime.asmcgocall+115>
0000000feb7ff740:  000001232acfaf01  0000000000000000
0000000feb7ff750:  000000c000026000  000000c000030000
0000000feb7ff760:  000000c000079cd7  0000000000000220
0000000feb7ff770:  000000c000030000  0000000000b7b3a0 <runtime.mstart+0>
0000000feb7ff780:  0000000000000000  0000000000ba3f8c <runtime.rt0_go+332>
0000000feb7ff790:  0000000000000000  0000000000ba3f93 <runtime.rt0_go+339>
runtime.asmstdcall(0xc000079d68, 0xc000079dc8, 0xb7224f, 0x7ff9cc8b4a80, 0x15c, 0x1, 0xfeb7ff710, 0xfeb7ff710, 0xb82f45, 0x1232acf0108, ...)
        C:/Program Files/Go/src/runtime/sys_windows_amd64.s:34 +0x2e

goroutine 1 [syscall, locked to thread]:
runtime.cgocall(0xba76a0, 0xcb0238, 0x7ff9c5eb11b0)
        C:/Program Files/Go/src/runtime/cgocall.go:154 +0x55 fp=0xc000079e20 sp=0xc000079de8 pc=0xb43bb5
syscall.Syscall18(0x7ff9c5eb11b0, 0x11, 0xc00010e000, 0x200, 0xc00010e000, 0x200, 0xc00010e000, 0x200, 0xc00010e000, 0x200, ...)
        C:/Program Files/Go/src/runtime/syscall_windows.go:395 +0xf2 fp=0xc000079e60 sp=0xc000079e20 pc=0xba3152
main.main()
        C:/Users/idras/Source/temp/syscall18Bug/go/main.go:25 +0x23d fp=0xc000079f88 sp=0xc000079e60 pc=0xbe6f3d
runtime.main()
        C:/Program Files/Go/src/runtime/proc.go:225 +0x256 fp=0xc000079fe0 sp=0xc000079f88 pc=0xb788f6
runtime.goexit()
        C:/Program Files/Go/src/runtime/asm_amd64.s:1371 +0x1 fp=0xc000079fe8 sp=0xc000079fe0 pc=0xba5f41

Remarks

In the stack trace, I see that the crash resulted from C:/Program Files/Go/src/runtime/sys_windows_amd64.s:34 +0x2e, which corresponds to :

// Check we have enough room for args.
CMPL CX, $maxargs
JLE 2(PC)
INT $3 // not enough room -> crash

I am not savvy enough in assembly, but does this mean there is not enough room for all the 17 args I'm passing to the syscall18 function?

Regards,

@mknyszek mknyszek added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Apr 12, 2021
@mknyszek mknyszek added this to the Backlog milestone Apr 12, 2021
@ElMostafaIdrassi
Copy link
Contributor Author

I managed to fix the crash by changing the value of maxargs in src/runtime/sys_windows_amd64.s from 16 to 18. I guess 16 was enough back when syscall18 was not yet implemented, and seeing how little to no Win32 API functions accept that many arguments, this bug went unnoticed for quite some time.

@mknyszek
Copy link
Contributor

Thanks for reporting the issue and figuring out a solution!

I think it's reasonable that that's the problem. I've been digging around here lately and your solution seems plausible; we have all sorts of hard-coded limits for the various Windows syscall oddities. There could just be a discrepancy (but I have not looked into this yet). I probably won't have time to look into this for a few days so:

CC @alexbrainman ?

@ElMostafaIdrassi ElMostafaIdrassi changed the title runtime: unexpected return pc for runtime.asmstdcall when calling COM interface pointer using elevation runtime: unexpected return pc for runtime.asmstdcall when using syscall18 Apr 12, 2021
@ElMostafaIdrassi
Copy link
Contributor Author

I've updated the original post to point to a much simpler repro, using a simple DLL which exports 1 function that accepts 17 args.

@gopherbot
Copy link

Change https://golang.org/cl/309390 mentions this issue: runtime: bump maxargs to avoid syscall18 crash when called with more than 16 args

@dmitshur dmitshur modified the milestones: Backlog, Go1.17 Apr 15, 2021
@dmitshur dmitshur added NeedsFix The path to resolution is known, but the work has not been done. and removed NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. labels Apr 15, 2021
@golang golang locked and limited conversation to collaborators Apr 15, 2022
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
FrozenDueToAge NeedsFix The path to resolution is known, but the work has not been done.
Projects
None yet
4 participants