[Issue 2462] New: DMD creates a wrong DLL so loading a DLL in the context of another Process via loadlibrary will crash the remote process

d-bugmail at puremagic.com d-bugmail at puremagic.com
Wed Nov 19 05:25:29 PST 2008 

http://d.puremagic.com/issues/show_bug.cgi?id=2462

           Summary: DMD creates a wrong DLL so loading a DLL in the context
                    of another Process via loadlibrary will crash the remote
                    process
           Product: D
           Version: 1.036
          Platform: PC
               URL: http://tango.pastebin.com/f7037e2fe
        OS/Version: Windows
            Status: NEW
          Severity: normal
          Priority: P3
         Component: DMD
        AssignedTo: bugzilla at digitalmars.com
        ReportedBy: Marc-Reim at gmx.de


DMD creates a wrong DLL.

My code can be found here: http://tango.pastebin.com/f7037e2fe

Further information:

TestDll.dll (memaddress) 0x1000B786  (HEX) 8B0C 9E    (ASM)MOV ECX,DWORD PTR
DS:[ESI+EBX*4]
changed to  (memaddress) 0x1000B786  (HEX) 8B0E 90    (ASM)MOV ECX,DWORD PTR
DS:[ESI]

If I don't change it, it would crash with a access violation while trying to
read 0x80**0009

ASM
0x1000B770    53              PUSH EBX
0x1000B771    8B4424 08       MOV EAX,DWORD PTR SS:[ESP+8]
0x1000B775    8B10            MOV EDX,DWORD PTR DS:[EAX]
0x1000B777    56              PUSH ESI
0x1000B778    3B51 04         CMP EDX,DWORD PTR DS:[ECX+4]
0x1000B77B    77 13           JA SHORT TestDll.1000B790  
0x1000B77D    8D5A FF         LEA EBX,DWORD PTR DS:[EDX-1]      ; EBX will be
set to FFFFFFFF
0x1000B780    C1EB 03         SHR EBX,3                         ; EBX bits will
be shifted 3 times to the right will be 1FFFFFFF                                
0x1000B783    50              PUSH EAX                          
0x1000B784    8B31            MOV ESI,DWORD PTR DS:[ECX]        ; this is the
right address 0x00A9000C
0x1000B786    8B0C9E          MOV ECX,DWORD PTR DS:[ESI+EBX*4]  ; EBX should be
00000000 at this point but ESI+EBX*4 is 0x80A90008
0x1000B789    E8 BE160000     CALL TestDll.1000CE4C

Registers at 0x1000B786

EAX 10015D07 TestDll.10015D07
ECX 100185F4 TestDll.100185F4
EDX 00000000
EBX 1FFFFFFF
ESP 00A8FE84
EBP 00A8FEAC
ESI 00A9000C
EDI 00000000
EIP 1000B786 TestDll.1000B786
C 1  ES 0023 32bit 0(FFFFFFFF)
P 1  CS 001B 32bit 0(FFFFFFFF)
A 0  SS 0023 32bit 0(FFFFFFFF)
Z 0  DS 0023 32bit 0(FFFFFFFF)
S 0  FS 0038 32bit 7FFDE000(FFF)
T 0  GS 0000 NULL
D 0
O 0  LastErr ERROR_INVALID_HANDLE (00000006)
EFL 00010207 (NO,B,NE,BE,NS,PE,GE,G)
ST0 empty +UNORM 51C0 00140558 00143C98
ST1 empty +UNORM 000C 00143AB8 00140178
ST2 empty +UNORM 0178 00000000 001451C0
ST3 empty +UNORM 4998 00143C98 00250688
ST4 empty 0.0379690874344696950e-4933
ST5 empty -UNORM FBA8 00250708 008A1410
ST6 empty 0.0379913815966686790e-4933
ST7 empty +UNORM 0178 0012FC7C 00000000
               3 2 1 0      E S P U O Z D I
FST 0000  Cond 0 0 0 0  Err 0 0 0 0 0 0 0 0  (GT)
FCW 027F  Prec NEAR,53  Mask    1 1 1 1 1 1

So I think at 0x1000B876 EBX should be 00000000

Maybe its a alignment error?

I adjusted the ASM to 
MOV ECX,DWORD PTR DS:[ESI]
that will work for me but there will be no Beep when loading the DLL.


--

More information about the Digitalmars-d-bugs mailing list