Apps with CET support enabled do not launch

[PiMoNFeeD]

Description

I've recently updated a .NET app I had to a newer version and found out that it doesn't launch. Fast forward 2 days, I tracked down the issue to the fact that the app was upgraded from .NET 8.0 to 9.0, and testing in multiple configurations on my local machine revealed that any .NET 9.0 app simply doesn't work on my machine, unless I explicitly add <CETCompat>false</CETCompat> to the .csproj file.

Debugger is entirely useless as it only shows this:

The program '[XXX] XXX.exe' has exited with code 3221227010 (0xc0000602) 'The process aborted due to a fail fast exception.'.

If I create a console application instead, I also get this right above the aforementioned crash:

CLR: Assert failure(PID 4452 [0x00001164], Thread: 20648 [0x50a8]): !AreShadowStacksEnabled() || UseSpecialUserModeApc()
    File: D:\a\_work\1\s\src\coreclr\vm\threads.cpp:7938

That led me to #108589, where someone else had the same assert and updating their Windows helped, but they updated to the exact same build I am running from 2023, so I hardly believe this to be an issue.

Reproduction Steps

...

Expected behavior

...

Actual behavior

...

Regression?

There was no crash until CET support was forced on by default

Known Workarounds

Disabling CET support on a per-app basis

Configuration

.NET 9.0.0
Windows 10 Pro 22H2 x64 build 19045.2965, Windows Feature Experience Pack 1000.19041.1000.0

Other information

No response

[djanri]

I've stuck with the same issue on Windows 10 Pro 22H2 x64 build 19045.2006.

[jkotas]

Do you run any 3rd party antivirus software on your machine by any chance?

Could you please share the crash dump for a simple hello world app from your machine? https://learn.microsoft.com/en-us/windows/win32/wer/collecting-user-mode-dumps has instructions for configuring your machine to collect crash dumps (use Full dump).

The crash dump will contain information about your environment. If you do not want to share it publicly, you can open an issue at https://developercommunity.visualstudio.com/, include it as a private attachment and share a link to the issue here.

[PiMoNFeeD]

Do you run any 3rd party antivirus software on your machine by any chance?

Could you please share the crash dump for a simple hello world app from your machine? https://learn.microsoft.com/en-us/windows/win32/wer/collecting-user-mode-dumps has instructions for configuring your machine to collect crash dumps (use Full dump).

The crash dump will contain information about your environment. If you do not want to share it publicly, you can open an issue at https://developercommunity.visualstudio.com/, include it as a private attachment and share a link to the issue here.

No, I do not have any AV at all
Here's my crash dump: https://drive.google.com/file/d/1vZaziSyey903MYsK7eBCldY7bj5qFH7n/view?usp=sharing
I assume it is too big for GitHub, as I couldn't upload it here

[jkotas]

Here's my crash dump: https://drive.google.com/file/d/1vZaziSyey903MYsK7eBCldY7bj5qFH7n/view?usp=sharing

The dump shows that you are running Windows build 19041. The support for this build ended in 2021 according to https://learn.microsoft.com/en-us/windows/release-health/release-information . Some of the old Windows builds that are out of support for years had issues with CET.

Could you please update to actively supported Windows version? We support .NET runtime on actively supported OSes only.
 

0:000> lm v mntdll
...
       ProductVersion:   10.0.19041.2788

[MichalPetryka]

The dump shows that you are running Windows build 19041.

Are you sure?

Windows 10 Version 19045 MP (16 procs) Free x64

.dumpdebug also says:

  MajorVersion            0000000A
  MinorVersion            00000000
  BuildNumber             00004A65 (19045)

Running lm v mntdll on dumps from my 22H2 machine also says Product version: 10.0.19041.5007

[jkotas]

Sorry, I have not realized that ntdll.dll version is not the Windows build version these days.

@MichalPetryka Does this issue reproduce on your machine?

[MichalPetryka]

Does this issue reproduce on your machine?

Do you mean if all .NET 9 apps crash there? Cause the answer is no, they work fine with a CPU that supports shadow stacks (and I can retrieve them from dumps successfully).

[jkotas]

It means that ntdll.dll version 10.0.19041.5007 has the required CET fixes, but ntdll.dll version 10.0.19041.2788 does not have the required CET fixes, both come from Windows 22H2.

@PiMoNFeeD Is your Windows OS fully patched?

[PiMoNFeeD]

It means that ntdll.dll version 10.0.19041.5007 has the required CET fixes, but ntdll.dll version 10.0.19041.2788 does not have the required CET fixes, both come from Windows 22H2.

@PiMoNFeeD Is your Windows OS fully patched?

Just after I created this issue I updated it (even though I absolutely hate updating Windows), got a bunch of adware as usual and a bunch of everyday bugs shipped with it, and it worked for exactly one day, but then I got back to the same issue after a reboot or two. If there is a newer ntdll.dll version available than mine, then I can only assume that it downgraded itself over a reboot, except those Windows bugs didn't go away!

And in fact, I just ran Windows Updates again and there was only one update available (KB5048652) which fixed the issue, so I should be right that it downgraded itself.