EEPolicy::HandleFatalError calls RaiseFailFastException with invalid context

[jkotas]

CONTEXT is captured here:

runtime/src/coreclr/vm/eepolicy.cpp

Line 786 in 31b5ae2

ClrCaptureContext(&context);

And then passed to RaiseFailFastException here:

runtime/src/coreclr/vm/excep.cpp

Line 3574 in 31b5ae2

pExceptionInfo == NULL ? NULL : pExceptionInfo->ContextRecord,

Stacktrace:

KERNELBASE!RaiseFailFastException
coreclr!WatsonLastChance+0x1b3 [D:\a\_work\1\s\src\coreclr\vm\excep.cpp @ 3590] 
coreclr!EEPolicy::LogFatalError+0x6b4 [D:\a\_work\1\s\src\coreclr\vm\eepolicy.cpp @ 589] 
coreclr!EEPolicy::HandleFatalError+0x133 [D:\a\_work\1\s\src\coreclr\vm\eepolicy.cpp @ 828]

The problem is that RaiseFailFastException validates that the context matches a valid return address on the stack as part of CET. If the context is not valid, it rejects it, flags it as a potential attack and asserts in checked builds of Windows OS.

We should stop passing invalid CONTEXT to RaiseFailFastException and verify that the Watson bucketing of the crashes originating in EEPolicy::HandleFatalError works as expected.

[dotnet-policy-service]

Tagging subscribers to this area: @tommcdon
See info in area-owners.md if you want to be subscribed.

[jkotas]

Refer to internal email thread with title "KyRaiseException STATUS_SET_CONTEXT_DENIED" for more details.