Fix call() API crash when used without run_module()#283
Draft
williballenthin wants to merge 5 commits intomasterfrom
Draft
Fix call() API crash when used without run_module()#283williballenthin wants to merge 5 commits intomasterfrom
williballenthin wants to merge 5 commits intomasterfrom
Conversation
Co-authored-by: Moritz <mr-tz@users.noreply.github.com>
The call() API failed with an AttributeError (or UcError on older versions) because it assumed process/thread context was already initialized. This adds _ensure_process_context() to lazily create the minimal process, thread, PEB, and TEB state when call() is invoked before run_module(). Closes #21
|
Thanks for your pull request! It looks like this may be your first contribution to a Google open source project. Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA). View this failed invocation of the CLA check for more information. For the most up to date status, view the checks section at the bottom of the pull request. |
williballenthin
force-pushed
the
worktree-fix-issue-21
branch
from
de36282 to
1a2f336
Compare
williballenthin
commented
Mar 10, 2026
speakeasy/windows/winemu.py
Outdated
Comment on lines
+419
to
+434
| def _ensure_process_context(self): | ||
| if self.curr_process: | ||
| return | ||
| p = objman.Process(self) | ||
| self.processes.append(p) | ||
| self.curr_process = p | ||
| self.om.objects.update({p.address: p}) | ||
|
|
||
| t = objman.Thread(self, stack_base=self.stack_base) | ||
| self.om.objects.update({t.address: t}) | ||
| self.curr_process.threads.append(t) | ||
| self.curr_thread = t | ||
|
|
||
| peb = self.alloc_peb(self.curr_process) | ||
| self.init_teb(t, peb) | ||
|
|
Collaborator
Author
There was a problem hiding this comment.
i don't like having this second copy of the initialization. we should study this further and see if we can refactor/consolidate all the logic together. i'm not convinced the call to _ensure_process_context is the right way.
Remove _ensure_process_context() and make _prepare_run_context() the single canonical path for process/thread/PEB/TEB/TLS activation. call() no longer has a one-off initialization path; run_module() and run_shellcode() attach context to queued runs instead of eagerly activating it. Resolves PR review concern about duplicated init logic. Refine run-context initialization: canonical dispatch, self-normalizing runs Make _prepare_run_context() the single canonical path for all live context activation. call() no longer mutates CPU state at queue time, run_module() stamps all startup runs (not just run_queue[0]), _create_default_process() gives EXE targets module-backed processes, and shellcode register priming uses dispatch-scoped Run.init_regs. Key changes: - Remove eager reset_stack() from call(); add it to start() instead - _prepare_run_context() normalizes run.process_context and run.thread - _resolve_run_thread() fails fast on conflicting process bindings - prepare_module_for_emulation() returns runs, no ambient curr_process - run_module() stamps all runs with explicit process/thread context - Child processes registered in self.processes at startup time - run_shellcode() pre-dispatch set_func_args/reg_write removed - Run.init_regs dict applied at dispatch time by _prepare_run_context()
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
call()API crashed when invoked afterload_module()but beforerun_module()because it assumed process/thread context was already initialized_ensure_process_context()to lazily create the minimal process, thread, PEB, and TEB state needed for emulationCloses #21
Test plan
test_call_without_run_module— x86 and x64 DLLstest_call_after_run_module— x86 and x64 DLLs (regression)🤖 Generated with Claude Code