aws-lambda-dotnet icon indicating copy to clipboard operation
aws-lambda-dotnet copied to clipboard
verified publisher icon aws

amazon.lambda.testtool-8.0 incorrectly compiled with CET enabled

Open delmyers opened this issue 8 months ago • 3 comments

Describe the bug

Visual Studio has been getting bug reports that debugging AWS lambda functions using the .NET lambda test tools does not work. We've tracked this down to the fact that, somehow, amazon.lambda.testtool-8.0 is being compiled with Control-Flow Enforcement Technology (CET) enabled. CET is not compatible with .NET 8, though it is with .NET 9. Under normal circumstances, CET cannot be enabled for .NET projects. There must be some custom configuration that is turning it on during build, though I've not been able to track it down in this code base. As a result, customers are ending up with erratic stepping behavior when using amazon.lambda.testtool-8.0.

You can see that CET is enabled in the executable by running the following command:

dumpbin /headers dotnet-lambda-test-tool-8.0.exe

After the 'Debug Directories' entry, you will see a couple of lines that look like this:

00000001 extended DLL characteristics
           CET compatible

Indicating that CET has been enabled for the binary.

Regression Issue

  • [ ] Select this option if this issue appears to be a regression.

Expected Behavior

When running dumpbin /headers there should be no data indicating that CET has been enabled for the binary.

Current Behavior

CET is enabled.

Reproduction Steps

dumpbin /headers dotnet-lambda-test-tool-8.0.exe

After the 'Debug Directories' entry, you will see a couple of lines that look like this:

00000001 extended DLL characteristics
           CET compatible

Possible Solution

No response

Additional Information/Context

No response

AWS .NET SDK and/or Package version used

dotnet-lambda-test-tool-8.0

Targeted .NET Platform

.NET 8

Operating System and version

Windows 11

delmyers avatar Mar 24 '25 23:03 delmyers

@delmyers Thanks for the info. We aren't doing anything specific about enabling CET, it wasn't even something I knew about. The build image does have the .NET 9 SDK installed would even though the project is targeting .NET 8. Would cause CET to be enabled?

normj avatar Mar 25 '25 01:03 normj

@normj If you can help me figure out how to build the executables, I might be able to check the build logs and figure out what is going on. I wasn't able to figure out how to do that in a short amount of time, though.

delmyers avatar Mar 25 '25 05:03 delmyers

Just FYI https://github.com/dotnet/docs/issues/42600

ashishdhingra avatar Mar 27 '25 16:03 ashishdhingra