Bug 1668057: Allow DLL interceptor to patch 64-bit immediate MOVs r=tkikuchi

The latest Windows Insider Preview (version 20226.1000) changes the machine code for BaseThreadInitThunk to have a preamble like the following:

00007FFDBF244C40 48 83 EC 28          sub         rsp,28h
00007FFDBF244C44 85 C9                test        ecx,ecx
00007FFDBF244C46 75 25                jne         00007FFDBF244C6D
00007FFDBF244C48 49 BA 70 A2 DC 12 6A 97 99 B0 mov         r10,0B099976A12DCA270h

This patch adds "MOV r64, imm64" capability to the DLL interceptor so that we can hook this.

Differential Revision: https://phabricator.services.mozilla.com/D92146

mozglue/misc/interceptor/PatcherDetour.h

@@ -1276,6 +1276,9 @@ class WindowsDllDetourPatcher final
           } else {
             COPY_CODES(len + 1);
           }
+        } else if ((*origBytes & 0xf8) == 0xb8) {
+          // MOV r64, imm64
+          COPY_CODES(9);
         } else if (*origBytes == 0xc7) {
           // MOV r/m64, imm32
           if (origBytes[1] == 0x44) {

mozglue/tests/interceptor/AssemblyPayloads.h

@@ -106,6 +106,13 @@ __declspec(dllexport) __attribute__((naked)) void IndirectCall() {
       "nop;nop;nop;nop;nop;nop;nop;nop;"
       "ret;");
 }
+
+__declspec(dllexport) __attribute__((naked)) void MovImm64() {
+  asm volatile(
+      "mov $0x1234567812345678, %r10;"
+      "nop;nop;nop");
+}
+
 #  elif defined(_M_IX86)
 constexpr uintptr_t JumpDestination = 0x7fff0000;
 

mozglue/tests/interceptor/TestDllInterceptor.cpp

@@ -732,6 +732,7 @@ struct TestCase {
     TestCase("NearJump", NoStubAddressCheck),
     TestCase("OpcodeFF", NoStubAddressCheck),
     TestCase("IndirectCall", NoStubAddressCheck),
+    TestCase("MovImm64", NoStubAddressCheck),
 #    elif defined(_M_IX86)
     // Skip the stub address check as we always generate a trampoline for x86.
     TestCase("PushRet", NoStubAddressCheck),