WS2_32.dll has no address

[Alexey Vishnyakov]

Hi!

Could you help, please? What could possibly go wrong?

<Starting application D:\work\sydr\build-debug\hello.exe (15236)>
<Running on newer-than-this-build "Microsoft Windows 10-2009 x64">
<unknown API-MS-Win pseudo-dll api-ms-win-downlevel-kernel32-l2-1-0.dll>
<unknown API-MS-Win pseudo-dll api-ms-win-core-pcw-l1-1-0.dll>
<Initial options = -no_dynamic_options -client_lib 'D:\work\sydr\build-debug\dynamorio\tools\lib64\debug\tracer.dll;0;"-o" "test.log"' -client_lib64 'D:\work\sydr\build-debug\dynamorio\tools\
lib64\debug\tracer.dll;0;"-o" "test.log"' -code_api -probe_api -stack_size 8M -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_manag
ed_code -no_indcall2direct >
<Application D:\work\sydr\build-debug\hello.exe (15236).  Internal Error: DynamoRIO debug check failure: D:\work\sydr\dynamorio\core\win32\loader.c:805 !is_dynamo_address(dcontext->app_fls_da
ta)
(Error occurred @0 frags)
version 8.0.18665, custom build
-no_dynamic_options -client_lib 'D:\work\sydr\build-debug\dynamorio\tools\lib64\debug\tracer.dll;0;"-o" "test.log"' -client_lib64 'D:\work\sydr\build-debug\dynamorio\tools\lib64\debug\tracer.
dll;0;"-o" "test.log"' -code_api -probe_api -stack_size 8M -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_e
D:\work\sydr\build-debug\dynamorio\lib64\debug\dynamorio.dll=0x0000000015000000
D:\work\sydr\build-debug\dynamorio\tools\lib64\debug\tracer.dll=0x00007ff7672c0000
C:\WINDOWS/system32/ADVAPI32.dll=0x00007ff8a7ef0000
C:\WINDOWS/system32/sechost.dll=0x00007ff8a81f0000
C:\WINDOWS/system32/msvcrt.dll=0x00007ff8a6fa0000
C:\WINDOWS/system32/dbghelp.dll=0x00007ff898770000
C:\WINDOWS/system32/ucrtbase.dll=0x00007ff8a6270000
C:\WINDOWS/system32/WS2_32.dll>

[Alexey Vishnyakov]

I commented out WS2_32 and it is now:

C:\WINDOWS/system32/ADVAPI32.dll=0x00007ff8a7ef0000
C:\WINDOWS/system32/sechost.dll=0x00007ff8a81f0000
C:\WINDOWS/system32/RPCRT4.dll=0x00007ff8a8010000

C:\WINDOWS/system32/msvcrt.dll=0x00007ff8a6fa0000
C:\WINDOWS/system32/dbghelp.dll=0x00007ff898770000
C:\WINDOWS/system32/ucrtbase.dll>

четверг, 25 марта 2021 г. в 21:45:42 UTC+3, Alexey Vishnyakov:

[Derek Bruening]

The message has a static size limit and it just truncates whatever is at the end there, so ignore WS2_32 or whatever is the last one getting truncated: it is not relevant.

I assume something bad happens in release build?

There are two issues: one, your client is pulling in unknown pseudo interfaces:

<unknown API-MS-Win pseudo-dll api-ms-win-downlevel-kernel32-l2-1-0.dll>

<unknown API-MS-Win pseudo-dll api-ms-win-core-pcw-l1-1-0.dll>

And two, the fiber-local storage isolation is failing:

debug check failure: D:\work\sydr\dynamorio\core\win32\loader.c:805 !is_dynamo_address(dcontext->app_fls_data

I would start by addressing the missing interfaces: is the default guess of kernelbase.dll correct at https://github.com/DynamoRIO/dynamorio/blob/master/core/win32/loader.c#L1771?  Probably since maybe you'd get missing imports otherwise.  But if you could send a pull request updating the mappings for those two pseudo-dll's that would be appreciated.

--
You received this message because you are subscribed to the Google Groups "DynamoRIO Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to dynamorio-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dynamorio-users/fdbaff4f-730f-4789-9cb5-12859fa7f396n%40googlegroups.com.

[pmvi...@gmail.com]

The release hangs for a while and then exits. I will try to deal with pseudo interfaces. Is there a place to read about them? And I will just try commenting out parts of my client.

You received this message because you are subscribed to a topic in the Google Groups "DynamoRIO Users" group.
To unsubscribe from this topic, visit https://groups.google.com/d/topic/dynamorio-users/-IsS4AT7mEY/unsubscribe.
To unsubscribe from this group and all its topics, send an email to dynamorio-use...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/dynamorio-users/CAO1ikSZVb5w%2BW-HBfpZrmh1RKW3HyYdLN_bmJrQjyvy9-cOnEA%40mail.gmail.com.

[Alexey Vishnyakov]

What's the best way to locate real dll that contains a specific pseudo dll. Dependency Walker seems to be wrong.

четверг, 25 марта 2021 г. в 22:45:27 UTC+3, Alexey Vishnyakov:

[Derek Bruening]

Find example import from that pseudo:

% dumpbin /imports kernel32.dll/10.0.10586.0-wow64/kernel32.dll | grep -5 -i enclave
    api-ms-win-core-enclave-l1-1-0.dll
              6B88030C Import Address Table
              6B89D470 Import Name Table
                     0 time date stamp
                     0 Index of first forwarder reference

                    3 LoadEnclaveData
                    1 InitializeEnclave
                    0 CreateEnclave
                    2 IsEnclaveTypeSupported

Then search all dlls in system dir or whatnot looking for those (cygwin bash shell here):

% for i in *.dll; do echo $i; dumpbin /exports $i/*.dll | grep -i enclave; done
...
kernelbase.dll
        165   9F 0013B440 CreateEnclave = _CreateEnclave@32
        782  30A 0013B490 InitializeEnclave = _InitializeEnclave@20
        834  340 0013B4D0 IsEnclaveTypeSupported = _IsEnclaveTypeSupported@4
        896  37E 0013B500 LoadEnclaveData = _LoadEnclaveData@36
...

To view this discussion on the web visit https://groups.google.com/d/msgid/dynamorio-users/80117d9d-03a7-48e5-891d-77c88df2c5fcn%40googlegroups.com.

[Alexey Vishnyakov]

my dumpbin output does not contain any pseudo dll entries (api-ms-*), only real ones.

пятница, 26 марта 2021 г. в 18:51:20 UTC+3, Derek Bruening: