Winsock not working inside a DynamoRio windows client

[0ca]

Hi,

I was trying to use sockets inside a Windows client but the WSA initialization fails:

#include <dr_api.h>
#include <winsock.h>

DR_EXPORT void dr_client_main(client_id_t id, int argc, const char *argv[])
{

    dr_enable_console_printing();
    WSADATA WsaDat;
    int result = WSAStartup(MAKEWORD(2, 0), &WsaDat);
    if (result == 0)
        dr_printf("WSA Initializated\n");
    else
        dr_printf("WSAStartup failed with error: %d\n", result);
}

The output is always the same:

WSAStartup failed with error: 10107

That error code in msdn:

WSASYSCALLFAILURE
10107
System call failure.
A system call that should never fail has failed. This is a generic error code, returned under various conditions.
Returned when a system call that should never fail does fail. For example, if a call to WaitForMultipleEvents fails or one of the registry functions fails trying to manipulate the protocol/namespace catalogs.
Returned when a provider does not return SUCCESS and does not provide an extended error code. Can indicate a service provider implementation error.

It seems that the DR transparency is interfering with the WSAStartup function.

Could anyone check why is this happening?

Any help will be appreciated.

[derekbruening]

A suggested approach to debug this is to step through WSAStartup in windbg from a native app and compare it to stepping through in windbg from the client.

[illera88]

Hi @derekbruening!

I've tried to debug the client with no luck. I used '-msgbox_mask 15' and attach to it with IDA Pro. I can do that with no problem but I cant see the client dll in the module list and I tried to set a breakpoint to WSAStartup API but it never gets reached.

What I need to debug is the client and not DR itself. Can you help us here? I know that you have a bunch of other things to do but this is a very reduced case (we reduced the problem a just one line) and it would be a good example people can base on to fix other problems they may face.

Attached is the log file generated.

Thanks for your time!

arp.exe.0.2812.zip

[derekbruening]

Please follow the instructions at https://github.com/DynamoRIO/dynamorio/wiki/Debugging for telling windbg where the client dll is located.

[illera88]

@derekbruening Tried to do what you said with the latest DR version and now I'm getting a different error: C:\dynamorio\bin32>drrun.exe -c "C:\build\VSProject\TestDynamoRioTool\Release\TestDynamoRioTool.dll" -- arp.exe <Application C:\WINDOWS\SysWOW64\arp.exe (3772). Unable to load client library: import hgets not found in msvcrt.dll.> <Application C:\WINDOWS\SysWOW64\arp.exe (3772). Unable to load client library: TestDynamoRioTool.dll Unable to locate imports of client library.>

Using VS2013 in W10 Regards

[derekbruening]

The natural steps there are to investigate where hgets normally comes from, whether you have the wrong msvcrt.dll, or if the issue is something else, and if it turns out to be a problem with DR's private loader (maybe API set mapping being off?), it would be best to file a separate issue on that and ideally contribute a fix.

[illera88]

Hi Derek, I've been doing some more debugging and I got to the point where the problem arises. Function WSAStartup calls DTHREAD::CreateDThreadForCurrentThread which calls DTHREAD::Initialize which code is:

signed int __thiscall DTHREAD::Initialize(_DWORD *this, int a2)
{
  _DWORD *v2; // esi@1
  _DWORD *v3; // edi@1
  signed int v4; // ebx@1

  v2 = this;
  v3 = this + 6;
  v4 = 10107; // this is the error value I get when using DR
  this[18] = a2;
  if ( !DPROCESS::GetAsyncHelperDeviceID(a2, this + 6) && !ws2_32_WahOpenCurrentThread(*v3, v2 + 2) )
    v4 = 0;
  return v4; // we return 10107 
}

As you can see the error code 10107 (the error code that I get when using sockets in Win with DR) is returned in case that DPROCESS::GetAsyncHelperDeviceID fails. That reminded me that in the documentation you say that DR doesn't get along well with asynchronous functions. Is that correct? May be that the problem?

How can I proceed from now on?

Thanks @derekbruening

[wenjunpku]

hi, @illera88 have you fix the problem? It seems that i meet the same problem when use dynamorio,. If you could give me some suggestion, it will help me a lot. Thank you very much

[illera88]

Unfortunately I haven't been able to fix this problem. I got to the root of the problem as you can see in my last comment in this thread but I didn't know how to keep debugging it and @derekbruening doesn't seem to have the time to take a look at this. It's unfortunate since using windows sockets is a very common thing in a lot of programs.

Hope @derekbruening can find some time to take a look at it.

Cheers

[derekbruening]

Unfortunately Windows is not currently a priority for today's (too-)small set of DynamoRIO maintainers. Hopefully users with incentives to improve Windows support will step up and contribute.

[illera88]

I understand. Anyway thank you for your continuous work on DR. It's an incredible useful tool!

[wenjunpku]

Thx, i understand, @illera88 @derekbruening

[mxmssh]

Hi @derekbruening @illera88,

I also encountered this problem and would like to fix this issue. Could you recommend me where to start ? So, the root of problem is GetAsyncHelperDeviceID or ws2_32_WahOpenCurrentThread as I understood, right ? Any ideas are welcome!

[illera88]

Hi @mxmssh DPROCESS::GetAsyncHelperDeviceID or ws2_32_WahOpenCurrentThread fails and that's what cause the error. I think, because of the name, it can be the first one. I don't know why that may be.

If you @mxmssh can take a look at it it would be great. Or hopefully @derekbruening get some time to check it 🥇 .

It would be great to be able to use sockets in Windows in a DR client.

[illera88]

Hi, I got this 3 popups when running the DR client. @derekbruening does this tell you something?

As always thank you for your time and help.