Closed Bug 1547791 Opened 2 years ago Closed 2 years ago

RDD Process doesn't run with win32k.sys disabling: Failed to find export ext-ms-win-ole32-oleautomation-l1-1-0.dll!SetOleautModule

Categories

(Firefox Build System :: General: Unsupported Platforms, defect)

defect
Not set
normal

Tracking

(Not tracked)

RESOLVED INVALID

People

(Reporter: tjr, Unassigned)

References

Details

We crash during image loading, as shown in the following Show Loader Snaps log.

29c8:167c @ 286049609 - LdrpGetProcedureAddress - INFO: Locating procedure "CtfImmGetCompatibleKeyboardLayout" by name
29c8:167c @ 286049609 - LdrpLoadDllInternal - RETURN: Status: 0x00000000
29c8:167c @ 286049609 - LdrLoadDll - RETURN: Status: 0x00000000
29c8:167c @ 286049609 - LdrGetDllHandleEx - ENTER: DLL name: C:\WINDOWS\system32\IMM32.DLL
29c8:167c @ 286049609 - LdrpResolveDllName - ENTER: DLL name: C:\WINDOWS\system32\IMM32.DLL
29c8:167c @ 286049609 - LdrpResolveDllName - RETURN: Status: 0x00000000
29c8:167c @ 286049609 - LdrpFindLoadedDllInternal - RETURN: Status: 0x00000000
29c8:167c @ 286049609 - LdrGetDllHandleEx - RETURN: Status: 0x00000000
29c8:167c @ 286049609 - LdrpInitializeNode - ERROR: Init routine 00007FF983BB19B0 for DLL "C:\WINDOWS\System32\USER32.dll" failed during DLL_PROCESS_ATTACH
29c8:167c @ 286049609 - LdrpLoadDllInternal - RETURN: Status: 0xc0000142
29c8:167c @ 286049609 - LdrpRedirectDelayloadFailure - ERROR: Failed to find export ext-ms-win-ole32-oleautomation-l1-1-0.dll!SetOleautModule (Ordinal:0) in "OLEAUT32.dll" 0xc0000142
29c8:167c @ 286049609 - LdrpInitializeProcess - ERROR: Running the init routines of the executable's static imports failed with status 0xc0000142
29c8:167c @ 286049609 - _LdrpInitialize - ERROR: Process initialization failed with status 0xc0000142
29c8:167c @ 286049609 - LdrpInitializationFailure - ERROR: Process initialization failed with status 0xc0000142
ntdll!NtTerminateProcess+0x14:
00007ff9`85f60654 c3 ret

If I disable sandboxing I crash with a callstack inside of RDDParent (specifically SendBuildIDsMatchMessage for some reason...)

(In reply to Tom Ritter [:tjr] from comment #0)

If I disable sandboxing I crash with a callstack inside of RDDParent (specifically SendBuildIDsMatchMessage for some reason...)

This seems to have been a fluke; now it works fine for me.

So this issue is caused by win32k.sys disablement. It's possible ACG is also causing a problem, it's hard to get a consistent behavior; but with or without ACG, if win32k.sys-disable is enabled we don't get any further than this loader failure.

This seems related, a little, to Bug 1535704 - but I have tested a build that has that fix in it and see the same behavior.

See Also: → 1535704
Summary: RDD Process doesn't run with Sandboxing Enabled: Failed to find export ext-ms-win-ole32-oleautomation-l1-1-0.dll!SetOleautModule → RDD Process doesn't run with win32k.sys disabling: Failed to find export ext-ms-win-ole32-oleautomation-l1-1-0.dll!SetOleautModule

Hey Bob, same question: When Show Loader Snaps is set in gflags we see a failure to load a library.

This doesn't make sense to me, because as far as I can tell; we set win32k.sys disablement IN the RDD process AFTER we've started up and gone into xul. (But the Loader failure is before that. Although maybe I'm misunderstanding the loader...) Bob can you confirm that's how win32k.sys disabling works?

Flags: needinfo?(bobowencode)

(In reply to Tom Ritter [:tjr] from comment #4)

Hey Bob, same question: When Show Loader Snaps is set in gflags we see a failure to load a library.

This doesn't make sense to me, because as far as I can tell; we set win32k.sys disablement IN the RDD process AFTER we've started up and gone into xul. (But the Loader failure is before that. Although maybe I'm misunderstanding the loader...) Bob can you confirm that's how win32k.sys disabling works?

For RDD we currently disable from process start (although it can be disabled after that when we lower the sandbox, if we need to).
Is this failure happening on the main thread?
We've seen issues with initialisation in the past if the load is happening on a separate thread, because the user token with more permissions that is used at start-up is only set as an impersonation token on the main thread.

Flags: needinfo?(bobowencode)

(In reply to Bob Owen (:bobowen) from comment #5)

(In reply to Tom Ritter [:tjr] from comment #4)

Hey Bob, same question: When Show Loader Snaps is set in gflags we see a failure to load a library.

This doesn't make sense to me, because as far as I can tell; we set win32k.sys disablement IN the RDD process AFTER we've started up and gone into xul. (But the Loader failure is before that. Although maybe I'm misunderstanding the loader...) Bob can you confirm that's how win32k.sys disabling works?

For RDD we currently disable from process start (although it can be disabled after that when we lower the sandbox, if we need to).

When you say process start; you mean in the process, while it's running though, right? We don't disable it while the process is suspended before it starts executing in xul, right?

Is this failure happening on the main thread?

Yeah; this failure happens, AFAICT before we even get to main. (Although I may be misremembering...)

Flags: needinfo?(bobowencode)

(In reply to Tom Ritter [:tjr] from comment #6)

(In reply to Bob Owen (:bobowen) from comment #5)

(In reply to Tom Ritter [:tjr] from comment #4)

Hey Bob, same question: When Show Loader Snaps is set in gflags we see a failure to load a library.

This doesn't make sense to me, because as far as I can tell; we set win32k.sys disablement IN the RDD process AFTER we've started up and gone into xul. (But the Loader failure is before that. Although maybe I'm misunderstanding the loader...) Bob can you confirm that's how win32k.sys disabling works?

For RDD we currently disable from process start (although it can be disabled after that when we lower the sandbox, if we need to).

When you say process start; you mean in the process, while it's running though, right? We don't disable it while the process is suspended before it starts executing in xul, right?

No, to be clearer I should have said we do this at process creation.
It's set in the PPROC_THREAD_ATTRIBUTE_LIST in the STARTUPINFOEXW passed to CreateProcessAsUser.

Is this failure happening on the main thread?

Yeah; this failure happens, AFAICT before we even get to main. (Although I may be misremembering...)

Hmm, not sure what might be going on here then.
Is there a build I could attempt to debug (although I probably won't get a chance before the end of next week now).

Flags: needinfo?(bobowencode)

(In reply to Bob Owen (:bobowen) from comment #7)

(In reply to Tom Ritter [:tjr] from comment #6)

(In reply to Bob Owen (:bobowen) from comment #5)

(In reply to Tom Ritter [:tjr] from comment #4)

Hey Bob, same question: When Show Loader Snaps is set in gflags we see a failure to load a library.

This doesn't make sense to me, because as far as I can tell; we set win32k.sys disablement IN the RDD process AFTER we've started up and gone into xul. (But the Loader failure is before that. Although maybe I'm misunderstanding the loader...) Bob can you confirm that's how win32k.sys disabling works?

For RDD we currently disable from process start (although it can be disabled after that when we lower the sandbox, if we need to).

When you say process start; you mean in the process, while it's running though, right? We don't disable it while the process is suspended before it starts executing in xul, right?

No, to be clearer I should have said we do this at process creation.
It's set in the PPROC_THREAD_ATTRIBUTE_LIST in the STARTUPINFOEXW passed to CreateProcessAsUser.

Thanks! That what I wasn't doing in my test case, I will try that and see how mingw behaves on a minimal repro case.

Huzzah this is also invalid; it's all Bug 1557844 !

Status: NEW → RESOLVED
Closed: 2 years ago
Resolution: --- → INVALID
You need to log in before you can comment on or make changes to this bug.