Invalid handle usage - Application Verifier on Windows

[ariccio]

When running Ruby on Windows under Application Verifier (the Windows SDK dynamic verification toolset) with invalid handle checking enabled, ruby immediately triggers on Init_fiddle when trying to run irb. If this is a problem somewhere else in ruby, let me know! I'm new to ruby.

App verifier log: ruby.exe.12.dat.zip

Windbg interactive stacktrace:

0:000> kc
 # Call Site
00 ntdll!KiRaiseUserExceptionDispatcher
01 vfbasics!AVrfpNtDeviceIoControlFile
02 KERNELBASE!ConsoleCallServerGeneric
03 KERNELBASE!ConsoleCallServer
04 KERNELBASE!GetConsoleScreenBufferInfoEx
05 KERNELBASE!GetConsoleScreenBufferInfo
06 libffi_6!ffi_call_win64
07 libffi_6!ffi_call
08 fiddle!Init_fiddle
09 x64_msvcrt_ruby260!rb_thread_call_without_gvl
0a fiddle!Init_fiddle
0b x64_msvcrt_ruby260!rb_error_arity
0c x64_msvcrt_ruby260!rb_vm_invoke_bmethod
0d x64_msvcrt_ruby260!rb_vm_invoke_bmethod
0e x64_msvcrt_ruby260!rb_check_funcall
0f x64_msvcrt_ruby260!rb_vm_exec
10 x64_msvcrt_ruby260!rb_check_funcall_with_hook
11 x64_msvcrt_ruby260!rb_rescue2
12 x64_msvcrt_ruby260!rb_f_notimplement
13 x64_msvcrt_ruby260!rb_error_arity
14 x64_msvcrt_ruby260!rb_vm_invoke_bmethod
15 x64_msvcrt_ruby260!rb_vm_invoke_bmethod
16 x64_msvcrt_ruby260!rb_check_funcall
17 x64_msvcrt_ruby260!rb_vm_exec
18 x64_msvcrt_ruby260!rb_yield_1
19 x64_msvcrt_ruby260!rb_check_block_call
1a x64_msvcrt_ruby260!rb_catch
1b x64_msvcrt_ruby260!rb_error_arity
1c x64_msvcrt_ruby260!rb_vm_invoke_bmethod
1d x64_msvcrt_ruby260!rb_vm_invoke_bmethod
1e x64_msvcrt_ruby260!rb_check_funcall
1f x64_msvcrt_ruby260!rb_vm_exec
20 x64_msvcrt_ruby260!rb_yield_1
21 x64_msvcrt_ruby260!rb_check_block_call
22 x64_msvcrt_ruby260!rb_catch
23 x64_msvcrt_ruby260!rb_error_arity
24 x64_msvcrt_ruby260!rb_vm_invoke_bmethod
25 x64_msvcrt_ruby260!rb_vm_invoke_bmethod
26 x64_msvcrt_ruby260!rb_check_funcall
27 x64_msvcrt_ruby260!rb_vm_exec
28 x64_msvcrt_ruby260!rb_iseqw_local_variables
29 x64_msvcrt_ruby260!rb_iseqw_local_variables
2a x64_msvcrt_ruby260!rb_error_arity
2b x64_msvcrt_ruby260!rb_vm_invoke_bmethod
2c x64_msvcrt_ruby260!rb_vm_invoke_bmethod
2d x64_msvcrt_ruby260!rb_check_funcall
2e x64_msvcrt_ruby260!rb_vm_exec
2f x64_msvcrt_ruby260!rb_call_end_proc
30 x64_msvcrt_ruby260!ruby_run_node
31 image00000000_00400000
32 image00000000_00400000
33 image00000000_00400000
34 KERNEL32!BaseThreadInitThunk
35 ntdll!RtlUserThreadStart

Looking in windbg, it looks like the handle was previously closed:

Handle = 0x00000000000004bc - CLOSE
Thread ID = 0x0000000000003d18, Process ID = 0x000000000000401c

0x00007ff98d90ab84: ntdll!NtClose+0x0000000000000014
0x00007ff983613040: vfbasics!AVrfpNtClose+0x0000000000000040
0x00007ff98a595012: KERNELBASE!CloseHandle+0x0000000000000062
0x00007ff98361512d: vfbasics!AVrfpCloseHandleCommon+0x00000000000000a1
0x00007ff9836151cd: vfbasics!AVrfpKernelbaseCloseHandle+0x000000000000001d
0x00007ff98d7ba98a: msvcrt!close_nolock+0x0000000000000062
0x00007ff98d7bb1de: msvcrt!_dup2_nolock+0x000000000000008e
0x00007ff98d7bb103: msvcrt!dup2+0x0000000000000133
0x000000006a668370: x64_msvcrt_ruby260!rb_w32_dup2+0x0000000000000010
0x000000006a57f868: x64_msvcrt_ruby260!rb_execarg_run_options+0x0000000000000628
0x000000006a507744: x64_msvcrt_ruby260!rb_file_open+0x0000000000002aa4
0x000000006a5091b3: x64_msvcrt_ruby260!rb_file_open+0x0000000000004513
0x000000006a6338d6: x64_msvcrt_ruby260!rb_error_arity+0x0000000000000136
0x000000006a63cd3e: x64_msvcrt_ruby260!rb_vm_invoke_bmethod+0x000000000000048e
0x000000006a63d433: x64_msvcrt_ruby260!rb_vm_invoke_bmethod+0x0000000000000b83

Full debug session text: ruby_invalid_handle_crash.TXT

[kou]

Calling Init_fiddle() by running irb on Windows isn't strange. Because Ruby Installer calls require "fiddle" on start: https://github.com/oneclick/rubyinstaller2/blob/master/lib/ruby_installer/build/dll_directory.rb#L1

Calling ffi_call() inside Init_fiddle() is strange. Could you set breakpoint on ffi_call() and get stacktrace on the breakpoint?