-
Notifications
You must be signed in to change notification settings - Fork 158
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Unexpected fatal runtime condition(s) observed: ExceptionLoadingPdb #161
Comments
Hey:
So BinSkim should be scanning the rest of the binaries you pass to it--the message atthe end simply means that some checks could not be run on that binary (as you need access private symbols to check some of the things that BinSkim is checking). BinSkim reports if it encountered that error at all after it has finished checking all of the binaries, and as you've observed also notes which checks couldn't run.
In general, with binaries you aren't compiling or don't have access to private symbols for (such as closed source third party dependencies), we recommend simply treating that message as informational. ("The tool couldn't evaluate this.")
Hope this helps,
Everett
Sent from Outlook
…________________________________
From: vbiala <notifications@github.com>
Sent: Wednesday, March 21, 2018 5:10:54 PM
To: Microsoft/binskim
Cc: Subscribed
Subject: [Microsoft/binskim] Unexpected fatal runtime condition(s) observed: ExceptionLoadingPdb (#161)
I am trying to run binskim through a VSTS build and it keeps crashing with ExceptionLoadingPdb error. After looking at all the logs generated, it looks like "libuv.dll" is the one causing the issue. Below is the error I see in logs:
error ERR997.ExceptionLoadingPdb : BA2006 : 'libuv.dll' was not evaluated for check 'BuildWithSecureTools' because its PDB could not be loaded. (E_PDB_NOT_FOUND (File not found))
libuv.dll is included with Kestrel from Microsoft. I was wondering if there is a way that binskim doesn't crash when it hits this exception and still finishes the process to check all other assemblies.
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FMicrosoft%2Fbinskim%2Fissues%2F161&data=04%7C01%7Cevmaus%40microsoft.com%7C65577aa924634ea5d89508d58f896170%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636572742565461936%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwifQ%3D%3D%7C-1&sdata=3cmlaPWopefXLr5C4Fwzzl8Z2ItFlz0MZb74tZjU%2FxU%3D&reserved=0>, or mute the thread<https://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAY8m3knU0LnPzkP0Qy7izcS4CwO5Kwhmks5tguwOgaJpZM4S2QI4&data=04%7C01%7Cevmaus%40microsoft.com%7C65577aa924634ea5d89508d58f896170%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C636572742565461936%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwifQ%3D%3D%7C-1&sdata=YHELRIJN%2Bdg85BeWBR85dhMAxovhLRPo8id5Ka4pG%2Bc%3D&reserved=0>.
|
I can treat them as information. The thing is I get this error in the end so it is just confusing that if binskim finished analyzing everything or not: But if it is expected, I can ignore this error. |
still getting this on MS Azure DevOps taksk. |
We're still seeing this too, can we pass in a flag for BinSkim to treat this like any other error so that a BinSkim crash is differentiated from a well-understood input error? |
Same here, it's very misleading and is preventing my ADO pipeline from succeeding. |
I am facing this issue as well, any resolution anyone know about? |
Bump - seeing this error as well. @Evmaus-MS How can errors be marked as optional for libraries where pdb files are not present? |
So -- as an FYI I haven't really been contributing to this project since late 2018 when I left Microsoft for another company. I'll re-open this issue for the current maintainers since it seems like the behavior here isn't ideal for some of the integration pipelines/etc., but I can't do much more than that. |
Same issue on azure pipelines |
Hello, everyone. First we're working on a general solution to baselining PDB load errors. What you'll be able to do is generate a current BinSkim log file, then configure your system to ignore any open issues (like a PDB load file for a Microsoft binary) while still generating newly found issues. I don't want to skip past the issue discussed here, though. The first thing to ask is whether you're specifying the Microsoft symbol server at analysis time, e.g., If "libuv.dll" is a Microsoft binary, this should pull in the PDB. I just ran a test on a local install, though, and I'm seeing an odd error return value |
My team does not use the default symbol server. The missing pdbs for us are not on it. |
Hi @JustinSchneiderPBI , in your scenario, do you have the pdbs near the dlls? |
I think I misread Michael's comment. It sounded like a question. We do have a symbol server, just not the default Microsoft symbol server. We use that and locally built pdbs for most dlls. Some dlls don't have the pdbs anywhere available. We want to be able to scan those along with the whole product without Binskim reporting a fatal runtime error that sounds like it crashed rather than ran as expected, producing a list of issues to fix. The baseline feature seems like it will get us there, though I haven't tried it out yet. |
Hi @JustinSchneiderPBI , since the PDB is required to do many of our analysis if you don't supply it will throw that "exception". Even with baseline, Binskim will still show that you are still missing PDBs... So, I think it won't solve your issue if you don't have the required files to complete it. Now, are those DLLs that you are analyzing third-party? Why don't you have the PDBs? |
Yes, they are 3rd-party PDBs. Yes, I understand the analysis is limited by missing PDBs. The key here is differentiating from:
|
Hi @JustinSchneiderPBI , if you have 10 DLLs where one of those isn't yours and it does not have PDB, for example. Unless you are facing another issue where it's halting the analysis, which that would be a problem. |
Hi, we just released a new prerelease version with some improvements for pdb reader. If you face any issue, pls, feel free to open a new issue. |
I am trying to run binskim through a VSTS build and it keeps crashing with ExceptionLoadingPdb error. After looking at all the logs generated, it looks like "libuv.dll" is the one causing the issue. Below is the error I see in logs:
error ERR997.ExceptionLoadingPdb : BA2006 : 'libuv.dll' was not evaluated for check 'BuildWithSecureTools' because its PDB could not be loaded. (E_PDB_NOT_FOUND (File not found))
libuv.dll is included with Kestrel from Microsoft. I was wondering if there is a way that binskim doesn't crash when it hits this exception and still finishes the process to check all other assemblies.
The text was updated successfully, but these errors were encountered: