derekbruening
commented
9 years ago From zhao...@google.com on November 05, 2013 08:26:39
Status: Accepted
Owner: zhao...@google.com
Open derekbruening opened 9 years ago
derekbruening
commented
9 years ago From zhao...@google.com on November 05, 2013 08:26:39
Status: Accepted
Owner: zhao...@google.com
derekbruening
commented
9 years ago From bruen...@google.com on November 05, 2013 09:11:14
To analyze, we need the TEB stack range and the memory page attributes of any pages left in that range not in 0x00091000, 0x00091000+0x000ff000
From zhao...@google.com on November 05, 2013 10:28:11
0:001> g (2db4.4b14): Stack overflow - code c00000fd (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00000020 ebx=fffde000 ecx=1f27a9c4 edx=00000013 esi=00000000 edi=00000000 eip=57c38ca9 esp=00092f94 ebp=00093244 iopl=0 nv up ei pl nz na pe nc cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010202 dynamorio!common_heap_alloc+0x9: 57c38ca9 56 push esi
dynamorio!common_heap_alloc: 57c38ca0 55 push ebp 57c38ca1 8bec mov ebp,esp 57c38ca3 81ecb0020000 sub esp,0x2b0 57c38ca9 56 push esi
0:000> r esp esp=00092f94 0:000> r ebp ebp=00093244
0:000> !vadump ... BaseAddress: 00091000 RegionSize: 000ff000 State: 00001000 MEM_COMMIT Protect: 00000004 PAGE_READWRITE Type: 00020000 MEM_PRIVATE
the esp value is way different from dstack, it is using app's stack. 0:000> dt dcontext Local var @ 0x9326c Type _dcontext_t* 0x1f27a700 +0x000 upcontext :
+0x158 upcontext_ptr : 0x1f27a700
+0x15c next_tag : 0x20c5b4f3 "d???"
+0x160 last_exit : 0x57e1a100
+0x164 dstack : 0x1f2bf000 ""
0:000> dt mc Local var @ 0x93764 Type _dr_mcontext_t* 0x00093a18 +0x000 size : 0x148 +0x004 flags : 3 (No matching name) +0x008 xdi : 4 +0x008 edi : 4 +0x00c xsi : 0x93b6c +0x00c esi : 0x93b6c +0x010 xbp : 0x93b70 +0x010 ebp : 0x93b70
0:000> kn
ChildEBP RetAddr
00 00093244 57c3ca6d dynamorio!common_heap_alloc+0x9 [d:\src\cygwin\home\zhaoqin\workspace\drmemory\drmemory.git\dynamorio\core\heap.c @ 3212] 01 00093264 57d4ed5a dynamorio!heap_alloc+0x3d [d:\src\cygwin\home\zhaoqin\workspace\drmemory\drmemory.git\dynamorio\core\heap.c @ 3526] 02 0009328c 73956147 dynamorio!dr_try_setup+0xca [d:\src\cygwin\home\zhaoqin\workspace\drmemory\drmemory.git\dynamorio\core\x86\instrument.c @ 2870] 03 0009338c 73953299 drmemorylib!is_retaddr+0x97 [d:\src\cygwin\home\zhaoqin\workspace\drmemory\drmemory.git\common\callstack.c @ 953] 04 00093674 73959c32 drmemorylib!print_callstack+0x9b9 [d:\src\cygwin\home\zhaoqin\workspace\drmemory\drmemory.git\common\callstack.c @ 1261] 05 00093704 739650f5 drmemorylib!packed_callstack_record+0x712 [d:\src\cygwin\home\zhaoqin\workspace\drmemory\drmemory.git\common\callstack.c @ 1580] 06 00093744 739650b1 drmemorylib!get_shared_callstack+0x35 [d:\src\cygwin\home\zhaoqin\workspace\drmemory\drmemory.git\drmemory\alloc_drmem.c @ 412] 07 00093758 7392bee9 drmemorylib!client_add_malloc_pre+0x31 [d:\src\cygwin\home\zhaoqin\workspace\drmemory\drmemory.git\drmemory\alloc_drmem.c @ 443] 08 000937b0 7392bd3d drmemorylib!notify_client_alloc+0x79 [d:\src\cygwin\home\zhaoqin\workspace\drmemory\drmemory.git\common\alloc_replace.c @ 701] 09 000939c4 739298c6 drmemorylib!replace_alloc_common+0x224d [d:\src\cygwin\home\zhaoqin\workspace\drmemory\drmemory.git\common\alloc_replace.c @ 1655] 0a 00093b70 0065c366 drmemorylib!replace_malloc+0x1c6 [d:\src\cygwin\home\zhaoqin\workspace\drmemory\drmemory.git\common\alloc_replace.c @ 2302]
Original issue: http://code.google.com/p/drmemory/issues/detail?id=1369