search

DynamoRIO / drmemory

Memory Debugger for Windows, Linux, Mac, and Android
Other
2.44k stars 262 forks source link

drsyscall needs updating for Windows 10 anniversary update #1906

Closed lukefor closed 8 years ago

lukefor commented 8 years ago

WARNING: sysnum table 0x94 != wrapper 0x95 for NtCompactKeys Recorded 115 suppression(s) from default C:\Program Files (x86)\Dr. Memory\bin\suppress-default.txt ASSERT FAILURE (thread 7756): d:\drmemory_package\drsyscall\drsyscall_windows.c:409: false (syscall number table error detected)

bailehang commented 8 years ago

I'm WIN10 development environment.Can I do something to help ?

derekbruening commented 8 years ago

Thank you for the offer. Dr. Memory is certainly in need of more contributors.

The first step is to get Dr. Memory's core tool platform, DynamoRIO (or "DR), working. It may well work now due to recent efforts to future-proof it (https://github.com/DynamoRIO/dynamorio/issues/1598). Maybe you could check whether it works now? From a Dr. Memory package directory, try something like:

dynamorio\bin32\drrun.exe -- notepad

Another step is to identify all of the new system calls and decide whether DR needs to take action when it sees them.

Further steps involve updating the system call information in drsyscall.

Xref goals of future-proofing Dr. Memory, as this new model of major updates coming out more frequently is not easy to support for low-level tools like ours:

derekbruening commented 8 years ago

Update to prior post: run notepad, not calc (forgot that they changed calc to be indirectly launched via svchost), so:

dynamorio\bin32\drrun.exe -- notepad
bailehang commented 8 years ago

Microsoft Windows [var 10.0.10586] run drrun.exe is OK.And I test windows cmake DynamoRIO with VS have a error at make/cpp2asm_support.cmake:229 (message): assembler not found: required to build
is short of ml.exe?This happened WIN7 and WIN10.

derekbruening commented 8 years ago

Are you building 64-bit and you do not have ml64 installed and on the path?

bailehang commented 8 years ago

I tested cmake in windows 7(64-bit).This computer is Intranet(cut off the outside network, pure original system, can only transfer files) in my company,while I was using Cmake to compile ,ML.exe,perl,uuid.lib ...got lost. I will test my computer this weekend again. I tested cmake compiled in linux is OK.
And I tested 64-bit drrun.exe released in windows10 is OK. I would like to know the reason why the DynamoRIO and Drmemory are separated?

derekbruening commented 8 years ago

Xref https://github.com/DynamoRIO/dynamorio/issues/1987

derekbruening commented 8 years ago

I would like to know the reason why the DynamoRIO and Drmemory are separated?

DynamoRIO is a general tool platform for building a wide range of tools. Dr. Memory is a particular tool that uses that platform.

derekbruening commented 8 years ago

1908 should help with future updates as a data file instead of a full release.

derekbruening commented 8 years ago

Fixed in:

0b305c7 i#1906 Win10-1607: support win32u combined syscalls for table generation d09ce5c i#1906 Win10-1607: update syscall tables and version checks