search

DynamoRIO / dynamorio

Dynamic Instrumentation Tool Platform
Other
2.6k stars 553 forks source link

CRASH in dbghelp on net_unittests w/ dynamic drsyms #964

Open derekbruening opened 9 years ago

derekbruening commented 9 years ago

From bruen...@google.com on October 30, 2012 16:25:15

for drmem issue #1067 I was trying a dynamic drsyms as another workaround to avoid sscanf in libcmt.

I ran "-leaks_only -no_count_leaks -no_zero_stack -no_track_allocs" also doing debug DR -checklevel 1

some curiosities (xref issue #961 ):

[ RUN ] DiskCacheBackendTest.RecoverInsert [13308:9664:1030/155744:1314835550:WARNING:backend_impl.cc(1929)] Destroying invalid entry. [13308:9664:1030/155744:1314835597:WARNING:backend_impl.cc(1929)] Destroying invalid entry. [13308:9664:1030/155744:1314835613:WARNING:backend_impl.cc(1929)] Destroying invalid entry. <CURIOSITY : !last_deallocated->unload_in_progress || ((last_deallocated->last_unload_base <= module_base && module_base < (last_deallocated->last_unload_base + last_deallocated->last_unload_size)) && "race - multiple unmaps")

2 more of those

then:

[ RUN ] DiskCacheBackendTest.DisableFailure2 [13308:7304:1030/155825:1314876610:ERROR:rankings.cc(789)] Inconsistent LRU. [13308:7304:1030/155825:1314876610:ERROR:backend_impl.cc(1171)] Critical error found -8 <Application D:\derek\chromium\src\out\Debug\net_unittests.exe (13308). Unrecoverable Error at PC 0x03e8ae4e. Program aborted. 0xc0000005 0x00000000 0x03e8ae4e 0x03e8ae4e 0x00000000 0x00000000

0:000> kn 30

ChildEBP RetAddr

00 2417d59c 03e89670 dbghelp!Nt4Win32LiveSystemProvider::EnumModules+0x14e 01 2417d970 03e88f35 dbghelp!NtWin32LiveSystemProvider::StartHandleEnum+0x30 02 2417d980 03e877e8 dbghelp!NtWin32LiveSystemProvider::StartProcessEnum+0x139 03 2417dc14 03e87e20 dbghelp!Win32LiveSystemProvider::StartProcessEnum+0x18 04 2417e0c4 03e80c8e dbghelp!Win32LiveSystemProvider::GetClrEnum+0x51 05 2417e12c 03e80df8 dbghelp!WriteFullMemory+0x64e 06 2417e158 65b11858 dbghelp!WriteFullMemory+0x7b8 07 2417e194 65b116fa drsyms!load_module+0x108 [d:\derek\dr\git\src\ext\drsyms\drsyms_windows.c @ 304] 08 2417e1ac 65b1333d drsyms!lookup_or_load+0x7a [d:\derek\dr\git\src\ext\drsyms\drsyms_windows.c @ 343] 09 2417e1c4 65b134d3 drsyms!drsym_get_module_debug_kind+0x4d [d:\derek\dr\git\src\ext\drsyms\drsyms_windows.c @ 1319] 0a 2417e1e4 0446eaaf drsyms!drsym_module_has_symbols+0x113 [d:\derek\dr\git\src\ext\drsyms\drsyms_windows.c @ 1400] 0b 2417e1f0 0449c80b drmemorylib!module_has_debug_info+0xf [d:\derek\drmemory\git\src\common\utils.c @ 359] 0c 2417e520 0449b9b3 drmemorylib!symcache_read_symfile+0xdbb [d:\derek\drmemory\git\src\common\symcache.c @ 415] 0d 2417e584 0428d136 drmemorylib!symcache_module_load+0x5a3 [d:\derek\drmemory\git\src\common\symcache.c @ 576] 0e 2417e5e8 653e9228 drmemorylib!event_module_load+0x1f6 [d:\derek\drmemory\git\src\drmemory\drmemory.c @ 1430] 0f 2417e624 653e914b dynamorio!instrument_module_load+0xb8 [d:\derek\dr\git\src\core\x86\instrument.c @ 1719] 10 2417e640 653fe15e dynamorio!instrument_module_load_trigger+0x8b [d:\derek\dr\git\src\core\x86\instrument.c @ 1694] 11 2417e654 653fe5a0 dynamorio!process_image_post_vmarea+0x2e [d:\derek\dr\git\src\core\win32\os.c @ 2959] 12 2417e6a4 654189e2 dynamorio!process_mmap+0x1f0 [d:\derek\dr\git\src\core\win32\os.c @ 3159] 13 2417eb90 65412966 dynamorio!postsys_MapViewOfSection+0xca2 [d:\derek\dr\git\src\core\win32\syscall.c @ 3526] 14 2417edfc 65260bee dynamorio!post_system_call+0xd46 [d:\derek\dr\git\src\core\win32\syscall.c @ 3659] 15 2417ee24 652560f1 dynamorio!handle_post_system_call+0xce [d:\derek\dr\git\src\core\dispatch.c @ 1880] 16 2417ef10 65252a94 dynamorio!dispatch_enter_dynamorio+0xd71 [d:\derek\dr\git\src\core\dispatch.c @ 744] 17 2417eff4 241a218c dynamorio!dispatch+0x14 [d:\derek\dr\git\src\core\dispatch.c @ 142] WARNING: Frame IP not in any known module. Following frames may be wrong. 18 0018e0f4 77d7c578 0x241a218c 19 0018e1e8 77d7c3a9 ntdll!LdrpFindOrMapDll+0x333 1a 0018e368 77d7c4d5 ntdll!LdrpLoadDll+0x2b2 1b 0018e3a0 755b2c95 ntdll!LdrLoadDll+0xaa 1c 0018e3dc 771a9d43 KERNELBASE!LoadLibraryExW+0x1f1 1d 0018e3f8 771a9cc7 ole32!LoadLibraryWithLogging+0x16 [d:\w7rtm\com\ole32\common\loadfree.cxx @ 157] 0:000> r Last set context: eax=00000000 ebx=00000001 ecx=00000002 edx=00000002 esi=00000000 edi=2417d73c eip=03e8ae4e esp=2417d584 ebp=2417d59c iopl=0 nv up ei pl nz na pe nc cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00010202 dbghelp!Nt4Win32LiveSystemProvider::EnumModules+0x14e: 03e8ae4e f3a4 rep movsb ds:00000000=?? es:2417d73c=03 0:000> .frame 7 07 2417e194 65b116fa drsyms!load_module+0x108 [d:\derek\dr\git\src\ext\drsyms\drsyms_windows.c @ 304] 0:000> dv proc = 0xffffffff path = 0x2572e960 "C:\Windows\SysWOW64\shell32.dll" ext = 0x2572e97b ".dll" size = 0xc47000 base = 0x78570000 0:000> ?? dynamorio!heapmgt->vmheap struct vm_heap_t +0x000 start_addr : 0x240d0000 "" +0x004 end_addr : 0x2c0d0000 "MZ???" +0x008 alloc_start : (null) +0x00c alloc_size : 0x8000000 +0x010 num_blocks : 0x800 +0x014 lock : _mutex_t +0x060 num_free_blocks : 0x184 +0x064 blocks : [256] 0

Original issue: http://code.google.com/p/dynamorio/issues/detail?id=964

derekbruening commented 9 years ago

From bruen...@google.com on October 30, 2012 13:29:48

this is using c:/Program\ Files\ (x86)/Debugging\ Tools\ for\ Windows/dbghelp.dll for windbg 6.3 which has more dependencies and seems more difficult to support than the DDK one I used to use. xref issue #963 .