BugId as a JIT Debugger not working

maxcoderrrr commented 10 months ago

Hi,

As a potential workaround to the issue outlined in https://github.com/SkyLined/BugId/issues/119, I thought I could try to run BugId as a JIT debugger. My idea was to just start the application regularly, and then manually open the file that causes a crash and have BugId attach at that point and perform its analysis.

However, I ran into another issue in that it doesn't launch as expected when a crash is encountered.

The documentation states this:

-I [arguments]

    Install as the default JIT debugger on the system. This allows BugId to
    generate a report whenever an application crashes.
    All arguments after -I will be passed to BugId whenever it is started as
    the JIT debugger. It might be useful to add arguments such as "--pause"
    to leave the BugId window open after it generated a report, "--full-dump"
    to generate a full memory dump and "--reports=<path>" to have the reports
    stored in a specific folder. If you do not provide "--reports", it will
    be added automatically to make sure the reports are saved in a folder that
    BugId can write to, and which you can easily find.
    Here's what I normally use:
      BugId -I --collateral=10 "--reports=%USERPROFILE%\BugId reports" --full-dump

Accordingly, I used the following command:

C:\bugid3>BugId.py -I --collateral=10 "--reports=%USERPROFILE%\BugId reports" --full-dump
√ BugId is already installed as the default JIT debugger.
  Command line: C:\Python311\python.exe C:\bugid3\BugId.py --pause "--pid=%ld" "--handle-jit-event=%ld" --collateral=10 "--reports=C:\Users\admin\BugId reports" --full-dump

My understanding would be that it should now get executed whenever an application crashes, however, this is not the case. For example, if I specify WinDbg or x64debug as the JIT debugger, they get invoked immediately when a crash is triggered. But having BugId configured, nothing happens. I also don't see it being invoked when monitoring with Procmon and Process Explorer.

Similarly, when executing BugId with the --jit argument to see the details of the curently installed JIT debugger, I am getting the following exception:

C:\bugid3>BugId.py -v --jit
┌───[ Current JIT Debugger ]───────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
┌───[ Fatal builtins.NameError Exception in thread 8428/0x20EC (MainThread) ]──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
│ Undefined variable oRegistryValue.
│
│ Local variables:
│   o0RegistryValue = <mRegistry.cRegistryValue.cRegistryValue object at 0x0000024C67DEB650>#24C67DEB650
│   oRegistryHiveKey = <cRegistryHiveKey HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AEDebug>#24C66C08890
│
│ Stack for thread 8428/0x20EC (MainThread):
│ ─┐ <module> @ C:\bugid3\BugId.py:1285
│  │ 1284:    try:
│  │ 1285:      fMain();
│  ├─┐ fMain @ C:\bugid3\BugId.py:720
│  ╷ │ 719:        elif s0LowerName in ["jit"]:
│  ╷ │ 720:          fOutputCurrentJITDebuggerSettings();
│  ╷ ├─┐ fOutputCurrentJITDebuggerSettings @ C:\bugid3\fOutputCurrentJITDebuggerSettings.py:13
│  ╷ ╷ │ 12:    oConsole.fOutput("┌───[", COLOR_INFO, " Current JIT Debugger ", COLOR_NORMAL, "]", sPadding = "─");
│  ╷ ╷ │ 13:    xCurrentJITDebuggerCommandLine = fxGetCurrentJITDebuggerCommandLine();
│  ╷ ╷ ├─┐ fxGetCurrentJITDebuggerCommandLine @ C:\bugid3\fxGetCurrentJITDebuggerCommandLine.py:23
│  ╷ ╷ ╷ │ 22:    return None;
│  ╷ ╷ ╷ │ 23:  return oRegistryValue.xValue;
│  ╷ ╷ ╒═╛ ▲ NameError("name 'oRegistryValue' is not defined")
│  ╷ ╷ │ fOutputCurrentJITDebuggerSettings @ C:\bugid3\fOutputCurrentJITDebuggerSettings.py:59
│  ╷ ╷ │ 58:  finally:
│  ╷ ╷ │ 59:    oConsole.fUnlock();
│  ╒═══╛
│  │ <module> @ C:\bugid3\BugId.py:1294
│  │ 1293:      cException, oException, oTraceBack = sys.exc_info();
│  │ 1294:      fSaveInternalExceptionReportAndExit(oException, oTraceBack);
│ ═╛ ▲ Application terminated because exception was not handled.
└──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

Please report the above details at the below web-page so it can be addressed:
    https://github.com/SkyLined/BugId/issues/new
If you do not have a github account, or you want to report this issue
privately, you can also send an email to:
    BugId@skylined.nl

In your report, please copy ALL the information about the exception reported
above, as well as the stack trace and BugId version information. This makes
it easier to determine the cause of this issue and makes for faster fixes.

  ____________________________________________________________________________
                              __
   ││▌║█▐▐║▌▌█│║║│      _,siSP**YSis,_       ╒╦╦══╦╗             ╒╦╦╕    ╔╦╕
   ││▌║█▐▐║▌▌█│║║│    ,SP*'`    . `'*YS,      ║╠══╬╣ ╔╗ ╔╗ ╔╦═╦╗  ║║  ╔╦═╬╣
   ╵2808197631337╵   dS'  _    |    _ 'Sb    ╘╩╩══╩╝ ╚╩═╩╝ ╚╩═╬╣ ╘╩╩╛ ╚╩═╩╝
                    dP     \,-` `-<` `  Y;                 ╚╩═╩╝    ╮╷╭
      ╮╷╭          ,S`  \+' \      \    `Sissssssssssssssssssss,   :O()    ╲ö╱
     :O()          (S   (   | --====)   :SSSSSSSSSSSSSSSSSSSSSSD    ╯╵╰    ─O─
      ╯╵╰  ╮╷╭     'S,  /+, /      /    ,S?********************'           ╱O╲
           ()O:     Yb    _/'-_ _-<._.  dP
           ╯╵╰       YS,       |      ,SP         https://bugid.skylined.nl
  ____________________`Sbs,_    ' _,sdS`______________________________________
                        `'*YSissiSY*'`
                              ``
┌───[ Version information ]────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
│ ▲ BugId version: 2022-12-12 12:05 (in trial period).
│ ▲ mBugId version: 2022-12-12 12:05 (in trial period).
│ √ mConsole version: 2022-12-12 12:05.
│ √ mDateTime version: 2022-12-12 12:04.
│ √ mDebugOutput version: 2022-12-12 12:05.
│ √ mFileSystemItem version: 2022-12-12 12:05.
│ √ mHumanReadable version: 2022-12-12 12:04.
│ √ mMultiThreading version: 2022-12-12 12:05.
│ √ mNotProvided version: 2022-12-12 12:04.
│ √ mProductDetails version: 2022-12-12 12:05.
│ √ mRegistry version: 2022-12-12 12:05.
│ √ mWindowsAPI version: 2022-12-12 12:05.
│ √ mWindowsSDK version: 2022-12-12 12:04.
│ • Windows version: Windows 10 Pro release 2009, build 19045 x64.
│ • Python version: 3.11.1 x64.
│ • cdb.exe (x86) version: 10.0.22621.2428.
│ • cdb.exe (x64) version: 10.0.22621.2428.
└──────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
Thank you in advance for helping to improve BugId!
√ A copy of the error report can be found in C:\bugid3\Internal error reports\2023-11-27 12։40։01.865682 BugId error report #20.txt.

The Debugger value (type REG_SZ) inside the registry has it correctly registered:

C:\Python311\python.exe C:\bugid3\BugId.py --pause "--pid=%ld" "--handle-jit-event=%ld" --collateral=10 "--reports=C:\Users\admin\BugId reports" --full-dump

The affected code from fxGetCurrentJITDebuggerCommandLine.py:

  o0RegistryValue = oRegistryHiveKey.fo0GetValueForName(sValueName = "Debugger");
  if o0RegistryValue is None:
    return zNotProvided;
  if o0RegistryValue.sTypeName != "REG_SZ":
    return None;
  return oRegistryValue.xValue;

Is there a different way on how I should configure and invoke it?

maxcoderrrr commented 10 months ago

While preparing a pull request for a simple fix for the --jit command, I noticed that it is already fixed. It's just that the BugId Release (https://github.com/SkyLined/BugId/releases/download/2022-12-12_12.05/BugId.release.2022-12-12.12.05.zip) doesn't have it applied.

The issue is that inside fxGetCurrentJITDebuggerCommandLine.py, the return oRegistryValue.xValue; should be return o0RegistryValue.xValue;

This will result in a correct output:

C:\bugid3>BugId.py --jit
┌───[ Current JIT Debugger ]────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
│ √ JIT debugger: BugId.
│   Arguments: --pause "--pid=%ld" "--handle-jit-event=%ld" --collateral=10 "--reports=C:\Users\admin\BugId reports" --full-dump
└─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────

However, the main issue, BugId not being invoked as a JIT debugger, still persists.

maxcoderrrr commented 10 months ago

Thank you, that works!

SkyLined commented 6 months ago

I assume you mean that the changes suggested by @h4x-x0r fixed the issue? Based on that assumption, I am closing this issue.

https://github.com/SkyLined/BugId/pull/123

SkyLined / BugId

BugId as a JIT Debugger not working #121