search

SkyLined / BugId

Detect, analyze and uniquely identify crashes in Windows applications
https://bugid.skylined.nl
Other
499 stars 90 forks source link

BugId generates error when disassembly has more than 4 tsbArguments #126

Closed gnbon closed 5 months ago

gnbon commented 7 months ago

BugId generates error when disassembly has more than 4 tsbArguments. Testing environment is x86 binary. Error log is like this:

┌───[ Fatal builtins.AssertionError Exception in thread 1628/0x65C (cThread#26F1FAD4B10{main = __fRun, #1628, running}) ]────────────────
│ 'tsbArguments' must be 'bytes', 'bytes', 'bytes', 'bytes', 'bytes', or 'bytes', not 'tuple' ((b'xmm0', b'xmm0', b'edx', b'1'))
│
│ Local variables:
│   oSelf = <mBugId.mDisassembler.cInstruction.cInstruction object at 0x0000026F1FAC2FD0>#26F1FAC2FD0
│   sbBytes = <instance builtins:bytes 'b\'\\xc4\\xe3y"\\xc2\\x01\''>#26F1FBBE340
│   sbName = <instance builtins:bytes "b'vpinsrd'">#26F1FBBEF10
│   tsbArguments = tuple(<instance builtins:bytes "b'xmm0'">#26F1FBBE040, <instance builtins:bytes "b'xmm0'">#26F1FBBEEE0, <instance builtins:bytes "b'edx'">#26F1FBBF270, <instance builtins:bytes "b'1'">#26F1FBBEF40)#26F1FA94D10
│   uAddress = 1757379661
│
│ Stack for thread 1628/0x65C (cThread#26F1FAD4B10{main = __fRun, #1628, running}):
│ ─┐ __fRun @ C:\BugId\modules\mBugId\cCdbWrapper\cCdbWrapper_cHelperThread.py:66
│  │ 65:      try:
│  │ 66:        oSelf.__fActivity(*oSelf.__axActivityArguments);
│  ├─┐ cCdbWrapper_fCdbStdInOutHelperThread @ C:\BugId\modules\mBugId\cCdbWrapper\cCdbWrapper_fCdbStdInOutHelperThread.py:54
│  ╷ │ 53:    oCdbWrapper.fbFireCallbacks("Log message", "Main loop #%d" % uMainLoopCounter);
│  ╷ │ 54:    (bEventIsFatal, bEventHasBeenHandled) = oCdbWrapper.ftbHandleLastCdbEvent(asbOutputWhileRunningApplication);
│  ╷ ├─┐ cCdbWrapper_ftbHandleLastCdbEvent @ C:\BugId\modules\mBugId\cCdbWrapper\cCdbWrapper_ftbHandleLastCdbEvent.py:229
│  ╷ ╷ │ 228:  ### Report bug and see if the collateral bug handler can ignore it #################################################
│  ╷ ╷ │ 229:  o0BugReport.fReport();
│  ╷ ╷ ├─┐ cBugReport?.fReport @ C:\BugId\modules\mBugId\cBugReport\cBugReport.py:280
│  ╷ ╷ ╷ │ 279:        if oFrame.u0InstructionPointer is not None:
│  ╷ ╷ ╷ │ 280:          s0FrameDisassemblyHTML = oSelf.fs0GetDisassemblyHTML(
│  ╷ ╷ ╷ ├─┐ cBugReport_fs0GetDisassemblyHTML @ C:\BugId\modules\mBugId\cBugReport\cBugReport_fs0GetDisassemblyHTML.py:64
│  ╷ ╷ ╷ ╷ │ 63:    if (uStartAddress < uLastAddress):
│  ╷ ╷ ╷ ╷ │ 64:      o0DisassemblyBeforeAddress = oProcess.fo0GetDisassemblyForStartAddressAndNumberOfBytes(
│  ╷ ╷ ╷ ╷ ├─┐ cProcess?.fo0GetDisassemblyForStartAddressAndNumberOfBytes @ C:\BugId\modules\mBugId\cProcess\cProcess.py:257
│  ╷ ╷ ╷ ╷ ╷ │ 256:  def fo0GetDisassemblyForStartAddressAndNumberOfBytes(oSelf, uStartAddress, uNumberOfBytes):
│  ╷ ╷ ╷ ╷ ╷ │ 257:    return fo0GetDisassemblyForProcessStartAddressAndNumberOfBytes(
│  ╷ ╷ ╷ ╷ ╷ ├─┐ fo0GetDisassemblyForProcessStartAddressAndNumberOfBytes @ C:\BugId\modules\mBugId\mDisassembler\fo0GetDisassemblyForProcessStartAddressAndNumberOfBytes.py:17
│  ╷ ╷ ╷ ╷ ╷ ╷ │ 16:      "Request to disassemble %d bytes seems a little excessive!" % uNumberOfBytes;
│  ╷ ╷ ╷ ╷ ╷ ╷ │ 17:  return fo0GetDisassemblyForProcessAndCdbCommand(
│  ╷ ╷ ╷ ╷ ╷ ╷ ├─┐ fo0GetDisassemblyForProcessAndCdbCommand @ C:\BugId\modules\mBugId\mDisassembler\fo0GetDisassemblyForProcessAndCdbCommand.py:129
│  ╷ ╷ ╷ ╷ ╷ ╷ ╷ │ 128:          tsbArguments = tuple();
│  ╷ ╷ ╷ ╷ ╷ ╷ ╷ │ 129:        aoInstructions.append(cInstruction(uAddress, sbBytes, sbName, tsbArguments));
│  ╷ ╷ ╷ ╷ ╷ ╷ ╷ ├─┐ cInstruction?.__init__ @ C:\BugId\modules\mBugId\mDisassembler\cInstruction.py:8
│  ╷ ╷ ╷ ╷ ╷ ╷ ╷ ╷ │ 7:  def __init__(oSelf, uAddress, sbBytes, sbName, tsbArguments):
│  ╷ ╷ ╷ ╷ ╷ ╷ ╷ ╷ │ 8:    fAssertTypes({
│  ╒═══════════════╛ ▲ Assertion failed: "'tsbArguments' must be 'bytes', 'bytes', 'bytes', 'bytes', 'bytes', or 'bytes', not 'tuple' ((b'xmm0', b'xmm0', b'edx', b'1'))"
│  │ __fRun @ C:\BugId\modules\mBugId\cCdbWrapper\cCdbWrapper_cHelperThread.py:74
│  │ 73:        cException, oException, oTraceBack = sys.exc_info();
│  │ 74:        if not oSelf.__oCdbWrapper.fbFireCallbacks("Internal exception", oSelf.__oThread, oException, oTraceBack):
│ ═╛ ▲ Application terminated because exception was not handled.
└────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────
SkyLined commented 5 months ago

I remove the limit to avoid this crash. https://github.com/SkyLined/mBugId/commit/976f78121024bb4b7fe26425a6f30327715b69d8