drmemory -version crashing on Win10/32bit ...

27 views
Skip to first unread message

Roland Mainz

unread,
Oct 18, 2024, 7:39:32 AMOct 18
to Dr. Memory Users

Hi!

----

drmemory cronbuild-2.6.20005 crashes on Windows 10/32bit, even a plain $ drmemory -version # fails.

gdb stack trace looks like this:
---- snip ---
(gdb) where
#0  0x7a10834d in dynamorio!dr_symbol_export_iterator_stop () from /cygdrive/c/Program Files/Dr. Memory/bin/dynamorio.dll
#1  0x004fdc78 in ?? ()
#2  0x7a0d8f52 in dynamorio_earliest_init_takeover () from /cygdrive/c/Program Files/Dr. Memory/bin/dynamorio.dll
#3  0xffffffff in ?? ()
#4  0x00000000 in ?? ()
---- snip ----

Before I file a bug... 32bit Windows is still supported, right ?

----

Bye,
Roland

Cedric Blancher

unread,
Oct 19, 2024, 10:36:18 AMOct 19
to Dr. Memory Users
I can reproduce this issue, filed https://github.com/DynamoRIO/drmemory/issues/2530 for it.

Ced

Roland Mainz

unread,
Oct 28, 2024, 5:26:36 AMOct 28
to Dr. Memory Users
On Saturday, October 19, 2024 at 4:36:18 PM UTC+2 Cedric Blancher wrote:
On Friday, October 18, 2024 at 1:39:32 PM UTC+2 Roland Mainz wrote:

Hi!

----

drmemory cronbuild-2.6.20005 crashes on Windows 10/32bit, even a plain $ drmemory -version # fails.

gdb stack trace looks like this:
---- snip ---
(gdb) where
#0  0x7a10834d in dynamorio!dr_symbol_export_iterator_stop () from /cygdrive/c/Program Files/Dr. Memory/bin/dynamorio.dll
#1  0x004fdc78 in ?? ()
#2  0x7a0d8f52 in dynamorio_earliest_init_takeover () from /cygdrive/c/Program Files/Dr. Memory/bin/dynamorio.dll
#3  0xffffffff in ?? ()
#4  0x00000000 in ?? ()
---- snip ----

Before I file a bug... 32bit Windows is still supported, right ?
>  I can reproduce this issue, filed https://github.com/DynamoRIO/drmemory/issues/2530 for it.

Thanks...
.... in the meantime I got a stack trace from WinDBG:
---- snip ----
(340.fc0): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=00cfdbf0 ebx=00a6a000 ecx=00000000 edx=00000000 esi=00cfdbe4 edi=00000000
eip=7901834d esp=00cfdbb4 ebp=00cfdcb0 iopl=0         nv up ei pl nz na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00010202
dynamorio!dr_symbol_export_iterator_stop+0xe5ed:
7901834d ea548301793300  jmp     0033:79018354
0:000> kp
 # ChildEBP RetAddr      
WARNING: Stack unwind information not available. Following frames may be wrong.
00 00cfdcb0 78fe8f52     dynamorio!dr_symbol_export_iterator_stop+0xe5ed
01 00cff7a8 000ae87a     dynamorio!dynamorio_earliest_init_takeover+0x1805
02 (Inline) --------     drmemory!invoke_main(void)+0x1c [D:\a\_work\1\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl @ 90]
03 00cff7f0 760cd839     drmemory!__scrt_common_main_seh(void)+0xfa [D:\a\_work\1\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl @ 288]
04 00cff800 7752254d     KERNEL32!BaseThreadInitThunk+0x19
05 00cff85c 77522521     ntdll!__RtlUserThreadStart+0x2b
06 00cff86c 00000000     ntdll!_RtlUserThreadStart+0x1b
---- snip ----

Disabling Windows Defender, disabling NX and turning APLR off all does not help... ;-(

----

Bye,
Roland

Derek Bruening

unread,
Oct 28, 2024, 11:48:12 AMOct 28
to drmemor...@googlegroups.com
Symbols are missing from the stack trace: "dynamorio!dr_symbol_export_iterator_stop+0xe5ed", etc. are are just the closest exported symbols as you can see from the huge offsets +0xe5ed. See https://dynamorio.org/page_debugging.html#autotoc_md157 on loading symbols.

--

---
You received this message because you are subscribed to the Google Groups "Dr. Memory Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to drmemory-user...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/drmemory-users/237669a5-5117-4299-8ead-b7bab042477bn%40googlegroups.com.

Roland Mainz

unread,
Nov 1, 2024, 9:39:23 AMNov 1
to Dr. Memory Users
On Monday, October 28, 2024 at 4:48:12 PM UTC+1 Derek wrote:
Symbols are missing from the stack trace: "dynamorio!dr_symbol_export_iterator_stop+0xe5ed", etc. are are just the closest exported symbols as you can see from the huge offsets +0xe5ed. See https://dynamorio.org/page_debugging.html#autotoc_md157 on loading symbols.

I cannot get this working on a Windows 10/32bit machine + https://github.com/DynamoRIO/drmemory/releases/tag/cronbuild-2.6.20005 with WinDBG:
---- snip ----
0:000> $><C:\cygwin\home\roland_mainz\tmp\drmemorystacktrace\dynamorio-a15656a0c47eb9fd941ac572d44116e24ff51665\tools\windbg-scripts\load_syms
Memory access error at ') + @$t0+5) & 0xfffff000);;$$ Check magic values to avoid executing random command w/o DynamoRIO;.if (dwo(@$t1) = b1d2ae58) {;    .if (dwo(@$t1 + 4) = ca50c356) {;        .if (dwo(@$t1 + 8) = 63000089) {;
  .if (dwo(@$t1 + c) = 3fa898f0) {;                aS /c ${/v:loadpriv} .printf "%ma", @$t1 + 2c;                .block { ${loadpriv} };                ad ${/v:loadpriv};            } .else {;                .echo "DynamoRIO not detected"
;            };        } .else {;            .echo "DynamoRIO not detected";        };    } .else {;        .echo "DynamoRIO not detected";    };} .else {;    .echo "DynamoRIO not detected";};'
0:000> kp

ChildEBP RetAddr
WARNING: Stack unwind information not available. Following frames may be wrong.
004fdee0 54618f52     dynamorio!dr_symbol_export_iterator_stop+0xe5ed
004ff9d8 0002e87a     dynamorio!dynamorio_earliest_init_takeover+0x1805
(Inline) --------     drmemory!invoke_main(void)+0x1c
004ffa20 76d3d839     drmemory!__scrt_common_main_seh(void)+0xfa
004ffa30 777c254d     KERNEL32!BaseThreadInitThunk+0x19
004ffa8c 777c2521     ntdll!__RtlUserThreadStart+0x2b
004ffa9c 00000000     ntdll!_RtlUserThreadStart+0x1b
---- snip ---

Does anyone have any ideas how to debug this ?

----

Bye,
Roland

Roland Mainz

unread,
Nov 16, 2024, 7:52:27 AMNov 16
to Dr. Memory Users
ping ?!

----

Bye,
Roland

Derek Bruening

unread,
Nov 19, 2024, 12:27:46 PMNov 19
to Dr. Memory Users
If this is very early in init load_syms may not work.  Issue an explicit load, with the directory to dynamorio.dll and the loaded address replacing these values of course:

.sympath c:\path\to\lib64\debug\
.reload /f /i dynamorio.dll=71000000

Reply all
Reply to author
Forward
0 new messages