Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

static client issues on Windows #2040

Open
derekbruening opened this issue Oct 20, 2016 · 2 comments
Open

static client issues on Windows #2040

derekbruening opened this issue Oct 20, 2016 · 2 comments
Assignees
@derekbruening
Labels
Bug-Assert OpSys-Windows

Comments

@derekbruening
Copy link
Contributor

Split from #975

The burst-threads test for #1729 hits this assert on takeover:

pre-DR start
<Application D:\derek\dr\build_suite\build_debug-internal-32\clients\bin32\tool.drcacheoff.burst_threads.exe (1936).  Internal Error: DynamoRIO debug check failure: D:\derek\dr\git\src\core\dispatch.c:939 dcontext->app_fls_data == NULL || dcontext->app_fls_data != dcontext->priv_fls_data

This may be related to the private loader being disabled? Or to #2034 mixing threads around?
@derekbruening derekbruening self-assigned this Oct 20, 2016
@derekbruening
Copy link
Contributor Author

I added a setup;detach test to static_noclient and it hits this
app_fls_data assert but only under ctest:

% ctest -V -R static_nocli
UpdateCTestConfiguration  from :D:/derek/dr/git/build_x64_dbg_tests/DartConfiguration.tcl
Parse Config file:D:/derek/dr/git/build_x64_dbg_tests/DartConfiguration.tcl
UpdateCTestConfiguration  from :D:/derek/dr/git/build_x64_dbg_tests/DartConfiguration.tcl
Parse Config file:D:/derek/dr/git/build_x64_dbg_tests/DartConfiguration.tcl
Test project D:/derek/dr/git/build_x64_dbg_tests
Constructing a list of tests
Done constructing a list of tests
Checking test dependency graph...
Checking test dependency graph end
test 210
    Start 210: code_api|api.static_noclient

210: Test command: D:\derek\dr\git\build_x64_dbg_tests\bin64\drrun.exe "-s" "90" "-quiet" "-debug" "-use_dll" "D:/derek/dr/git/build_x64_dbg_tests/lib64/debug/dynamorio.dll" "-exit0" "-noinject" "-stderr_mask" "0xC" "-msgbox_mask" "0" "-dumpcore_mask" "0x7d" "-staged" "-code_api" "--" "D:/derek/dr/git/build_x64_dbg_tests/suite/tests/bin/api.static_noclient.exe"
210: Test timeout computed to be: 1500
210: pre-DR init
210: pre-DR start
210: <Application D:\derek\dr\git\build_x64_dbg_tests\suite\tests\bin\api.static_noclient.exe (7084).  Internal Error: DynamoRIO debug check failure: D:\derek\dr\git\src\core\dispatch.c:1009 dcontext->app_fls_data == NULL || dcontext->app_fls_data != dcontext->priv_fls_data
210: (Error occurred @1 frags)
210: version 7.0.17724, custom build
210: -no_dynamic_options -probe_api -msgbox_mask 0 -dumpcore_mask 125 -stderr_mask 12 -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscall
s -staged -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct -pad_jmps_mark_no_trace >
?/1 Test #210: code_api|api.static_noclient .....***Failed  Required regular expression not found.Regex=[^pre-DR init
?re-DR start
?re-DR stop
?ll done
$
]  0.27 sec

0% tests passed, 1 tests failed out of 1

Total Test time (real) =   3.02 sec

The following tests FAILED:
        210 - code_api|api.static_noclient (Failed)
Errors while running CTest

07:11 PM ~/dr/git/build_x64_dbg_tests
% bin64/drrun.exe "-s" "90" "-quiet" "-debug" "-use_dll" "D:/derek/dr/git/build_x64_dbg_tests/lib64/debug/dynamorio.dll" "-exit0" "-noinject" "-stderr_mask" "0xC" "-msgbox_mask" "0" "-dumpcore_mask" "0x7d" "-staged" "-code_api" "--" "D:/derek/dr/git/build_x64_dbg_tests/suite/tests/bin/api.static_noclient.exe"
pre-DR init
pre-DR start
pre-DR stop
all done

07:12 PM ~/dr/git/build_x64_dbg_tests
% bin64/drrun.exe "-s" "90" "-quiet" "-debug" "-use_dll" "D:/derek/dr/git/build_x64_dbg_tests/lib64/debug/dynamorio.dll" "-exit0" "-noinject" "-stderr_mask" "0xf" "-msgbox_mask" "0" "-dumpcore_mask" "0x7d" "-staged" "-code_api" "--" "D:/derek/dr/git/build_x64_dbg_tests/suite/tests/bin/api.static_noclient.exe"
<Starting application D:\derek\dr\git\build_x64_dbg_tests\suite\tests\bin\api.static_noclient.exe (9504)>
<Initial options = -no_dynamic_options -probe_api -msgbox_mask 0 -dumpcore_mask 125 -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -staged -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct -pad_jmps_mark_no_trace >
<Detaching from application D:\derek\dr\git\build_x64_dbg_tests\suite\tests\bin\api.static_noclient.exe (9504)>
<Detaching from process, entering final cleanup>
pre-DR init
<Starting application D:\derek\dr\git\build_x64_dbg_tests\suite\tests\bin\api.static_noclient.exe (9504)>
<Initial options = -no_dynamic_options -probe_api -msgbox_mask 0 -dumpcore_mask 125 -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -staged -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct -pad_jmps_mark_no_trace >
pre-DR start
pre-DR stop
<Stopping application D:\derek\dr\git\build_x64_dbg_tests\suite\tests\bin\api.static_noclient.exe (9504)>
all done

derekbruening added a commit that referenced this issue Jul 12, 2018
@derekbruening
i#975 static DR: support setup;detach (#3102)
de99d45 
Adds support for calling dr_app_setup();dr_app_stop_and_cleanup() with
no start in between.  This is useful to use DR as a decode/encode
library when it's statically linked and also used for instrumentation,
as that setup precludes using drdecodelib, which relies on redirecting
heap allocation via name redirection.

Adds a test to api.static_noclient.  Unfortunately this hits #2040 on Windows
and we disable it there.

Issue: #975
@derekbruening
Copy link
Contributor Author

Adding threads to the tool.drcacheoff.burst_replaceall test hits Windows issues that are likely coming from static client isolation problems.

First, 3 threads are not fully taken over on attach. The TAKEOVER lines in the log shows their context being set: but they are never
scheduled.

Next, we have a crash on detach:

0:006> g
(14a4.1ed4): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
ntdll!RtlProcessFlsData+0x9b:
00007ff9`4feadd8b 48395a08        cmp     qword ptr [rdx+8],rbx ds:00000183`8f3e0868=????????????????
0:005> kn
 # Child-SP          RetAddr           Call Site
00 0000002c`1e1ff7a0 00007ff9`4fe67498 ntdll!RtlProcessFlsData+0x9b
01 0000002c`1e1ff7e0 00007ff9`4fea467e ntdll!LdrShutdownThread+0x48
02 0000002c`1e1ff8e0 00007ff9`4d5e7eaa ntdll!RtlExitUserThread+0x3e
03 0000002c`1e1ff920 00007ff9`4fc6103b KERNELBASE!FreeLibraryAndExitThread+0x4a
04 0000002c`1e1ff950 00007ff6`a0b3695b KERNEL32!FreeLibraryAndExitThread+0xb
05 0000002c`1e1ff980 00007ff6`a0b36d11 tool_drcacheoff_burst_replaceall!common_end_thread+0xab [minkernel\crts\ucrt\src\appcrt\startup\thread.cpp @ 276] 
06 0000002c`1e1ff9c0 00007ff6`a0b367d8 tool_drcacheoff_burst_replaceall!_endthreadex+0x11 [minkernel\crts\ucrt\src\appcrt\startup\thread.cpp @ 290] 
07 0000002c`1e1ff9f0 00007ff9`4fc57034 tool_drcacheoff_burst_replaceall!thread_start<unsigned int (__cdecl*)(void * __ptr64)>+0x98 [minkernel\crts\ucrt\src\appcrt\startup\thread.cpp @ 116] 
08 0000002c`1e1ffa40 00007ff9`4fea26a1 KERNEL32!BaseThreadInitThunk+0x14

If I move the thread spawn and cleanup inside the DR-controlled period it
crashes later here:

0:003> g
(33b8.1688): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
ntdll!RtlFlsFree+0xe6:
00007ff9`4fec3696 488b4cce10      mov     rcx,qword ptr [rsi+rcx*8+10h] ds:0000026e`87ba0870=????????????????
0:000> kn
 # Child-SP          RetAddr           Call Site
00 0000009e`c70ff570 00007ff9`4d5e94fb ntdll!RtlFlsFree+0xe6
01 0000009e`c70ff6d0 00007ff6`94e089e3 KERNELBASE!FlsFree+0xb
02 0000009e`c70ff700 00007ff6`94dfdf9c tool_drcacheoff_burst_replaceall!__acrt_FlsFree+0x33 [minkernel\crts\ucrt\src\appcrt\internal\winapi_thunks.cpp @ 464] 
03 0000009e`c70ff740 00007ff6`94e1c28d tool_drcacheoff_burst_replaceall!__acrt_uninitialize_ptd+0x1c [minkernel\crts\ucrt\src\appcrt\internal\per_thread_data.cpp @ 49] 
04 0000009e`c70ff770 00007ff6`94dfbf34 tool_drcacheoff_burst_replaceall!__acrt_execute_uninitializers+0x6d [minkernel\crts\ucrt\src\appcrt\internal\shared_initialization.cpp @ 64] 
05 0000009e`c70ff7b0 00007ff6`94dc812e tool_drcacheoff_burst_replaceall!__acrt_uninitialize+0x24 [minkernel\crts\ucrt\src\appcrt\internal\initialization.cpp @ 314] 
06 0000009e`c70ff7e0 00007ff6`94df89b6 tool_drcacheoff_burst_replaceall!__scrt_uninitialize_crt+0x2e [d:\agent\_work\5\s\src\vctools\crt\vcstartup\src\utility\utility.cpp @ 221] 
07 0000009e`c70ff810 00007ff6`94df8ca6 tool_drcacheoff_burst_replaceall!common_exit+0x76 [minkernel\crts\ucrt\src\appcrt\startup\exit.cpp @ 278] 
08 0000009e`c70ff870 00007ff6`94dc7bc7 tool_drcacheoff_burst_replaceall!exit+0x16 [minkernel\crts\ucrt\src\appcrt\startup\exit.cpp @ 294] 
09 0000009e`c70ff8a0 00007ff6`94dc7a6e tool_drcacheoff_burst_replaceall!__scrt_common_main_seh+0x147 [d:\agent\_work\5\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl @ 297] 
0a 0000009e`c70ff910 00007ff6`94dc7cf9 tool_drcacheoff_burst_replaceall!__scrt_common_main+0xe [d:\agent\_work\5\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl @ 331] 
0b 0000009e`c70ff940 00007ff9`4fc57034 tool_drcacheoff_burst_replaceall!mainCRTStartup+0x9 [d:\agent\_work\5\s\src\vctools\crt\vcstartup\src\startup\exe_main.cpp @ 17] 
0c 0000009e`c70ff970 00007ff9`4fea26a1 KERNEL32!BaseThreadInitThunk+0x14

@abhinav92003 abhinav92003 mentioned this issue Oct 10, 2022
Merged
derekbruening added a commit that referenced this issue Oct 10, 2022
@derekbruening
i#2039 trace trim, part 2: Add open_file with tid (#5679)
2d76036 
Adds drmemtrace_replace_file_ex_ops() with an expanded file opening
function which takes in the thread id and window id, to better support
the external file opener with delayed opens due to nop mode and
windows.  The new function takes in a struct to make it easier to
extend further in the future.

Adds a test of the function to burst_replaceall.  Adds additional
threads to the test and checks that the tid for each thread was seen,
but disables that part on Windows due to #2040.

Issue: #2039
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@derekbruening derekbruening

Labels
Bug-Assert OpSys-Windows
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@derekbruening