Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Crash: drcov exits early #3923

Open
securitykernel opened this issue Nov 5, 2019 · 5 comments

Comments

@securitykernel
Copy link

@securitykernel securitykernel commented Nov 5, 2019

What version of DynamoRIO are you using?

cronbuild-7.91.18201

Does the latest build from
https://github.com/DynamoRIO/dynamorio/wiki/Latest-Build solve the problem?

No

What operating system version are you running on?

Windows 10 Pro, Version 1903, OS build 18362.418

What application are you running?

custom Visual Studio 2017 generated C++ application

Is your application 32-bit or 64-bit?

32 bit

How are you running the application under DynamoRIO?

bin32\drrun.exe -debug -verbose -t drcov -- application.exe

What happens when you run with debug build ("-debug" flag to
drrun/drconfig/drinject)?

INFO: reading tool config file C:\UserProgs\DynamoRIO-Windows/tools/drcov.drrun32
INFO: client 0 path: C:\UserProgs\DynamoRIO-Windows\tools\lib32\release\drcov.dll
INFO: targeting application: "C:\GitLab-Runner\builds\1d533076\0\apps\TrustedWorkstationAgent\Win32\Debug\TrustedWorkstationAgentTests.exe"
INFO: app cmdline:  ".\Win32\Debug\TrustedWorkstationAgentTests.exe"
INFO: configuration directory is "C:\Users\user/dynamorio"
INFO: created child with pid 2052 for C:\GitLab-Runner\builds\1d533076\0\apps\TrustedWorkstationAgent\Win32\Debug\TrustedWorkstationAgentTests.exe
INFO: registering client with id=0 path=|C:\UserProgs\DynamoRIO-Windows\tools\lib32\release\drcov.dll| ops=||
INFO: waiting forever for app to exit...
<Starting application C:\application.exe (2052)>
<Running on newer-than-this-build "Microsoft Windows 10-1903 x64">
<Early threads found>
<Initial options = -no_dynamic_options -client_lib 'C:\UserProgs\DynamoRIO-Windows\tools\lib32\release\drcov.dll;0;' -code_api -probe_api -stack_size 56K -nop_initial_bblock -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct -no_aslr_dr -pad_jmps_mark_no_trace >

What is the expected output? What do you see instead? Is this an
application crash, a DynamoRIO crash, a DynamoRIO assert, or a hang (see
https://github.com/DynamoRIO/dynamorio/wiki/Bug-Reporting and set the title
appropriately)?

drrun exits after a few seconds, without running application.exe. The same happens when running any other 32-bit application under drcov, e.g., notepad++.exe.

Please provide any additional information below.

This is a Windows 10 virtual machine. We recently moved it from a Linux server running KVM to a Windows 10 server running Hyper-V. It used to work fine last time it ran under KVM, it is broken since we moved to Hyper-V.

Trying to run 64-bit drcov with a 64 bit application shows the following error:

bin64\drrun.exe -debug -verbose -t drcov -- C:\windows\notepad.exe

Application C:\windows\notepad.exe (16108) DynamoRIO usage error: encode error: rip-relative reference out of 32-bit reach

image

@derekbruening

This comment has been minimized.

Copy link
Contributor

@derekbruening derekbruening commented Nov 5, 2019

Does plain DR (i.e., no -t drcov) work fine for 32-bit and 64-bit?

@derekbruening

This comment has been minimized.

Copy link
Contributor

@derekbruening derekbruening commented Nov 5, 2019

Could you attach windbg to notepad.exe and get a callstack while that "encode error" popup is up? This requires loading symbols via the load_syms64 script inside windbg: see https://github.com/DynamoRIO/dynamorio/wiki/Debugging#private-libraries

@securitykernel

This comment has been minimized.

Copy link
Author

@securitykernel securitykernel commented Nov 18, 2019

Does plain DR (i.e., no -t drcov) work fine for 32-bit and 64-bit?

32 bit exits early:

$ bin32\\drrun.exe -debug -verbose -- .\Win32\Debug\TrustedWorkstationAgentTests.exe
INFO: targeting application: "C:\GitLab-Runner\builds\1d533076\0\apps\TrustedWorkstationAgent\Win32\Debug\TrustedWorkstationAgentTests.exe"
INFO: app cmdline:  ".\Win32\Debug\TrustedWorkstationAgentTests.exe"
INFO: configuration directory is "C:\Users\user/dynamorio"
INFO: created child with pid 9100 for C:\GitLab-Runner\builds\1d533076\0\apps\TrustedWorkstationAgent\Win32\Debug\TrustedWorkstationAgentTests.exe
INFO: waiting forever for app to exit...
<Starting application C:\GitLab-Runner\builds\1d533076\0\apps\TrustedWorkstationAgent\Win32\Debug\TrustedWorkstationAgentTests.exe (9100)>
<Running on newer-than-this-build "Microsoft Windows 10-1903 x64">
<Early threads found>
<Initial options = -no_dynamic_options -code_api -probe_api -stack_size 56K -max_elide_jmp 0 -max_elide_call 0 -no_inline_ignored_syscalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct -no_aslr_dr -pad_jmps_mark_no_trace >

64 bit same error message:
No, same error message with bin64\drrun.exe -debug -verbose -- C:\windows\notepad.exe

Application C:\windows\notepad.exe (16108) DynamoRIO usage error: encode error: rip-relative reference out of 32-bit reach

Could you attach windbg to notepad.exe and get a callstack while that "encode error" popup is up?

Hm, the callstack doesn't look any useful:

image

Maybe the command window does:

image

@derekbruening

This comment has been minimized.

Copy link
Contributor

@derekbruening derekbruening commented Nov 18, 2019

Could you attach windbg to notepad.exe and get a callstack while that "encode error" popup is up?

Hm, the callstack doesn't look any useful:

Like I said, please load the symbols to get a useful callstack. I provided a link there.

@derekbruening

This comment has been minimized.

Copy link
Contributor

@derekbruening derekbruening commented Nov 19, 2019

Is this #3949? The callstack would confirm.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.