Platform: Windows XP;
MingGW with (gcc v.4.7.2)
As stated in the topic, how can I achive this?
Why? I determine a crash of my multi-threaded application on Windowx XP, in case I compile the application with MinGW. According to the backtrace, the application crashes in the "setlocale" function, which is builtin in the "msvcrt.dll".
I've tried to compile my application with Visual Studio 2010 and I determined no such a crash, as the dependency walker revealed, that the "msvcr100.dll" is linked, and maybe contains a more robust version of the "setlocale" function.
Here the backtrace:
ABoostLog.exe caused an Access Violation at location 77c03509 in module msvcrt.dll Reading from location 00000000.
Registers:
eax=00cdfb88 ebx=003d6afc ecx=003d6d24 edx=003d6d24 esi=00000758 edi=00000000
eip=7c91eb94 esp=00cdfb4c ebp=00cdfbb0 iopl=0 nv up ei pl zr na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
Call stack:
7C91EB94 ntdll.dll:7C91EB94 KiFastSystemCallRet
7C802532 kernel32.dll:7C802532 WaitForSingleObject
0041E33D WithThread.exe:0041E33D
XXXXXXXXXXXXXXXXXXXXXX
Registers:
eax=77c2f94c ebx=77c2f94c ecx=00000000 edx=77c2f798 esi=77c2f79a edi=ffffffff
eip=77c03509 esp=0022f520 ebp=0022f534 iopl=0 nv up ei ng nz ac po cy
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000297
Call stack:
77C03509 msvcrt.dll:77C03509 unguarded_readlc_active_add_func
77C03C1B msvcrt.dll:77C03C1B
unguarded_readlc_active_add_func
77C03C60 msvcrt.dll:77C03C60 setlocale
6FC671D1 libstdc++-6.dll:6FC671D1 std::__timepunct::_M_put
6FC7A63C libstdc++-6.dll:6FC7A63C std::time_put > >::do_put
6FC7A4CA libstdc++-6.dll:6FC7A4CA std::time_put > >::put
004EE047 ABoostLog.exe:004EE047
So my question is, how to trigger MinGW to link against "msvcr100.dll" within the "libstdc++.dll" and "libgcc_s_dw2-1.dll".
I've already adapted my spec-file to:
*libgcc: %{mthreads:-lmingwthrd} -lmingw32 %{shared-libgcc:-lgcc_s} %{!shared-libgcc:-lgcc_eh} -lgcc -lmoldname -lmingwex -lmsvcr100
But this doesn't help, as the mentioned dll is still linked within the dll's stated. Just take a look to the embedded picture:
Thanks so far!
Br
So my question is, how to trigger MinGW to link against "msvcr100.dll"
within the "libstdc++.dll" and "libgcc_s_dw2-1.dll"
Those libs are supplied and built by MinGW, they are not built as part of your own application build. So you would need to first build those two libs yourself from source to get them to link to msvcr100.dll
But what you should really be doing is linking your application statically to these two libs and eliminating the dll dependencies. For example, in your configure.ac you could use:
CFLAGS="$CFLAGS --static -static-libgcc -static-libstdc++"
LDFLAGS="$LDFLAGS --static"
I still doubt that your particular crash is caused by this. Many dlls depend on msvcrt; just expand your WS2_32.dll for example.
By the way, your custom spec should use -lmoldname100
Related
I'm having an issue trying to find out to which problem is crash dump pointing. If someone could help me it would be nice.
This is what I get in windbg.
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\MAJSTOR\Documents\Sports Interactive\Football Manager 2015\crash dumps\FM 2015 v15.3.2.627042 (2015.06.26 17.55.38).dmp]
User Mini Dump File: Only registers, stack and portions of memory are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
Windows 7 Version 7601 (Service Pack 1) MP (2 procs) Free x86 compatible
Product: WinNt, suite: SingleUserTS
Machine Name:
Debug session time: Fri Jun 26 17:55:38.000 2015 (UTC + 2:00)
System Uptime: not available
Process Uptime: 0 days 0:00:32.000
................................................................
.......................
This dump file has an exception of interest stored in it.
The stored exception information can be accessed via .ecxr.
(1bac.ea8): Access violation - code c0000005 (first/second chance not available)
eax=76a80781 ebx=00000000 ecx=0a7ff803 edx=777970f4 esi=000002c4 edi=00000000
eip=777970f4 esp=0a7ff794 ebp=0a7ff800 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntdll.dll -
ntdll!KiFastSystemCallRet:
777970f4 c3 ret
I have a fresh copy of Windbg (x86) and wrote a simple Hello World program to test out the debugger. There is a problem when loading the executable or attaching the process, the debugger never steps into the process.
Here for example are the addresses:
ModLoad: 013c0000 013c6000 Hello World.exe
ModLoad: 76eb0000 77030000 ntdll.dll
ModLoad: 75ab0000 75bc0000 C:\Windows\syswow64\kernel32.dll
ModLoad: 74d60000 74da7000 C:\Windows\syswow64\KERNELBASE.dll
ModLoad: 70980000 70a6e000 C:\Windows\SysWOW64\MSVCR120.dll
After loading the process, I step through with F11 (Step into) to see every instruction being executed. From what I've noticed, Windbg never shows the instructions for Hello World.exe even though it does execute it.
What could be the problem and how would I go about solving it?
If you start stepping Open Executable you will have a “long way to go”, because it starts inside windows code.
Use the X command to find the main address, the names can vary a bit depending on the tool you use to make the program, but try with wildcard *main*
You can set a break in main in your program and enter g (go), from here you can step insider your code. Here is a sample for my SimpleCrash.exe
000> x SimpleCrash!*main*
*** WARNING: Unable to verify checksum for SimpleCrash.exe
011e8020 SimpleCrash!__native_dllmain_reason = 0xffffffff
011e8138 SimpleCrash!mainret = 0n0
011e1a00 SimpleCrash!wmain (int, wchar_t **)
0:000> bp 011e1a00
0:000> g
Breakpoint 0 hit
eax=00419ed8 ebx=7efde000 ecx=00417f10 edx=00000001 esi=00000000 edi=00000000
eip=011e1a00 esp=0030f9dc ebp=0030fa28 iopl=0 nv up ei pl nz na po nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000202
SimpleCrash!wmain:
011e1a00 55 push ebp
Here I’m in my SimpleCrash main function and can observe the stack into windows code
0:000> k
ChildEBP RetAddr
0030f9d8 011e1959 SimpleCrash!wmain
0030fa28 011e1b4d SimpleCrash!__tmainCRTStartup+0x199 [f:\dd\vctools\crt_bld\s
0030fa30 7548336a SimpleCrash!wmainCRTStartup+0xd [f:\dd\vctools\crt_bld\self_
0030fa3c 77859f72 kernel32!BaseThreadInitThunk+0xe
0030fa7c 77859f45 ntdll!__RtlUserThreadStart+0x70
0030fa94 00000000 ntdll!_RtlUserThreadStart+0x1b
I tried traditional ways and answers to analyze my .DMP files. WinDbg doesn`t take it, it outputs:
Could not find the C:\program files\softwaredir\dumps\dumpname_0313.rsa.dmp
File, Win32 error 0n87
It's an Multi Theft Auto: San Andreas crash dump. .rsa.dmp
Why doesn`t WinDbg take it, does it have to do with a certain dump type?
If anyone would want to try opening, here is the dumpfile with the issue
I would like to know if you have the solution to solve the opening problem/or any other tool to open the dump.
But I really need the exception that caused the crash, so either I'll need advise on how to open it or if I can fix it.
For case 2 (can't solve it for me here) the crash memory locations are:
Version 1.3.5-release 6078.0.000
Time Tue Jan 21 03:13:18 2014
Module C:\Program Files (x86)\MTA San Andreas 1.3\mods\deathmatch\client.dll
Code 0 x C0000005
Offset 0 x 0009E796
EAX 00000000 EBX 30994AB0 ECX 21E82218 EDX 0028F71C ESI 3098E520
EDI 6FBBCCC9 EBP 0028F7BC ESP 0028F6F4 EIP 1B00E796 FLG 00210246
CS 0023 DS 002B SS 002B ES 002B FS 0053 GS 002B
This is what I did to generate and analyze a dump file:
Downloaded ProcDump (a free Sysinternals tool)
Created a folder c:\dumps
Added ProcDump to PATH
Entered procdump -ma -i c:\dumps into command prompt to start the JustInTime debugger
Opened the dump file in visual studio
Using this method we were able to resolve a difficult bug and determine what exception was causing my machine to crash.
How do I disable debugger breaks in ntdll!KiFastSystemCallRet instruction?
E.g.:
7:022> g
eax=7754dcf9 ebx=006a1be8 ecx=006a0e40 edx=006a0d18 esi=80300002 edi=00000000
eip=77736954 esp=004afe0c ebp=004afe28 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
ntdll!KiFastSystemCallRet:
77736954 c3 ret
Thanks.
Well, it came out that breaks in
ntdll!LdrpDoDebuggerBreak+0x2b
Are when binaries are loaded. You get more than one of this kind of break when you are debugging a process with the -o option, this means, all child processes will be also attached to the debugger. E.g.:
windbg.exe -o MyExecutable.exe
And breaks in
ntdll!KiFastSystemCallRet
Are when exeptions occur, e.g.:
sxe ld MyBinary.dll
But it could be many kinds of exceptions, for more information look at sx, sxd, sxe, sxi, sxn, sxr, sx- documentation.
I am trying to make a call to a method of a Windows COM interface from the Go language. I suspect I am doing something wrong in the way I invoke the call and would like to see how the registers change during the invocation.
But I have a hard time getting to it since I can't seem to set a breakpoint in WinDBG. The command "bu 64b6ea43" ends up not working with an error "Only part of a ReadProcessMemory or WriteProcessMemory request was completed". The full message is below.
Microsoft (R) Windows Debugger Version 6.2.8400.0 X86
Copyright (c) Microsoft Corporation. All rights reserved.
CommandLine: C:\Users\ccherng\Go\bin\error.exe
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
ModLoad: 00400000 00971000 image00400000
Unable to insert breakpoint 1 at 64b6ea43, Win32 error 0n299
"Only part of a ReadProcessMemory or WriteProcessMemory request was completed."
bp1 at 64b6ea43 failed
WaitForEvent failed
eax=00415a7b ebx=7ffdd000 ecx=00000000 edx=00000000 esi=00000000 edi=00000000
eip=77b37098 esp=0006fff0 ebp=00000000 iopl=0 nv up ei pl nz na po nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000200
77b37098 89442404 mov dword ptr [esp+4],eax ss:0023:0006fff4=00000000
To me it was problem because of ASLR.
running editbin /DYNAMICBASE:NO NameOfDetectedExe.exe fixed it.
Switched to Ollydbg which works. Learned that WinDbg sucks badly.