Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

UNADDR accessing page stored at PEB->pContextData #663

Open
derekbruening opened this issue Nov 28, 2014 · 2 comments
Open

UNADDR accessing page stored at PEB->pContextData #663

derekbruening opened this issue Nov 28, 2014 · 2 comments
Labels
Bug-FalsePositive Migrated Priority-Low

Comments

@derekbruening
Copy link
Contributor

From bruen...@google.com on November 02, 2011 11:37:30

Timur hit an unaddr at 7713a9b6:
ntdll!SbGetCurrentSwitchContextUpdateCounter:
7713a99f 64a118000000 mov eax,fs:[00000018]
7713a9a5 8b4030 mov eax,[eax+0x30]
7713a9a8 8b8838020000 mov ecx,[eax+0x238]
7713a9ae 85c9 test ecx,ecx
7713a9b0 0f84ac2d0600 je ntdll!SbGetCurrentSwitchContextUpdateCounter+0x19 (7719d762)
7713a9b6 8b01 mov eax,[ecx]
7713a9b8 8b5104 mov edx,[ecx+0x4]
7713a9bb c3 ret

0:000> !vprot 0x001b0000
BaseAddress: 001b0000
AllocationBase: 001b0000
AllocationProtect: 00000004 PAGE_READWRITE
RegionSize: 00001000
State: 00001000 MEM_COMMIT
Protect: 00000004 PAGE_READWRITE
Type: 00020000 MEM_PRIVATE

new PEB fields (this is from a different process so ignore the values):
+0x230 WerRegistrationData : 0x2e6a0000
+0x234 WerShipAssertPtr : (null)
+0x238 pContextData : 0x00070000
+0x23c pImageHeaderHash : (null)
+0x240 TracingFlags : 0
+0x240 HeapTracingEnabled : 0y0
+0x240 CritSecTracingEnabled : 0y0
+0x240 SpareTracingBits : 0y000000000000000000000000000000 (0)

=> pContextData

Original issue: http://code.google.com/p/drmemory/issues/detail?id=663
@derekbruening
Copy link
Contributor Author

From timurrrr@google.com on November 02, 2011 09:01:17

[per chat] - not high priority now.
I'll just put an instruction how I got there so it's possible to re-do later:

  1. Build Dr. Memory with this patch applied:
    <<<<<<<<<<<<<<<<<<<<<<<<<<<<<<
    --- drmemory/alloc_drmem.c
    +++ drmemory/alloc_drmem.c
    @@ -2036,6 +2036,7 @@ check_unaddressable_exceptions(bool write, app_loc_t *loc, app_pc addr, uint sz,
    app_pc base;
    size_t sz = allocation_size(addr, &base);
    if (sz > 0 && base != NULL) {
  •        ASSERT(0, "BOO?!");
     LOG(1, "WARNING: unknown region "PFX"-"PFX": marking as defined\n",
         base, base+sz);
     ASSERT(!dr_memory_is_dr_internal(addr) &&

  1. Have Cygwin installed, download yasm.exe and put it into Cygwin bin/

  2. (In a Cygwin shell)
    git clone http://git.chromium.org/webm/libvpx.git vpx
    cd vpx
    mkdir b
    cd b
    ../configure --target=x86-win32-vs9 --enable-static-msvcrt
    make
    cd ..
    git clone http://git.chromium.org/webm/vp8-test-vectors.git cd vp8-test-vectors/

  3. Run the following command until the assert messagebox shows up:
    ./run_tests.sh --exec="/bin/drmemory.exe -pause_at_assert -no_check_leaks -no_count_leaks -no_check_uninitialized -batch ../b/Win32/Debug/vpxdec.exe" .

Owner: ---
Labels: -Priority-Medium Priority-Low

@derekbruening
Copy link
Contributor Author

From timurrrr@google.com on November 03, 2011 03:24:03

FTR, this also happens in the "full" mode.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug-FalsePositive Migrated Priority-Low
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@derekbruening