On Fri, 24 May 2024, Jeremy Drake wrote:
> On Fri, 24 May 2024, Jeremy Drake wrote:
>
> > Windbg reports that ldh.exe is already being debugged. I was able to do a
> > "non-invasive" attach to ldh.exe in windbg, but it doesn't seem to be able
> > to deal with the split debug symbols (gnulink?). I don't know if gdb can
> > do a non-invasive attach like that (or open a minidump assuming one could
> > be made from a non-invasize attach in windbg).
>
> Seems it can, and at least lldb can load a minidump (unfortunately it's
> not showing source file/line info like gdb does):
> (lldb) bt
> * thread #1, stop reason = Exception 0x80000007 encountered at address
> 0x000000
> * frame #0: 0x0000000180178837 msys-2.0.dll`cygheap_init()
It appears that cygheap is NULL, so I'm guessing that VirtualAlloc failed.
!gle in windbg shows
0:000> !gle
LastErrorValue: (Win32) 0x1e7 (487) - Attempt to access invalid address.
LastStatusValue: (NTSTATUS) 0xc0000018 - {Conflicting Address Range} The
specified address range conflicts with the address space.
Looking at !address, it seems Windows put the PEB, TEBs, and stacks in the
area where the cygheap should be. Way to go, ASLR :P
BaseAddress EndAddress+1 RegionSize Type State
Protect Usage
--------------------------------------------------------------------------------------------------------------------------
+ 5`e8181000 8`05a00000 2`1d87f000 MEM_FREE
PAGE_NOACCESS Free
+ 8`05a00000 8`05b57000 0`00157000 MEM_PRIVATE MEM_RESERVE
<unknown>
8`05b57000 8`05b58000 0`00001000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE PEB [4628]
8`05b58000 8`05b5a000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE TEB [~0; 4628.31ac]
8`05b5a000 8`05b5c000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE TEB [~1; 4628.4aac]
8`05b5c000 8`05b5e000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE TEB [~2; 4628.5840]
8`05b5e000 8`05b60000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE TEB [~3; 4628.6b9c]
8`05b60000 8`05c00000 0`000a0000 MEM_PRIVATE MEM_RESERVE
<unknown>
+ 8`05c00000 8`05df6000 0`001f6000 MEM_PRIVATE MEM_RESERVE
Stack [~0; 4628.31ac]
8`05df6000 8`05df9000 0`00003000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE | PAGE_GUARD Stack [~0; 4628.31ac]
8`05df9000 8`05e00000 0`00007000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE Stack [~0; 4628.31ac]
+ 8`05e00000 8`05ffb000 0`001fb000 MEM_PRIVATE MEM_RESERVE
Stack [~1; 4628.4aac]
8`05ffb000 8`05ffe000 0`00003000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE | PAGE_GUARD Stack [~1; 4628.4aac]
8`05ffe000 8`06000000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE Stack [~1; 4628.4aac]
+ 8`06000000 8`061fb000 0`001fb000 MEM_PRIVATE MEM_RESERVE
Stack [~2; 4628.5840]
8`061fb000 8`061fe000 0`00003000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE | PAGE_GUARD Stack [~2; 4628.5840]
8`061fe000 8`06200000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE Stack [~2; 4628.5840]
+ 8`06200000 8`063fb000 0`001fb000 MEM_PRIVATE MEM_RESERVE
Stack [~3; 4628.6b9c]
8`063fb000 8`063fe000 0`00003000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE | PAGE_GUARD Stack [~3; 4628.6b9c]
8`063fe000 8`06400000 0`00002000 MEM_PRIVATE MEM_COMMIT
PAGE_READWRITE Stack [~3; 4628.6b9c]
+ 8`06400000 19e`64400000 196`5e000000 MEM_FREE
PAGE_NOACCESS Free
--
Problem reports: https://cygwin.com/problems.html
FAQ: https://cygwin.com/faq/
Documentation: https://cygwin.com/docs.html
Unsubscribe info: https://cygwin.com/ml/#unsubscribe-simple
