Using Boost and OpenSSL Integration I am creating an application similar to a browser.
Somehow the program crashes before even it enters main() method.
Certainly, If the program utilizes DLLs they can be loaded before main() starts. The DllMain functions of those DLLs will be executed before main(). If they encounter an error they could cause the entire process to halt or crash.
How can one debug this scenario ?
Related
I have a huge code-base I am unfamiliar with, and the program terminates abnormally because a thread somewhere is calling __fastfail. This is based on the message, which ends with
... Fatal program exit requested.
The call stack has no symbols because it's inside C++ 2015 runtime (ucrtbase.dll). The call appears to be made on a thread other than my main thread. This mysterious thread only starts just before the issue happens so I can't catch the act of it starting in the debugger - I don't know what's starting it, and what causes the whole process in the first place.
I have SEH in my main() using __try/__catch, so any unhandled exceptions should be getting trapped there. Instead I am guessing something somewhere bubbles up to the runtime and results in __fastfail.
I tried peppering all my threads with SEH just like main(), tried hooking abort(), exit() and terminate(), and can't find the problem. How do I debug this, any tips?
WinDbg
I would say this is a nice task for WinDbg. WinDbg is part of the Debugging Tools for Windows and it's free. Install both versions, x64 and x86 so that you can debug any kind of application.
Start WinDbg, use the correct bitness
Run your executable under WinDbg (File/Open executable). It will stop at the initial breakpoint.
Set up the symbols, at least .symfix c:\debug\symbols and .reload. As mentioned by #James McNellis, the symbols are available and this will download them when needed.
Continue running the application with g
Reproduce the issue
When WinDbg stops,
create a crash dump with .dump /ma c:\debug\mydump.dmp so you can analyze it later
get information about the exception with .exr -1
switch to the thread that caused the exception with ~#s
look at the callstack with k
Learning WinDbg is a hard task, since most things are done via cryptic commands and not via UI, but it can do almost everything.
For more specific problems when you have some more clues, ask additional questions using the windbg tag.
Visual Studio
Also Visual Studio can download symbols (PDB files; callstack information) from Microsoft Servers.
Go to Tools | Options ... in the main menu
Select Debugging | Symbols from the options menu
Enter a directory name if you want the file to be stored in a specific directory.
Here it is how it looks like in Visual Studio 2015 Community Edition:
Hans and James are right, getting a readable call stack was essential in solving this case.
The codebase installed a pure call handler which was performing a fast fail. Pure handlers fall through SEH. One of the 40-something threads in the program had a pure call error because some other thread partially cleaned up program state which the problem thread then tried to access. Once I had the symbols Visual Studio broke into C++ runtime library at a place where it was calling the purecall handler, and I traced it back into the program where they installed their own.
The way they did fast fail was convoluted and resolved into some RtlXXX function that apparently could not be trapped with signal(SIGABRT) because I did try that before.
Thanks again for the help everyone!
I'm writing a piece of code in Windows which uses both winapi messagebox and some dynamic memory for RS232 application
I saw a strange situation when the same application creates different error when I run it in debugging mode (using VS2010 and step-in debugging) and running it as an executable in command-line
in first case, the error is popped up properly with a winapi messagebox and the program returns/ends properly. Second case, it creates run-time error and also the memory leak
Is there such difference between these two run modes? and how to catch winapi run-time error?
Thanks in advance!
Yes! Running a program directly form the debugger the debug heap is in use. Assuming it isn't compiled in debug mode.
And the memory layout changes when the debugger is loaded into the process address space. So some weird things may happen.
If you have such strange effects it is sometimes better to attach the debugger to the running process.
I've created a program (vs2010,c++,win7), it's a multithreaded and has modules.
The program that communicates with some hardware.
I run this program in a clean computer that has only win7 and the drivers of the hardware.
After using my program for a while, one of the modules crashes.
I tried to debug the program in the development computer and the call stack show me only calls to "ntdll.dll", i also tried to create a dump file from the program in the testing computer
and I've got the same results.
Usually the module crash when there is a lot of load on all the modules.
I've no idea from where to start to debug this program, so I'm open to ideas.
EDIT:
also i got the exception "0xc0000374 a heap has been been corrupted"
tnx.
I have a program written in QT that works just fine. However it has an indirect dependency on dnssd.dll since a dll loaded by the program uses bonjour. If bonjour is not installed on the machine running the program it will say
The program can't start because dnssd.dll is missing from your
computer. Try reinstalling the program to fix the problem.
I'm not loading this dll via LoadLibrary or otherwise. I linked the binary against the stub so it's loaded automatically before int main.
Obviously reinstalling the program does not fix the problem. For me it clearly says I need to install bonjour, but for most users this is extremly cryptic.
I would rather have this error message be something more informative such as "Bonjour needs to be installed for this application to work properly, go to [insert-url-here] to download it."
Is there a way to detect when a dll fails to load loke this and give a better error message?
Set it to delay load, then as early as possible (before you cause loading to happen), try to load it yourself (with LoadLibrary) and report the problem.
http://msdn.microsoft.com/en-us/library/151kt790.aspx
I'm building an application for Windows XP using the MinGW tool chain and it sometimes crashes unexpectedly. So, I'm trying to use a debugger (Gdb) but the program exits with code 03 before anything happens. In fact, all I see from GDB is:
[New thread 3184.0x7b8][New thread
3184.0xef8]
Program exited with code 03.
My suspicion is that there is some failed dynamic linking of a dependency (which are Qt, VTK, and ITK, all built with MinGW). However, this does not happen when I just run the program normally. Or if it happens, it appears to be intermittent and well after the program is launched and running. NOTE: I'm also using Cmake for cross compiling.
What should I do? What can I try?
Add a callback via signal(SIGABRT, <callback>) to catch the call to abort before it shuts down the process. If this happens before you hit main() you might have to resort to a static global and compiler trickery to catch it.
Code 3 is usually returned on a segfault.
Try switching to Linux and debugging the program with electric fence. It might give you some extra insight.