Re: Debugging wine/windows applications

[John Yani]

Actually, to enable attach, I had to make ptrace more permissive:
https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#ptrace_Protection
by doing "echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope"

To run it under eclipse I had to choose Traditional Attach to process
instead of DSF.

On 7 July 2012 13:53, John Yani  wrote:
> Attach works. Thanks!

Re: Debugging wine/windows applications

[John Yani]

Attach works. Thanks!

Re: Debugging wine/windows applications

[John Yani]

So, you didn't try to build wine? Installed wine also works for me.

Re: Debugging wine/windows applications

[Marcus Meissner]

On Sat, Jul 07, 2012 at 01:25:12PM +0300, John Yani wrote:
> I tried "WINELOADER=./wine winedbg --gdb notepad"
> 
> And its output is the same as  "./wine winedbg --gdb notepad"

Well, i have a installed wine... but doing this there:

wine winedbg.exe --gdb notepad.exe

0042:0043: create process 'C:\Windows\System\notepad.exe'/0x1106f8 @0x7ee012b0 
(0<0>)
fixme:dbghelp_dwarf:dwarf2_parse_line_numbers Unsupported extended opcode 0
fixme:dbghelp_dwarf:dwarf2_parse_line_numbers Unsupported extended opcode 0
fixme:dbghelp_dwarf:dwarf2_parse_line_numbers Unsupported extended opcode 0
fixme:dbghelp_dwarf:compute_location Only supporting one breg (edi/24 -> esi/23)
0042:0043: create thread I @0x7ee012b0
GNU gdb (GDB) SUSE (7.2-3.3)
Copyright (C) 2010 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later 
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-suse-linux".
For bug reporting instructions, please see:
.
0042:0043: loads DLL C:\Windows\System\KERNEL32.dll @0x7b81 (0<0>)
0042:0043: loads DLL C:\Windows\System\ntdll.dll @0x7bc1 (0<0>)
0042:0043: loads DLL C:\Windows\System\advapi32.dll @0x7e7e (0<0>)
0042:0043: loads DLL C:\Windows\System\gdi32.dll @0x7e85 (0<0>)

start_process (peb=0x7ffdf000) at 
/home/marcus/projects/wine/dlls/kernel32/process.c:1083
1083return call_process_entry( peb, entry );
trace: 98 => 80
Wine-gdb> bt
#0  start_process (peb=0x7ffdf000) at 
/home/marcus/projects/wine/dlls/kernel32/process.c:1083
#1  0x7bc75670 in call_thread_func_wrapper () from 
/home/marcus/projects/32wine/dlls/ntdll/ntdll.dll.so
#2  0x7bc7794d in call_thread_func (entry=0x7b85e1c0 , 
arg=0x7ffdf000, frame=0x33ffc8) at 
/home/marcus/projects/wine/dlls/ntdll/signal_i386.c:2522
#3  0x7bc7564e in call_thread_entry_point () from 
/home/marcus/projects/32wine/dlls/ntdll/ntdll.dll.so
#4  0x7bc4d7de in start_process (kernel_start=0x7b85e1c0) at 
/home/marcus/projects/wine/dlls/ntdll/loader.c:2653
#5  0xf75c4bad in wine_call_on_stack () from 
/home/marcus/projects/32wine/libs/wine/libwine.so.1
#6  0xf75c4c6b in wine_switch_to_stack (func=0x7bc4d7c0 , 
arg=0x7b85e1c0, stack=0x34) at 
/home/marcus/projects/wine/libs/wine/port.c:59
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
Wine-gdb> c
Continuing.
^C
Program received signal SIGTRAP, Trace/breakpoint trap.
0xe423 in ?? ()
Wine-gdb> bt
#0  0xe423 in ?? ()
#1  0x7bcb6ff4 in ?? () from 
/home/marcus/projects/32wine/dlls/ntdll/ntdll.dll.so
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
Wine-gdb> 

Its not having the correct symbols there, but basically works.


Or I also tried:

$ wine notepad.exe&
... wait until window shows ...
$ ps auxw|grep notepad
marcus   26694  0.4  0.1 1785696 10084 pts/6   t12:27   0:00 notepad.exe
  
$ 

gdb /usr/bin/wine
(gdb) attach 26694
0xe425 in __kernel_vsyscall ()
(gdb) bt
#0  0xe425 in __kernel_vsyscall ()
#1  0xf764e0e3 in __read_nocancel () at ../sysdeps/unix/syscall-template.S:82
#2  0x7bc796c8 in wait_reply (cookie=0x32f3bc) at 
/home/marcus/projects/wine/dlls/ntdll/sync.c:807
#3  0x7bc7bb03 in NTDLL_wait_for_multiple_objects (count=1, handles=0x32f438, 
flags=4, timeout=0x0, signal_object=)
at /home/marcus/projects/wine/dlls/ntdll/sync.c:1122
#4  0x7bc7bbf5 in NtWaitForMultipleObjects (count=1, handles=0x32f438, 
wait_all=0 '\000', alertable=0 '\000', timeout=0x0) at 
/home/marcus/projects/wine/dlls/ntdll/sync.c:1160
#5  0x7b86fe3f in WaitForMultipleObjectsEx (count=1, handles=0x32f61c, 
wait_all=0, timeout=4294967295, alertable=0) at 
/home/marcus/projects/wine/dlls/kernel32/sync.c:190
#6  0x7e4c3bc5 in WaitForMultipleObjectsEx_ichk (count=1, handles=0x32f61c, 
timeout=4294967295, mask=1279, flags=0) at 
/home/marcus/projects/wine/include/winbase.h:2600
#7  X11DRV_MsgWaitForMultipleObjectsEx (count=1, handles=0x32f61c, 
timeout=4294967295, mask=1279, flags=0) at 
/home/marcus/projects/wine/dlls/winex11.drv/event.c:472
...



Ciao, Marcus

Re: Debugging wine/windows applications

[John Yani]

Maybe it's because I'm building on chrooted Ubuntu x32 and run on Ubuntu x64?

Re: Debugging wine/windows applications

[John Yani]

I tried "WINELOADER=./wine winedbg --gdb notepad"

And its output is the same as  "./wine winedbg --gdb notepad"

Re: Debugging wine/windows applications

[John Yani]

Unfortunately, it doesn't work:

./wine winedbg --gdb notepad.exe
err:module:LdrInitializeThunk Main exe initialization for
L"C:\\windows\\system32\\notepad.exe" failed, status c022
0023:0024: create process ''/0x1106c0 @0x7ebe233c (0<0>)
fixme:dbghelp:EnumerateLoadedModulesW64 If this happens, bump the number in mod
0023:0024: create thread I @0x7ebe233c

Maybe winedbg wrapper is not exactly the same? How do I tell winedbg
wrapper to use wine from the specific folder?


On 7 July 2012 13:17, Marcus Meissner  wrote:
> On Sat, Jul 07, 2012 at 01:11:42PM +0300, John Yani wrote:
>> Did you mean './wine winedbg --gdb notepad'? Because I can't find winedbg
>> binary.
>
> This would be the same. There usually is a "winedbg" wrapper installed
> that does the same, but for all purposes its the same thing.
>
> Ciao, Marcus

Re: Debugging wine/windows applications

[Marcus Meissner]

On Sat, Jul 07, 2012 at 01:11:42PM +0300, John Yani wrote:
> Did you mean './wine winedbg --gdb notepad'? Because I can't find winedbg
> binary.

This would be the same. There usually is a "winedbg" wrapper installed
that does the same, but for all purposes its the same thing.

Ciao, Marcus

Re: Debugging wine/windows applications

[John Yani]

Did you mean './wine winedbg --gdb notepad'? Because I can't find winedbg
binary.

Re: Debugging wine/windows applications

[Marcus Meissner]

On Sat, Jul 07, 2012 at 12:17:00AM +0300, John Yani wrote:
> I tried to run wine under gdb and failed. Using multiprocess gdb I
> endup with weird trace:
> 
> 0xf7ffd430
> 0x7bc846f9
> 0x7bc8480f
> 0x7bc84855
> 0x7bc42a94
> 0x7bc433b1
> 0x7b8772f7
> 0x7ebab89b
> 0x7bc80014
> 0x7bc8005d
> 
> Where 0x7** addresses are not connected to any module. And
> 0xf** addresses are from /lib/ld-linux.so.2, debug symbols for
> which I can't find.
> Can somebody explain what's hapenning?
> 
> Running wine with winedbg under gdb fails with message
> "err:module:LdrInitializeThunk Main exe initialization for
> L"C:\\windows\\system32\\notepad.exe" failed, status c022"
> 
> Is there any tutorial on how to run wine with applications under gdb?

winedbg can hook gdb into itself, which will make this work
better I think.

winedbg --gdb notepad.exe

Ciao, Marcus

Debugging wine/windows applications

[John Yani]

I tried to run wine under gdb and failed. Using multiprocess gdb I
endup with weird trace:

0xf7ffd430  
0x7bc846f9  
0x7bc8480f  
0x7bc84855  
0x7bc42a94  
0x7bc433b1  
0x7b8772f7  
0x7ebab89b  
0x7bc80014  
0x7bc8005d  

Where 0x7** addresses are not connected to any module. And
0xf** addresses are from /lib/ld-linux.so.2, debug symbols for
which I can't find.
Can somebody explain what's hapenning?

Running wine with winedbg under gdb fails with message
"err:module:LdrInitializeThunk Main exe initialization for
L"C:\\windows\\system32\\notepad.exe" failed, status c022"

Is there any tutorial on how to run wine with applications under gdb?