debugging C++异常“线程试图读取或写入它没有适当访问权限的虚拟地址,”

7lrncoxx  于 2023-03-13  发布在  其他
关注(0)|答案(1)|浏览(429)

为了跟踪一些难以重现的崩溃,我配置了UnhandledExceptionFilter来创建迷你转储文件,如下所述:Debugging Custom Filters For Unhandled ExceptionsEffective Minidumps
正在成功捕获转储,但解释堆栈信息的运气不佳。希望其他人也会遇到类似的情况,我将在下面提供尽可能多的详细信息。如果这个问题因此变得有点冗长,请原谅。
Visual Studio提供以下转储摘要:

Dump Summary
------------
Dump File:  MiniDump.dmp
Last Write Time:    15/08/2012 22:07:22
Process Name:   Server.exe : C:\Project\Server.exe
Process Architecture:   x86
Exception Code: 0xC0000005
Exception Information:  The thread tried to read from or write to a virtual address for which it does not have the appropriate access.
Heap Information:   Not Present

System Information
------------------
OS Version: 6.1.7601
CLR Version(s): 

Modules
-------
Module Name Module Path Module Version
----------- ----------- --------------
Server.exe  C:\Project\Server.exe   1.0.0.1
ntdll.dll   C:\Windows\SysWOW64\ntdll.dll   6.1.7601.17725
kernel32.dll    C:\Windows\SysWOW64\kernel32.dll    6.1.7601.17651
KERNELBASE.dll  C:\Windows\SysWOW64\KERNELBASE.dll  6.1.7601.17651
mysqlpp_d.dll   C:\Projects\Ken11\bin\debug\mysqlpp_d.dll   0.0.0.0
wsock32.dll C:\Windows\System32\wsock32.dll 6.1.7600.16385
ws2_32.dll  C:\Windows\SysWOW64\ws2_32.dll  6.1.7601.17514
msvcrt.dll  C:\Windows\SysWOW64\msvcrt.dll  7.0.7601.17744
libmySQL.dll    C:\Projects\Ken11\bin\debug\libmySQL.dll    0.0.0.0
user32.dll  C:\Windows\SysWOW64\user32.dll  6.1.7601.17514
advapi32.dll    C:\Windows\SysWOW64\advapi32.dll    6.1.7601.17514
msvcp90d.dll    C:\Projects\Ken11\bin\debug\Microsoft.VC90.DebugCRT\msvcp90d.dll    9.0.21022.8
msvcr90d.dll    C:\Projects\Ken11\bin\debug\Microsoft.VC90.DebugCRT\msvcr90d.dll    9.0.21022.8
mfc90d.dll  C:\Projects\Ken11\bin\debug\Microsoft.VC90.DebugMFC\mfc90d.dll  9.0.21022.8
dbghelp.dll C:\Windows\System32\dbghelp.dll 6.1.7601.17514
mswsock.dll C:\Windows\System32\mswsock.dll 6.1.7601.17514
wininet.dll C:\Windows\SysWOW64\wininet.dll 8.0.7601.17785
rasman.dll  C:\Windows\System32\rasman.dll  6.1.7600.16385
devobj.dll  C:\Windows\SysWOW64\devobj.dll  6.1.7601.17621

查看发生异常的线程的堆栈,我们得到以下极短的调用堆栈:

msvcr90d.dll!6d69f824()     
    [Frames below may be incorrect and/or missing, no symbols loaded for msvcr90d.dll]  
--> Server.exe!CServer::LoadPageList()  Line 269 + 0x28 bytes   C++
    cccccccc()

应用程序中所有正确的线程都有清晰的堆栈,显示了对__RtlUserThreadStart的调用。例如:

mswsock.dll!_WSPRecv@36()  + 0x34ff bytes   
ws2_32.dll!_WSARecv@28()  + 0x71 bytes  
wsock32.dll!_recv@16()  + 0x33 bytes    
>libmySQL.dll!008aaa2f()    
[Frames below may be incorrect and/or missing, no symbols loaded for libmySQL.dll]  
libmySQL.dll!008aac0d()     
libmySQL.dll!008a34d7()     
libmySQL.dll!008a30d2()     
libmySQL.dll!0084be35()     
libmySQL.dll!00851572()     
libmySQL.dll!00851c2b()     
Server.exe!CServer::logStatusToDB(AsynchStatus_T * pStatus=0x04f18170)  Line 1717   C++
Server.exe!CServer::checkStatus(AsynchStatus_T * pStatus=0x04f18170)  Line 2145 C++
Server.exe!CThread::ControllingFunction(void * lpParameter=0x03fffe08)  Line 1280 + 0xf bytes   C++
kernel32.dll!@BaseThreadInitThunk@12()  + 0x12 bytes    
ntdll.dll!___RtlUserThreadStart@8()  + 0x27 bytes   
ntdll.dll!__RtlUserThreadStart@8()  + 0x1b bytes

崩溃线程堆栈的较低部分如何被0xCCCCCCCC替换?
为完整起见,此处为框架Server.exe!CServer::LoadPageList() Line 269 + 0x28 bytes的拆卸

00453217  mov         byte ptr [ebp-4],0  
0045321B  mov         esi,esp  
0045321D  lea         ecx,[ebp-104h]  
00453223  call        dword ptr [__imp_ATL::CStringT<char,StrTraitMFC_DLL<char,ATL::ChTraitsCRT<char> > >::~CStringT<char,StrTraitMFC_DLL<char,ATL::ChTraitsCRT<char> > > (6DA994h)]  
00453229  cmp         esi,esp  
0045322B  call        _RTC_CheckEsp (690D20h)  
00453230  mov         dword ptr [ebp-4],0FFFFFFFFh  
00453237  mov         esi,esp  
00453239  lea         ecx,[ebp-20h]  
0045323C  call        dword ptr [__imp_ATL::CStringT<char,StrTraitMFC_DLL<char,ATL::ChTraitsCRT<char> > >::~CStringT<char,StrTraitMFC_DLL<char,ATL::ChTraitsCRT<char> > > (6DA994h)]  
00453242  cmp         esi,esp  
00453244  call        _RTC_CheckEsp (690D20h)  
00453249  push        edx  
0045324A  mov         ecx,ebp  
0045324C  push        eax  
0045324D  lea         edx,[ (45327Ch)]  
00453253  call        _RTC_CheckStackVars (690D50h)  
00453258  pop         eax             <<<=== exception refers to this line
00453259  pop         edx  
0045325A  mov         ecx,dword ptr [ebp-0Ch]  
0045325D  mov         dword ptr fs:[0],ecx  
00453264  pop         ecx  
00453265  pop         edi
  • 最新情况 *

完全忘记了包括函数源代码(感谢Joachim):

void CServer::LoadPageList()
{
    CString header;
    header.Format("Accept: text/plain, */*; q=0.01\r\n");
    _pSession->setHttpHeader (header);
    _pSession->ReadPage (_T("/Pages"), true);
    SaveTimeStampedFile ("Pages.txt");
}

奇怪的是,函数LoadPageList中的所有操作都成功完成了,崩溃似乎发生在字符串的析构函数被调用之后,就在从这个堆栈帧返回之前。

zaq34kh6

zaq34kh61#

在我的例子中,这个无声的崩溃(在Minidump中查看)是由数据执行保护(DEP)引起的,添加到异常删除了错误。
提醒随机访问者-要小心,可能先扫描病毒总数或类似的网站,你添加到例外。

相关问题