Re: 高手帮忙定位，程序运行一段时间就会自动崩溃

FAULTING_IP:

ntdll!RtlAllocateHeap+a39

7c956822 8b00 mov eax,dword ptr [eax]

EXCEPTION_RECORD: ffffffff -- (.exr 0xffffffffffffffff)

ExceptionAddress: 7c956822 (ntdll!RtlAllocateHeap+0x00000a39)

ExceptionCode: c0000005 (Access violation)

ExceptionFlags: 00000000

NumberParameters: 2

Parameter[0]: 00000000

Parameter[1]: 00000000

Attempt to read from address 00000000

PROCESS_NAME: iexplore.exe

ERROR_CODE: (NTSTATUS) 0xc0000005 - "0x%08lx"

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - "0x%08lx"

EXCEPTION_PARAMETER1: 00000000

EXCEPTION_PARAMETER2: 00000000

READ_ADDRESS: 00000000

FOLLOWUP_IP:

ntdll!RtlAllocateHeap+a39

7c956822 8b00 mov eax,dword ptr [eax]

ADDITIONAL_DEBUG_TEXT: Enable Pageheap/AutoVerifer

FAULTING_THREAD: 00001470

DEFAULT_BUCKET_ID: HEAP_CORRUPTION

PRIMARY_PROBLEM_CLASS: HEAP_CORRUPTION

BUGCHECK_STR: APPLICATION_FAULT_HEAP_CORRUPTION_NULL_POINTER_READ

LAST_CONTROL_TRANSFER: from 123eef5a to 7c956822

STACK_TEXT:

24348970 123eef5a 12450000 00000009 00000044 ntdll!RtlAllocateHeap+0xa39

WARNING: Stack unwind information not available. Following frames may be wrong.

2434898c 123eee2b 00000044 00000001 123a14ac hi_h264dec_w!Hi264DecImageEnhance+0x4cd66

24348998 123a14ac 00000034 11f4f5ce 00000005 hi_h264dec_w!Hi264DecImageEnhance+0x4cc37

2434899c 00000000 11f4f5ce 00000005 00000010 hi_h264dec_w!Hi264DecCreate+0x3d8

SYMBOL_NAME: heap_corruption!heap_corruption

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: heap_corruption

IMAGE_NAME: heap_corruption

DEBUG_FLR_IMAGE_TIMESTAMP: 0

STACK_COMMAND: ~63s; .ecxr ; kb

FAILURE_BUCKET_ID: HEAP_CORRUPTION_c0000005_heap_corruption!heap_corruption

BUCKET_ID: APPLICATION_FAULT_HEAP_CORRUPTION_NULL_POINTER_READ_heap_corruption!heap_corruption

WATSON_IBUCKET: -1991921089

WATSON_IBUCKETTABLE: 1

WATSON_STAGEONE_URL: http://watson.microsoft.com/StageOne/iexplore_exe/8_0_6001_18702/49b3ad2e/ntdll_dll/5_1_2600_6055/4d00f280/c0000005/00036822.htm?Retriage=1

Followup: MachineOwner

---------

0:063> kn 100

# ChildEBP RetAddr

00 243477ec 7c92d18a ntdll!KiFastSystemCallRet

01 243477f0 7c8094e5 ntdll!NtCreateSection+0xc

02 2434787c 7c92cffa kernel32!CreateFileMappingW+0x10b

03 2434789c 68d8de20 ntdll!ZwClose+0xc

04 243479d0 24090000 dbghelp!Win32LiveSystemProvider::OpenMapping+0x228

WARNING: Frame IP not in any known module. Following frames may be wrong.

05 24347a34 7c957302 0x24090000

06 24347a78 7c957585 ntdll!RtlpLowFragHeapFree+0xa7

07 24347ab8 7c956fa1 ntdll!RtlpSubSegmentInitialize+0x126

08 24347b90 7c9301db ntdll!RtlpLowFragHeapAlloc+0x8fa

09 7c931086 080c45f6 ntdll!RtlAllocateHeap+0xeac

0a 7c931096 80000000 0x80c45f6

0b 7c93109a 000586bf 0x80000000

0c 7c93109e 850f0100 0x586bf

0d 7c9310a2 00000000 0x850f0100

0:063> .frame /c 04

04 243479d0 24090000 dbghelp!Win32LiveSystemProvider::OpenMapping+0x228

eax=241b0000 ebx=0d542a88 ecx=00000007 edx=7c92e514 esi=0d542a60 edi=0d542ab8

eip=68d8de20 esp=243478a4 ebp=243479d0 iopl=0 nv up ei pl zr na pe nc

cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00200246

dbghelp!Win32LiveSystemProvider::OpenMapping+0x228:

68d8de20 c9 leave

0:063> kv 1

ChildEBP RetAddr Args to Child

243479d0 24090000 00000000 0d54f530 24347b30 dbghelp!Win32LiveSystemProvider::OpenMapping+0x228 (FPO: [5,75,0])

0:063> .frame /c 09

09 7c931086 080c45f6 ntdll!RtlAllocateHeap+0xeac

eax=241b0000 ebx=0d542a88 ecx=00000007 edx=7c92e514 esi=0d542a60 edi=0d542ab8

eip=7c9301db esp=24347b98 ebp=7c931086 iopl=0 nv up ei pl zr na pe nc

cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00200246

ntdll!RtlAllocateHeap+0xeac:

7c9301db c20c00 ret 0Ch

0:063> kv 1

ChildEBP RetAddr Args to Child

7c931086 080c45f6 f6c3850f 4d83ffff 5ae8fffc ntdll!RtlAllocateHeap+0xeac (FPO: [Non-Fpo])

0:063> dt _GUID f6c3850f

VS_AudioDis!_GUID

--- memory read error at address 0xf6c3850f ---

+0x000 Data1 : ??

+0x004 Data2 : ??

+0x006 Data3 : ??

+0x008 Data4 : Music [8]

"--- memory read error at address 0xf6c38517 ---"

Memory read error f6c38515

0:063> .frame /c 08

Frame 0x8 is before current base frame 0x9

09 7c931086 080c45f6 ntdll!RtlAllocateHeap+0xeac

eax=241b0000 ebx=0d542a88 ecx=00000007 edx=7c92e514 esi=0d542a60 edi=0d542ab8

eip=7c9301db esp=24347b98 ebp=7c931086 iopl=0 nv up ei pl zr na pe nc

cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00200246

ntdll!RtlAllocateHeap+0xeac:

7c9301db c20c00 ret 0Ch

0:063> kv 1

ChildEBP RetAddr Args to Child

7c931086 080c45f6 f6c3850f 4d83ffff 5ae8fffc ntdll!RtlAllocateHeap+0xeac (FPO: [Non-Fpo])

0:063> dt _GUID f6c3850f

VS_AudioDis!_GUID

--- memory read error at address 0xf6c3850f ---

+0x000 Data1 : ??

+0x004 Data2 : ??

+0x006 Data3 : ??

+0x008 Data4 : Music [8]

"--- memory read error at address 0xf6c38517 ---"

Memory read error f6c38515

比较明显是堆腐败(heap corruption)的问题，如果有比较完整的源代码，而且源代码规模不大，那么建议检查动态分配和使用内存的代码，否者的话，建议启用堆的调试支持，然后在调试器下重现问题...

Re: 高手帮忙定位，程序运行一段时间就会自动崩溃

C/C++本地代码调试

高手帮忙定位，程序运行一段时间就会自动崩溃

Re: 高手帮忙定位，程序运行一段时间就会自动崩溃

Re: 高手帮忙定位，程序运行一段时间就会自动崩溃