user32.dll的TranslateMessage()API抛出异常。当我尝试使用windbg命令中的!analyze -v分析异常时,我得到了以下信息。任何人都可以帮我解码错误
FAULTING_IP:
+0
ffffffff`e85b6720 ?? ???
EXCEPTION_RECORD: ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: ffffffffe85b6720
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000008
Parameter[1]: ffffffffe85b6720
Attempt to execute non-executable address ffffffffe85b6720
FAULTING_THREAD: 000000000000642c
DEFAULT_BUCKET_ID: WRONG_SYMBOLS
PROCESS_NAME: CapGM.exe
ADDITIONAL_DEBUG_TEXT:
You can run '.symfix; .reload' to try to fix the symbol path and load symbols.
MODULE_NAME: mfc100u
FAULTING_MODULE: 0000000077720000 ntdll
DEBUG_FLR_IMAGE_TIMESTAMP: 4df2cfdb
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_PARAMETER1: 0000000000000008
EXCEPTION_PARAMETER2: ffffffffe85b6720
WRITE_ADDRESS: ffffffffe85b6720
FOLLOWUP_IP:
mfc100u+2745a8
00000000`74eb45a8 488bf0 mov rsi,rax
FAILED_INSTRUCTION_ADDRESS:
+2745a8
ffffffff`e85b6720 ?? ???
APP: capgm.exe
IP_ON_HEAP: ffffffffe85b6720
The fault address in not in any loaded module, please check your build's rebase
log at <releasedir>\bin\build_logs\timebuild\ntrebase.log for module which may
contain the address if it were loaded.
PRIMARY_PROBLEM_CLASS: WRONG_SYMBOLS
BUGCHECK_STR: APPLICATION_FAULT_WRONG_SYMBOLS
LAST_CONTROL_TRANSFER: from 0000000077519bd1 to ffffffffe85b6720
STACK_TEXT:
00000000`003bbb68 00000000`77519bd1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`775172cb : 0xffffffff`e85b6720
00000000`003bbb70 00000000`775172cb : 00000000`00000000 ffffffff`e85b6720 00000000`00000000 00000000`00000000 : USER32!TranslateMessageEx+0x2a1
00000000`003bbc30 00000000`77516829 : 00000000`00000000 00000000`003bbd78 000007fe`ecfede14 00000018`000000c8 : USER32!SetWindowTextW+0x277
00000000`003bbc90 00000000`777711f5 : 00000000`00000000 000007fe`ecfb0000 00000000`000003e9 00000000`0055055c : USER32!IsDialogMessageW+0x169
00000000`003bbcf0 00000000`7751041a : 00000000`77510397 00000000`003bc1a8 00000000`00000000 00000000`003bc1a8 : ntdll!KiUserCallbackDispatcher+0x1f
00000000`003bbd78 00000000`77510397 : 00000000`003bc1a8 00000000`00000000 00000000`003bc1a8 00000000`003bc1a8 : USER32!SendMessageTimeoutW+0x95a
00000000`003bbd80 00000000`775105d8 : 00000000`00000000 00000000`00000002 00000000`00000000 00000000`56000000 : USER32!SendMessageTimeoutW+0x8d7
00000000`003bc0f0 00000000`77510880 : 00000000`00000148 00000000`56000000 00000000`003bc3d9 00000000`74f0c6b0 : USER32!SendMessageTimeoutW+0xb18
00000000`003bc240 00000000`74eb45a8 : 00000000`00582960 00000000`00000000 00000000`00000320 00000000`00900000 : USER32!CreateWindowExW+0x70
00000000`003bc2c0 00000000`74eac377 : 00000000`0c07e510 00000000`0c07e510 00000000`00000000 00000000`00900000 : mfc100u+0x2745a8
00000000`003bc340 00000000`74eac4b6 : 00000000`0055055c 00000000`0c07e510 00000000`56000000 00000000`00000318 : mfc100u+0x26c377
00000000`003bc400 000007fe`e8ba1316 : 00000000`00000000 00000000`003be330 00000000`0bee1a80 00000000`0c07e510 : mfc100u+0x26c4b6
00000000`003bc470 000007fe`ecfdaab6 : ffffffff`ffffffff 00000000`00000000 ffffffff`ffffffff 00000000`00000000 : FrontEnd!FrontWindowFactory<dFrontWindow>::create+0x136
我知道翻译消息试图访问一些错误的地址,但我该如何修复它?
答案 0 :(得分:1)
问题是固定的。错误发生在SetWindowLongPtr()中。这是SetWindowLong()的64位变体。虽然函数已更改但其wriiten的值仍然在长变量中捕获。将其更改为LONG_PTR修复了该问题。现在地址不会被截断,相应的用户例程也会被调用。
感谢大家的帮助:)
答案 1 :(得分:0)
与上面提到的其他人一样 - 首先要做的就是获得正确的符号。
Microsoft公开其Windows二进制文件的公共符号。这样可以更好地了解出现了什么问题。
现在,查看已共享的!analyze输出和TranslateMessage的签名。
BOOL WINAPI TranslateMessage(
_In_ const MSG *lpMsg
);
我最好的猜测是你没有确认lpMsg是真正的输入。你可以粘贴传递的输入吗?
一般而言,已经存在一段时间的经验法则公共API已经过很好的测试。因此,如果出现问题,最好检查我们的程序传递给它的输入:)