应用程序正在使用INVALID_STACK_ACCESS崩溃。需要帮助来解码转储

时间:2014-07-15 12:26:12

标签: windbg access-violation

我使用windbg打开转储文件。因为我不是开发人员,所以我不明白最新情况。请帮助

Loading Dump File [F:\Calls\Panasonic\DLO admin Service stops\DLOAdminSvcu.exe.15724.dmp]
User Mini Dump File with Full Memory: Only application data is available

Symbol search path is: SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: 
Windows 7 Version 7601 (Service Pack 1) MP (16 procs) Free x64
Product: Server, suite: Enterprise TerminalServer SingleUserTS
Machine Name:
Debug session time: Tue Jul 15 13:01:55.000 2014 (UTC + 4:00)
System Uptime: 10 days 2:12:07.249
Process Uptime: 0 days 0:00:18.000
................................................................
................................................................
.
Loading unloaded module list
...
This dump file has an exception of interest stored in it.
The stored exception information can be accessed via .ecxr.
(3d6c.58c0): Access violation - code c0000005 (first/second chance not available)
ntdll!RtlRaiseException+0x43:
00000000`778795c3 e878720300      call    ntdll!RtlCaptureContext (00000000`778b0840)
Verbose mode ON.
0:013> !analyze -v
*******************************************************************************
*                                                                             *
*                        Exception Analysis                                   *
*                                                                             *
*******************************************************************************

Loading symbols for 00000000`00400000 DLOAdminSvcu.exe ->   DLOAdminSvcu.exe
*** ERROR: Module load completed but symbols could not be loaded for DLOAdminSvcu.exe
Loading symbols for 00000000`74970000      msvcp80.dll ->   msvcp80.dll
Loading symbols for 00000000`74a80000      msvcr80.dll ->   msvcr80.dll
Loading symbols for 00000000`77640000     kernel32.dll ->   kernel32.dll
Loading symbols for 000007fe`fdca0000      sechost.dll ->   sechost.dll
Force unload of C:\Windows\System32\user32.dll
Loading symbols for 00000000`77760000       user32.dll ->   user32.dll
ModLoad: 00000000`77760000 00000000`7785a000   C:\Windows\System32\user32.dll
Force unload of C:\Windows\System32\ole32.dll
Loading symbols for 000007fe`fdcc0000        ole32.dll ->   ole32.dll
ModLoad: 000007fe`fdcc0000 000007fe`fdec3000   C:\Windows\System32\ole32.dll
Loading symbols for 000007fe`ff8c0000       rpcrt4.dll ->   rpcrt4.dll
Loading symbols for 000007fe`eeef0000      netbios.dll ->   netbios.dll
Loading symbols for 000007fe`edd70000      comsvcs.dll ->   comsvcs.dll
Loading symbols for 00000000`02cc0000     vxACE_3I.dll ->   vxACE_3I.dll
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for vxACE_3I.dll - 
Loading symbols for 00000000`023c0000 LIBVXVIMMAIL1I.DLL ->   LIBVXVIMMAIL1I.DLL
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for LIBVXVIMMAIL1I.DLL - 
Loading symbols for 000007fe`fcba0000      mswsock.dll ->   mswsock.dll
Loading symbols for 000007fe`ff7f0000       ws2_32.dll ->   ws2_32.dll
Loading symbols for 00000001`80000000 LIBVXCONDUITLISTENER2.DLL ->   LIBVXCONDUITLISTENER2.DLL
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for LIBVXCONDUITLISTENER2.DLL - 
GetPageUrlData failed, server returned HTTP status 404
URL requested: 
FAULTING_IP: 
ntdll!RtlRaiseException+43
00000000`778795c3 e878720300      call    ntdll!RtlCaptureContext (00000000`778b0840)

EXCEPTION_RECORD:  ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 00000000778795c3 (ntdll!RtlRaiseException+0x0000000000000043)
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 0000000000000001
   Parameter[1]: 00000000037a0c98
Attempt to write to address 00000000037a0c98

DEFAULT_BUCKET_ID:  INVALID_STACK_ACCESS

PROCESS_NAME:  DLOAdminSvcu.exe

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.

EXCEPTION_PARAMETER1:  0000000000000001

EXCEPTION_PARAMETER2:  00000000037a0c98

WRITE_ADDRESS:  00000000037a0c98 

FOLLOWUP_IP: 
DLOAdminSvcu+f7bb2
00000000`004f7bb2 488d4c2428      lea     rcx,[rsp+28h]

MOD_LIST: <ANALYSIS/>

NTGLOBALFLAG:  0

APPLICATION_VERIFIER_FLAGS:  0

FAULTING_THREAD:  00000000000058c0

PRIMARY_PROBLEM_CLASS:  INVALID_STACK_ACCESS

BUGCHECK_STR:  APPLICATION_FAULT_INVALID_STACK_ACCESS_INVALID_POINTER_WRITE

LAST_CONTROL_TRANSFER:  from 000007fefd6c940d to 00000000778795c3

STACK_TEXT:  
00000000`037a0ca0 000007fe`fd6c940d : 00000000`013386f0 00000000`00000000 00000000`00980ec1 00000000`037a16b3 : ntdll!RtlRaiseException+0x43
00000000`037a12e0 000007fe`fd6daa0d : 00000000`8b086400 00000000`49090101 00000000`77975430 00000000`00000000 : KERNELBASE!RaiseException+0x39
00000000`037a13b0 00000000`004f7bb2 : cccccccc`cccccccc 00000000`013386f0 00000000`00000000 cccccccc`cccccccc : KERNELBASE!OutputDebugStringA+0x6d
00000000`037a1680 00000000`00504ec6 : 00000000`00980d80 00000000`00980e50 00000000`00000000 cccccccc`cccccccc : DLOAdminSvcu+0xf7bb2
00000000`037a1730 00000000`74981ac9 : 00000000`00980d80 00000000`0000000a cccccccc`00000000 00000000`00000025 : DLOAdminSvcu+0x104ec6
00000000`037a1760 00000000`74981e94 : 00000000`013386f0 00000000`013386f0 cccccccc`00000000 cccccccc`cccccccc : msvcp80!std::basic_ostream<char,std::char_traits<char> >::put+0x119 [f:\dd\vctools\crt_bld\self_64_amd64\crt\src\ostream @ 522]
00000000`037a17d0 00000000`004a94cb : 00000000`037a3930 00000000`007dc930 00000000`00000000 00000000`00000000 : msvcp80!std::endl+0x14 [f:\dd\vctools\crt_bld\self_64_amd64\crt\src\ostream @ 977]
00000000`037a1800 00000000`74b1bf40 : 00000000`004a9140 00000000`038995c0 00000000`038995c0 00000000`74ab964e : DLOAdminSvcu+0xa94cb
00000000`037a1850 00000000`74ab964e : 00000000`004a9140 00000000`037a2b58 00000000`00000100 000007fe`f1a51176 : msvcr80!_CallSettingFrame+0x20 [F:\dd\vctools\crt_bld\SELF_64_AMD64\crt\prebuild\eh\AMD64\handlers.asm @ 36]
00000000`037a1870 00000000`778b0c51 : 00000000`00000000 00000000`037a3e20 00000000`00000000 00000000`00000000 : msvcr80!__CxxCallCatchBlock+0xfe [f:\dd\vctools\crt_bld\self_64_amd64\crt\prebuild\eh\frame.cpp @ 1342]
00000000`037a1920 00000000`004a7af4 : 00000000`03899e90 00000000`03899d01 00000000`03899d00 00000000`0000005c : ntdll!RcConsolidateFrames+0x3
00000000`038995c0 00000000`0049def4 : 00000000`0012f2b0 00000000`01b56340 00000000`00000000 cccccccc`cccccccc : DLOAdminSvcu+0xa7af4
00000000`0389aad0 00000000`004470b7 : 00000000`0012f2b0 00000000`00000005 00000000`00000000 00000000`0389fbf0 : DLOAdminSvcu+0x9def4
00000000`0389d4f0 00000000`00706fa1 : 00000000`0012eee8 00000000`0012eee8 00000000`00706ee0 00000000`00000000 : DLOAdminSvcu+0x470b7
00000000`0389fd50 00000000`00737fc1 : 00000000`0012eee8 cccccccc`00000001 cccccccc`cccccccc cccccccc`cccccccc : DLOAdminSvcu+0x306fa1
00000000`0389fda0 00000000`00737e8b : 00000000`01b44490 00000000`01b3f530 cccccccc`cccccccc cccccccc`cccccccc : DLOAdminSvcu+0x337fc1
00000000`0389fe30 00000000`00732d9c : 00000000`01b44490 cccccccc`cccccccc cccccccc`cccccccc cccccccc`cccccccc : DLOAdminSvcu+0x337e8b
00000000`0389fec0 00000000`74a837d7 : 00000000`01b44490 00000000`00000000 00000000`00000000 00000000`00000000 : DLOAdminSvcu+0x332d9c
00000000`0389ff00 00000000`74a83894 : 00000000`74b395c0 00000000`01b55a70 00000000`00000000 00000000`00000000 : msvcr80!_callthreadstartex+0x17 [f:\dd\vctools\crt_bld\self_64_amd64\crt\src\threadex.c @ 348]
00000000`0389ff30 00000000`776559ed : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msvcr80!_threadstartex+0x84 [f:\dd\vctools\crt_bld\self_64_amd64\crt\src\threadex.c @ 326]
00000000`0389ff60 00000000`7788c541 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0xd
00000000`0389ff90 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x1d


SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  DLOAdminSvcu+f7bb2

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: DLOAdminSvcu

IMAGE_NAME:  DLOAdminSvcu.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  51eebd6f

STACK_COMMAND:  ~13s; .ecxr ; kb

FAILURE_BUCKET_ID:  INVALID_STACK_ACCESS_c0000005_DLOAdminSvcu.exe!Unknown

BUCKET_ID:  X64_APPLICATION_FAULT_INVALID_STACK_ACCESS_INVALID_POINTER_WRITE_DLOAdminSvcu+f7bb2

WATSON_STAGEONE_URL:  

Followup: MachineOwner
---------

0:013> !teb
TEB at 000007fffffa0000
    ExceptionList:        0000000000000000
    StackBase:            00000000038a0000
    StackLimit:           00000000037a1000
    SubSystemTib:         0000000000000000
    FiberData:            0000000000001e00
    ArbitraryUserPointer: 0000000000000000
    Self:                 000007fffffa0000
    EnvironmentPointer:   0000000000000000
    ClientId:             0000000000003d6c . 00000000000058c0
    RpcHandle:            0000000000000000
    Tls Storage:          000007fffffa0058
    PEB Address:          000007fffffdb000
    LastErrorValue:       0
    LastStatusValue:      103
    Count Owned Locks:    0
    HardErrorMode:        0
0:013> lmvm ntdll
start             end                 module name
00000000`77860000 00000000`77a09000   ntdll      (pdb symbols)          c:\symbols\ntdll.pdb\9D04EB0AA387494FBD81ED062072B99C2\ntdll.pdb
    Loaded symbol image file: ntdll.dll
    Image path: C:\Windows\System32\ntdll.dll
    Image name: ntdll.dll
    Timestamp:        Thu Aug 29 06:17:08 2013 (521EAF24)
    CheckSum:         001A875F
    ImageSize:        001A9000
    File version:     6.1.7601.18247
    Product version:  6.1.7601.18247
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    CompanyName:      Microsoft Corporation
    ProductName:      Microsoft® Windows® Operating System
    InternalName:     ntdll.dll
    OriginalFilename: ntdll.dll
    ProductVersion:   6.1.7601.18247
    FileVersion:      6.1.7601.18247 (win7sp1_gdr.130828-1532)
    FileDescription:  NT Layer DLL
    LegalCopyright:   © Microsoft Corporation. All rights reserved.
0:013> lmvm DLOAdminSvcu
start             end                 module name
00000000`00400000 00000000`009e5000   DLOAdminSvcu   (no symbols)           
    Loaded symbol image file: DLOAdminSvcu.exe
    Image path: E:\Program Files\Symantec\Symantec DLO\DLOAdminSvcu.exe
    Image name: DLOAdminSvcu.exe
    Timestamp:        Tue Jul 23 21:29:19 2013 (51EEBD6F)
    CheckSum:         005D759A
    ImageSize:        005E5000
    File version:     7.5.758.2301
    Product version:  7.5.1.0
    File flags:       0 (Mask 3F)
    File OS:          4 Unknown Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0 0804.04b0 0407.04b0 040a.04b0 040c.04b0 0410.04b0 0411.04b0 0412.04b0 0416.04b0 0404.04b0 0419.04b0
    CompanyName:      Symantec Corporation
    ProductName:      Desktop and Laptop Option
    OriginalFilename: ConsoleSvc.exe
    ProductVersion:   7.50.01.0000
    FileVersion:      7.5.758.2301
    FileDescription:  Administrator Service
    LegalCopyright:   Copyright© 2013 Symantec Corporation, All rights reserved.
    LegalTrademarks:  Symantec®, the Symantec logo, Symantec Backup Exec™, and Symantec DLO™ are trademarks or registered trademarks of Symantec Corporation.

1 个答案:

答案 0 :(得分:0)

  

模块加载已完成但无法加载符号   DLOAdminSvcu.exe

首先修复符号以获得可读的堆栈跟踪

您似乎有访问冲突

调用堆栈表明你的函数在OutPutDebugString()附近和此地址之后的某处失败

DLOAdminSvcu+f7bb2
00000000`004f7bb2 488d4c2428      lea     rcx,[rsp+28h]

似乎esp已被覆盖或分配了虚假地址。

相关问题
最新问题