我无法使用 Windbg 分析转储文件。
任何帮助将不胜感激。
这是我的 WinDbg 设置:
符号路径:C:\symbols;srv*c:\mss*http://msdl.microsoft.com/download/symbols
(C:\symbols 包含我自己的 exe 和 dll 符号、地图、pdb 等)
图片路径:C:\symbols
源路径:W:\
加载故障转储(第二次机会)显示:
警告:无法验证 nbsm.dll 的校验和 GetPageUrlData 失败,
服务器返回 HTTP 状态 404 URL 请求:
http://watson.microsoft.com/StageOne/nbsm_sm_exe/8_0_0_0/4e5649f3/KERNELBASE_dll/6_1_7600_16385/4a5bdbdf/e06d7363/0000b727.htm?Retriage=1
FAULTING_IP:
+3a22faf00cadf58 00000000 ?? ???
EXCEPTION_RECORD:fffffffffffffff -- (.exr 0xffffffffffffffff)
异常地址:000000007507b727
(KERNELBASE!RaiseException+0x0000000000000058) 异常代码:
e06d7363(C++ EH 异常)ExceptionFlags:00000009
参数数量:3
<前><代码>参数[0]:0000000019930520
参数[1]:`0000000001aafb10`
参数[2]:000000000040c958
DEFAULT_BUCKET_ID:STACKIMMUNE
PROCESS_NAME:nbsm_sm.exe
ERROR_CODE:(NTSTATUS)0xe06d7363 -
EXCEPTION_CODE:(NTSTATUS)0xe06d7363 -
EXCEPTION_PARAMETER1:0000000019930520
EXCEPTION_PARAMETER2:0000000001aafb10
EXCEPTION_PARAMETER3:000000000040c958
MOD_列表:
NTGLOBALFLAG:0
APPLICATION_VERIFIER_FLAGS:0
ADDITIONAL_DEBUG_TEXT:基于属性的后续设置
[Is_ChosenCrashFollowupThread] 来自 Frame:[0]
线程:[PSEUDO_THREAD]
LAST_CONTROL_TRANSFER:从 000000007324dbf9 到 000000007507b727
FAULTING_THREAD:ffffffffffffffff
PRIMARY_PROBLEM_CLASS:堆栈免疫
BUGCHECK_STR:APPLICATION_FAULT_STACKIMMUNE_ZEROED_STACK
STACK_TEXT:0000000000000000 0000000000000000 nbsm_sm.exe+0x0
堆栈命令:<代码>.cxr 01AAF6E8; KB; ** 伪上下文 ** ; kb
SYMBOL_NAME:nbsm_sm.exe
FOLLOWUP_NAME:MachineOwner
MODULE_NAME:nbsm_sm
IMAGE_NAME:nbsm_sm.exe
DEBUG_FLR_IMAGE_TIMESTAMP:4e5649f3
FAILURE_BUCKET_ID:STACKIMMUNE_e06d7363_nbsm_sm.exe!未知
桶 ID:
X64_APPLICATION_FAULT_STACKIMMUNE_ZEROED_STACK_nbsm_sm.exe
FOLLOWUP_IP:nbsm_sm!__ImageBase+0
<前><代码>00400000 4d dec ebp
WATSON_STAGEONE_URL:
http://watson.microsoft.com/StageOne/nbsm_sm_exe/8_0_0_0/4e5649f3/KERNELBASE_dll/6_1_7600_16385/4a5bdbdf/e06d7363/0000b727.htm?Retriage=1
========================
有什么想法吗?
提前致谢!
桑迪普
I failed to analyze the dump file using Windbg.
Any help would be greatly appreciated.
Here are my WinDbg settings:
Symbol Path: C:\symbols;srv*c:\mss*http://msdl.microsoft.com/download/symbols
(C:\symbols contains my own exe and dll symbols, map,pdb etc etc)
Image Path: C:\symbols
Source Path: W:\
loading crash dump(second chance) shows:
WARNING: Unable to verify checksum for nbsm.dll GetPageUrlData failed,
server returned HTTP status 404 URL requested:
http://watson.microsoft.com/StageOne/nbsm_sm_exe/8_0_0_0/4e5649f3/KERNELBASE_dll/6_1_7600_16385/4a5bdbdf/e06d7363/0000b727.htm?Retriage=1
FAULTING_IP:
+3a22faf00cadf58 00000000 ?? ???
EXCEPTION_RECORD: fffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 000000007507b727
(KERNELBASE!RaiseException+0x0000000000000058) ExceptionCode:
e06d7363 (C++ EH exception) ExceptionFlags: 00000009
NumberParameters: 3
Parameter[0]: 0000000019930520
Parameter[1]: `0000000001aafb10`
Parameter[2]: 000000000040c958
DEFAULT_BUCKET_ID: STACKIMMUNE
PROCESS_NAME: nbsm_sm.exe
ERROR_CODE: (NTSTATUS) 0xe06d7363 -
EXCEPTION_CODE: (NTSTATUS) 0xe06d7363 -
EXCEPTION_PARAMETER1: 0000000019930520
EXCEPTION_PARAMETER2: 0000000001aafb10
EXCEPTION_PARAMETER3: 000000000040c958
MOD_LIST:
NTGLOBALFLAG: 0
APPLICATION_VERIFIER_FLAGS: 0
ADDITIONAL_DEBUG_TEXT: Followup set based on attribute
[Is_ChosenCrashFollowupThread] from Frame:[0] on
thread:[PSEUDO_THREAD]
LAST_CONTROL_TRANSFER: from 000000007324dbf9 to 000000007507b727
FAULTING_THREAD: ffffffffffffffff
PRIMARY_PROBLEM_CLASS: STACKIMMUNE
BUGCHECK_STR: APPLICATION_FAULT_STACKIMMUNE_ZEROED_STACK
STACK_TEXT: 0000000000000000 0000000000000000 nbsm_sm.exe+0x0
STACK_COMMAND: .cxr 01AAF6E8 ; kb ; ** Pseudo Context ** ; kb
SYMBOL_NAME: nbsm_sm.exe
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nbsm_sm
IMAGE_NAME: nbsm_sm.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 4e5649f3
FAILURE_BUCKET_ID: STACKIMMUNE_e06d7363_nbsm_sm.exe!Unknown
BUCKET_ID:
X64_APPLICATION_FAULT_STACKIMMUNE_ZEROED_STACK_nbsm_sm.exe
FOLLOWUP_IP: nbsm_sm!__ImageBase+0
00400000 4d dec ebp
WATSON_STAGEONE_URL:
http://watson.microsoft.com/StageOne/nbsm_sm_exe/8_0_0_0/4e5649f3/KERNELBASE_dll/6_1_7600_16385/4a5bdbdf/e06d7363/0000b727.htm?Retriage=1
========================
Any ideas?
Thanks in advance!
Sandeep
发布评论
评论(2)
如果此故障转储来自用户,并且可以在其系统上重现或相对频繁地发生,那么您可以要求他们下载 procdump 并运行如下命令:
这将在第一次出现异常时创建一个转储文件,这可能会为您提供比目前更有用的信息。有时,第二次机会异常的转储生成得太晚而无用。
If this crash dump has come from a user and it is either reproducible on their system or happens relatively often then you could ask them to download procdump and run a command such as this:
This will create a dumpfile on the first chance exception which may give you more useful information than you have at the moment. Sometimes the dump from a second chance exception is just produced too late to be useful.
您可以尝试在 WinDbg 中运行“kb”来查看实际的堆栈跟踪。如果您没有看到任何有价值的信息,假设您正在开发本机/托管 C++ 应用程序,则可以打开堆栈检查(cl 命令行上的 /GS)并重新运行程序。
You can try to run 'kb' in WinDbg to see the actual stack trace. If you don't see any valuable information, assuming you are developing a native/managed C++ application, you can turn on stack checks (/GS on the cl command line) and re-run the program.