D
devstability
Guest
I have dumps created using MiniDumpWriteDump api that have 2 threads raising exceptions.
thread 85:
# Child-SP RetAddr Call Site
00 0000008a`a916cf50 00007fff`39514462 KERNELBASE!RaiseException+0x68
01 0000008a`a916d030 00007fff`193dfe8b VCRUNTIME140!_CxxThrowException+0xc2 [f:\dd\vctools\crt\vcruntime\src\eh\throw.cpp @ 136]
02 0000008a`a916d0b0 00007fff`193dfd75 mymodule!Namespace::func+0x103
...
thread 0:
# Child-SP RetAddr Call Site
00 0000008a`c0c4aee8 00007fff`4122b61e ntdll!NtWaitForMultipleObjects+0xa
01 0000008a`c0c4aef0 00007fff`4122b17c ntdll!RtlReportExceptionEx+0x452
02 0000008a`c0c4b4c0 00007fff`41251d26 ntdll!RtlReportException+0xbc
03 0000008a`c0c4b550 00007fff`411e1e26 ntdll!RtlReportCriticalFailure$filt$0+0x33
04 0000008a`c0c4b580 00007fff`411f030e ntdll!_C_specific_handler+0x96
05 0000008a`c0c4b5f0 00007fff`411f349d ntdll!_GSHandlerCheck_SEH+0x76
06 0000008a`c0c4b620 00007fff`411b48d7 ntdll!RtlpExecuteHandlerForException+0xd
07 0000008a`c0c4b650 00007fff`411b3afd ntdll!RtlDispatchException+0x197
08 0000008a`c0c4bd20 00007fff`41251cd0 ntdll!RtlRaiseException+0x18d
09 0000008a`c0c4c4e0 00007fff`41254f12 ntdll!RtlReportCriticalFailure+0x8c
0a 0000008a`c0c4c5f0 00007fff`41255b10 ntdll!RtlpHeapHandleError+0x12
0b 0000008a`c0c4c620 00007fff`4120a5ff ntdll!RtlpLogHeapFailure+0xa4
0c 0000008a`c0c4c650 00007fff`33dbf02b ntdll!RtlFreeHeap+0x74f2f
0d 0000008a`c0c4c6f0 00007fff`2ef2339c ucrtbase!_free_base+0x1b
0e (Inline Function) --------`-------- mfc140!ATL::CStringData::Release+0x27
....
Windbg and Visual studio point to thread 85 as the crashing thread but looking at thread 0 shows a heap corruption issue(some cases its access violation). Thread 0 is what windbg should point to. Although there is code to catch the exception on thread 85, it shows it as crashing thread.
Problem with such dumps is in segregating. I need to process dumps to classify them, for that I need debugging tools to identify the correct crashing thread.
Any help in understanding why MiniDumpWriteDump is creating such dumps ?
Continue reading...
thread 85:
# Child-SP RetAddr Call Site
00 0000008a`a916cf50 00007fff`39514462 KERNELBASE!RaiseException+0x68
01 0000008a`a916d030 00007fff`193dfe8b VCRUNTIME140!_CxxThrowException+0xc2 [f:\dd\vctools\crt\vcruntime\src\eh\throw.cpp @ 136]
02 0000008a`a916d0b0 00007fff`193dfd75 mymodule!Namespace::func+0x103
...
thread 0:
# Child-SP RetAddr Call Site
00 0000008a`c0c4aee8 00007fff`4122b61e ntdll!NtWaitForMultipleObjects+0xa
01 0000008a`c0c4aef0 00007fff`4122b17c ntdll!RtlReportExceptionEx+0x452
02 0000008a`c0c4b4c0 00007fff`41251d26 ntdll!RtlReportException+0xbc
03 0000008a`c0c4b550 00007fff`411e1e26 ntdll!RtlReportCriticalFailure$filt$0+0x33
04 0000008a`c0c4b580 00007fff`411f030e ntdll!_C_specific_handler+0x96
05 0000008a`c0c4b5f0 00007fff`411f349d ntdll!_GSHandlerCheck_SEH+0x76
06 0000008a`c0c4b620 00007fff`411b48d7 ntdll!RtlpExecuteHandlerForException+0xd
07 0000008a`c0c4b650 00007fff`411b3afd ntdll!RtlDispatchException+0x197
08 0000008a`c0c4bd20 00007fff`41251cd0 ntdll!RtlRaiseException+0x18d
09 0000008a`c0c4c4e0 00007fff`41254f12 ntdll!RtlReportCriticalFailure+0x8c
0a 0000008a`c0c4c5f0 00007fff`41255b10 ntdll!RtlpHeapHandleError+0x12
0b 0000008a`c0c4c620 00007fff`4120a5ff ntdll!RtlpLogHeapFailure+0xa4
0c 0000008a`c0c4c650 00007fff`33dbf02b ntdll!RtlFreeHeap+0x74f2f
0d 0000008a`c0c4c6f0 00007fff`2ef2339c ucrtbase!_free_base+0x1b
0e (Inline Function) --------`-------- mfc140!ATL::CStringData::Release+0x27
....
Windbg and Visual studio point to thread 85 as the crashing thread but looking at thread 0 shows a heap corruption issue(some cases its access violation). Thread 0 is what windbg should point to. Although there is code to catch the exception on thread 85, it shows it as crashing thread.
Problem with such dumps is in segregating. I need to process dumps to classify them, for that I need debugging tools to identify the correct crashing thread.
Any help in understanding why MiniDumpWriteDump is creating such dumps ?
Continue reading...