WinDbg中的“中断指令异常”是什么?
当你在分析一些dmp文件时,可能会发现下面的异常信息:
0:000> .exr -1 ExceptionAddress: 00000000 ExceptionCode: 80000003 (Break instruction exception) ExceptionFlags: 00000000 NumberParameters: 0
实际上我们没有在代码中设置任何硬代码断点,所以在google中搜索这个异常,有人说这个异常可能是由于堆损坏引起的。所以我的问题是,除了硬代码断点、调试时的手动断点、堆损坏之外,是否还有其他原因导致此异常?
另一个问题是,我试图使用应用验证器来检查堆损坏,我知道它是如何工作的,应用验证器将在堆损坏时触发中断指令异常。但目前,我运行没有应用验证程序,谁会提出中断指令异常?
我们的应用程序是一个Visual Studio包。
以下是结果来自!analyze -v
0:000> !analyze -v ******************************************************************************* * * * Exception Analysis * * * ******************************************************************************* *** WARNING: Unable to verify checksum for mscorlib.ni.dll ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: kernel32!pNlsUserInfo *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: kernel32!pNlsUserInfo *** *** *** ************************************************************************* FAULTING_IP: +0 00000000 ?? ??? EXCEPTION_RECORD: ffffffff -- (.exr 0xffffffffffffffff) ExceptionAddress: 00000000 ExceptionCode: 80000003 (Break instruction exception) ExceptionFlags: 00000000 NumberParameters: 0 FAULTING_THREAD: 00001f1c DEFAULT_BUCKET_ID: STATUS_BREAKPOINT PROCESS_NAME: devenv.exe ERROR_CODE: (NTSTATUS) 0x80000003 - {EXCEPTION} Breakpoint A breakpoint has been reached. EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - One or more arguments are invalid NTGLOBALFLAG: 0 APPLICATION_VERIFIER_FLAGS: 0 MANAGED_STACK: SP IP Function 0012E584 09C8A903 Microsoft_VisualStudio_Design!Microsoft.VisualStudio.NativeMethods.ThrowOnFailure(Int32, Int32[])+0x3b 0012E590 09C8C604 Microsoft_VisualStudio_Design!Microsoft.VisualStudio.Design.VSDesignSurfaceManager.Microsoft.VisualStudio.Shell.Interop.IVsSelectionEvents.OnElementValueChanged(UInt32, System.Object, System.Object)+0x144 StackTraceString: <none> HResult: 80004005 EXCEPTION_OBJECT: !pe 3115d464 Exception object: 3115d464 Exception type: System.Runtime.InteropServices.COMException Message: Error HRESULT E_FAIL has been returned from a call to a COM component. InnerException: <none> StackTrace (generated): SP IP Function 0012E584 09C8A903 Microsoft_VisualStudio_Design!Microsoft.VisualStudio.NativeMethods.ThrowOnFailure(Int32, Int32[])+0x3b 0012E590 09C8C604 Microsoft_VisualStudio_Design!Microsoft.VisualStudio.Design.VSDesignSurfaceManager.Microsoft.VisualStudio.Shell.Interop.IVsSelectionEvents.OnElementValueChanged(UInt32, System.Object, System.Object)+0x144 StackTraceString: <none> HResult: 80004005 MANAGED_OBJECT: !dumpobj 3201988 Name: System.String MethodTable: 79330a00 EEClass: 790ed64c Size: 158(0x9e) bytes (C:\WINDOWS\assembly\GAC_32\mscorlib\2.0.0.0__b77a5c561934e089\mscorlib.dll) String: Error HRESULT E_FAIL has been returned from a call to a COM component. Fields: MT Field Offset Type VT Attr Value Name 79332c4c 4000096 4 System.Int32 1 instance 71 m_arrayLength 79332c4c 4000097 8 System.Int32 1 instance 70 m_stringLength 793316e0 4000098 c System.Char 1 instance 45 m_firstChar 79330a00 4000099 10 System.String 0 shared static Empty >> Domain:Value 00219c28:03031198 << 79331630 400009a 14 System.Char[] 0 shared static WhitespaceChars >> Domain:Value 00219c28:03031798 << EXCEPTION_MESSAGE: Error HRESULT E_FAIL has been returned from a call to a COM component. MANAGED_OBJECT_NAME: System.Runtime.InteropServices.COMException LAST_CONTROL_TRANSFER: from 7c827d19 to 7c82860c PRIMARY_PROBLEM_CLASS: STATUS_BREAKPOINT BUGCHECK_STR: APPLICATION_FAULT_STATUS_BREAKPOINT STACK_TEXT: 09c8a903 Microsoft_VisualStudio_Design!Microsoft.VisualStudio.NativeMethods.ThrowOnFailure 09c8c604 Microsoft_VisualStudio_Design!Microsoft.VisualStudio.Design.VSDesignSurfaceManager.Microsoft.VisualStudio.Shell.Interop.IVsSelectionEvents.OnElementValueChanged STACK_COMMAND: dds 12e584 ; kb FOLLOWUP_IP: +9c8a903 09c8a903 8bc6 mov eax,esi SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: Microsoft_VisualStudio_Design!Microsoft.VisualStudio.NativeMethods.ThrowOnFailure+9c8a903 FOLLOWUP_NAME: MachineOwner MODULE_NAME: Microsoft_VisualStudio_Design IMAGE_NAME: Microsoft.VisualStudio.Design.dll DEBUG_FLR_IMAGE_TIMESTAMP: 0 FAILURE_BUCKET_ID: STATUS_BREAKPOINT_80000003_Microsoft.VisualStudio.Design.dll!Microsoft.VisualStudio.NativeMethods.ThrowOnFailure BUCKET_ID: APPLICATION_FAULT_STATUS_BREAKPOINT_Microsoft_VisualStudio_Design!Microsoft.VisualStudio.NativeMethods.ThrowOnFailure+9c8a903 Followup: MachineOwner
在托管堆栈中,存在一个显式错误Microsoft.VisualStudio.NativeMethods.ThrowOnFailure。。但这意味着com异常导致中断指令异常?
!analyze似乎只是转储托管级别,com异常可能是托管级别中的最后一个错误。
我还从google上搜索了一些关于中断和异常的信息,通常中断指令异常可以在以下条件下触发:1。硬代码中断请求,如:uu asm int 3(asm)、System.Diagnostics.Debugger.Break(C 35;)、DebugBreak()(WinAPI)。2。操作系统启用内存运行时检查,就像应用程序验证程序在堆损坏、内存溢出后会触发一样。三。编译器可以有一些配置来启用未初始化的内存块和函数结束时应填充的内容(在重新运行..后的空白区域)。例如,如果启用/GZ,Microsoft VC编译器可以填充0xCC。0xCC实际上是asm int 3的操作码。所以如果某个错误导致应用程序运行到这样的块中,就会触发一个断点。
对吗?如果是这样,我认为应用程序验证程序应该是找到根本原因的最佳选择。
为虫子生,为虫子死,为虫子奋斗一辈子