为什么应用程序在Deletecriticalsection()中崩溃 [英] Why application is crashed in Deletecriticalsection()
问题描述
我正在Windows中编写应用程序,并且不时崩溃。在分析了crashdump之后,它停在了Deletecriticalseciton和ExceptionCode:c0000409(安全检查失败或堆栈缓冲区溢出)。
Crashdump:
- -------------------------------------------------- -------------------------------------------------- ------------------
语境: (。ecxr)
rax = 0000000000c97870 rbx = 0000000001b2f1e0 rcx = 0000000000000003
rdx = 00000000a42f3a20 rsi = 0000000000000001 rdi = 0000000000c97860
rip = 00007ffd615f3078 rsp = 000000000149fd90 rbp = 0000000000bb0080
r8 = 0000000000465d60 r9 = 0000000000000000 r10 = 0000000000000000
r11 = 0000000000000203 r12 = 0000000000673048 r13 = 0000000000c974f0
r14 = 0000000000000000 r15 = 0000000000000000
iopl = 0       nv up ei ng nz na pe cy
cs = 0033&sbsp = 002b ds = 002b es = 002b fs = 0053 gs = 002b           efl = 00000283
ntdll!RtlDeleteCriticalSection + 0xa8:
00007ffd`615f3078 cd29         int   29h
重置默认范围
$ FAULTING_IP:
ntdll!RtlDeleteCriticalSection + a8
00007ffd`615f3078 cd29         int   29h
EXCEPTION_RECORD: (。exr -1)
ExceptionAddress:00007ffd615f3078(ntdll!RtlDeleteCriticalSection + 0x00000000000000a8)
ExceptionCode:c0000409(安全检查失败或堆栈缓冲区溢出)
ExceptionFlags:00000001
$
NumberParameters:1
参数[0]:0000000000000003
子代码:0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
DEFAULT_BUCKET_ID: LIST_ENTRY_CORRUPT
PROCESS_NAME: CWM.exe
ERROR_CODE:(NTSTATUS)0xc0000409 - <无法获取错误代码文本>
EXCEPTION_CODE :( NTSTATUS)0xc0000409 - <无法获取错误代码文本>
EXCEPTION_CODE_STR: c0000409 < br $>
EXCEPTION_PARAMETER1: 0000000000000003
WATSON_BKT_PROCSTAMP: 591e5b72
WATSON_BKT_MODULE: ntdll.dll
WATSON_BKT_MODSTAMP: 5450559e
WATSON_BKT_MODOFFSET: 63078
WATSON_BKT_MODVER: 6.3.9600.17415
$
MODULE_VER_PRODUCT: MicrosoftR WindowsR操作系统
BUILD_VERSION_STRING: 6.3.9600.17415(winblue_r4.141028-1500)
MODLIST_WITH_TSCHKSUM_HASH: 78877e046971e3bd8c30a0a66959cd395e803929
$
MODLIST_SHA1_HASH: 0ded4441585a25e35ab38f71d8a3bbfadd7a47c4
NTGLOBALFLAG: 0 >
APPLICATION_VERIFIER_FLAGS: 0
$
PRODUCT_TYPE: 3
SUITE_MASK: 272
DUMP_FLAGS: 8000c07
$
DUMP_TYPE:  ; 0
$
ANALYSIS_SESSION_HOST: A002185702
ANALYSIS_SESSION_TIME: 05-22-2017 10: 17:03.0282
ANALYSIS_VERSION:10.0.14321.1024 amd64fre
THREAD_ATTRIBUTES:
OS_LOCALE: JPN
PROBLEM_CLASSES:
LIST_ENTRY_CORRUPT
&NBSP; Tid [0x0]
&NBSP;框架 [0x00]
&NBSP;失败划分
$
BUGCHECK_STR: LIST_ENTRY_CORRUPT
LAST_CONTROL_TRANSFER:  ;从00000000004607d6到00007ffd615f3078
-------------------------------------- -------------------------------------------------- -------------------------------------------------- ----
似乎最后一个是"int 29h"。它看起来像某种中断。我想知道是什么导致它。
平台:
应用程序在Windows 2012 R2上运行
有谁知道什么样的情况会导致Deletecriticalsection失败?
您好Hades555,
感谢您在此处发帖。
>>有谁知道什么样的情况会导致Deletecriticalsection失败??
请提供有关您的问题的更多信息。如果您能向我们展示导致此异常的语句会更好。
正常情况下,Deletecriticalsection失败,因为这些情况:
1。
InitializeCriticalSection 或
InitializeCriticalSectionAndSpinCount 无法初始化一个关键词section对象,但Deletecriticalsection执行。
2。当其他线程尝试
EnterCriticalSection时,调用Deletecriticalsection。
GSCookie有助于在堆栈上查找缓冲区溢出情况,并在检测到此情况时终止应用程序。在.NET环境中,当函数覆盖堆栈上的缓冲区时,调用本机函数时会发生这种情况,这会破坏GSCookie放置的
。
这是一篇关于调查GSCookie腐败的博客,也许可能对你有帮助。
https://blogs.msdn.microsoft.com/dsvc/2009/12/28/investigating-a-gscookie -corruption /
最好的问候,
Sera Yu
I am writing an application in windows and time to time it is crashed. After analyzing the crashdump, it stopped at Deletecriticalseciton and the ExceptionCode: c0000409 (Security check failure or stack buffer overrun).
Crashdump:
------------------------------------------------------------------------------------------------------------------------
CONTEXT: (.ecxr)rax=0000000000c97870 rbx=0000000001b2f1e0 rcx=0000000000000003
rdx=00000000a42f3a20 rsi=0000000000000001 rdi=0000000000c97860
rip=00007ffd615f3078 rsp=000000000149fd90 rbp=0000000000bb0080
r8=0000000000465d60 r9=0000000000000000 r10=0000000000000000
r11=0000000000000203 r12=0000000000673048 r13=0000000000c974f0
r14=0000000000000000 r15=0000000000000000
iopl=0 nv up ei ng nz na pe cy
cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000283
ntdll!RtlDeleteCriticalSection+0xa8:
00007ffd`615f3078 cd29 int 29h
Resetting default scope
FAULTING_IP:
ntdll!RtlDeleteCriticalSection+a8
00007ffd`615f3078 cd29 int 29h
EXCEPTION_RECORD: (.exr -1)
ExceptionAddress: 00007ffd615f3078 (ntdll!RtlDeleteCriticalSection+0x00000000000000a8)
ExceptionCode: c0000409 (Security check failure or stack buffer overrun)
ExceptionFlags: 00000001
NumberParameters: 1
Parameter[0]: 0000000000000003
Subcode: 0x3 FAST_FAIL_CORRUPT_LIST_ENTRY
DEFAULT_BUCKET_ID: LIST_ENTRY_CORRUPT
PROCESS_NAME: CWM.exe
ERROR_CODE: (NTSTATUS) 0xc0000409 - <Unable to get error code text>
EXCEPTION_CODE: (NTSTATUS) 0xc0000409 - <Unable to get error code text>
EXCEPTION_CODE_STR: c0000409
EXCEPTION_PARAMETER1: 0000000000000003
WATSON_BKT_PROCSTAMP: 591e5b72
WATSON_BKT_MODULE: ntdll.dll
WATSON_BKT_MODSTAMP: 5450559e
WATSON_BKT_MODOFFSET: 63078
WATSON_BKT_MODVER: 6.3.9600.17415
MODULE_VER_PRODUCT: MicrosoftR WindowsR Operating System
BUILD_VERSION_STRING: 6.3.9600.17415 (winblue_r4.141028-1500)
MODLIST_WITH_TSCHKSUM_HASH: 78877e046971e3bd8c30a0a66959cd395e803929
MODLIST_SHA1_HASH: 0ded4441585a25e35ab38f71d8a3bbfadd7a47c4
NTGLOBALFLAG: 0
APPLICATION_VERIFIER_FLAGS: 0
PRODUCT_TYPE: 3
SUITE_MASK: 272
DUMP_FLAGS: 8000c07
DUMP_TYPE: 0
ANALYSIS_SESSION_HOST: A002185702
ANALYSIS_SESSION_TIME: 05-22-2017 10:17:03.0282
ANALYSIS_VERSION: 10.0.14321.1024 amd64fre
THREAD_ATTRIBUTES:
OS_LOCALE: JPN
PROBLEM_CLASSES:
LIST_ENTRY_CORRUPT
Tid [0x0]
Frame [0x00]
Failure Bucketing
BUGCHECK_STR: LIST_ENTRY_CORRUPT
LAST_CONTROL_TRANSFER: from 00000000004607d6 to 00007ffd615f3078
----------------------------------------------------------------------------------------------------------------------------------------------
It seems like the last one is "int 29h" and it looks like some kind of interrupts. I wonder that what causes it.
Platform:
Application is running on Windows 2012 R2
Does anyone know what kind of situation will cause Deletecriticalsection failure??
Hi Hades555,
thanks for posting here.
>>Does anyone know what kind of situation will cause Deletecriticalsection failure??
Please provide more information about your issue. It would be better if you could show us the statements which causes this exception.
Normally Deletecriticalsection fails because these situations:
1. InitializeCriticalSection or InitializeCriticalSectionAndSpinCount fails to initial a critical section object, but Deletecriticalsection executes.
2. Call Deletecriticalsection when other threads try to EnterCriticalSection.
The GSCookie helps in finding buffer overrun cases on the stack and terminates the application when this is detected. In the .NET environment this would happen when calling into a native function when the function overrides the buffer on the stack corrupting the GSCookie put in place.
Here is a blog about investigating a GSCookie corruption, maybe it could be help of you.
https://blogs.msdn.microsoft.com/dsvc/2009/12/28/investigating-a-gscookie-corruption/
Best Regards,
Sera Yu
这篇关于为什么应用程序在Deletecriticalsection()中崩溃的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!