在应用程序一开始就如何破坏堆栈 [英] How can the stack be broken at the very start of application

问题描述

堆栈帧指针(EBP)应该始终指向上一个堆栈帧正确的位置，但是为什么在我的应用程序中不是这样！那将表明确实有问题..难以置信！

The stack frame pointer (EBP) should always point to where the previous stack frame was right but why is that not the case in my application! That would indicate something is really wrong..hard to believe!

我创建了多个简单的演示应用程序，其中堆栈指针始终指向先前的堆栈框架，但是我无法理解为什么在此应用程序中不是这种情况，而是在我的应用程序刚刚启动时发生的！

I created multiple simple demo applications where the stack pointer always points to the previous stack frame but I can't make sense of why this is not the case in this application and it is happening when my application is just starting up!

以下是我的调用堆栈

0:000> k
 # ChildEBP RetAddr  
00 0018fee4 6381d1cd acn!CAcnApp::InitInstance+0x41 [c:\acn-project\acn\acn.cpp @ 527]
01 0018fef4 00428575 MFC80U!AfxWinMain+0x48 [f:\dd\vctools\vc7libs\ship\atlmfc\src\mfc\winmain.cpp @ 37]
02 0018ff88 765d336a acn!__tmainCRTStartup+0x150 [f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c @ 589]
03 0018ff94 76f59902 kernel32!BaseThreadInitThunk+0xe
04 0018ffd4 76f598d5 ntdll!__RtlUserThreadStart+0x70
05 0018ffec 00000000 ntdll!_RtlUserThreadStart+0x1b
0:000> dc 0018fee4 
0018fee4  ffffffff 6381d1cd 00489498 00000001  .......c..H.....
0018fef4  00000000 00428575 00400000 00000000  ....u.B...@.....
0018ff04  01e53fd2 0000000a 87b8aee0 00000000  .?..............
0018ff14  00000000 7efde000 00000044 01e54012  .......~D....@..
0018ff24  01e53ff2 01e53fd4 00000000 00000000  .?...?..........
0018ff34  00000000 00000000 00000000 00000000  ................
0018ff44  00000000 00000000 00000000 00000000  ................
0018ff54  00000000 00000000 0018ff84 00428e5d  ............].B.
0:000> dc 0018fef4 
0018fef4  00000000 00428575 00400000 00000000  ....u.B...@.....
0018ff04  01e53fd2 0000000a 87b8aee0 00000000  .?..............
0018ff14  00000000 7efde000 00000044 01e54012  .......~D....@..
0018ff24  01e53ff2 01e53fd4 00000000 00000000  .?...?..........
0018ff34  00000000 00000000 00000000 00000000  ................
0018ff44  00000000 00000000 00000000 00000000  ................
0018ff54  00000000 00000000 0018ff84 00428e5d  ............].B.
0018ff64  01e53fd2 00000000 00000000 0018ff0c  .?..............
0:000> dc 0018ff88 
0018ff88  0018ff94 765d336a 7efde000 0018ffd4  ....j3]v...~....
0018ff98  76f59902 7efde000 7d7a657d 00000000  ...v...~}ez}....
0018ffa8  00000000 7efde000 00000000 00000000  .......~........
0018ffb8  00000000 0018ffa0 00000000 ffffffff  ................
0018ffc8  76f958c5 0b965c89 00000000 0018ffec  .X.v.\..........
0018ffd8  76f598d5 0042873d 7efde000 00000000  ...v=.B....~....
0018ffe8  00000000 00000000 00000000 0042873d  ............=.B.
0018fff8  7efde000 00000000 78746341 00000020  ...~....Actx ...

该控件位于InitInstance()的第一行中，因此就像我的应用程序正在呼吸一样，堆栈似乎已经损坏了吗?好了，应用程序类的构造函数早于此，但是我检查了那里的调用堆栈也处于类似状态.

The control is in the first line of InitInstance() so it's like my application is drawing its first breath and the stack seems to be already corrupted? Well the app class constructor comes before this but I checked the call stack is in similar state there as well.

请注意，第一帧和第二帧的堆栈帧指针(EFP)检查均失败，但是超出该范围的堆栈是好的.

Notice the stack frame pointer (EFP) check for both 1st and 2nd frame fails but the stack is good beyond that.

我的第一个问题是，调用堆栈可以像这样，这还可以吗?换句话说，我们可以说调用堆栈肯定坏了吗?该应用程序确实会加载并调用各种dll(如果它们可能起任何作用)(不知道为什么会这样).

My first question is that is there any explanation the call stack can be like this and this being Ok? In other words, can we say the call stack is definitely broken? The application does load and calls various dlls if that may play any part (don't know why it would though).

在这种情况下，由于应用程序才刚刚启动，因此可能是可疑的！?

What could be the suspect in this case since the application has only barely started!?

更新(代码)

这里是构造函数，它非常简单.至于InitInstance()，该函数很长，但是我的断点在第一行，因此在调用堆栈那样时，它的代码永远不会执行.

Here is constructor which is very simple. And as for InitInstance(), that function is very long but my breakpoint is on first line so its code is never executed when call stack is like that.

CAcnApp::CAcnApp()
{
    m_bServMode = FALSE;
    m_bFactory = FALSE;
    m_bDownload = FALSE;
    m_pEngine = NULL;
    m_hWiztomMod = NULL;
    m_pServer = new CAcnServer;
}

第二次更新

我发布了后续邮件问题，以便在进一步调查后共享更多信息，并且由于存在差异，确实可以作为单独的问题.

I posted a follow up question to share extra information after further investigation and that does qualify as separate question due to differences.

推荐答案

BTW，在调用main函数之前创建了全局或文件全局对象.

BTW, global or file global objects are created before the main function is called.

如果对象的构造函数有问题，则可以看到在调用main之前发生的任何数量的缺陷.

If an object's constructor has problems, you could see any number of defects occurring before main is called.

查看对象的构造函数.您应该能够在对象的构造函数中设置断点.

Review your object's constructors. You should be able to set a breakpoint in the object's constructor.

构造函数中的内存分配
具有具有动态内存分配的全局对象 可能会引起问题.该对象要求在构造该对象之前初始化动态内存分配.尝试注释掉动态内存分配，看看问题是否消失.

Edit 1: Memory allocation in constructor
Having a global object that has dynamic memory allocation may cause problems. The object requires that the dynamic memory allocation is initialized before the object is constructed. Try commenting out the dynamic memory allocation and see if the issue goes away.

一种解决方法是创建一个初始化"方法，该方法可在到达main入口点后调用. initialize方法将执行动态内存分配.

A workaround is to create an "initialize" method that can be called after the main entry point is reached. The initialize method would perform dynamic memory allocation.

这篇关于在应用程序一开始就如何破坏堆栈的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！