none
To figure out Interface name from the stack trace of 64bit crashdump using windbg

    Question

  • While analyzing a crash dump of 64bit application, we figure out that while GC is trying to release a COM object, we get exception and application crashes.

    dumpstack output is shown below:

    0:000> !dumpstack
    OS Thread Id: 0x6f8 (0)
    Child-SP         RetAddr          Call Site
    0000000000129fb8 000007fefd0c13a6 ntdll!NtWaitForMultipleObjects+0xa
    0000000000129fc0 0000000076d03143 KERNELBASE!WaitForMultipleObjectsEx+0xe8
    000000000012a0c0 0000000076d79025 kernel32!WaitForMultipleObjectsExImplementation+0xb3
    000000000012a150 0000000076d791a7 kernel32!WerpReportFaultInternal+0x215
    000000000012a1f0 0000000076d791ff kernel32!WerpReportFault+0x77
    000000000012a220 0000000076d7941c kernel32!BasepReportFault+0x1f
    000000000012a250 00000000745ae7c6 kernel32!UnhandledExceptionFilter+0x1fc
    000000000012a330 00000000745a6a68 msvcr80!abort+0x96
    000000000012a8e0 00000000745da632 msvcr80!terminate+0x38
    000000000012a910 00000000745da86b msvcr80!_CxxExceptionFilter+0xb02
    000000000012aec0 00000000745dac6f msvcr80!_InternalCxxFrameHandler+0x1fb
    000000000012af10 00000000745dad4e msvcr80!__SehTransFilter+0x6f
    000000000012af60 00000000745ab5c6 msvcr80!CallSETranslator+0x9e
    000000000012afb0 0000000076f3554d msvcr80!_C_specific_handler+0x96
    000000000012b020 0000000076f15d1c ntdll!RtlpExecuteHandlerForException+0xd
    000000000012b050 0000000076f4fe48 ntdll!RtlDispatchException+0x3cb
    000000000012b730 00000000539c0910 ntdll!KiUserExceptionDispatcher+0x2e
    000000000012bce8 00000000745dacf0 <Unloaded_SPMicroviewScanDataProcessor.dl>+0x40910
    000000000012bcf0 00000000745d9e0b msvcr80!CallSETranslator+0x40
    000000000012bd60 00000000745da62b msvcr80!_CxxExceptionFilter+0x2db
    000000000012be00 00000000745da86b msvcr80!_CxxExceptionFilter+0xafb
    000000000012c3b0 00000000745dabe7 msvcr80!_InternalCxxFrameHandler+0x1fb
    000000000012c400 0000000076f3554d msvcr80!_CxxFrameHandler+0x77
    000000000012c450 0000000076f15d1c ntdll!RtlpExecuteHandlerForException+0xd
    000000000012c480 0000000076f4fe48 ntdll!RtlDispatchException+0x3cb
    000000000012cb60 000007fef9b8e57c ntdll!KiUserExceptionDispatcher+0x2e
    000000000012d120 000007fef9b8e4d2 mscorwks!SafeReleaseHelper+0x7c
    000000000012d190 000007fef9ee2eff mscorwks!SafeRelease+0x3a
    000000000012d1f0 000007fef9ee2fa9 mscorwks!IUnkEntry::Free+0x9f
    000000000012d250 000007fef9f56cd6 mscorwks!RCW::ReleaseAllInterfaces+0x29
    000000000012d2a0 000007fef9f56d2a mscorwks!RCW::ReleaseAllInterfacesCallBack+0xd6
    000000000012d300 000007fef9f56da6 mscorwks!RCW::Cleanup+0x2a
    000000000012d350 000007fef9f56e67 mscorwks!RCWCleanupList::ReleaseRCWListRaw+0x16
    000000000012d380 000007fefa00363f mscorwks!RCWCleanupList::ReleaseRCWListInCorrectCtx+0xa7
    000000000012d3f0 000007fefee09483 mscorwks!CtxEntry::EnterContextCallback+0x9f
    000000000012d420 000007fefeaac7f5 ole32!CRemoteUnknown::DoCallback+0xa3

    Finalizer thread CallStack:

    0:003> !dumpstack
    OS Thread Id: 0x126c (3)
    Child-SP         RetAddr          Call Site
    000000001cc0e7e8 000007fefd0c10ac ntdll!NtWaitForSingleObject+0xa
    000000001cc0e7f0 000007fefecdda82 KERNELBASE!WaitForSingleObjectEx+0x79
    000000001cc0e890 000007fefee315a3 ole32!GetToSTA+0x8a
    000000001cc0e8e0 000007fefee3041b ole32!CRpcChannelBuffer::SwitchAptAndDispatchCall+0x13b
    000000001cc0e980 000007fefecd19c6 ole32!CRpcChannelBuffer::SendReceive2+0x11b
    000000001cc0eb40 000007fefecdc396 ole32!CAptRpcChnl::SendReceive+0x52
    000000001cc0ec10 000007fefee2fcf5 ole32!CCtxComChnl::SendReceive+0x15c
    000000001cc0ecc0 000007fefeb5ba3b ole32!NdrExtpProxySendReceive+0x45
    000000001cc0ecf0 000007fefee302d0 rpcrt4!NdrpClientCall3+0x2e2
    000000001cc0efb0 000007fefecd18a2 ole32!ObjectStublessClient+0x11d
    000000001cc0f340 000007fefed0d45e ole32!ObjectStubless+0x42
    000000001cc0f390 000007fefed11825 ole32!_chkstk+0x16ba0
    000000001cc0f4b0 000007fef9ee323d ole32!CObjectContext::ContextCallback+0x81
    000000001cc0f540 000007fef9fc2f7b mscorwks!CtxEntry::EnterContextOle32BugAware+0x2d
    000000001cc0f590 000007fef9f56e97 mscorwks!CtxEntry::EnterContext+0x26b
    000000001cc0f740 000007fef9f5b408 mscorwks!RCWCleanupList::ReleaseRCWListInCorrectCtx+0xd7
    000000001cc0f7b0 000007fef9a5ecdb mscorwks!RCWCleanupList::CleanupAllWrappers+0x158
    000000001cc0f840 000007fef9a764a6 mscorwks!SyncBlockCache::CleanupSyncBlocks+0x13b
    000000001cc0f8b0 000007fef9a67e46 mscorwks!Thread::DoExtraWorkForFinalizer+0x11a
    000000001cc0fc50 000007fef9a7c1a0 mscorwks!WKS::GCHeap::FinalizerThreadWorker+0x86
    000000001cc0fc90 000007fef9ab8725 mscorwks!Thread::DoADCallBack+0x488
    000000001cc0fce0 000007fef9a70195 mscorwks!SVR::gc_heap::make_heap_segment+0x155
    000000001cc0fdb0 000007fef9bbc30a mscorwks!AssemblySecurityDescriptor::GetZone+0x169
    000000001cc0fdf0 000007fef9a61554 mscorwks!ManagedThreadBase_NoADTransition+0x42
    000000001cc0fe50 000007fef9bb095c mscorwks!WKS::GCHeap::FinalizerThreadStart+0x74
    000000001cc0fe90 0000000076cff56d mscorwks!Thread::intermediateThreadProc+0x78
    000000001cc0ff60 0000000076f33281 kernel32!BaseThreadInitThunk+0xd
    000000001cc0ff90 0000000000000000 ntdll!RtlUserThreadStart+0x1d

     

    Now we need to figure out the name of the interface which the GC is trying to release.

    Can we get the WindDbg commands to figure this out?

     


    Tuesday, May 31, 2011 12:43 PM

All replies

  • May I know what exception you encoutered? What's the output of "!clrstack" on the exception thread?

     

    By the way, can you share the dump file?


    Eric Yang [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Wednesday, June 01, 2011 7:20 AM
  • Eric,

    Since the exception thread is not a managed thread, !clrstack doe not work.

    Sure I could share the dump. Please give me detials of where to upload it and I would do it.

     

    Thursday, June 02, 2011 1:39 PM
  • Please let me know your email address by sending a mail to v-eryang@microsoft.com. I will create a file transfer workspace where you can upload your dump file. The dump will be kept confidential.
    Eric Yang [MSFT]
    MSDN Community Support | Feedback to us
    Get or Request Code Sample from Microsoft
    Please remember to mark the replies as answers if they help and unmark them if they provide no help.

    Friday, June 03, 2011 1:15 AM
  • Given kind of stack one, I would try
    0:000> kb
    ChildEBP RetAddr  Args to Child
    ...            
    002cc60c 73fff478 00507000 00000000 45b8258f mscorwks!SafeReleaseHelper
    002cc640 73fff4a3 00507000 00000000 002cc67c mscorwks!SafeRelease+0x2f
    ...
    Assuming from call stack above, that mscorwks!SafeReleaseHelper wants to release a reference to a COM object at address 00507000
    0:000> dds 507000
    00507000  73f3e5b4 MyC!CFoo::`vftable'
    00507004  4d534143
    00507008  00000004
    ...
    0:000> dds 73f3e5b4
    73f3e5b4  73fe723c MyC!CFoo::QueryInterface
    73f3e5b8  73f3e7fc MyC!CFoo::AddRef
    73f3e5bc  73f3e7ae MyC!CFoo::Release
    ...

    No warranty

    With kind regards


    Friday, June 03, 2011 12:27 PM
  • I tried the above commands but I couldn't get the VTable details.

    Is this approach applicable for 64 bit dumps?

    We have 64 bit dump and that too Optimized.

     18 00000000`0012c480 00000000`76f4fe48 : 00000000`0012d050 00000000`0012cb60 00000000`00000000 00000000`00000000 : ntdll!RtlDispatchException+0x3cb
    19 00000000`0012cb60 000007fe`f9b8e57c : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!KiUserExceptionDispatcher+0x2e (TrapFrame @ 00000000`0012cf88)
    1a 00000000`0012d120 000007fe`f9b8e4d2 : 00000000`00000000 00000000`2e8fafc0 00000000`00000001 00000000`00000000 : mscorwks!SafeReleaseHelper+0x7c
    1b 00000000`0012d190 000007fe`f9ee2eff : 00000000`00000000 00000000`00000018 00000000`2e8fafc8 00000000`00000001 : mscorwks!SafeRelease+0x3a
    1c 00000000`0012d1f0 000007fe`f9ee2fa9 : 00000000`00000000 00000000`00000001 00000000`00000000 000007fe`f9a6279b : mscorwks!IUnkEntry::Free+0x9f
    1d 00000000`0012d250 000007fe`f9f56cd6 : 00000000`76f45dd0 00000000`76e1c3df 00000000`00000001 00000000`00000000 : mscorwks!RCW::ReleaseAllInterfaces+0x29
    1e 00000000`0012d2a0 000007fe`f9f56d2a : 00000000`00000048 00000000`00334ab0 00000000`2e8fafc0 00000000`00000001 : mscorwks!RCW::ReleaseAllInterfacesCallBack+0xd6
    1f 00000000`0012d300 000007fe`f9f56da6 : 00000000`00334ab0 00000000`00000110 00000000`00000018 00000000`76e16484 : mscorwks!RCW::Cleanup+0x2a
    20 00000000`0012d350 000007fe`f9f56e67 : 00000000`00000000 000007fe`f9bb486d 00000000`00000001 000007fe`fece050f : mscorwks!RCWCleanupList::ReleaseRCWListRaw+0x16
    21 00000000`0012d380 000007fe`fa00363f : 0d9448d1`c930c353 b91f8444`eb154ad8 00001eae`bcee4f28 00000000`6cd2cd20 : mscorwks!RCWCleanupList::ReleaseRCWListInCorrectCtx+0xa7
    22 00000000`0012d3f0 000007fe`fee09483 : 00000000`00000000 00000000`6cd2cd20 00000000`00000800 00000000`0012d830 : mscorwks!CtxEntry::EnterContextCallback+0x9f

     

    Monday, June 06, 2011 5:05 AM
  • Sorry, my fault. In fact I used non-optimization and full debug-info, 32bit when faking com-error. I did not expect this kind of stack, just looks weird, all these args 00000000'00000000.
    So I am stuck, for none of your stack-frames (value and order of arguments) looks familiar to me. Therefore, in my opinion, this seems to be no applicable way to get the information, you need.

    With kind regards


    Monday, June 06, 2011 11:57 AM
  • I am afraid this issue will take quite a bit of time to work on, and as such your question falls into the paid support category which requires a more in-depth level of support.  Please visit this link to see the various paid support options that are available to better meet your needs:  http://support.microsoft.com/default.aspx?id=fh;en-us;offerprophone.


    --Trevor H.
    Send files to Hotmail.com: "MS_TREVORH"
    Friday, June 10, 2011 7:40 PM
    Owner