窗口的user32.dll的translationmessage()API在64位中引发的第一次机会异常
[英]first chance exception thrown from translatemessage() api of window's user32.dll in 64 bit
问题描述
There is a exception thrown from TranslateMessage() API of user32.dll. 
user32.dll的TranslateMessage()API引发异常。 When i tried to analyze the exception using !analyze -v in windbg command, i got the following information. 当我尝试在windbg命令中使用!analyze -v分析异常时,得到以下信息。 Can anyone help me decode the error 谁能帮我解码错误
FAULTING_IP:
+0
ffffffff`e85b6720 ?? ???
EXCEPTION_RECORD: ffffffffffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: ffffffffe85b6720
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000008
Parameter[1]: ffffffffe85b6720
Attempt to execute non-executable address ffffffffe85b6720
FAULTING_THREAD: 000000000000642c
DEFAULT_BUCKET_ID: WRONG_SYMBOLS
PROCESS_NAME: CapGM.exe
ADDITIONAL_DEBUG_TEXT:
You can run '.symfix; .reload' to try to fix the symbol path and load symbols.
MODULE_NAME: mfc100u
FAULTING_MODULE: 0000000077720000 ntdll
DEBUG_FLR_IMAGE_TIMESTAMP: 4df2cfdb
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x%08lx referenced memory at 0x%08lx. The memory could not be %s.
EXCEPTION_PARAMETER1: 0000000000000008
EXCEPTION_PARAMETER2: ffffffffe85b6720
WRITE_ADDRESS: ffffffffe85b6720
FOLLOWUP_IP:
mfc100u+2745a8
00000000`74eb45a8 488bf0 mov rsi,rax
FAILED_INSTRUCTION_ADDRESS:
+2745a8
ffffffff`e85b6720 ?? ???
APP: capgm.exe
IP_ON_HEAP: ffffffffe85b6720
The fault address in not in any loaded module, please check your build's rebase
log at <releasedir>\bin\build_logs\timebuild\ntrebase.log for module which may
contain the address if it were loaded.
PRIMARY_PROBLEM_CLASS: WRONG_SYMBOLS
BUGCHECK_STR: APPLICATION_FAULT_WRONG_SYMBOLS
LAST_CONTROL_TRANSFER: from 0000000077519bd1 to ffffffffe85b6720
STACK_TEXT:
00000000`003bbb68 00000000`77519bd1 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`775172cb : 0xffffffff`e85b6720
00000000`003bbb70 00000000`775172cb : 00000000`00000000 ffffffff`e85b6720 00000000`00000000 00000000`00000000 : USER32!TranslateMessageEx+0x2a1
00000000`003bbc30 00000000`77516829 : 00000000`00000000 00000000`003bbd78 000007fe`ecfede14 00000018`000000c8 : USER32!SetWindowTextW+0x277
00000000`003bbc90 00000000`777711f5 : 00000000`00000000 000007fe`ecfb0000 00000000`000003e9 00000000`0055055c : USER32!IsDialogMessageW+0x169
00000000`003bbcf0 00000000`7751041a : 00000000`77510397 00000000`003bc1a8 00000000`00000000 00000000`003bc1a8 : ntdll!KiUserCallbackDispatcher+0x1f
00000000`003bbd78 00000000`77510397 : 00000000`003bc1a8 00000000`00000000 00000000`003bc1a8 00000000`003bc1a8 : USER32!SendMessageTimeoutW+0x95a
00000000`003bbd80 00000000`775105d8 : 00000000`00000000 00000000`00000002 00000000`00000000 00000000`56000000 : USER32!SendMessageTimeoutW+0x8d7
00000000`003bc0f0 00000000`77510880 : 00000000`00000148 00000000`56000000 00000000`003bc3d9 00000000`74f0c6b0 : USER32!SendMessageTimeoutW+0xb18
00000000`003bc240 00000000`74eb45a8 : 00000000`00582960 00000000`00000000 00000000`00000320 00000000`00900000 : USER32!CreateWindowExW+0x70
00000000`003bc2c0 00000000`74eac377 : 00000000`0c07e510 00000000`0c07e510 00000000`00000000 00000000`00900000 : mfc100u+0x2745a8
00000000`003bc340 00000000`74eac4b6 : 00000000`0055055c 00000000`0c07e510 00000000`56000000 00000000`00000318 : mfc100u+0x26c377
00000000`003bc400 000007fe`e8ba1316 : 00000000`00000000 00000000`003be330 00000000`0bee1a80 00000000`0c07e510 : mfc100u+0x26c4b6
00000000`003bc470 000007fe`ecfdaab6 : ffffffff`ffffffff 00000000`00000000 ffffffff`ffffffff 00000000`00000000 : FrontEnd!FrontWindowFactory<dFrontWindow>::create+0x136
i understood that translate message is trying to access some wrong address but how do i fix it? 我知道翻译消息正在尝试访问一些错误的地址,但是我该如何解决?
2 个解决方案
解决方案1
1 2014-04-02 01:59:03
The Problem is Fixed. 问题已解决。 The error was in SetWindowLongPtr(). 该错误是在SetWindowLongPtr()中。 This is 64 bit variant of SetWindowLong().Though the function was changed but the value of its wriiten was still captured in long variable.Changing it to LONG_PTR fixed the issue. 这是SetWindowLong()的64位变体,尽管函数已更改,但其wriiten的值仍在long变量中捕获,将其更改为LONG_PTR可解决此问题。 Now the address doesnot get truncated and the corresponding user routine gets called. 现在,该地址不会被截断,并且相应的用户例程也会被调用。
Thanks for everyone's help :) 谢谢大家的帮助:)
解决方案2
0 2014-03-28 05:01:52
Like others have mentioned above - first thing to do will be to get the right symbols. 就像上面提到的其他人一样-首先要做的是获取正确的符号。
Microsoft exposes public symbols for its windows binaries. Microsoft为其Windows二进制文件公开了公共符号。 That will give a much better idea of what is going wrong. 这样可以更好地了解出了什么问题。
Now, looking at the !analyze output that you have shared and the signature of TranslateMessage. 现在,查看您共享的!analyze输出和TranslateMessage的签名。
BOOL WINAPI TranslateMessage( _In_ const MSG *lpMsg );
My best guess would be that you are not validating that lpMsg is a genuine input. 我最好的猜测是您没有验证lpMsg是真正的输入。 Can you paste the input passed ? 您可以粘贴传递的输入吗?
General, rule of thumb public APIs that have been around for a while is very well tested. 总的来说,已经存在了一段时间的经验丰富的公共API都经过了很好的测试。 So if something is going wrong there, it will be a good idea to check what input our program is passing to it :) 因此,如果那里出了问题,最好检查一下我们的程序传递给它的输入内容:)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.