One of our customers reported a crash. She saw the standard error message after an unhandled exception:
"Application has generated an exception that could not be handled... Click OK to terminate the application. Click CANCEL to debug the application."
I used DebugDiag to generate a dump of this process. I'm looking at the dump now.
!threads showed me an exception in my managed thread. There were several nested exceptions. This one was at the bottom:
0:000> !pe -nested
...
Nested exception -------------------------------------------------------------
Exception object: 14015a98
Exception type: System.AccessViolationException
Message: Attempted to read or write protected memory. This is often an indication that other memory is corrupt.
InnerException: <none>
StackTrace (generated):
SP IP Function
0013E958 7B6EEF3B System_Windows_Forms_ni!System.Windows.Forms.Application+ThreadContext.OnThreadException(System.Exception)+0x8b
0013E994 7B6F7916 System_Windows_Forms_ni!System.Windows.Forms.Control.WndProcException(System.Exception)+0x16
0013E9A0 7B6FA39C System_Windows_Forms_ni!System.Windows.Forms.Control+ControlNativeWindow.OnThreadException(System.Exception)+0xc
0013E9A4 7B1C8512 System_Windows_Forms_ni!System.Windows.Forms.NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr)+0x72
0013EC70 7B1D8D2E System_Windows_Forms_ni!System.Windows.Forms.Application+ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(Int32, Int32, Int32)+0x24e
0013ED0C 7B1D8997 System_Windows_Forms_ni!System.Windows.Forms.Application+ThreadContext.RunMessageLoopInner(Int32, System.Windows.Forms.ApplicationContext)+0x177
0013ED60 7B1D87E1 System_Windows_Forms_ni!System.Windows.Forms.Application+ThreadContext.RunMessageLoop(Int32, System.Windows.Forms.ApplicationContext)+0x61
0013ED90 7B6EDE2B System_Windows_Forms_ni!System.Windows.Forms.Application.RunDialog(System.Windows.Forms.Form)+0x33
0013EDA4 7B7225AB System_Windows_Forms_ni!System.Windows.Forms.Form.ShowDialog(System.Windows.Forms.IWin32Window)+0x373
0013EE30 0DF41E76 PDILibReportProcessor!profdata.com.Library.libReportRenderCrystal.RenderToDisplay(System.Windows.Forms.IWin32Window, profdata.com.Library.libOutputSettings, profdata.com.Library.libApplicationConfig)+0xb6
0013EE4C 0DF416EB PDILibReportProcessor!profdata.com.Library.libReportProcessor.Process(System.Windows.Forms.IWin32Window)+0x153
0013EE60 07B37644 PDILibReportProcessor!profdata.com.Library.libReportProcessor.ProcessCrystalReport(System.String, System.Type, System.Data.DataSet, profdata.com.Library.libOutputSettings, profdata.com.Library.libApplicationConfig, System.Windows.Forms.IWin32Window, System.String)+0x74
0013EEA4 07B375B8 PDILibReportProcessor!profdata.com.Library.libReportProcessor.ProcessReport(System.String, System.Type, System.Data.DataSet, profdata.com.Library.libOutputSettings, profdata.com.Library.libApplicationConfig, System.Windows.Forms.IWin32Window)+0x18
0013EEB8 07B333C4 APRPTCashRequirements!profdata.com.AccountsPayable.frmAPCashRequirements.RunProcessOrReport()+0x7e4
StackTraceString: <none>
HResult: 80004003
The code has displayed a Crystal Report to the user in a form. While displaying the report, the application tried to do something and got a System.AccessViolationException.
Looking at the NativeWindow.Callback source, I see this:
private IntPtr Callback(IntPtr hWnd, int msg, IntPtr wparam, IntPtr lparam)
{
Message m = Message.Create(hWnd, msg, wparam, lparam);
try
{
// calls WndProc or DefWndProc
}
catch (Exception exception)
{
this.OnThreadException(exception);
}
finally {...}
}
I want to know the message, wParam, and lParam arguments that caused the exception. (I'd also like to verify I'm looking at the correct exception object.) This may be an invoke back to the UI thread, or it might be a normal Windows event, in which case I want to know which one.
I got the thread environment block:
0:000> !teb
TEB at 7ffdf000
ExceptionList: 00134144
StackBase: 00140000
StackLimit: 00130000
And dumped the stack memory:
0:000> !dqs 00130000 00140000
...
0013e968 00000000`00000000
0013e970 00000000`00000000
0013e978 00000000`00000000
0013e980 140ea9fc`00000000
0013e988 0013e998`0013ea44
0013e990 140c1d4c`7b6f7916
0013e998 7b6fa39c`0013ea54 <--- is NativeWindow.Callback
0013e9a0 0013ea6c`7b1c8512
0013e9a8 0013ec60`79edd757
0013e9b0 0013ec60`00000000
0013e9b8 0013ea6c`e0434f4d
0013e9c0 00000000`0013ea1c
0013e9c8 00000000`00000000
...
So if the signature is this: SP IP 0013E9A4 7B1C8512 NativeWindow.Callback(IntPtr, Int32, IntPtr, IntPtr)+0x72
- Where exactly are the parameters on the stack?
- How do I inspect them to get their values?
I still don't feel like I've found the root cause. We have a ThreadException handler. Why wasn't it called? What caused the System.AccessViolationException
?
Note that !analyze -v
reported STATUS_BREAKPOINT
, because the user is stopped at the error dialog "Application has generated an exception...".