I am working on a medical device running with windows XP embded. Recently a crash occured on the device when I was trying to access certain functionality in the device remotely. it generated minidump files and I am trying to analyse the cause of crash.
I completely new to windbg and trying to analyze the dump file. here is the output of the !analyze
comand:
FAULTING_IP:
S14_RecorderManager!HcTask::hc_erase_rec_entry+73 [f:\jenkins_views\jvc_vg2.2_ci_a19545\infrastructure\framework\managers\recordermanager\hc_task.cpp @ 1771]
6d040ef3 8991c4e30000 mov dword ptr [ecx+0E3C4h],edx
EXCEPTION_RECORD: ffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 6d040ef3 (S14_RecorderManager!HcTask::hc_erase_rec_entry+0x00000073)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 00000001
Parameter[1]: 0000e3c4
Attempt to write to address 0000e3c4
DEFAULT_BUCKET_ID: INVALID_POINTER_WRITE
PROCESS_NAME: s14_fwcontainer.exe
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".
EXCEPTION_PARAMETER1: 00000001
EXCEPTION_PARAMETER2: 0000e3c4
WRITE_ADDRESS: 0000e3c4
FOLLOWUP_IP:
S14_RecorderManager!HcTask::hc_erase_rec_entry+73 [f:\jenkins_views\jvc_vg2.2_ci_a19545\infrastructure\framework\managers\recordermanager\hc_task.cpp @ 1771]
6d040ef3 8991c4e30000 mov dword ptr [ecx+0E3C4h],edx
MOD_LIST: <ANALYSIS/>
NTGLOBALFLAG: 0
FAULTING_THREAD: 00000964
PRIMARY_PROBLEM_CLASS: INVALID_POINTER_WRITE
BUGCHECK_STR: APPLICATION_FAULT_INVALID_POINTER_WRITE
LAST_CONTROL_TRANSFER: from 6d04103c to 6d040ef3
STACK_TEXT:
0012f684 6d04103c 6d0a3e98 561b3efd 00a2a328 S14_RecorderManager!HcTask::hc_erase_rec_entry+0x73 [f:\jenkins_views\jvc_vg2.2_ci_a19545\infrastructure\framework\managers\recordermanager\hc_task.cpp @ 1771]
0012f6ac 6d043302 6d0a3e98 09ce1ed8 09a86c68 S14_RecorderManager!HcTask::hc_remove_current_rec_entry+0x7c [f:\jenkins_views\jvc_vg2.2_ci_a19545\infrastructure\framework\managers\recordermanager\hc_task.cpp @ 1849]
0012f6c0 6d04a129 09ce1ed8 561b3eb9 00000ecc S14_RecorderManager!HcTask::hc_cancel_remote_recording+0xc2 [f:\jenkins_views\jvc_vg2.2_ci_a19545\infrastructure\framework\managers\recordermanager\hc_task.cpp @ 12599]
0012f804 100953eb 00000ecc 009ec7d8 00000054 S14_RecorderManager!Listen_Port_Svc_Handler::handle_input+0x1a9 [f:\jenkins_views\jvc_vg2.2_ci_a19545\infrastructure\framework\managers\recordermanager\network_task.cpp @ 596]
0012f820 1009525e 09ce1ec0 00000ecc 0012f858 s14ace!ACE_WFMO_Reactor::upcall+0xbb [m:\rafuro00_thirdparty_ms_int\thirdparty\ace\ace\wfmo_reactor.cpp @ 2212]
0012f888 100950c6 00000003 00000e38 00000004 s14ace!ACE_WFMO_Reactor::complex_dispatch_handler+0xce [m:\rafuro00_thirdparty_ms_int\thirdparty\ace\ace\wfmo_reactor.cpp @ 2111]
0012f8a4 10094f7d 00000e38 00000964 00000000 s14ace!ACE_WFMO_Reactor::dispatch_handler+0xe6 [m:\rafuro00_thirdparty_ms_int\thirdparty\ace\ace\wfmo_reactor.cpp @ 2018]
0012f8c8 10094ee6 00000003 00000001 009ec7d8 s14ace!ACE_WFMO_Reactor::dispatch_handles+0x5d [m:\rafuro00_thirdparty_ms_int\thirdparty\ace\ace\wfmo_reactor.cpp @ 1971]
0012f8dc 1004ba33 00000003 a9715800 00000001 s14ace!ACE_WFMO_Reactor::dispatch+0x36 [m:\rafuro00_thirdparty_ms_int\thirdparty\ace\ace\wfmo_reactor.cpp @ 1927]
0012f918 10094bcd 00000003 a9715830 00000001 s14ace!ACE_WFMO_Reactor::safe_dispatch+0x53 [m:\rafuro00_thirdparty_ms_int\thirdparty\ace\ace\wfmo_reactor.inl @ 965]
0012f984 78729882 0012f99c 1004b7f3 00000000 s14ace!ACE_WFMO_Reactor::event_handling+0x12d [m:\rafuro00_thirdparty_ms_int\thirdparty\ace\ace\wfmo_reactor.cpp @ 1721]
0012f99c 1006ba1c 00000000 642f20b0 642f1cc0 mfc100u!AFX_MAINTAIN_STATE2::~AFX_MAINTAIN_STATE2+0x1d
0012f9b4 10010349 1006b9d0 00403d69 ab8d2213 s14ace!ACE_Reactor::run_reactor_event_loop+0x2c [m:\rafuro00_thirdparty_ms_int\thirdparty\ace\ace\reactor.cpp @ 220]
0012f9bc 00403d69 ab8d2213 004065dc 009dd848 s14ace!ACE_Reactor::run_event_loop+0x19 [m:\rafuro00_thirdparty_ms_int\thirdparty\ace\ace\reactor.inl @ 27]
0012fe64 00404633 00000005 009d61c8 ab8d25a3 s14_fwcontainer!S14::FrameworkRuntimeContainer::run+0x1289 [f:\jenkins_views\jvc_vg2.2_ci_a19545\infrastructure\framework\container\frameworkruntime.cpp @ 166]
0012fed8 0040476f 00000005 009d61c8 10057966 s14_fwcontainer!ace_wmain_i+0x163 [f:\jenkins_views\jvc_vg2.2_ci_a19545\infrastructure\framework\container\main.cpp @ 47]
0012fee4 10057966 00000005 009d61c8 a9715fe0 s14_fwcontainer!ACE_Main::run_i+0xf [f:\jenkins_views\jvc_vg2.2_ci_a19545\infrastructure\framework\container\main.cpp @ 38]
0012ff68 00403fce 0012ff7c 00000005 009d61c8 s14ace!ace_os_wmain_i+0xa6 [m:\rafuro00_thirdparty_ms_int\thirdparty\ace\ace\os_main.cpp @ 72]
0012ff7c 00404d7e 00000005 009d61c8 009d6a48 s14_fwcontainer!wmain+0x1e [f:\jenkins_views\jvc_vg2.2_ci_a19545\infrastructure\framework\container\main.cpp @ 38]
0012ffc0 7c817077 00000000 00000000 7ffdd000 s14_fwcontainer!__tmainCRTStartup+0x122 [f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c @ 552]
0012fff0 00000000 00404e9f 00000000 00000000 kernel32!BaseProcessStart+0x23
STACK_COMMAND: ~0s; .ecxr ; kb
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: s14_recordermanager!HcTask::hc_erase_rec_entry+73
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: S14_RecorderManager
IMAGE_NAME: S14_RecorderManager.dll
DEBUG_FLR_IMAGE_TIMESTAMP: 51424061
FAILURE_BUCKET_ID: INVALID_POINTER_WRITE_c0000005_S14_RecorderManager.dll!HcTask::hc_erase_rec_entry
BUCKET_ID: APPLICATION_FAULT_INVALID_POINTER_WRITE_s14_recordermanager!HcTask::hc_erase_rec_entry+73
WATSON_STAGEONE_URL: http://watson.microsoft.com/StageOne/s14_fwcontainer_exe/0_0_0_0/514232ba/S14_RecorderManager_dll/0_0_0_0/51424061/c0000005/00010ef3.htm?Retriage=1
Followup: MachineOwner
I could able understand that the code has failed in S14_RecorderManager
module. Any input on this output to proceed further will be a great help.
Thanks in advance for any suggestion.
User contributions licensed under CC BY-SA 3.0