How to find the faulting stack in a process dump file that COM+ obtains (317317)


The information in this article applies to:

  • Microsoft COM+ 1.5
This article was previously published under Q317317

SUMMARY

This article describes how to use the new COM+ Process Dump feature. With this feature, you can obtain automatic memory dumps on a COM+ FailFast, which is the internal error handling feature in COM+. This article describes how you can locate the access violation that may trigger such a dump.

MORE INFORMATION

The example in this article uses a .dll file named DoBadStuff, a class named CNaughty, and a method named AV. To create an access violation and to trigger a COM+ Process Dump, follow these steps:
  1. Open the dump file in a debugger such as Windbg.exe.
  2. Type the command ~*kb 400.
  3. Find the call stack that has this structure:
    ChildEBP RetAddr  Args to Child              
00dbe7f0 77f7f4af 77e7788b 000001a0 00000000 SharedUserData!SystemCallStub+0x4
00dbe7f4 77e7788b 000001a0 00000000 00000000 ntdll!ZwWaitForSingleObject+0xc
00dbe858 77e79d6a 000001a0 ffffffff 00000000 kernel32!WaitForSingleObjectEx+0xa8
00dbe868 757bb368 000001a0 ffffffff 757f15d0 kernel32!WaitForSingleObject+0xf
00dbecec 757bb663 757f1868 757f187c 000009fc COMSVCS!FF_RunCmd+0x7b
00dbefac 757bb6d5 00dbefc0 00000001 00000001 COMSVCS!FF_DumpProcess_MD+0x1a3
00dbf1ec 757bb998 7574c2f9 00000001 00085558 COMSVCS!FF_DumpProcess+0x2f
00dbf1f0 7574c2f9 00000001 00085558 771be20c COMSVCS!FailFast+0x42
00dbf208 75761fce 00dbf27c 00000000 00000000 COMSVCS!ComSvcsExceptionFilter+0xa1
00dbf218 7725673c 000ae498 00dbf27c c0000005 COMSVCS!CContext::ServerException+0xd
    NOTE: The first parameter of COMSVCS!ComSvcsExceptionFilter (00dbf27c in this case) is a pointer to an EXCEPTION_POINTERS structure.

  4. Dump the first two elements (8 bytes) of this structure. These two elements contain a pointer to an EXCEPTION_RECORD structure and a pointer to a CONTEXT.
    0:017> dd 00dbf27c L2
00dbf27c  00dbf36c 00dbf388
  5. Execute the .exr and the .cxr commands to dump the exception and the context records respectively. The .cxr command sets the register context to this context record.
    0:017> .exr 00dbf36c 
ExceptionAddress: 10007d72 (DoBadStuff!CCNaughty::AV+0x00000042)
   ExceptionCode: c0000005
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 00000001
   Parameter[1]: 014d52af
Attempt to write to address 014d52af<BR/>

0:017> .cxr 00dbf388
eax=00963e90 ebx=00dbfad8 ecx=00963e90 edx=00963e90 esi=00dbf6d0 edi=00dbf6a8
eip=10007d72 esp=00dbf654 ebp=00dbf6a8 iopl=0         nv up ei pl nz na pe nc
cs=001b  ss=0023  ds=0023  es=0023  fs=0038  gs=0000             efl=00010202
DoBadStuff!CCNaughty::AV+42:
10007d72 c6811f14b70065   mov     byte ptr [ecx+0xb7141f],0x65
  6. Use the kb command to display the stack trace for the faulting thread:
    0:017> kb
  *** Stack trace for last set context - .thread/.cxr resets it
ChildEBP RetAddr  Args to Child              
00dbf6a8 77cc2f58 009627f8 02020202 00000001 DoBadStuff!CCNaughty::AV+0x42
00dbf6c0 77d281a5 100012e9 00dbf6d4 00000001 RPCRT4!Invoke+0x30
00dbfaa0 77d28d3e 000b1b08 000b57ac 00098628 RPCRT4!NdrStubCall2+0x1fb
00dbfaf8 7713bb3d 000b1b08 00098628 000b57ac RPCRT4!CStdStubBuffer_Invoke+0x3f
00dbfb58 772aec81 00098628 000a9508 000ac4a8 OLEAUT32!CUnivStubWrapper::Invoke+0xe1
00dbfe84 77d7c076 77d5b720 00000000 00dbfef4 ole32!StubInvoke+0xa5
00dbfee4 77d7c076 77d5b730 ffffffff 00dbff2c USER32!__except_handler3
00dbffa4 77c33eaf 77c140c8 00000000 00dbffec USER32!__except_handler3
00dbffdc 77e9bb85 77e95b80 00000000 00000000 msvcrt!__except_handler2+0xb7
ffffffff 00000000 00000000 00000000 00000000 kernel32!CreateDBWinMutex+0x1d7

REFERENCES

For more information, see the following Microsoft Web sites:

Windows XP: Make your components more robust with COM+ 1.5 innovations
http://msdn.microsoft.com/msdnmag/issues/01/08/ComXP/default.aspx

IComAdminCatalog2::DumpApplicationInstance
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cossdk/htm/icomadmincatalog2_0mqt.asp

EXCEPTION_POINTERS
http://msdn.microsoft.com/library/en-us/debug/base/exception_pointers_str.asp

EXCEPTION_RECORD
http://msdn.microsoft.com/library/en-us/debug/base/exception_record_str.asp

CONTEXT
http://msdn.microsoft.com/library/en-us/debug/base/context_str.asp

Modification Type:MajorLast Reviewed:11/8/2005
Keywords:kbhowto KB317317
©2004 Microsoft Corporation. All rights reserved.