Microsoft KB Archive/317317

= How to find the faulting stack in a process dump file that COM+ obtains =

Article ID: 317317

Article Last Modified on 12/5/2007

-

APPLIES TO


 * Microsoft COM+ 1.5

-



This article was previously published under Q317317



SUMMARY
This article describes how to use the new COM+ Process Dump feature. With this feature, you can obtain automatic memory dumps on a COM+ FailFast, which is the internal error handling feature in COM+. This article describes how you can locate the access violation that may trigger such a dump.



MORE INFORMATION
The example in this article uses a .dll file named DoBadStuff, a class named CNaughty, and a method named AV. To create an access violation and to trigger a COM+ Process Dump, follow these steps:  Open the dump file in a debugger such as Windbg.exe. Type the command ~*kb 400 .  Find the call stack that has this structure: ChildEBP RetAddr Args to Child 00dbe7f0 77f7f4af 77e7788b 000001a0 00000000 SharedUserData!SystemCallStub+0x4 00dbe7f4 77e7788b 000001a0 00000000 00000000 ntdll!ZwWaitForSingleObject+0xc 00dbe858 77e79d6a 000001a0 ffffffff 00000000 kernel32!WaitForSingleObjectEx+0xa8 00dbe868 757bb368 000001a0 ffffffff 757f15d0 kernel32!WaitForSingleObject+0xf 00dbecec 757bb663 757f1868 757f187c 000009fc COMSVCS!FF_RunCmd+0x7b 00dbefac 757bb6d5 00dbefc0 00000001 00000001 COMSVCS!FF_DumpProcess_MD+0x1a3 00dbf1ec 757bb998 7574c2f9 00000001 00085558 COMSVCS!FF_DumpProcess+0x2f 00dbf1f0 7574c2f9 00000001 00085558 771be20c COMSVCS!FailFast+0x42 00dbf208 75761fce 00dbf27c 00000000 00000000 COMSVCS!ComSvcsExceptionFilter+0xa1 00dbf218 7725673c 000ae498 00dbf27c c0000005 COMSVCS!CContext::ServerException+0xd NOTE: The first parameter of COMSVCS!ComSvcsExceptionFilter (00dbf27c in this case) is a pointer to an EXCEPTION_POINTERS structure.

  Dump the first two elements (8 bytes) of this structure. These two elements contain a pointer to an EXCEPTION_RECORD structure and a pointer to a CONTEXT. 0:017> dd 00dbf27c L2 00dbf27c 00dbf36c 00dbf388   Execute the .exr and the .cxr commands to dump the exception and the context records respectively. The .cxr command sets the register context to this context record. 0:017> .exr 00dbf36c ExceptionAddress: 10007d72 (DoBadStuff!CCNaughty::AV+0x00000042) ExceptionCode: c0000005 ExceptionFlags: 00000000 NumberParameters: 2 Parameter[0]: 00000001 Parameter[1]: 014d52af Attempt to write to address 014d52af<BR/>

0:017> .cxr 00dbf388 eax=00963e90 ebx=00dbfad8 ecx=00963e90 edx=00963e90 esi=00dbf6d0 edi=00dbf6a8 eip=10007d72 esp=00dbf654 ebp=00dbf6a8 iopl=0        nv up ei pl nz na pe nc cs=001b  ss=0023  ds=0023  es=0023  fs=0038  gs=0000             efl=00010202 DoBadStuff!CCNaughty::AV+42: 10007d72 c6811f14b70065  mov     byte ptr [ecx+0xb7141f],0x65 </li>  Use the kb command to display the stack trace for the faulting thread: <pre class="fixed_text">0:017> kb *** Stack trace for last set context - .thread/.cxr resets it ChildEBP RetAddr  Args to Child 00dbf6a8 77cc2f58 009627f8 02020202 00000001 DoBadStuff!CCNaughty::AV+0x42 00dbf6c0 77d281a5 100012e9 00dbf6d4 00000001 RPCRT4!Invoke+0x30 00dbfaa0 77d28d3e 000b1b08 000b57ac 00098628 RPCRT4!NdrStubCall2+0x1fb 00dbfaf8 7713bb3d 000b1b08 00098628 000b57ac RPCRT4!CStdStubBuffer_Invoke+0x3f 00dbfb58 772aec81 00098628 000a9508 000ac4a8 OLEAUT32!CUnivStubWrapper::Invoke+0xe1 00dbfe84 77d7c076 77d5b720 00000000 00dbfef4 ole32!StubInvoke+0xa5 00dbfee4 77d7c076 77d5b730 ffffffff 00dbff2c USER32!__except_handler3 00dbffa4 77c33eaf 77c140c8 00000000 00dbffec USER32!__except_handler3 00dbffdc 77e9bb85 77e95b80 00000000 00000000 msvcrt!__except_handler2+0xb7 ffffffff 00000000 00000000 00000000 00000000 kernel32!CreateDBWinMutex+0x1d7 </li></ol>

<div class="references_section">