I've got a crash in our app which I can't debug as one of our partners has seen fit to use truly horrible 'CodeMeter' to encrypt their DLL. CodeMeter licensing prevents all attempts to debug an app containing a CodeMeter encrypted DLL and even seems to cause MiniDumpWriteDump called from an unhandled exception filter to fail (this technique works without this DLL loaded). The crash only happens when the encrypted DLL is loaded into the process.
I'm going mad trying to debug this and establish whether it's the encrypted DLL that's crashing, and if so how I can provide adequate diagnostic information to our partner to solve this.
Any suggestions - perhaps some manual stack and module walking code I could call from my unhandled exception filter?
Does CodeMeter have build settings that will allow our partner to produce a build that is still encrypted and licensed but doesn't sabotage debugging so aggressively?
Just to be clear in case there's any doubt, I'm not trying to hack the licensing, just diagnose this crash.
I've used some stack walking code that works well that can be called from an SEH or unhandled exception filter by passing in the CONTEXT record passed to the exception filter.
The addresses in the stack and the potential addresses in the first few exception parameters can be interpreted using SymFromAddr in DbgHelp including the module handle. Add to that a log of the module file names and module handles for interpreting which DLLs the stack addresses relate to.
This particular crash was a Visual C++ exception. The type of the exception is revealed by looking up the address of one of the exception parameters using SymFromAddr.
Raymond Chen's blog has some code for finding the type of a Visual C++ exception from the exception parameters but I couldn't get this to work for me for some reason (probably my own error).
Related
So, I've got a small console app and I've used Fody/Costura to embed all referenced dlls into it
So far so good.
The docs for Costura says that it'll also embed the PDBs into the exe, and it appears to do that.
BUT...
If I force an exception in the app and check the stack trace, the method names are there, but there is no line number information in the stack frames, which leads me to believe that iether the embedding didn't actually work, or that .net is not picking up the embedded PDB when a fault occurs and the stack trace is rendered.
Anyone have any ideas if this is even supposed to work the way I'm imagining it should?
I am not a programmer. I have some software at work that keeps crashing on me. I used the Visual Studio debugger last time it crashed and found out it was unhandled exceptions.
The first unhandled exception is at 0x0048ADF0 in Cyclone.exe and is an Access violation writing to location 0x00000003.
My research leads me to understand that this is the program trying to write to memory that the process doesn't have permission to.
When running the debug in Visual Studio, after the access violation exception there is a long list of Unhandled exceptions similar to this "...at 0x776C016E (ntdll.dll) in Cyclone.exe: 0x00000000: The operation completed successfully." with different addresses.
Is there any way I can fix this without being a programmer? Some sort of modification to the app files or settings, or a tutorial or something.
No, there is no way. It's not different from asking if you can drive a car without knowing anything about driving.
Sounds like you need to report the problem to the person or company who provided it. What you need to do, however, is give them enough information to understand the problem and fix it. This includes:
what version of their program are you running
which computer operating system (e.g. Windows) and which version (e.g. 7)
precisely what steps you have to take to make the error occur
whether you have changed anything recently, e.g. by installing Windows Updates or changing your anti-virus protection
precise details of any error messages you see, ideally by copy/paste or by providing a screenshot of the erro
anything else you think might help them to help you
Be prepared for them to ask you additional questions, or try some tests to help figure out the cause and a way to solve it.
Your research sounds about right but I don't think there is much anyone here can do to help (unless they happen to work on the application).
Your best bet would be to look for a "Help" or an "About" screen and contact the people who wrote it with this information
Let me state upfront that I truly appreciate any assistance on this issue.
I have a C# (2.0) application. This is relatively simple application that executes stored procedures based on an XML file that is passed as a command line parameter.
We use it as a tool to call different stored procedures. This application does some logging and for the most part works very well.
The application reads the stored procedure name and parameters from an XML file. It sets up a connection string and SQL Command object (System.Data.SqlClient.SqlCommand).
Then it runs the stored procedure with the ExecuteReader method.
Unfortunately on a handful of occasions this application has generated the following error:
“Application popup: StoredProcLauncher.exe - Application Error : The instruction
at "0x7c82c912" referenced memory at "0x00000000". The memory could not be "read”
This error has appeared on multiple servers so it must be a code issue.
It seems that when our production server rolls a certain number it belches out this memory error.
The problem is I don’t see this issue on development. I can’t replicate it so I’m stuck.
Is there any way to simulate this error. Can I fill up the memory on my local PC somehow to attempt to replicate this error?
Does anyone know some common coding issues that might result in an error like this?
Does anyone have some rope I can borrow?
One way to do this is to wrap the offending code in a try catch block and writing the stack trace and error message to the windows application event log, text file, email, etc.
This will give you some line numbers and additional information.
Also note, you may need to deploy this in debug mode or at least copy the .pdb file with the application exe/dll so it can get the debug symbols. Can't remember off the top of my head how that works, but I think when you deploy in release mode you may loose some valuable debug information.
The instruction at "0x7c82c912" referenced memory at "0x00000000"
This is an access violation:
An access violation occurs in unmanaged or unsafe code when the code attempts to read or write to memory that has not been allocated, or to which it does not have access. This usually occurs because a pointer has a bad value.
Why does your program have unmanaged/unsafe code? For doing what you described it needs no native code.
Alas, the code crashes and now is not the time to wonder how is ending up calling native code. To solve the issue you're going to have to catch a dump and analyze the dump. See Capturing Application Crash Dumps. There are tools that specialize in this, like breakpad. there are also services that can help you collect and track crashes generated from your app, like crittercism.com or AirBrake. I even created one for myself and made it public bugcollect.com.
When I launch my WPF application and when it goes to InitializeComponent function call of one user control, it silently quits and only leaves one message in the output window saying Managed (v4.0.30319)' has exited with code -1073740771 (0xc000041d). When I say "silently", I mean there is no exception is caught even if I wrap this InitializeComponent call with a try-catch block (that's how I normally find where the problem is)
Here is what I did: in this application project we need to use a reference Microsoft.Office.Interop.Owc.dll, with version number 10.0.4504.0. Since it is an interop library, when I added this reference in VS2012, it automatically sets the property Embedded Interop Types as true, which I assume means it will not keep an individual dll in the output folder but instead embed this library into the main output (at least this is how it seems in our other references, for example, Microsoft.Office.Interop.Outlook.dll). However, when I launch the project, it throws an XamlParseException saying:
"Could not load file or assembly 'Microsoft.Office.Interop.Owc, Version=10.0.4504.0,
Culture=neutral, PublicKeyToken=31bf3856ad364e35' or one of its dependencies. The system
cannot find the file specified.":"Microsoft.Office.Interop.Owc, Version=10.0.4504.0,
Culture=neutral, PublicKeyToken=31bf3856ad364e35""
It seems that the reference was not embedded(or the version is not currect. But I verified that the reference version is indeed 10.0.4504.0)
Next I copied this dll directly to the output folder bin\Debug\, to make sure that it can find this library. This time the exception is not thrown, but the whole application just silently quits as I described in the beginning. I tried to google the code -1073740771 (0xc000041d) but there is no article about it. I tried to set the Embedded Interop Types to true/false but the problem is the same.
UPDATE:
I'd like to add more description here. As mentioned above, the problematic library is OWC(Office Web Component)10. I followed this link to make OWC work with VB.NET desktop application: HOW TO: Handle Events for the Office Web Components in Visual Studio .NET. But this official article is so old so I had to make a lot of changes to compile the wrapper dll(mainly because of namespace mismatch). Then when I add the reference to the actual interop library Microsoft.Office.Interop.Owc, if I follow the default setting and let the Embedded Interop Types as True, at runtime it will complain (throw a XamlParseException) that the assembly cannot be loaded (see description above). What the hell? I thought make it as "embedded" would guarantee this library will be found. Then I copy this dll to the output folder, then I have this silently quit problem. But it might be worth mentioning that this time the output window shows the Microsoft.Office.Interop.Owc.dll is indeed loaded. Actually it is the last message before the managed has exited message. So it must still relate to this library.
All of this only happens with OWC10. There is actually a similar way to do that in OWC11(the latest, but unfortunately still pretty old version since it came with Office2003): HOW TO: Handle Events for the Office 2003 Web Components in Visual Studio .NET. But it actually works and the control is displayed on my application. It is because of some other reason that I wanted to try OWC10 instead of OWC11
When I launch my WPF application and when it goes to InitializeComponent function call of one user >control, it silently quits and only leaves one message in the output window saying Managed
(v4.0.30319)' has exited with code -1073740771 (0xc000041d). When I say "silently", I mean there is >no exception is caught even if I wrap this InitializeComponent call with a try-catch block (that's >how I normally find where the problem is)
Next I copied this dll directly to the output folder bin\Debug\, to make sure that it can find this >library. This time the exception is not thrown, but the whole application just silently quits as I >described in the beginning. I tried to google the code -1073740771 (0xc000041d) but there is no >article about it. I tried to set the Embedded Interop Types to true/false but the problem is the >same.
I had exactly the same thing happening to me today, "has exited with code -1073740771 (0xc000041d)." (This happened in both a VB and C# .NET WinForms application for me). I tried debugging and saw I never even got into the Form_Load code block.
I "solved" this in the end by running visual studio as an administrator (and then just opening & building and running the project via the menu).
This is a win8 security issue and it isn't well explained anywhere.
(I got distracted and just opened up a specific project straight out of my task bar/solution file which caused this to happen to me).
You've probably found this out by yourself by now, hope you didn't lose any hair over it :)
Just pointing this out for other people who might have this error occuring somewhere.
Also had this issue, the 'silent' exit with code -1073740771 (0xc000041d) on x64 platforms, on x86 platforms everything was OK.
Part of my application is unmanaged C++, another part is C#. It turned out that my C++ code was not completely ready for the x64 platform. The following change fixed the issue in my case:
// before
g_OrigWndProc = reinterpret_cast<WNDPROC>(::SetWindowLongPtr(hWnd, GWLP_WNDPROC,
reinterpret_cast<LONG>(WindowProc)));
// fixed version
g_OrigWndProc = reinterpret_cast<WNDPROC>(::SetWindowLongPtr(hWnd, GWLP_WNDPROC,
reinterpret_cast<LONG_PTR>(WindowProc)));
So, the generic recommendation is to verify that your code is completely ready for the x64 platform.
I have a WinForms application in which I want to be able to provide an HTML editing feature. So I've translated Lutz Roeder's HTML Writer from C# into VB.NET, and converted it from a windows form into a Custom User Control, which is now hosted in an MDI child form.
It all works fine until I close the parent MDI, in which case it crashes, and I cannot trap the exception.
I've isolated the editor control into a little vanilla WinForms app that doesn't do anything else, and verified that the problem still occurs.
I've also switched on Unmanaged Code Debugging (I'm using VS2010, compiling for x86 and Framework 3.5), and all I get is this:
Windows has triggered a breakpoint in HtmlEditorMdi.exe.
This may be due to a corruption of the heap, which indicates a bug in HtmlEditorMdi.exe or any of the DLLs it has loaded.
This may also be due to the user pressing F12 while HtmlEditorMdi.exe has focus.
The output window may have more diagnostic information.
The only thing other thing I've noticed is that if I leave a long interval after opening the form containing the editor, it doesn't crash.
What I'd really appreciate is some ideas about how to go looking for this problem. It may be of course that I've made a mistake in the C# to VB conversion, but I'm struggling to know where to look.
Edit:
I've run the app with the debugger attached, and it doesn't give me anything useful.
All I get is the Windows 'Application has stopped working' message, with this in the problem details:
Problem signature:
Problem Event Name: APPCRASH
Application Name: HtmlEditorMdi.exe
Application Version: 1.0.0.0
Application Timestamp: 4cfb74c7
Fault Module Name: mscorwks.dll
Fault Module Version: 2.0.50727.4952
Fault Module Timestamp: 4bebd49a
Exception Code: c0000005
Exception Offset: 000022b5
OS Version: 6.1.7600.2.0.0.256.1
Locale ID: 2057
Additional Information 1: 0a9e
Additional Information 2: 0a9e372d3b4ad19135b953a78882e789
Additional Information 3: 0a9e
Additional Information 4: 0a9e372d3b4ad19135b953a78882e789
I can see that it's an access violation, but even if I go Debug > Exceptions > Win32 Exceptions, and tick c0000005, I don't get anything useful when it breaks - just 'no source available'.
The first message you quoted is produced by the Windows heap manager when it discovers that the internal heap structure is destroyed. It displays that diagnostic when it sees that a debugger is attached. The 2nd quoted block is what happens when it bypasses the diagnostic (no debugger attached), it bombs on a hardware exception when it tries to release memory in the corrupted heap anyway.
The trouble with heap corruption is that the real damage is done a long time before the diagnostic is generated. You can see a stack trace leading up to the diagnostic in the Call Stack window, you'll need to enable the Microsoft symbol server to get meaningful symbols for the Windows functions. But it won't tell you anything useful about the code that really caused the damage, that requires a time machine.
This kind of heap corruption is invariably caused by unmanaged code. The AccessViolation exception is a well known scourge to C/C++ programmers and a very large reason why managed code became popular. While Lutz' source code is all managed, it contains a lot of P/Invoke and COM interface declarations. There is no good way to debug them, you don't have the source code.
Getting one of those declarations subtly wrong when you converted them to VB.NET is certainly one way this could happen. It could also well be that the bug was always there but reared its ugly head just now. Lucky you. Btw, I don't think the code is 64-bit clean, force it to run in 32-mode for a possible quick fix. For your main EXE project: Project + Properties, Compile tab, scroll down, Advanced Compile Options, Target CPU = x86. This is only relevant if you run on a 64-bit version of Windows.
Other than that, I'd recommend you just use the C# project as-is. Mixing languages in a solution is a very well supported scenario in .NET.
The windbg debugger is the "big gun" for this sort of problem. It can frequently give you clues by telling you about handled exceptions etc. The only problem with it is that it's not easy to use and has a very high learning curve.