环境是Vistal ultimate+IE7,最近上csdn或者news.sina.com.cn,打开N个窗口后,IE突然就崩溃了,然后自动重新启动,甚是郁闷。
于是打开adplus,抓之:
adplus -crash -pn iexplore.exe -o d:\dumps
到了CSDN社区,看了两个帖子,哈哈,adplus开始create dump了。一会功夫,一共抓到了三个,分别是1st Chance AV mini,1st Chance Proc Shutdown,2nd Chance AV。
打开三个dump,1st Proc Shudown里面啥都没有,直接ret了,打开另外两个AV的。哦,看到东西了。
This dump file has an exception of interest stored in it.
The stored exception information can be accessed via .ecxr.
(ff0.158): Access violation - code c0000005 (first/second chance not available)
eax=6ee500c2 ebx=00000000 ecx=0a10ef08 edx=0a10ef14 esi=1000ea7c edi=0782d1c0
eip=8bffdb10 esp=0a10eeec ebp=0a10ef0c iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246
8bffdb10 ?? ???
kb一下之后,看到这些:
0:019> kb 2000
ChildEBP RetAddr Args to Child
WARNING: Frame IP not in any known module. Following frames may be wrong.
0a10eee8 10003e1f 0782d1c0 1000ea7c 0a10ef08 0x8bffdb10
0a10ef0c 10003d46 0a94edc8 0a10f108 00dabd80 Jccatch!DllGetClassObject+0x28fc
0a10ef2c 100034c0 0a880d20 00dabd88 0a10f014 Jccatch!DllGetClassObject+0x2823
0a10ef60 705fecc2 0a880d20 00000103 70622ff4 Jccatch!DllGetClassObject+0x1f9d
0a10ef94 70624095 00dabd88 0a10f014 0a10f014 ieframe!EnumInvokeCallback+0x3c
0a10efb8 7062401a 00dabd88 0a10eff0 70623004 ieframe!EnumConnectionPointSinks+0x6c
0a10f004 70624af7 00122a84 0a10f014 00000003 ieframe!IConnectionPoint_InvokeIndirect+0x80
0a10f044 70624b7f 00122a84 00000103 0a10f108 ieframe!IConnectionPoint_InvokeWithCancel+0x3a
0a10f11c 70625069 0a905af0 00122a84 00000000 ieframe!DoInvokeParamHelper+0x8b
0a10f174 705f43d3 0a905af0 0a905af0 039cf310 ieframe!FireEvent_DocumentComplete+0xc2
0a10f194 705f4348 059c2620 039cf310 0a850bc0 ieframe!CBaseBrowser2::_FireDocumentComplete+0x46
0a10f1bc 6ebb8381 059c267c 0a850bc0 00000002 ieframe!CBaseBrowser2::FireDocumentComplete+0x52
0a10f1f0 6ebb3e49 00000000 0a9558ec 6ec05988 mshtml!CWebOCEvents::DocumentComplete+0x102
0a10f260 6eba036d 0a94edc8 0a94edd8 07800168 mshtml!CMarkup::OnLoadStatusDone+0x248
0a10f274 6ebb82ea 00000004 0a10f6f4 0000009d mshtml!CMarkup::OnLoadStatus+0x4c
0a10f6bc 6ebefdd7 0a62b500 00000000 0a10f700 mshtml!CProgSink::DoUpdate+0x533
0a10f6cc 6ec07a4a 0a62b500 0a62b500 00000000 mshtml!CProgSink::OnMethodCall+0xf
0a10f700 6ec014f2 0a10f79c 00008002 00000000 mshtml!GlobalWndOnMethodCall+0x101
0a10f720 75e81a10 0009066c 00000e5e 00000000 mshtml!GlobalWndProc+0x181
0a10f74c 75e81ae8 6ec01441 0009066c 00008002 user32!InternalCallWinProc+0x23
0a10f7c4 75e82a47 000b02c4 6ec01441 0009066c user32!UserCallWinProcCheckWow+0x14b
0a10f828 75e82a98 6ec01441 00000000 0a10f8a0 user32!DispatchMessageWorker+0x322
0a10f838 705fe5db 0a10f850 00000000 00000000 user32!DispatchMessageW+0xf
0a10f8a0 77303833 07753a58 0a10f8ec 775da9bd ieframe!CTabWindow::_TabWindowThreadProc+0x189
0a10f8ac 775da9bd 07618580 0a10680a 00000000 kernel32!BaseThreadInitThunk+0xe
0a10f8ec 00000000 705fe3a4 07618580 00000000 ntdll!_RtlUserThreadStart+0x23
ooh,jccatch!于是打开IE,tools-Managed Addin,看到了jccatch正在enabled。disable之后,貌似没有问题了。继续观察之………………(jccatch是jetcar就是网际快车的东西)
某个牛人说过,即使啥也不懂,用windbg也能看到系统的哪个dll出错了,:)
打印 | 张贴于 2006-12-08 12:40:00 | Tag:Solution
留言反馈
!for_each_module !chkimg -d @#ModuleName
or !chkimg -d ntdll
or !chkimg -d kernel32
or !chkimg -d advapi32
or !chkimg -d ws2_32
最近我的系统,经常遇到类似foobar2000,一播放歌曲就crash掉了
另外,IE7是不是也有对应的pdb了?
去掉"好像",我顶你!
肯定解决
费这个劲...
可是,能把斜体改成普通的字体么?看了好难受。