a strange crash problem

EDN Admin

EDN Admin

Well-known member
Joined
Aug 7, 2010
Messages
12,794
Location
In the Machine
OK, our company has developed a windows client program, and im in charge of fixing program crashes which are collected via a crash dump program.
Today, i find a strange crash problem, the assemble code fragment as following:


<div style="color:Black;background-color:White; <pre>
std::_Tree<std::_Tmap_traits<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> >,cardInfoStruct,std::less<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > >,std::allocator<std::pair<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > <span style="color:Blue; const ,cardInfoStruct> >,0> >::_Tree<std::_Tmap_traits<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> >,cardInfoStruct,std::less<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > >,std::allocator<std::pair<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > <span style="color:Blue; const ,cardInfoStruct> >,0> >:
00FF9D18 6A 08 push 8
00FF9D1A B0 88 mov al,88h
00FF9D1C 05 2B 01 E8 78 add eax,78E8012Bh
00FF9D21 A5 movs dword ptr es:[edi],dword ptr [esi]
00FF9D22 12 00 adc al,byte ptr [eax]
00FF9D24 8B F1 mov esi,ecx
00FF9D26 89 75 F0 mov dword ptr [ebp-10h],esi
00FF9D29 51 push ecx
00FF9D2A 81 65 EC 89 65 EC FF and dword ptr [ebp-14h],0FFEC6589h
00FF9D31 75 08 jne std::_Tree<std::_Tmap_traits<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> >,cardInfoStruct,std::less<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > >,std::allocator<std::pair<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > <span style="color:Blue; const ,cardInfoStruct> >,0> >::_Tree<std::_Tmap_traits<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> >,cardInfoStruct,std::less<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > >,std::allocator<std::pair<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > <span style="color:Blue; const ,cardInfoStruct> >,0> >+23h (0FF9D3Bh)
00FF9D33 E8 31 A6 21 00 call std::_Tree_val<std::_Tmap_traits<<span style="color:Blue; unsigned <span style="color:Blue; int,MSN::P2PPacketV1,std::less<<span style="color:Blue; unsigned <span style="color:Blue; int>,std::allocator<std::pair<<span style="color:Blue; unsigned <span style="color:Blue; int <span style="color:Blue; const ,MSN::P2PPacketV1> >,0> >::_Tree_val<std::_Tmap_traits<<span style="color:Blue; unsigned <span style="color:Blue; int,MSN::P2PPacketV1,std::less<<span style="color:Blue; unsigned <span style="color:Blue; int>,std::allocator<std::pair<<span style="color:Blue; unsigned <span style="color:Blue; int <span style="color:Blue; const ,MSN::P2PPacketV1> >,0> > (1214369h)
00FF9D38 83 65 F4 00 and dword ptr [ebp-0Ch],0
00FF9D3C 8B CE mov ecx,esi
00FF9D3E E8 44 FB FF FF call std::_Tree<std::_Tmap_traits<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> >,cardInfoStruct,std::less<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > >,std::allocator<std::pair<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > <span style="color:Blue; const ,cardInfoStruct> >,0> >::_Init (0FF9887h)
00FF9D43 8B C6 mov eax,esi
00FF9D45 E8 2A A6 12 00 call _EH_epilog3 (1124374h)
00FF9D4A C2 08 00 ret 8

[/code]
<div style="color:Black;background-color:White; <pre>
<span style=<span style="color:#A31515; "white-space:normal"><br/>
[/code]
<div style="color:Black;background-color:White; <pre>
<span style=<span style="color:#A31515; "white-space:normal">it seems a little bit messy, but you can see that it is abnormal to add 78E8012Bh to eax(line 2) and then load <span style="color:Blue; value from memory eax point to(line 5).
[/code]
<div style="color:Black;background-color:White; <pre>
so i run the program, checking the same code segment as following:
[/code]
<div style="color:Black;background-color:White; <pre>
<br/>
[/code]
<div style="color:Black;background-color:White; <pre>
std::_Tree<std::_Tmap_traits<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> >,cardInfoStruct,std::less<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > >,std::allocator<std::pair<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > <span style="color:Blue; const ,cardInfoStruct> >,0> >::_Tree<std::_Tmap_traits<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> >,cardInfoStruct,std::less<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > >,std::allocator<std::pair<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > <span style="color:Blue; const ,cardInfoStruct> >,0> >:
00EC92A1 6A 08 push 8
00EC92A3 B8 0B 5B 18 01 mov eax,offset
00EC92A8 E8 8F 9A 12 00 call _EH_prolog3 (0FF2D3Ch)
00EC92AD 8B F1 mov esi,ecx
00EC92AF 89 75 F0 mov dword ptr [ebp-10h],esi
00EC92B2 51 push ecx
00EC92B3 89 65 EC mov dword ptr [ebp-14h],esp
00EC92B6 89 65 EC mov dword ptr [ebp-14h],esp
00EC92B9 FF 75 08 push dword ptr [ebp+8]
00EC92BC E8 AE B2 FC FF call std::_Tree_val<std::_Tmap_traits<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> >,boost::shared_ptr<MSNContact>,std::less<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > >,std::allocator<std::pair<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > <span style="color:Blue; const ,boost::shared_ptr<MSNContact> > >,0> >::_Tree_val<std::_Tmap_traits<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> >,boost::shared_ptr<MSNContact>,std::less<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > >,std::allocator<std::pair<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > <span style="color:Blue; const ,boost::shared_ptr<MSNContact> > >,0> > (0E9456Fh)
00EC92C1 83 65 FC 00 and dword ptr [ebp-4],0
00EC92C5 8B CE mov ecx,esi
00EC92C7 E8 CE FA FF FF call std::_Tree<std::_Tmap_traits<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> >,cardInfoStruct,std::less<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > >,std::allocator<std::pair<std::basic_string<<span style="color:Blue; char,std::char_traits<<span style="color:Blue; char>,std::allocator<<span style="color:Blue; char> > <span style="color:Blue; const ,cardInfoStruct> >,0> >::_Init (0EC8D9Ah)
00EC92CC 8B C6 mov eax,esi
00EC92CE E8 41 9B 12 00 call _EH_epilog3 (0FF2E14h)
00EC92D3 C2 08 00 ret 8
[/code]
<div style="color:Black;background-color:White; <pre>
<br/>
[/code]
<div style="color:Black;background-color:White; <pre>
you can see the difference between two code segments. my question is: how can the code bytes changed during execution?
[/code]


View the full article
 

Similar threads

J
Exporting std::string from a DLL does not export std::string::npos
Replies
0
Views
71
jfranzoy
J
S
Windows 7 Windows 7 - 32 Bit BSOD
Replies
0
Views
251
SC2317
S
R
Getting crash when calling CallWindowProc() function in Migration from VS6.0 to VS2015
Replies
0
Views
88
Ramanji Keerthi
R
EDN Admin
Exporting std::string from a DLL does not export std::string::npos
Replies
0
Views
208
EDN Admin
EDN Admin
EDN Admin
Optimizer code gen bug in VC2012
Replies
0
Views
94
EDN Admin
EDN Admin
Back
Top