Debugging PDF-XChange Viewer - Symbols needed

[panny]

Hi there all,

since I have problems running my PDF-XChange Viewer but really like to make it work I decided on debugging the application. I downloaded Windbg and created a user crash dump file with Dr. Watson from Windows. You can download the dump file here (~13 MB, please click Cliquez ici pour télécharger Dr Watson.7z
). I'm not an expert and barely understand the output at all but I hope to find some hints. The output is at the end. What I need now is the symbols package for PDF-XChange Viewer:

Code: Select all

*** ERROR: Module load completed but symbols could not be loaded for PDFXCview.exe
PEB at 7ffdf000
*************************************************************************
***                                                                   ***
***                                                                   ***
***    Your debugger is not using the correct symbols                 ***
***                                                                   ***
***    In order for this command to work properly, your symbol path   ***
***    must point to .pdb files that have full type information.      ***
***                                                                   ***
***    Certain .pdb files (such as the public OS symbols) do not      ***
***    contain the required information.  Contact the group that      ***
***    provided you with these symbols if you need this command to    ***
***    work.                                                          ***
***                                                                   ***
***    Type referenced: ntdll!_PEB                                    ***
***                                                                   ***
*************************************************************************
error 3 InitTypeRead( nt!_PEB at 7ffdf000)...
Finished dump check

can you help with that, please?

cheers,
panny

Output:

Code: Select all

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.


Loading Dump File [C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson\user.dmp]
User Mini Dump File with Full Memory: Only application data is available

Comment: 'Dr. Watson generated MiniDump'
WARNING: Inaccessible path: 'c:\windows\i386'
Symbol search path is: srv*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: c:\windows\i386
Windows XP Version 2600 (Service Pack 3) UP Free x86 compatible
Product: WinNt, suite: SingleUserTS
Machine Name:
Debug session time: Mon Jul 11 10:43:17.000 2011 (UTC + 2:00)
System Uptime: 0 days 3:54:20.401
Process Uptime: 0 days 0:01:38.000
.........................................
Loading unloaded module list
.......
This dump file has an exception of interest stored in it.
The stored exception information can be accessed via .ecxr.
(cd0.518): Access violation - code c0000005 (first/second chance not available)
eax=00000000 ebx=0216a4c4 ecx=031dfe34 edx=01ebc388 esi=00d8783c edi=00000000
eip=00000000 esp=031dfe3c ebp=00000001 iopl=0         nv up ei pl nz na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000202
00000000 ??              ???
0:006> !analyze -show
Error code: 0x0 - The operation completed successfully.
0:006> !analyze -v
*******************************************************************************
*                                                                             *
*                        Exception Analysis                                   *
*                                                                             *
*******************************************************************************

GetPageUrlData failed, server returned HTTP status 404
URL requested: http://watson.microsoft.com/StageOne/PDFXCview_exe/2_5_197_0/unknown/0_0_0_0/00000000.htm?Retriage=1

FAULTING_IP: 
+c2107
00000000 ??              ???

EXCEPTION_RECORD:  ffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 00000000
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 00000000
   Parameter[1]: 00000000
Attempt to read from address 00000000

DEFAULT_BUCKET_ID:  NULL_INSTRUCTION_PTR

PROCESS_NAME:  PDFXCview.exe

ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - The instruction at "0x%08lx" referenced memory at "0x%08lx". The memory could not be "%s".

EXCEPTION_PARAMETER1:  00000000

EXCEPTION_PARAMETER2:  00000000

READ_ADDRESS:  00000000 

FOLLOWUP_IP: 
PDFXCview+c2107
004c2107 53              push    ebx

FAILED_INSTRUCTION_ADDRESS: 
+1712faf009ddf58
00000000 ??              ???

MOD_LIST: <ANALYSIS/>

NTGLOBALFLAG:  0

APPLICATION_VERIFIER_FLAGS:  0

FAULTING_THREAD:  00000518

PRIMARY_PROBLEM_CLASS:  NULL_INSTRUCTION_PTR

BUGCHECK_STR:  APPLICATION_FAULT_NULL_INSTRUCTION_PTR_NULL_POINTER_READ

LAST_CONTROL_TRANSFER:  from 004c2107 to 00000000

STACK_TEXT:  
WARNING: Frame IP not in any known module. Following frames may be wrong.
031dfe38 004c2107 01d33f1c 00008000 00000002 0x0
031dfe54 004c21cc 031dfe70 77f17a88 02a1e180 PDFXCview+0xc2107
031dfe5c 77f17a88 02a1e180 031dffa8 02a1e180 PDFXCview+0xc21cc
031dfe70 00000000 00000690 804e399c 0003a4d0 gdi32!ExtSelectClipRgn+0x25f


SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  PDFXCview+c2107

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: PDFXCview

IMAGE_NAME:  PDFXCview.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4e1743f3

STACK_COMMAND:  dt ntdll!LdrpLastDllInitializer BaseDllName ; dt ntdll!LdrpFailureData ; ~6s; .ecxr ; kb

FAILURE_BUCKET_ID:  NULL_INSTRUCTION_PTR_c0000005_PDFXCview.exe!Unknown

BUCKET_ID:  APPLICATION_FAULT_NULL_INSTRUCTION_PTR_NULL_POINTER_READ_NULL_IP_PDFXCview+c2107

WATSON_STAGEONE_URL:  http://watson.microsoft.com/StageOne/PDFXCview_exe/2_5_197_0/4e1743f3/unknown/0_0_0_0/bbbbbbb4/c0000005/00000000.htm?Retriage=1

Followup: MachineOwner
---------

0:006> lm N T
Unknown option 'N'
Unknown option 'T'
start    end        module name
00340000 00349000   normaliz   (deferred)             
00400000 00fcb000   PDFXCview   (no symbols)           
023e0000 023f2000   HKVOLKEY   (deferred)             
10000000 1000f000   shellhook   (deferred)             
3d930000 3da01000   wininet    (deferred)             
3dfd0000 3e015000   iertutil   (deferred)             
5ad70000 5ada8000   uxtheme    (deferred)             
6fa00000 6fa3e000   sophos_detoured   (deferred)             
71aa0000 71aa8000   ws2help    (deferred)             
71ab0000 71ac7000   ws2_32     (deferred)             
73000000 73026000   winspool   (deferred)             
73b30000 73b45000   mscms      (deferred)             
74720000 7476c000   MSCTF      (deferred)             
74d90000 74dfb000   usp10      (deferred)             
74e30000 74e9d000   riched20   (deferred)             
755c0000 755ee000   MSCTFIME   (deferred)             
76380000 76385000   msimg32    (deferred)             
76390000 763ad000   imm32      (deferred)             
763b0000 763f9000   comdlg32   (deferred)             
76b40000 76b6d000   winmm      (pdb symbols)          c:\symbols\winmm.pdb\90FC96D5AD8440A2B14855895BD92ED62\winmm.pdb
76bf0000 76bfb000   psapi      (deferred)             
76c30000 76c5e000   wintrust   (deferred)             
76c90000 76cb8000   imagehlp   (deferred)             
77120000 771ab000   oleaut32   (deferred)             
773d0000 774d3000   comctl32   (deferred)             
774e0000 7761e000   ole32      (pdb symbols)          c:\symbols\ole32.pdb\0E73207536D64E9C9FB83C682ED9E5852\ole32.pdb
77a80000 77b15000   crypt32    (deferred)             
77b20000 77b32000   msasn1     (deferred)             
77b40000 77b62000   apphelp    (deferred)             
77c00000 77c08000   version    (deferred)             
77c10000 77c68000   msvcrt     (deferred)             
77dd0000 77e6b000   advapi32   (pdb symbols)          c:\symbols\advapi32.pdb\F759D3F1C6614313B07C84BC33F02E4D2\advapi32.pdb
77e70000 77f03000   rpcrt4     (deferred)             
77f10000 77f59000   gdi32      (pdb symbols)          c:\symbols\gdi32.pdb\372C0F0E08FB456EAB7B4CB2B53E27952\gdi32.pdb
77f60000 77fd6000   shlwapi    (deferred)             
77fe0000 77ff1000   secur32    (deferred)             
78130000 78258000   urlmon     (deferred)             
7c800000 7c8f6000   kernel32   (pdb symbols)          c:\symbols\kernel32.pdb\072FF0EB54D24DFAAE9D13885486EE092\kernel32.pdb
7c900000 7c9b2000   ntdll      (pdb symbols)          c:\symbols\ntdll.pdb\CEFC0863B1F84130A11E0F54180CD21A2\ntdll.pdb
7c9c0000 7d1d7000   shell32    (deferred)             
7e410000 7e4a1000   user32     (pdb symbols)          c:\symbols\user32.pdb\D18A41B74E7F458CAAAC1847E2D8BF022\user32.pdb

Unloaded modules:
77b40000 77b62000   apphelp.dll
69450000 69466000   faultrep.dll
77920000 77a13000   SETUPAPI.dll
76f50000 76f58000   WTSAPI32.dll
76360000 76370000   WINSTA.dll
5b860000 5b8b5000   NETAPI32.dll
769c0000 76a74000   USERENV.dll
0:006> !drivers

  The !drivers command is no longer supported.

  Please use the 'lm t n' command.
  Consult the debugger documentation for the supported 'lm' command options.

  The WinDbg "Modules" window can also be used to display timestamps.
  The "Modules" window supports sorting on name or timestamp values

0:006> .ecxr.
eax=00000000 ebx=0216a4c4 ecx=031dfe34 edx=01ebc388 esi=00d8783c edi=00000000
eip=00000000 esp=031dfe3c ebp=00000001 iopl=0         nv up ei pl nz na po nc
cs=001b  ss=0023  ds=0023  es=0023  fs=003b  gs=0000             efl=00000202
00000000 ??              ???
            ^ Extra character error in '.ecxr.'
0:006> ecxr
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for normaliz.dll - 
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for HKVOLKEY.dll - 
*** WARNING: Unable to verify checksum for shellhook.dll
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for shellhook.dll - 
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for sophos_detoured.dll - 
Couldn't resolve error at 'cxr'

EDIT:
Here is another dump file I created with adplus. Hope this helps finding the error.

[Vasyl - PDF-XChange]

Hi Panny,

Thanks for info.
I sent you a private message with a link to a debug-version of our main program-file.
Please try it out and let us know how it goes with it.

Thanks.

[panny]

Hi Vasyl.

I'm answering this here, since pm is disabled.

thanks for the help and the file. I finally don't get any crashes anymore!

What was the reason?

The viewer is really slow now, it takes 92%-97% cpu time for about a minute, scrolling is a pain and the file size changes between 30MB to 60MB.

I'm happy to work with that, since I don't need to scroll, but noone can work with a slow viewer. I understand this is the debug version and guess this will just change.

Also, I realized the new popup error message when the file cannot be accessed! great! This works really fine.

But also, just to tell the story from this side (the user side) the viewer should automatically reload the file every 3 seconds, so you don't have to switch back and forth. But that is just a gimmik, no urgence here.

Great job! If the viewer was not that slow, this would be perfectly fine with me.

Thank you for the work done on this.


cheers,
panny

[Vasyl - PDF-XChange]

Hi Panny.

I finally don't get any crashes anymore!
What was the reason?

I don't known exactly, we should investigate it...
Can we we investigate it with you in real time by TeamViewer ? (http://www.teamviewer.com/en/index.aspx)

Best
Regards.

[panny]

Hello Vasyl.

sure, how can I confidently forward my teamviewer id?

[Stefan - PDF-XChange]

Hello Panny,

Send it to support@pdf-xchange.com (along with the PW as well) and I will pass it to Vasyl.

Best,
Stefan

[Vasyl - PDF-XChange]

I sent you the private message with my contact..