问题
My program is crashing at the end of execution, and couldnt even see stack unwind info. all i can see is this " ntdll!kifastsystemcallret", can some throw some light?
回答1:
KiFastSystemCallRet means that the thread is in a syscall - an unfortunate aspect of x86 NT syscall dispatch is that it will not return the context back to the original place, but has to return to a static location in ntdll, which will fix up the context and put you back where you came from. Paste in the stacks and we can give you some more hints...
回答2:
You'll quite often see this on all the threads that are just waiting -- one of the threads should hopefully have some more useful stack, the rest are likely to show this. Try installing the Debugging Tools for Windows and run the program in windbg. When the crash occurs type !analyze -v to get a useful post-mortem of the likely cause of the crash.
回答3:
You can try debugging by attaching windbg and provide reference to OS symbols. Might give some clue.
回答4:
Can you provide a call stack with more information, like what operation is being done before this particular crash occurs. i have faced such crashed before.
It could very well be a first chance exception also. Are you sure it is a crash?
回答5:
kifastsystemcallret ~ Kernel Fast System Call Return, or emergency exit from a Kernel function ? some kernel invocation failed ...
来源:https://stackoverflow.com/questions/1906605/ntdllkifastsystemcallret