分析应用程序的挂起转储

Analysing hang dump of an application

本文关键字:挂起 转储 应用程序      更新时间:2023-10-16

我正在使用WinDbg工具分析转储文件。不明白是什么导致这里的线程挂起。我只能看到它在等待什么。

0:000> ~*kb
.  0  Id: c20.cb8 Suspend: 0 Teb: 7ffdf000 Unfrozen
 # ChildEBP RetAddr  Args to Child              
00 002cd7d4 77cf6a24 75f0179c 00002cc0 00000000 ntdll!KiFastSystemCallRet
01 002cd7d8 75f0179c 00002cc0 00000000 00000000 ntdll!NtWaitForSingleObject+0xc
02 002cd844 777bc313 00002cc0 ffffffff 00000000 KERNELBASE!WaitForSingleObjectEx+0x98
03 002cd85c 777bc2c2 00002cc0 ffffffff 00000000 kernel32!WaitForSingleObjectExImplementation+0x75
04 002cd870 00b1c036 00002cc0 ffffffff 00b4e268 kernel32!WaitForSingleObject+0x12
WARNING: Stack unwind information not available. Following frames may be wrong.
05 002cd888 00b1cc8b 00000007 00b4e300 00000cb8 AdvBrowser+0xc036
06 002cd8ac 00b1ccdf 00000007 00000000 00000001 AdvBrowser+0xcc8b
07 002cd8f4 76f8c4e7 000103bc 00000113 0000001b AdvBrowser+0xccdf
08 002cd920 76f86619 00b1ccf1 000103bc 00000113 user32!InternalCallWinProc+0x23
09 002cd998 76f8cd6b 00000000 00b1ccf1 000103bc user32!UserCallWinProc+0xe0
0a 002cd9f0 76f8cc70 002cda18 00000000 002cda38 user32!DispatchMessageWorker+0x13d
0b 002cda00 00b11495 002cda18 76f82780 000203f4 user32!DispatchMessageW+0xf
0c 002cda38 00b118f8 000203f4 000007ec 002cdaac AdvBrowser+0x1495
0d 002cdaa8 761f04e8 0099b6d4 042ff8bc 006c0000 AdvBrowser+0x18f8
0e 002cdae4 76255311 00b117ce 002cdcd0 0000000a rpcrt4!Invoke+0x2a
0f 002cdeec 77c8aec1 005538b8 00503260 0cbc2b78 rpcrt4!NdrStubCall2+0x2d6
10 002cdf34 7612ffd3 005538b8 0cbc2b78 00503260 ole32!CStdStubBuffer_Invoke+0x3c [d:w7rtmcomrpcndrolestub.cxx @ 1507]
11 002cdf58 77c8d876 005542f8 0cbc2b78 00503260 oleaut32!CUnivStubWrapper::Invoke+0xcb
12 002cdfa0 77c8ddd0 0cbc2b78 0054d8a8 00552da8 ole32!SyncStubInvoke+0x3c [d:w7rtmcomole32comdcomremchannelb.cxx @ 1187]
13 002cdfec 77ba8a43 0cbc2b78 00556270 005542f8 ole32!StubInvoke+0xb9 [d:w7rtmcomole32comdcomremchannelb.cxx @ 1396]
14 002ce0c8 77ba8938 00503260 00000000 005542f8 ole32!CCtxComChnl::ContextInvoke+0xfa [d:w7rtmcomole32comdcomremctxchnl.cxx @ 1262]
15 002ce0e4 77ba950a 0cbc2b78 00000001 005542f8 ole32!MTAInvoke+0x1a [d:w7rtmcomole32comdcomremcallctrl.cxx @ 2105]
16 002ce110 77c8dccd 0cbc2b78 00000001 005542f8 ole32!STAInvoke+0x46 [d:w7rtmcomole32comdcomremcallctrl.cxx @ 1924]
17 002ce144 77c8db41 d0908070 00503260 005542f8 ole32!AppInvoke+0xab [d:w7rtmcomole32comdcomremchannelb.cxx @ 1086]
18 002ce224 77c8e1fd 0cbc2b20 00504ce0 00000400 ole32!ComInvokeWithLockAndIPID+0x372 [d:w7rtmcomole32comdcomremchannelb.cxx @ 1724]
19 002ce24c 77ba9367 0cbc2b20 00000400 004f7da0 ole32!ComInvoke+0xc5 [d:w7rtmcomole32comdcomremchannelb.cxx @ 1469]
1a 002ce260 77ba9326 0cbc2b20 002ce320 00000400 ole32!ThreadDispatch+0x23 [d:w7rtmcomole32comdcomremchancont.cxx @ 298]
1b 002ce2a4 76f8c4e7 0001038c 00000400 0000babe ole32!ThreadWndProc+0x161 [d:w7rtmcomole32comdcomremchancont.cxx @ 654]
1c 002ce2d0 76f8c5e7 77ba9286 0001038c 00000400 user32!InternalCallWinProc+0x23
1d 002ce348 76f8cc19 00000000 77ba9286 0001038c user32!UserCallWinProcCheckWow+0x14b
1e 002ce3a8 76f8cc70 77ba9286 00000000 002ce3e8 user32!DispatchMessageWorker+0x35e
1f 002ce3b8 77b6d03c 002ce3cc 00000000 002ce61c user32!DispatchMessageW+0xf
20 002ce3e8 77b6d171 00000102 00000001 002ce468 ole32!CCliModalLoop::PeekRPCAndDDEMessage+0x4c [d:w7rtmcomole32comdcomremcallctrl.cxx @ 1508]
21 002ce418 77b6d093 000a0008 d4404e5f 00000102 ole32!CCliModalLoop::FindMessage+0x30 [d:w7rtmcomole32comdcomremcallctrl.cxx @ 1558]
22 002ce478 77b6d048 002ce61c 03acfe60 00000000 ole32!CCliModalLoop::HandleWakeForMsg+0x41 [d:w7rtmcomole32comdcomremcallctrl.cxx @ 1324]
23 002ce490 77b72d31 002ce4b0 000003e8 002ce4c0 ole32!CCliModalLoop::BlockFn+0xc3 [d:w7rtmcomole32comdcomremcallctrl.cxx @ 1242]
24 002ce4b8 77b6d54f ffffffff 002ce5c0 002ce4f8 ole32!ModalLoop+0x5b [d:w7rtmcomole32comdcomremchancont.cxx @ 211]
25 002ce4c8 77c8a7c9 00502c28 002ce5c0 002ce5d4 ole32!SwitchSTA+0x21 [d:w7rtmcomole32comdcomremchancont.cxx @ 252]
26 002ce4f8 77c8cef0 002ce5c0 0cccf850 002ce61c ole32!CRpcChannelBuffer::SwitchAptAndDispatchCall+0x135 [d:w7rtmcomole32comdcomremchannelb.cxx @ 4413]
27 002ce5d8 77b72cba 0cccf850 002ce704 002ce6ec ole32!CRpcChannelBuffer::SendReceive2+0xef [d:w7rtmcomole32comdcomremchannelb.cxx @ 4076]
28 002ce5f4 77b89aa1 002ce704 002ce6ec 0cccf850 ole32!CCliModalLoop::SendReceive+0x1e [d:w7rtmcomole32comdcomremcallctrl.cxx @ 899]
29 002ce670 77b89b24 0cccf850 002ce704 002ce6ec ole32!CAptRpcChnl::SendReceive+0x73 [d:w7rtmcomole32comdcomremcallctrl.cxx @ 583]
2a 002ce6c4 77c8ce06 0cccf850 002ce704 002ce6ec ole32!CCtxComChnl::SendReceive+0x1c5 [d:w7rtmcomole32comdcomremctxchnl.cxx @ 734]
2b 002ce6e0 761e4926 0e8f7d9c 002ce730 76255753 ole32!NdrExtpProxySendReceive+0x49 [d:w7rtmcomrpcndroleproxy.cxx @ 1932]
2c 002ce6ec 76255753 d44030ab 002ceb3c 0700022b rpcrt4!NdrpProxySendReceive+0xe
2d 002ceb04 77c8c8e2 5d978588 5d97882a 002ceb3c rpcrt4!NdrClientCall2+0x1a6
2e 002ceb24 77b898ad 00000008 0000000b 002ceba4 ole32!ObjectStublessClient+0xa2 [d:w7rtmcomrpcndrolei386stblsclt.cxx @ 474]
2f 002ceb34 5ebb4ba0 0e8f7d9c 0000000f 00000001 ole32!ObjectStubless+0xf [d:w7rtmcomrpcndrolei386stubless.asm @ 154]
30 002ceba4 5eb87102 0000000f 00000000 00000000 wmp!DllCanUnloadNow+0x14c35
31 002cebc8 5ea6a62e 007506ce 0000000f 00000000 wmp!DllGetClassObject+0xcc97
32 002cec10 76f8c4e7 0b8bd418 0000000f 00000000 wmp+0x4a62e
33 002cec3c 76f8c5e7 00410fb0 007506ce 0000000f user32!InternalCallWinProc+0x23
34 002cecb4 76f84f0e 00000000 00410fb0 007506ce user32!UserCallWinProcCheckWow+0x14b
35 002ced10 76f84f7d 00bbf998 0000000f 00000000 user32!DispatchClientMessage+0xda
36 002ced38 77cf6fce 002ced50 00000018 002ced9c user32!__fnDWORD+0x24
37 002ced64 76f85d0c 76f85d33 002cedd8 d44047d4 ntdll!KiUserCallbackDispatcher+0x2e
38 002ced68 76f85d33 002cedd8 d44047d4 004f7a20 user32!NtUserDispatchMessage+0xc
39 002cedac 76f8cc70 00410fb0 00000000 002cee1c user32!DispatchMessageWorker+0x3d5
3a 002cedbc 77bb6ad5 002cedd8 d440443b 00000102 user32!DispatchMessageW+0xf
3b 002cee1c 77b6d048 002cefc0 03ad0020 00000000 ole32!CCliModalLoop::HandleWakeForMsg+0x95 [d:w7rtmcomole32comdcomremcallctrl.cxx @ 1354]
3c 002cee34 77b72d31 002cee54 ffffffff 002cee64 ole32!CCliModalLoop::BlockFn+0xc3 [d:w7rtmcomole32comdcomremcallctrl.cxx @ 1242]
3d 002cee5c 77b6d54f ffffffff 002cef64 002cee9c ole32!ModalLoop+0x5b [d:w7rtmcomole32comdcomremchancont.cxx @ 211]
3e 002cee6c 77c8a7c9 00502c28 002cef64 002cef78 ole32!SwitchSTA+0x21 [d:w7rtmcomole32comdcomremchancont.cxx @ 252]
3f 002cee9c 77c8cef0 002cef64 0cccf850 002cefc0 ole32!CRpcChannelBuffer::SwitchAptAndDispatchCall+0x135 [d:w7rtmcomole32comdcomremchannelb.cxx @ 4413]
40 002cef7c 77b72cba 0cccf850 002cf0a8 002cf090 ole32!CRpcChannelBuffer::SendReceive2+0xef [d:w7rtmcomole32comdcomremchannelb.cxx @ 4076]
41 002cef98 77b89aa1 002cf0a8 002cf090 0cccf850 ole32!CCliModalLoop::SendReceive+0x1e [d:w7rtmcomole32comdcomremcallctrl.cxx @ 899]
42 002cf014 77b89b24 0cccf850 002cf0a8 002cf090 ole32!CAptRpcChnl::SendReceive+0x73 [d:w7rtmcomole32comdcomremcallctrl.cxx @ 583]
43 002cf068 77c8ce06 0cccf850 002cf0a8 002cf090 ole32!CCtxComChnl::SendReceive+0x1c5 [d:w7rtmcomole32comdcomremctxchnl.cxx @ 734]
44 002cf084 761e4926 0e8f7d9c 002cf0d4 76255753 ole32!NdrExtpProxySendReceive+0x49 [d:w7rtmcomrpcndroleproxy.cxx @ 1932]
45 002cf090 76255753 d4402f07 002cf4e0 0700022b rpcrt4!NdrpProxySendReceive+0xe
46 002cf4a8 77c8c8e2 5d978588 5d978746 002cf4e0 rpcrt4!NdrClientCall2+0x1a6
47 002cf4c8 77b898ad 00000010 00000005 002cf510 ole32!ObjectStublessClient+0xa2 [d:w7rtmcomrpcndrolei386stblsclt.cxx @ 474]
48 002cf4d8 5ebb513e 0e8f7d9c 0b8bd3e8 002cf4f8 ole32!ObjectStubless+0xf [d:w7rtmcomrpcndrolei386stubless.asm @ 154]
49 002cf510 5ed69fe0 0b8bd3e8 0e8f7d9c 0b8bdc40 wmp!DllCanUnloadNow+0x151d3
4a 002cf57c 5ebb4e89 0b8bdc30 002cf600 002cf5e0 wmp!Ordinal3002+0x3a252
4b 002cf594 5ebb53f5 0b8bd398 0b8bdc30 002cf600 wmp!DllCanUnloadNow+0x14f1e
4c 002cf640 5ebe56e5 76f84ad9 0b8bdb50 040dad90 wmp!DllCanUnloadNow+0x1548a
4d 002cf654 5ea6b111 0b8bdb50 040dad80 00000000 wmp!DllCanUnloadNow+0x4577a
4e 002cf674 5ea6b21b 040dad80 002cf6ec 002cf6b4 wmp+0x4b111
4f 002cf6c4 5eaef4ec 040daad8 002cf6ec 00000000 wmp+0x4b21b
50 002cf6fc 5eaee730 040daad8 002cf738 040d779c wmp!Ordinal3000+0x1b591
51 002cf71c 5eaef29d 040d7510 002cf738 00000000 wmp!Ordinal3000+0x1a7d5
52 002cf758 5eaef2f8 040d7510 002cf794 0409683c wmp!Ordinal3000+0x1b342
53 002cf778 5eaef29d 040965b0 002cf794 040964fc wmp!Ordinal3000+0x1b39d
54 002cf7b4 5eaef70b 040965b0 002cf7d4 040964dc wmp!Ordinal3000+0x1b342
55 002cf7f4 63eca384 00000000 03a68588 00000000 wmp!Ordinal3000+0x1b7b0
56 002cf84c 63eca2f1 00545468 03a35690 04096594 mshtml!CView::SetObjectRectsHelper+0x98
57 002cf888 64069514 00000000 00000000 002cf8e8 mshtml!CView::EndDeferSetObjectRects+0x75
58 002cf8cc 63ff47f5 00000000 002cf91c 000000c9 mshtml!CView::EnsureView+0x3a1
59 002cf8f4 64049da2 00545468 00000000 00549b28 mshtml!CView::EnsureViewCallback+0xd3
5a 002cf928 6403f012 002cf9c4 00008002 00000000 mshtml!GlobalWndOnMethodCall+0xff
5b 002cf948 76f8c4e7 000203f2 00000076 00000000 mshtml!GlobalWndProc+0x10c
5c 002cf974 76f8c5e7 6402775b 000203f2 00008002 user32!InternalCallWinProc+0x23
5d 002cf9ec 76f8cc19 00000000 6402775b 000203f2 user32!UserCallWinProcCheckWow+0x14b
5e 002cfa4c 76f8cc70 6402775b 00000000 002cfcac user32!DispatchMessageWorker+0x35e
5f 002cfa5c 00b22d6a 002cfa7c 00b4ed90 00000001 user32!DispatchMessageW+0xf
60 002cfcac 00b2ec3f 00b10000 00000000 004c261e AdvBrowser+0x12d6a
61 002cfd40 777bed6c 7ffd9000 002cfd8c 77d1377b AdvBrowser+0x1ec3f
62 002cfd4c 77d1377b 7ffd9000 77f74955 00000000 kernel32!BaseThreadInitThunk+0xe
63 002cfd8c 77d1374e 00b2edb9 7ffd9000 00000000 ntdll!__RtlUserThreadStart+0x70
64 002cfda4 00000000 00b2edb9 7ffd9000 00000000 ntdll!_RtlUserThreadStart+0x1b
可能是

您遇到了死锁,如果是这样,您应该能够确认如下

01 002cd7d8 75f0179c 00002cc0 00000000 00000000 NTDLL!NtWaitForSingleObject+0xc

0x00002cc0 arg 传递给 NtWaitForSingleObject,!locks -v 命令将显示锁定的对象,您正在寻找像这样开始的对象

CritSec [lockOffset] at 00002cc0

[lockOffset] 可以是数字,也可以是符号地址,如 ntdll!RtlCiritcalSectionLock+0.

在该行下将有几个值,您需要找到"拥有线程",这是阻止您在原始问题中显示的

线程的线程

然后你需要跟随线程,所以看看它在做什么。 在经典死锁中,它将等待由您显示的线程拥有的同步对象。 但是死锁循环可能很深。 您需要关注这些线程。

您希望使用 !locks 命令列出所有线程所持有的锁。