新人求助帖 - 高端调试

欢迎光临高端调试登录 | 注册 | FAQ

搜索论坛

	内核调试

	ACPI调试 Linux内核调试 Windows内核调试
	调试方法学

	调试战役调试原理新工具观察
	操作系统

	Linux Windows Vista Windows
	驱动开发

	Linux驱动 WDF WDM
	总线

	PCI Express PCI/PCI-X USB 无线通信协议
	中央处理器

	64位CPU ARM IA-32
	CPU Info Center
	计算机机系统

	ACPI标准系统认证 Desktop 服务器
	嵌入式系统

	Embedded Linux 嵌入式开发工具 VxWorks WinCE 嵌入式Windows
	特别链接

	格蠹调试套件(GDK)
	格蠹学院
	小朱书店
	老雷的微博
	《软件调试》
	《格蠹汇编》
	《软件调试(第二版)》


沪ICP备11027180号-1

C/C++本地代码调试

帖子发起人: BianChengNan 发起时间: 2013-07-05 14:21 下午 回复: 5

搜索论坛

帖子排序:

2013-07-05, 14:21 下午

BianChengNan 离线，最后访问时间: 2017/7/22 6:43:39 BianChengNan

发帖数前25位
注册: 2013-07-05
发贴: 39

Sad [:(] 新人求助帖

对于死循环的情况，保存dump文件有用吗？

最近写的一个小软件出现了死循环的状态，dump了，现在手里只有dump文件和对应的pdb文件了，不知该如何下手了。

希望有经验的前辈多多指点。

IP 地址: 已记录   报告

2013-07-05, 17:18 下午

Raymond 离线，最后访问时间: 2020/7/3 3:40:25 格蠹老雷

发帖数前10位
注册: 2005-12-19
发贴: 1,303

Re: 新人求助帖

先列出所有线程的ID和CPU运行时间

~*e .echo ****;? @$tid;.ttime

找到时间最长的，切换过去

~~[tid]s

IP 地址: 已记录   报告

2013-07-08, 11:00 上午

BianChengNan 离线，最后访问时间: 2017/7/22 6:43:39 BianChengNan

发帖数前25位
注册: 2013-07-05
发贴: 39

Re: 新人求助帖

嗯嗯，多谢。在《格蠹汇编》上看到这个方法了，也找到了是哪个线程了，自己尝试跟踪了一下，奈何汇编水平有限，跟不出个所以然来。
但是已经dump了，保存了现场!!!嘿嘿。后来一想，只有dump文件是不是没有啥作用，因为不能调试跟踪。故来论坛发问。

IP 地址: 已记录   报告

2013-07-08, 17:22 下午

BianChengNan 离线，最后访问时间: 2017/7/22 6:43:39 BianChengNan

发帖数前25位
注册: 2013-07-05
发贴: 39

Crying [:'(] Re: 新人求助帖

0:015> ~*e ?@$tid; .ttime
Evaluate expression: 3188 = 00000c74
Created: Mon Jul 8 16:42:21.679 2013 (UTC + 8:00)
Kernel: 0 days 0:00:37.109
User: 0 days 0:05:17.953
Evaluate expression: 2908 = 00000b5c
Created: Mon Jul 8 16:42:22.883 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.000
User: 0 days 0:00:00.000
Evaluate expression: 2688 = 00000a80
Created: Mon Jul 8 16:42:22.883 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.046
User: 0 days 0:00:00.000
Evaluate expression: 1572 = 00000624
Created: Mon Jul 8 16:42:22.929 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.218
User: 0 days 0:00:00.031
Evaluate expression: 236 = 000000ec
Created: Mon Jul 8 16:42:22.945 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.000
User: 0 days 0:00:00.000
Evaluate expression: 2504 = 000009c8
Created: Mon Jul 8 16:42:24.211 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.312
User: 0 days 0:00:00.281
Evaluate expression: 788 = 00000314
Created: Mon Jul 8 16:42:24.273 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.000
User: 0 days 0:00:00.000
Evaluate expression: 3360 = 00000d20
Created: Mon Jul 8 16:42:24.320 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.343
User: 0 days 0:00:01.343
Evaluate expression: 3356 = 00000d1c
Created: Mon Jul 8 16:42:24.570 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.000
User: 0 days 0:00:00.000
Evaluate expression: 3848 = 00000f08
Created: Mon Jul 8 16:42:25.242 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.000
User: 0 days 0:00:00.000
Evaluate expression: 204 = 000000cc
Created: Mon Jul 8 16:42:25.242 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.000
User: 0 days 0:00:00.000
Evaluate expression: 3288 = 00000cd8
Created: Mon Jul 8 16:42:25.242 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.000
User: 0 days 0:00:00.000
Evaluate expression: 2264 = 000008d8
Created: Mon Jul 8 16:42:25.242 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.000
User: 0 days 0:00:00.000
Evaluate expression: 3304 = 00000ce8
Created: Mon Jul 8 16:42:27.992 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.343
User: 0 days 0:00:00.015
Evaluate expression: 376 = 00000178
Created: Mon Jul 8 16:43:24.273 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.000
User: 0 days 0:00:00.000
Evaluate expression: 240 = 000000f0
Created: Mon Jul 8 16:51:48.570 2013 (UTC + 8:00)
Kernel: 0 days 0:00:00.000
User: 0 days 0:00:00.000

// 问题出在tid == 00000c74 的主线程上，
// 占用时间的几个线程除了主线程和tid == a80 的线程外，还有几个线程，估计是访问网址的时候，系统开辟的线程。

// 该线程为访问线程，内部有一个循环,用来完成访问任务
0:015> ~~[a80] kn 10
# ChildEBP RetAddr
00 0180fe70 77d194be ntdll!KiFastSystemCallRet
01 0180feb0 77d2cdcb user32!NtUserMessageCall+0xc
02 0180fed8 00407353 user32!SendMessageTimeoutW+0x21
03 0180ff70 78afc556 browseWeb!visitWeb+0xc3 [d:\myprojects\mt_browser\browseweb\browsewebdlg.cpp @ 115]
04 0180ffa8 78afc600 msvcr100!_endthreadex+0x3f
05 0180ffb4 7c80b713 msvcr100!_endthreadex+0xce
06 0180ffec 00000000 kernel32!BaseThreadStart+0x37

// 主线程的调用栈
0:015> ~0s
eax=00000000 ebx=00000000 ecx=0257ca60 edx=00000418 esi=0257c9b0 edi=00000000
eip=7e28148a esp=0012ea10 ebp=00000000 iopl=0 nv up ei pl zr na pe nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00000246
mshtml!CHtmPost::ProcessTokens+0x3ba:
7e28148a 8b442408 mov eax,dword ptr [esp+8] ss:0023:0012ea18=00000000
0:000> kn 100
# ChildEBP RetAddr
00 0012ea98 7e27d883 mshtml!CHtmPost::ProcessTokens+0x3ba
01 0012eb54 7e2c153d mshtml!CHtmPost::Exec+0x104
02 0012eb64 7e2c1513 mshtml!CHtmPost::RunNested+0x23
03 0012eb78 7e2c18c2 mshtml!CHtmLoad::Write+0x49
04 0012eb9c 7e2c16fd mshtml!CHtmCtx::Write+0x22
05 0012ebe0 7e2c1932 mshtml!CDocument::write+0x1ac
06 0012ebfc 7e2a8a23 mshtml!Method_void_SAFEARRAYPVARIANTP+0x25
07 0012ec7c 7e2a88bf mshtml!CBase::ContextInvokeEx+0x462
08 0012eca8 7e2b69a5 mshtml!CBase::InvokeEx+0x25
09 0012ecf4 7e27e6ec mshtml!DispatchInvokeCollection+0x158
0a 0012ed48 75be1408 mshtml!CDocument::InvokeEx+0xcb
0b 0012ed80 75be1378 jscript!IDispatchExInvokeEx2+0xac
0c 0012edb8 75be6db3 jscript!IDispatchExInvokeEx+0x56
0d 0012ee28 75be10d8 jscript!InvokeDispatchEx+0x78
0e 0012ee70 75bdfab8 jscript!VAR::InvokeByName+0xba
0f 0012eeb0 75bdefea jscript!VAR::InvokeDispName+0x43
10 0012eed4 75be6ff4 jscript!VAR::InvokeByDispID+0xfd
11 0012ef8c 75be165d jscript!CScriptRuntime::Run+0x16bd
12 0012efa4 75be68d3 jscript!ScrFncObj::Call+0x8d
13 0012f030 75be0f13 jscript!NameTbl::InvokeInternal+0xe0
14 0012f05c 75be6ff4 jscript!VAR::InvokeByDispID+0xd4
15 0012f114 75be165d jscript!CScriptRuntime::Run+0x16bd
16 0012f12c 75bc900b jscript!ScrFncObj::Call+0x8d
17 0012f1b8 75be1583 jscript!ScrFncObj::Construct+0xd7
18 0012f23c 75be0f13 jscript!NameTbl::InvokeInternal+0xfe
19 0012f268 75be1555 jscript!VAR::InvokeByDispID+0xd4
1a 0012f320 75be165d jscript!CScriptRuntime::Run+0x15f8
1b 0012f338 75be0ea9 jscript!ScrFncObj::Call+0x8d
1c 0012f3c4 75be0f13 jscript!NameTbl::InvokeInternal+0x40
1d 0012f3f0 75be6ff4 jscript!VAR::InvokeByDispID+0xd4
1e 0012f4a8 75be165d jscript!CScriptRuntime::Run+0x16bd
1f 0012f4c0 75be1793 jscript!ScrFncObj::Call+0x8d
20 0012f530 75bcda62 jscript!CSession::Execute+0xa7
21 0012f580 75bce6e7 jscript!COleScript::ExecutePendingScripts+0x147
22 0012f5e4 75bce538 jscript!COleScript::ParseScriptTextCore+0x243
23 0012f610 7e2b195b jscript!COleScript::ParseScriptText+0x2b
24 0012f670 7e2b1804 mshtml!CScriptCollection::ParseScriptText+0x1da
25 0012f728 7e2b18f0 mshtml!CScriptElement::CommitCode+0x1e1
26 0012f760 7e34d69a mshtml!CScriptElement::Execute+0xa4
27 0012f83c 7e49689f mshtml!CScriptElement::OnDwnChan+0x311
28 0012f848 7e293ffc mshtml!CScriptElement::OnDwnChanCallback+0x10
29 0012f858 7e27cb3b mshtml!CDwnChan::OnMethodCall+0x19
2a 0012f88c 7e278937 mshtml!GlobalWndOnMethodCall+0x66
2b 0012f9c0 77d18734 mshtml!GlobalWndProc+0x1e2
2c 0012f9ec 77d18816 user32!InternalCallWinProc+0x28
2d 0012fa54 77d2a013 user32!UserCallWinProcCheckWow+0x150
2e 0012fa84 77d2a039 user32!CallWindowProcAorW+0x98
2f 0012faa4 788333bc user32!CallWindowProcW+0x1b
30 0012fb28 77d18734 mfc100u!_AfxActivationWndProc+0x139
31 0012fb54 77d18816 user32!InternalCallWinProc+0x28
32 0012fbbc 77d189cd user32!UserCallWinProcCheckWow+0x150
33 0012fc1c 77d18a10 user32!DispatchMessageWorker+0x306
34 0012fc2c 78821862 user32!DispatchMessageW+0xf
35 0012fc3c 78837e81 mfc100u!AfxInternalPumpMessage+0x40
36 0012fc68 787d5b04 mfc100u!CWnd::RunModalLoop+0xc8
37 0012fcb4 00406bb3 mfc100u!CDialog::DoModal+0x12d
38 0012ff18 788477c6 browseWeb!CbrowseWebApp::InitInstance+0x123 [d:\myprojects\mt_browser\browseweb\browseweb.cpp @ 216]
39 0012ff2c 00409629 mfc100u!AfxWinMain+0x49
3a 0012ffc0 7c817067 browseWeb!__tmainCRTStartup+0x158 [f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c @ 547]
3b 0012fff0 00000000 kernel32!BaseProcessStart+0x23

// 同过格蠹汇编上的方法成功定位到发生死循环的函数为
01 0012eb54 7e2c153d mshtml!CHtmPost::Exec+0x104

// 反汇编此函数，结果如下，真令人头疼
0:000> uf mshtml!CHtmPost::Exec+0x104
mshtml!CHtmPost::Exec:
7e27d7fc 81eca4000000 sub esp,0A4h
7e27d802 53 push ebx
7e27d803 55 push ebp
7e27d804 56 push esi
7e27d805 8bf1 mov esi,ecx
7e27d807 8b4610 mov eax,dword ptr [esi+10h]
7e27d80a 33db xor ebx,ebx
7e27d80c 33ed xor ebp,ebp
7e27d80e a909080000 test eax,809h
7e27d813 0f85c2a40000 jne mshtml!CHtmPost::Exec+0x19 (7e287cdb)

mshtml!CHtmPost::Exec+0x3a:
7e27d819 8b4e24 mov ecx,dword ptr [esi+24h]
7e27d81c 3bcb cmp ecx,ebx
7e27d81e 57 push edi
7e27d81f 7422 je mshtml!CHtmPost::Exec+0xc0 (7e27d843)

mshtml!CHtmPost::Exec+0x42:
7e27d821 53 push ebx
7e27d822 e8de010000 call mshtml!CMarkup::GetFrameOrPrimaryMarkup (7e27da05)
7e27d827 85c0 test eax,eax
7e27d829 7418 je mshtml!CHtmPost::Exec+0xc0 (7e27d843)

mshtml!CHtmPost::Exec+0x4c:
7e27d82b 8b4e24 mov ecx,dword ptr [esi+24h]
7e27d82e 53 push ebx
7e27d82f e8d1010000 call mshtml!CMarkup::GetFrameOrPrimaryMarkup (7e27da05)
7e27d834 8b888c000000 mov ecx,dword ptr [eax+8Ch]
7e27d83a f6c540 test ch,40h
7e27d83d 0f85a0af0c00 jne mshtml!CHtmPost::Exec+0x60 (7e3487e3)

mshtml!CHtmPost::Exec+0xc0:
7e27d843 395e44 cmp dword ptr [esi+44h],ebx
7e27d846 8a4610 mov al,byte ptr [esi+10h]
7e27d849 0f85d1410300 jne mshtml!CHtmPost::Exec+0x33f (7e2b1a20)

mshtml!CHtmPost::Exec+0xcc:
7e27d84f a830 test al,30h
7e27d851 7575 jne mshtml!CHtmPost::Exec+0x219 (7e27d8c8)

mshtml!CHtmPost::Exec+0xd4:
7e27d853 68a90d287e push offset mshtml!CHtmParse::Prepare (7e280da9)
7e27d858 8bce mov ecx,esi
7e27d85a e8dbf6ffff call mshtml!CHtmPost::Broadcast (7e27cf3a)
7e27d85f 8be8 mov ebp,eax
7e27d861 3beb cmp ebp,ebx
7e27d863 0f8542010000 jne mshtml!CHtmPost::Exec+0x44a (7e27d9ab)

mshtml!CHtmPost::Exec+0xea:
7e27d869 8bce mov ecx,esi
7e27d86b e81afeffff call mshtml!CHtmPost::IsAtEof (7e27d68a)
7e27d870 85c0 test eax,eax
7e27d872 7523 jne mshtml!CHtmPost::Exec+0x118 (7e27d897)

mshtml!CHtmPost::Exec+0xf5:
7e27d874 8b8424b8000000 mov eax,dword ptr [esp+0B8h]
7e27d87b 50 push eax
7e27d87c 8bce mov ecx,esi
7e27d87e e8f13a0000 call mshtml!CHtmPost::ProcessTokens (7e281374)
7e27d883 8be8 mov ebp,eax
7e27d885 3beb cmp ebp,ebx
7e27d887 0f851e010000 jne mshtml!CHtmPost::Exec+0x44a (7e27d9ab)

mshtml!CHtmPost::Exec+0x10e:
7e27d88d f6461001 test byte ptr [esi+10h],1
7e27d891 0f858db00c00 jne mshtml!CHtmPost::Exec+0x3c1 (7e348924)

mshtml!CHtmPost::Exec+0x118:
7e27d897 8bce mov ecx,esi
7e27d899 e8ecfdffff call mshtml!CHtmPost::IsAtEof (7e27d68a)
7e27d89e 85c0 test eax,eax
7e27d8a0 0f859d490000 jne mshtml!CHtmPost::Exec+0x146 (7e282243)

mshtml!CHtmPost::Exec+0x123:
7e27d8a6 8b4610 mov eax,dword ptr [esi+10h]
7e27d8a9 f6c420 test ah,20h
7e27d8ac 0f8591490000 jne mshtml!CHtmPost::Exec+0x146 (7e282243)

mshtml!CHtmPost::Exec+0x12b:
7e27d8b2 68730f287e push offset mshtml!CHtmParse::Commit (7e280f73)
7e27d8b7 8bce mov ecx,esi
7e27d8b9 e87cf6ffff call mshtml!CHtmPost::Broadcast (7e27cf3a)
7e27d8be 8be8 mov ebp,eax
7e27d8c0 3beb cmp ebp,ebx
7e27d8c2 0f85e3000000 jne mshtml!CHtmPost::Exec+0x44a (7e27d9ab)

mshtml!CHtmPost::Exec+0x219:
7e27d8c8 8b4610 mov eax,dword ptr [esi+10h]
7e27d8cb a804 test al,4
7e27d8cd 0f85e7000000 jne mshtml!CHtmPost::Exec+0x224 (7e27d9ba)

mshtml!CHtmPost::Exec+0x2b7:
7e27d8d3 8b4e24 mov ecx,dword ptr [esi+24h]
7e27d8d6 53 push ebx
7e27d8d7 e829010000 call mshtml!CMarkup::GetFrameOrPrimaryMarkup (7e27da05)
7e27d8dc 8b888c000000 mov ecx,dword ptr [eax+8Ch]
7e27d8e2 f6c540 test ch,40h
7e27d8e5 0f85c9af0c00 jne mshtml!CHtmPost::Exec+0x2cb (7e3488b4)

mshtml!CHtmPost::Exec+0x316:
7e27d8eb 8b4610 mov eax,dword ptr [esi+10h]
7e27d8ee a810 test al,10h
7e27d8f0 0f857f720200 jne mshtml!CHtmPost::Exec+0x31d (7e2a4b75)

mshtml!CHtmPost::Exec+0x35c:
7e27d8f6 ff156c12217e call dword ptr [mshtml!_imp__GetTickCount (7e21126c)]
7e27d8fc 3b8424b8000000 cmp eax,dword ptr [esp+0B8h]
7e27d903 7720 ja mshtml!CHtmPost::Exec+0x38b (7e27d925)

mshtml!CHtmPost::Exec+0x36b:
7e27d905 8b4610 mov eax,dword ptr [esi+10h]
7e27d908 f6c420 test ah,20h
7e27d90b 7518 jne mshtml!CHtmPost::Exec+0x38b (7e27d925)

mshtml!CHtmPost::Exec+0x373:
7e27d90d 8bce mov ecx,esi
7e27d90f e8213c0000 call mshtml!CHtmPost::IsPending (7e281535)
7e27d914 85c0 test eax,eax
7e27d916 750d jne mshtml!CHtmPost::Exec+0x38b (7e27d925)

mshtml!CHtmPost::Exec+0x37e:
7e27d918 e86dfdffff call mshtml!CHtmPost::IsAtEof (7e27d68a)
7e27d91d 85c0 test eax,eax
7e27d91f 0f841effffff je mshtml!CHtmPost::Exec+0xc0 (7e27d843)

mshtml!CHtmPost::Exec+0x38b:
7e27d925 8b4620 mov eax,dword ptr [esi+20h]
7e27d928 8b8854040000 mov ecx,dword ptr [eax+454h]
7e27d92e bf00800000 mov edi,8000h
7e27d933 85cf test edi,ecx
7e27d935 754d jne mshtml!CHtmPost::Exec+0x40b (7e27d984)

mshtml!CHtmPost::Exec+0x39d:
7e27d937 8b884c010000 mov ecx,dword ptr [eax+14Ch]
7e27d93d 3bcb cmp ecx,ebx
7e27d93f 7443 je mshtml!CHtmPost::Exec+0x40b (7e27d984)

mshtml!CHtmPost::Exec+0x3a7:
7e27d941 8b492c mov ecx,dword ptr [ecx+2Ch]
7e27d944 395920 cmp dword ptr [ecx+20h],ebx
7e27d947 743b je mshtml!CHtmPost::Exec+0x40b (7e27d984)

mshtml!CHtmPost::Exec+0x3af:
7e27d949 8b804c010000 mov eax,dword ptr [eax+14Ch]
7e27d94f 3bc3 cmp eax,ebx
7e27d951 0f84d6400300 je mshtml!CHtmPost::Exec+0x3d5 (7e2b1a2d)

mshtml!CHtmPost::Exec+0x3b9:
7e27d957 8b502c mov edx,dword ptr [eax+2Ch]
7e27d95a 8b4a20 mov ecx,dword ptr [edx+20h]

mshtml!CHtmPost::Exec+0x3d7:
7e27d95d e81dc1ffff call mshtml!CMarkup::GetDwnDoc (7e279a7f)
7e27d962 85c0 test eax,eax
7e27d964 741e je mshtml!CHtmPost::Exec+0x40b (7e27d984)

mshtml!CHtmPost::Exec+0x3e0:
7e27d966 8b4e20 mov ecx,dword ptr [esi+20h]
7e27d969 e8a2b1ffff call mshtml!CDoc::PrimaryMarkup (7e278b10)
7e27d96e 8bc8 mov ecx,eax
7e27d970 e80ac1ffff call mshtml!CMarkup::GetDwnDoc (7e279a7f)
7e27d975 8bc8 mov ecx,eax
7e27d977 e82f120200 call mshtml!CDwnDoc::GotAuthorPalette (7e29ebab)
7e27d97c 85c0 test eax,eax
7e27d97e 0f85b4af0c00 jne mshtml!CHtmPost::Exec+0x3fa (7e348938)

mshtml!CHtmPost::Exec+0x40b:
7e27d984 8b4e24 mov ecx,dword ptr [esi+24h]
7e27d987 53 push ebx
7e27d988 53 push ebx
7e27d989 e877000000 call mshtml!CMarkup::GetFrameOrPrimaryMarkup (7e27da05)
7e27d98e 50 push eax
7e27d98f e809c40000 call mshtml!CMarkup::ProcessPeerTasks (7e289d9d)
7e27d994 8b4610 mov eax,dword ptr [esi+10h]
7e27d997 a820 test al,20h
7e27d999 0f8560400300 jne mshtml!CHtmPost::Exec+0x422 (7e2b19ff)

mshtml!CHtmPost::Exec+0x430:
7e27d99f 8b4610 mov eax,dword ptr [esi+10h]
7e27d9a2 f6c420 test ah,20h
7e27d9a5 0f85a3af0c00 jne mshtml!CHtmPost::Exec+0x438 (7e34894e)

mshtml!CHtmPost::Exec+0x44a:
7e27d9ab 5f pop edi

mshtml!CHtmPost::Exec+0x44b:
7e27d9ac 5e pop esi
7e27d9ad 8bc5 mov eax,ebp
7e27d9af 5d pop ebp
7e27d9b0 5b pop ebx
7e27d9b1 81c4a4000000 add esp,0A4h
7e27d9b7 c20400 ret 4

mshtml!CHtmPost::Exec+0x224:
7e27d9ba f6c410 test ah,10h
7e27d9bd 750d jne mshtml!CHtmPost::Exec+0x236 (7e27d9cc)

mshtml!CHtmPost::Exec+0x229:
7e27d9bf 8b4620 mov eax,dword ptr [esi+20h]
7e27d9c2 81885404000000200000 or dword ptr [eax+454h],2000h

mshtml!CHtmPost::Exec+0x236:
7e27d9cc 8b4e24 mov ecx,dword ptr [esi+24h]
7e27d9cf e86f5d0000 call mshtml!CMarkup::AllowScriptExecution (7e283743)
7e27d9d4 85c0 test eax,eax
7e27d9d6 0f84b4a20100 je mshtml!CHtmPost::Exec+0x242 (7e297c90)

mshtml!CHtmPost::Exec+0x254:
7e27d9dc 8b4e24 mov ecx,dword ptr [esi+24h]
7e27d9df 53 push ebx
7e27d9e0 e820000000 call mshtml!CMarkup::GetFrameOrPrimaryMarkup (7e27da05)
7e27d9e5 8b888c000000 mov ecx,dword ptr [eax+8Ch]
7e27d9eb f6c540 test ch,40h
7e27d9ee 0f856bae0c00 jne mshtml!CHtmPost::Exec+0x268 (7e34885f)

mshtml!CHtmPost::Exec+0x2b0:
7e27d9f4 816610fbefffff and dword ptr [esi+10h],0FFFFEFFBh
7e27d9fb e9d3feffff jmp mshtml!CHtmPost::Exec+0x2b7 (7e27d8d3)

mshtml!CHtmPost::Exec+0x146:
7e282243 8d4c2448 lea ecx,[esp+48h]
7e282247 51 push ecx
7e282248 8b4e1c mov ecx,dword ptr [esi+1Ch]
7e28224b 895c244c mov dword ptr [esp+4Ch],ebx
7e28224f c644244d79 mov byte ptr [esp+4Dh],79h
7e282254 895c2450 mov dword ptr [esp+50h],ebx
7e282258 895c2454 mov dword ptr [esp+54h],ebx
7e28225c e86e060000 call mshtml!CHtmParse::ParseToken (7e2828cf)
7e282261 8be8 mov ebp,eax
7e282263 3beb cmp ebp,ebx
7e282265 0f8540b7ffff jne mshtml!CHtmPost::Exec+0x44a (7e27d9ab)

mshtml!CHtmPost::Exec+0x16e:
7e28226b 681823287e push offset mshtml!CHtmParse::Finish (7e282318)
7e282270 8bce mov ecx,esi
7e282272 e8c3acffff call mshtml!CHtmPost::Broadcast (7e27cf3a)
7e282277 8be8 mov ebp,eax
7e282279 3beb cmp ebp,ebx
7e28227b 0f852ab7ffff jne mshtml!CHtmPost::Exec+0x44a (7e27d9ab)

mshtml!CHtmPost::Exec+0x184:
7e282281 8b4624 mov eax,dword ptr [esi+24h]
7e282284 8b4068 mov eax,dword ptr [eax+68h]
7e282287 3bc3 cmp eax,ebx
7e282289 0f8483f70200 je mshtml!CHtmPost::Exec+0x19e (7e2b1a12)

mshtml!CHtmPost::Exec+0x18e:
7e28228f 8b10 mov edx,dword ptr [eax]
7e282291 83e201 and edx,1
7e282294 83ea02 sub edx,2
7e282297 c1e204 shl edx,4
7e28229a 8b0410 mov eax,dword ptr [eax+edx]

mshtml!CHtmPost::Exec+0x1a0:
7e28229d 8b0d5c33227e mov ecx,dword ptr [mshtml!CNotification::s_aryFlags+0x12c (7e22335c)]
7e2822a3 53 push ebx
7e2822a4 894c2434 mov dword ptr [esp+34h],ecx
7e2822a8 50 push eax
7e2822a9 8d4c2418 lea ecx,[esp+18h]
7e2822ad c74424184b000000 mov dword ptr [esp+18h],4Bh
7e2822b5 895c243c mov dword ptr [esp+3Ch],ebx
7e2822b9 895c241c mov dword ptr [esp+1Ch],ebx
7e2822bd 895c2424 mov dword ptr [esp+24h],ebx
7e2822c1 e88f80ffff call mshtml!CNotification::SetElement (7e27a355)
7e2822c6 8b4624 mov eax,dword ptr [esi+24h]
7e2822c9 8b4068 mov eax,dword ptr [eax+68h]
7e2822cc 3bc3 cmp eax,ebx
7e2822ce 0f8445f70200 je mshtml!CHtmPost::Exec+0x1e3 (7e2b1a19)

mshtml!CHtmPost::Exec+0x1d3:
7e2822d4 8b10 mov edx,dword ptr [eax]
7e2822d6 83e201 and edx,1
7e2822d9 83ea02 sub edx,2
7e2822dc c1e204 shl edx,4
7e2822df 8b0410 mov eax,dword ptr [eax+edx]

mshtml!CHtmPost::Exec+0x1e5:
7e2822e2 8b10 mov edx,dword ptr [eax]
7e2822e4 8d4c2410 lea ecx,[esp+10h]
7e2822e8 51 push ecx
7e2822e9 8bc8 mov ecx,eax
7e2822eb ff92a0000000 call dword ptr [edx+0A0h]
7e2822f1 8b463c mov eax,dword ptr [esi+3Ch]
7e2822f4 3bc3 cmp eax,ebx
7e2822f6 0f854e650c00 jne mshtml!CHtmPost::Exec+0x1fb (7e34884a)

mshtml!CHtmPost::Exec+0x20b:
7e2822fc 8b4610 mov eax,dword ptr [esi+10h]
7e2822ff f6c420 test ah,20h
7e282302 0f85c0b5ffff jne mshtml!CHtmPost::Exec+0x219 (7e27d8c8)

mshtml!CHtmPost::Exec+0x213:
7e282308 83c814 or eax,14h
7e28230b 894610 mov dword ptr [esi+10h],eax
7e28230e e9b5b5ffff jmp mshtml!CHtmPost::Exec+0x219 (7e27d8c8)

mshtml!CHtmPost::Exec+0x19:
7e287cdb a809 test al,9
7e287cdd 0f85c95cffff jne mshtml!CHtmPost::Exec+0x44b (7e27d9ac)

mshtml!CHtmPost::Exec+0x21:
7e287ce3 8b4e14 mov ecx,dword ptr [esi+14h]
7e287ce6 e81b000000 call mshtml!CHtmLoad::OnPostStart (7e287d06)
7e287ceb 8be8 mov ebp,eax
7e287ced 3beb cmp ebp,ebx
7e287cef 0f85b75cffff jne mshtml!CHtmPost::Exec+0x44b (7e27d9ac)

mshtml!CHtmPost::Exec+0x33:
7e287cf5 816610fff7ffff and dword ptr [esi+10h],0FFFFF7FFh
7e287cfc e9185bffff jmp mshtml!CHtmPost::Exec+0x3a (7e27d819)

mshtml!CHtmPost::Exec+0x242:
7e297c90 8b4e24 mov ecx,dword ptr [esi+24h]
7e297c93 e814000000 call mshtml!CMarkup::BlockScriptExecutionHelper (7e297cac)
7e297c98 f6461008 test byte ptr [esi+10h],8
7e297c9c 0f843a5dfeff je mshtml!CHtmPost::Exec+0x254 (7e27d9dc)

mshtml!CHtmPost::Exec+0x254:
7e297ca2 e9045dfeff jmp mshtml!CHtmPost::Exec+0x44a (7e27d9ab)

mshtml!CHtmPost::Exec+0x31d:
7e2a4b75 83e0ef and eax,0FFFFFFEFh
7e2a4b78 68a54b2a7e push offset mshtml!CHtmParse::Execute (7e2a4ba5)
7e2a4b7d 8bce mov ecx,esi
7e2a4b7f 894610 mov dword ptr [esi+10h],eax
7e2a4b82 e8b383fdff call mshtml!CHtmPost::Broadcast (7e27cf3a)
7e2a4b87 8be8 mov ebp,eax
7e2a4b89 3beb cmp ebp,ebx
7e2a4b8b 0f851a8efdff jne mshtml!CHtmPost::Exec+0x44a (7e27d9ab)

mshtml!CHtmPost::Exec+0x339:
7e2a4b91 f6461009 test byte ptr [esi+10h],9

mshtml!CHtmPost::Exec+0x356:
7e2a4b95 0f845b8dfdff je mshtml!CHtmPost::Exec+0x35c (7e27d8f6)

mshtml!CHtmPost::Exec+0x35c:
7e2a4b9b e90b8efdff jmp mshtml!CHtmPost::Exec+0x44a (7e27d9ab)

mshtml!CHtmPost::Exec+0x422:
7e2b19ff 8b4e14 mov ecx,dword ptr [esi+14h]
7e2b1a02 83e0df and eax,0FFFFFFDFh
7e2b1a05 894610 mov dword ptr [esi+10h],eax
7e2b1a08 e82c000000 call mshtml!CHtmLoad::ResumeHtmPre (7e2b1a39)
7e2b1a0d e98dbffcff jmp mshtml!CHtmPost::Exec+0x430 (7e27d99f)

mshtml!CHtmPost::Exec+0x19e:
7e2b1a12 33c0 xor eax,eax
7e2b1a14 e98408fdff jmp mshtml!CHtmPost::Exec+0x1a0 (7e28229d)

mshtml!CHtmPost::Exec+0x1e3:
7e2b1a19 33c0 xor eax,eax
7e2b1a1b e9c208fdff jmp mshtml!CHtmPost::Exec+0x1e5 (7e2822e2)

mshtml!CHtmPost::Exec+0x33f:
7e2b1a20 a820 test al,20h
7e2b1a22 0f84e46e0900 je mshtml!CHtmPost::Exec+0x343 (7e34890c)

mshtml!CHtmPost::Exec+0x347:
7e2b1a28 e9c9befcff jmp mshtml!CHtmPost::Exec+0x35c (7e27d8f6)

mshtml!CHtmPost::Exec+0x3d5:
7e2b1a2d 33c9 xor ecx,ecx
7e2b1a2f e929bffcff jmp mshtml!CHtmPost::Exec+0x3d7 (7e27d95d)

mshtml!CHtmPost::Exec+0x60:
7e3487e3 6a0e push 0Eh
7e3487e5 8bc8 mov ecx,eax
7e3487e7 e864fef2ff call mshtml!CMarkup::GetLookasidePtr (7e278650)
7e3487ec 39580c cmp dword ptr [eax+0Ch],ebx
7e3487ef 0f844e50f3ff je mshtml!CHtmPost::Exec+0xc0 (7e27d843)

mshtml!CHtmPost::Exec+0x6e:
7e3487f5 68e8e64b7e push offset mshtml!g_IndexFEATURE_PERFORMANCE_ISSUE_KB843268 (7e4be6e8)
7e3487fa e8157ef8ff call mshtml!CoInternetIsFeatureEnabledInternal (7e2d0614)
7e3487ff 85c0 test eax,eax
7e348801 0f853c50f3ff jne mshtml!CHtmPost::Exec+0xc0 (7e27d843)

mshtml!CHtmPost::Exec+0x7c:
7e348807 ff156c12217e call dword ptr [mshtml!_imp__GetTickCount (7e21126c)]
7e34880d 8b4e24 mov ecx,dword ptr [esi+24h]
7e348810 53 push ebx
7e348811 8bf8 mov edi,eax
7e348813 e8ed51f3ff call mshtml!CMarkup::GetFrameOrPrimaryMarkup (7e27da05)
7e348818 8bc8 mov ecx,eax
7e34881a e83e3d0500 call mshtml!CMarkup::ProcessIdentityPeerTask (7e39c55d)
7e34881f 83bc24b8000000ff cmp dword ptr [esp+0B8h],0FFFFFFFFh
7e348827 0f841650f3ff je mshtml!CHtmPost::Exec+0xc0 (7e27d843)

mshtml!CHtmPost::Exec+0x9e:
7e34882d ff156c12217e call dword ptr [mshtml!_imp__GetTickCount (7e21126c)]
7e348833 8b8c24b8000000 mov ecx,dword ptr [esp+0B8h]
7e34883a 2bc7 sub eax,edi
7e34883c 03c8 add ecx,eax
7e34883e 898c24b8000000 mov dword ptr [esp+0B8h],ecx
7e348845 e9f94ff3ff jmp mshtml!CHtmPost::Exec+0xc0 (7e27d843)

mshtml!CHtmPost::Exec+0x1fb:
7e34884a 8b4e1c mov ecx,dword ptr [esi+1Ch]
7e34884d 8d5010 lea edx,[eax+10h]
7e348850 52 push edx
7e348851 83c00c add eax,0Ch
7e348854 50 push eax
7e348855 e86d541200 call mshtml!CHtmParse::GetPointers (7e46dcc7)
7e34885a e99d9af3ff jmp mshtml!CHtmPost::Exec+0x20b (7e2822fc)

mshtml!CHtmPost::Exec+0x268:
7e34885f 6a0e push 0Eh
7e348861 8bc8 mov ecx,eax
7e348863 e8e8fdf2ff call mshtml!CMarkup::GetLookasidePtr (7e278650)
7e348868 39580c cmp dword ptr [eax+0Ch],ebx
7e34886b 0f848351f3ff je mshtml!CHtmPost::Exec+0x2b0 (7e27d9f4)

mshtml!CHtmPost::Exec+0x276:
7e348871 ff156c12217e call dword ptr [mshtml!_imp__GetTickCount (7e21126c)]
7e348877 8b4e24 mov ecx,dword ptr [esi+24h]
7e34887a 53 push ebx
7e34887b 8bf8 mov edi,eax
7e34887d e88351f3ff call mshtml!CMarkup::GetFrameOrPrimaryMarkup (7e27da05)
7e348882 8bc8 mov ecx,eax
7e348884 e8d43c0500 call mshtml!CMarkup::ProcessIdentityPeerTask (7e39c55d)
7e348889 83bc24b8000000ff cmp dword ptr [esp+0B8h],0FFFFFFFFh
7e348891 0f845d51f3ff je mshtml!CHtmPost::Exec+0x2b0 (7e27d9f4)

mshtml!CHtmPost::Exec+0x298:
7e348897 ff156c12217e call dword ptr [mshtml!_imp__GetTickCount (7e21126c)]
7e34889d 8b8c24b8000000 mov ecx,dword ptr [esp+0B8h]
7e3488a4 2bc7 sub eax,edi
7e3488a6 03c8 add ecx,eax
7e3488a8 898c24b8000000 mov dword ptr [esp+0B8h],ecx
7e3488af e94051f3ff jmp mshtml!CHtmPost::Exec+0x2b0 (7e27d9f4)

mshtml!CHtmPost::Exec+0x2cb:
7e3488b4 6a0e push 0Eh
7e3488b6 8bc8 mov ecx,eax
7e3488b8 e893fdf2ff call mshtml!CMarkup::GetLookasidePtr (7e278650)
7e3488bd f700fcffffff test dword ptr [eax],0FFFFFFFCh
7e3488c3 0f842250f3ff je mshtml!CHtmPost::Exec+0x316 (7e27d8eb)

mshtml!CHtmPost::Exec+0x2dc:
7e3488c9 ff156c12217e call dword ptr [mshtml!_imp__GetTickCount (7e21126c)]
7e3488cf 8b4e24 mov ecx,dword ptr [esi+24h]
7e3488d2 53 push ebx
7e3488d3 53 push ebx
7e3488d4 8bf8 mov edi,eax
7e3488d6 e82a51f3ff call mshtml!CMarkup::GetFrameOrPrimaryMarkup (7e27da05)
7e3488db 50 push eax
7e3488dc e8bc14f4ff call mshtml!CMarkup::ProcessPeerTasks (7e289d9d)
7e3488e1 83bc24b8000000ff cmp dword ptr [esp+0B8h],0FFFFFFFFh
7e3488e9 0f84fc4ff3ff je mshtml!CHtmPost::Exec+0x316 (7e27d8eb)

mshtml!CHtmPost::Exec+0x2fe:
7e3488ef ff156c12217e call dword ptr [mshtml!_imp__GetTickCount (7e21126c)]
7e3488f5 8b8c24b8000000 mov ecx,dword ptr [esp+0B8h]
7e3488fc 2bc7 sub eax,edi
7e3488fe 03c8 add ecx,eax
7e348900 898c24b8000000 mov dword ptr [esp+0B8h],ecx
7e348907 e9df4ff3ff jmp mshtml!CHtmPost::Exec+0x316 (7e27d8eb)

mshtml!CHtmPost::Exec+0x343:
7e34890c 8b8424b8000000 mov eax,dword ptr [esp+0B8h]
7e348913 50 push eax
7e348914 8bce mov ecx,esi
7e348916 e8e4211200 call mshtml!CHtmPost::ScanTokens (7e46aaff)
7e34891b 8be8 mov ebp,eax
7e34891d 3beb cmp ebp,ebx
7e34891f e971c2f5ff jmp mshtml!CHtmPost::Exec+0x356 (7e2a4b95)

mshtml!CHtmPost::Exec+0x3c1:
7e348924 5f pop edi
7e348925 bd04400080 mov ebp,80004004h
7e34892a 5e pop esi
7e34892b 8bc5 mov eax,ebp
7e34892d 5d pop ebp
7e34892e 5b pop ebx
7e34892f 81c4a4000000 add esp,0A4h
7e348935 c20400 ret 4

mshtml!CHtmPost::Exec+0x3fa:
7e348938 8b4620 mov eax,dword ptr [esi+20h]
7e34893b 09b854040000 or dword ptr [eax+454h],edi
7e348941 8b4e20 mov ecx,dword ptr [esi+20h]
7e348944 e81b3b0200 call mshtml!CDoc::InvalidateColors (7e36c464)
7e348949 e93650f3ff jmp mshtml!CHtmPost::Exec+0x40b (7e27d984)

mshtml!CHtmPost::Exec+0x438:
7e34894e a801 test al,1
7e348950 0f855550f3ff jne mshtml!CHtmPost::Exec+0x44a (7e27d9ab)

mshtml!CHtmPost::Exec+0x43c:
7e348956 8b4638 mov eax,dword ptr [esi+38h]
7e348959 8b4e14 mov ecx,dword ptr [esi+14h]
7e34895c 50 push eax
7e34895d e8e62c1200 call mshtml!CHtmLoad::OnPostRestart (7e46b648)
7e348962 8be8 mov ebp,eax
7e348964 e94250f3ff jmp mshtml!CHtmPost::Exec+0x44a (7e27d9ab)

陷入死循环的函数，尝试跟踪了下汇编码，奈何水平太有限，看不出所以然来。

IP 地址: 已记录   报告

2013-07-08, 22:54 下午

Raymond 离线，最后访问时间: 2020/7/3 3:40:25 格蠹老雷

发帖数前10位
注册: 2005-12-19
发贴: 1,303

Re: 新人求助帖

分析的非常好！

对于这样的问题，因为调用栈中涉及的两个主要模块mshtml和kscript都是脚本引擎的身份，因此问题可以处在它们本身，也可能出在HTML或者JavaScript脚本。这时，先从脚本层看一下就会更容易些，如果你用的是IE9或IE10，那么按F12，可以调出一个非常强大的集成调试工具，借助它可以看HTML也可以跟踪JavaScript。

IP 地址: 已记录   报告

2013-07-09, 08:46 上午

BianChengNan 离线，最后访问时间: 2017/7/22 6:43:39 BianChengNan

发帖数前25位
注册: 2013-07-05
发贴: 39

Stick out tongue [:P] Re: 新人求助帖

多谢张老师的回复，这个是使用webbrowser控件循环访问网址时出现的问题。

先留着这个dump，以后经验丰富点再来分析。早晚得搞定它！

IP 地址: 已记录   报告

高端调试 » 软件调试 » C/C++本地代码调试 » 新人求助帖