Re: APP 死锁问题请教。---- 当我们发现问题,并且有办法解决的时候,这个时候就可以收手了吗???

转储分析

APP 死锁问题请教。---- 当我们发现问题,并且有办法解决的时候,这个时候就可以收手了吗???

codingLee 2014-09-23, 14:31 下午




---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

...
This dump file has an exception of interest stored in it.
The stored exception information can be accessed via .ecxr.
(e4.bdc): Wake debugger - code 80000007 (first/second chance not available)
eax=00000000 ebx=00000000 ecx=00000000 edx=00000000 esi=00000500 edi=00000000
eip=77baf871 esp=0018f19c ebp=0018f208 iopl=0         nv up ei pl nz na pe nc
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00000206
ntdll!NtWaitForSingleObject+0x15:
77baf871 83c404          add     esp,4
0:000> !locks

CritSec +d60648 at 00d60648
WaiterWoken        No
LockCount          0
RecursionCount     1
OwningThread       bdc
EntryCount         0
ContentionCount    0
*** Locked

CritSec +2d9e8c at 002d9e8c
WaiterWoken        No
LockCount          0
RecursionCount     1
OwningThread       9b8
EntryCount         0
ContentionCount    0
*** Locked

CritSec +322e62c at 0322e62c
WaiterWoken        No
LockCount          0
RecursionCount     1
OwningThread       bb8
EntryCount         0
ContentionCount    0
*** Locked

CritSec +322e644 at 0322e644
WaiterWoken        No
LockCount          1
RecursionCount     1
OwningThread       9b8
EntryCount         0
ContentionCount    1
*** Locked

Scanned 955 critical sections
0:000> ~*kb

省略一些 信息。


  13  Id: e4.9b8 Suspend: 1 Teb: 7ef8b000 Unfrozen
ChildEBP RetAddr  Args to Child              
0930fcd4 76e80816 000005cc 00000000 00000000 ntdll!NtWaitForSingleObject+0x15
0930fd40 76cf1184 000005cc ffffffff 00000000 KERNELBASE!WaitForSingleObjectEx+0x98
0930fd58 76cf1138 000005cc ffffffff 00000000 kernel32!WaitForSingleObjectExImplementation+0x75
0930fd6c 03d02db7 000005cc ffffffff 00dc0300 kernel32!WaitForSingleObject+0x12
0930fd8c 03d0574e ffd4a002 0322e5d0 037e56b4 FileWriterFilter!boost::detail::basic_timed_mutex::lock+0x67 [e:\jenkins\workspace\acq-sdk\3rdparty\boost\include\boost_1_54_0\boost\thread\win32\basic_timed_mutex.hpp @ 88]
0930fdac 03d065d1 037e5670 03d2479f ffd4a05a FileWriterFilter!boost::detail::future_object<void>::get_state+0x2e [e:\jenkins\workspace\acq-sdk\3rdparty\boost\include\boost_1_54_0\boost\thread\future.hpp @ 838]
0930fdb4 03d2479f ffd4a05a 037e58b8 0322e5d0 FileWriterFilter!async_worker::is_thread_running+0x21 [e:\jenkins\workspace\acq-sdk\src\utility\async_worker.cpp @ 121]
0930fe00 03d2bc93 037e58b8 037e5670 02f4fb38 FileWriterFilter!MP4Decoder::Transform+0xbf
0930fe18 03d2b61d 037e5670 ffd4a3b2 00000000 FileWriterFilter!CTransformFilter::Receive+0x53
0930fe40 742937fe 0322e644 037e58b8 0930fe84 FileWriterFilter!CTransformInputPin::Receive+0x5d
0930fe50 742a69ee 037e58b8 037e58b8 002da018 qedit!CBaseOutputPin::Deliver+0x22
0930fe84 742e10e8 08fd0000 00000000 002d9b20 qedit!CSampleGrabber::Receive+0x19e
0930fe98 7503e752 002d9e8c 037e58b8 002d9b20 qedit!CTransformInputPin::Receive+0x33
0930feb4 7503e6cc 037e58b8 0387d988 0387bcd0 ksproxy!CKsOutputPin::Deliver+0x37
0930fecc 75058f54 002d9c30 037e58b8 00000115 ksproxy!CKsOutputPin::KsDeliver+0x42
0930ff4c 7503f2f4 002daf94 0387d978 00000003 ksproxy!CStandardInterfaceHandler::KsCompleteIo+0x3fc
0930ff64 7504aaa7 00000000 002db7c8 00000000 ksproxy!CKsOutputPin::OutputPinBufferHandler+0x19
0930ff88 76cf3677 017e6760 0930ffd4 77bc9d72 ksproxy!CAsyncItemHandler::AsyncItemProc+0x1c2
0930ff94 77bc9d72 037e6760 d2abcf63 00000000 kernel32!BaseThreadInitThunk+0xe
0930ffd4 77bc9d45 7504a8e5 037e6760 00000000 ntdll!__RtlUserThreadStart+0x70
0930ffec 00000000 7504a8e5 037e6760 00000000 ntdll!_RtlUserThreadStart+0x1b


现在我知道 是这个线程没有返回,导致死锁。

0930fcd4 76e80816 000005cc 00000000 00000000 ntdll!NtWaitForSingleObject+0x15
0930fd40 76cf1184 000005cc ffffffff 00000000 KERNELBASE!WaitForSingleObjectEx+0x98
0930fd58 76cf1138 000005cc ffffffff 00000000 kernel32!WaitForSingleObjectExImplementation+0x75
0930fd6c 03d02db7 000005cc ffffffff 00dc0300 kernel32!WaitForSingleObject+0x12

但是我不知道为什么这个地方又在等锁,请叫一下,这种情况应该如何继续分析下去?

000005cc ffffffff  我看这个地址不太对,是不是内存释放后,导致这样的问题?

Re: APP 死锁问题请教。---- 当我们发现问题,并且有办法解决的时候,这个时候就可以收手了吗???

codingLee 2014-09-23, 14:44 下午
0930fcd4 76e80816 000005cc 00000000 00000000 ntdll!NtWaitForSingleObject+0x15
0930fd40 76cf1184 000005cc ffffffff 00000000 KERNELBASE!WaitForSingleObjectEx+0x98
0930fd58 76cf1138 000005cc ffffffff 00000000 kernel32!WaitForSingleObjectExImplementation+0x75
0930fd6c 03d02db7 000005cc ffffffff 00dc0300 kernel32!WaitForSingleObject+0x12


我看这个地址不是很对, 000005cc ffffffff  是不是内存已经被释放了,导致这样子???

Re: APP 死锁问题请教。---- 当我们发现问题,并且有办法解决的时候,这个时候就可以收手了吗???

格蠹老雷 2014-09-23, 20:39 下午
5cc是等待的互斥量句柄,ffffffff是INFINITE常量,代表无限等待,所以这里没有错

看起来这个9b8线程占着两个关键区,要拿这个互斥量,估计是这个互斥量已经被其它等待9b8的线程拥有了,典型的死锁

Re: APP 死锁问题请教。---- 当我们发现问题,并且有办法解决的时候,这个时候就可以收手了吗???

codingLee 2014-09-24, 13:21 下午
张老师,请问 如何查看 5cc  mutex 被哪个线程占用了呢?

Re: APP 死锁问题请教。---- 当我们发现问题,并且有办法解决的时候,这个时候就可以收手了吗???

HiJack 2016-01-07, 22:34 下午
ring3层看不到,可以再开一个windbg用kd调试的 local能看到

Powered by Community Server Powered by CnForums.Net