当我右键单击地址栏时,我的 edge.exe 挂起。 我用
procdump -ma -h {pid}当我用windbg打开内存转储时,我得到:
0:000> !analyze -v -hang
*******************************************************************************
* *
* Exception Analysis *
* *
*******************************************************************************
KEY_VALUES_STRING: 1
Key : Analysis.CPU.mSec
Value: 202
Key : Analysis.Elapsed.mSec
Value: 1271
Key : Analysis.IO.Other.Mb
Value: 9
Key : Analysis.IO.Read.Mb
Value: 2
Key : Analysis.IO.Write.Mb
Value: 47
Key : Analysis.Init.CPU.mSec
Value: 4265
Key : Analysis.Init.Elapsed.mSec
Value: 5743925
Key : Analysis.Memory.CommitPeak.Mb
Value: 284
Key : Failure.Bucket
Value: APPLICATION_HANG_cfffffff_win32u.dll!NtUserGetClipboardData
Key : Failure.Hash
Value: {eab0f5e2-9d73-1b5f-dce1-511d65e146c8}
Key : Timeline.OS.Boot.DeltaSec
Value: 146558
Key : Timeline.Process.Start.DeltaSec
Value: 52978
Key : WER.OS.Branch
Value: ni_release
Key : WER.OS.Version
Value: 10.0.22621.1
Key : WER.Process.Version
Value: 126.0.2592.87
FILE_IN_CAB: msedge.exe_240712_084801.dmp
COMMENT:
*** "C:\Program Files\SysinternalsSuite\procdump.exe" -ma -h 24228
*** Hung window detected: 405e2
NTGLOBALFLAG: 0
APPLICATION_VERIFIER_FLAGS: 0
CONTEXT: (.cxr;r)
rax=00000000000010e6 rbx=000000d84b9fc4d7 rcx=000000000000000d
rdx=000000d84b9fc430 rsi=000000d84b9fc590 rdi=00006dd805c9d620
rip=00007ffddd9f3174 rsp=000000d84b9fc3e8 rbp=000000d84b9fc440
r8=0000000000400000 r9=00000000003017f8 r10=0000000000301808
r11=00000000ae6821ed r12=aaaaaaaaaaaaaaaa r13=000000d84b9fd1f0
r14=000000000000000d r15=000000d84b9fd260
iopl=0 nv up ei pl zr na po nc
cs=0033 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000246
win32u!NtUserGetClipboardData+0x14:
00007ffd`dd9f3174 c3 ret
EXCEPTION_RECORD: (.exr -1)
ExceptionAddress: 0000000000000000
ExceptionCode: 80000003 (Break instruction exception)
ExceptionFlags: 00000000
NumberParameters: 0
FAULTING_THREAD: 0000615c
PROCESS_NAME: msedge.exe
WATSON_BKT_EVENT: AppHang
BLOCKING_THREAD: 000000000000615c
ERROR_CODE: (NTSTATUS) 0xcfffffff - <Unable to get error code text>
EXCEPTION_CODE_STR: cfffffff
DERIVED_WAIT_CHAIN:
Dl Eid Cid WaitType
-- --- ------- --------------------------
0 5ea4.615c Unknown
WAIT_CHAIN_COMMAND: ~0s;k;;
STACK_TEXT:
000000d8`4b9fc3e8 00007ffd`df30ba7f : 00000000`00000000 00007ffd`df283925 00000000`00000001 00007ffd`4105a100 : win32u!NtUserGetClipboardData+0x14
000000d8`4b9fc3f0 00007ffd`3acbd740 : 000000d8`4b9fc4d7 00007ffd`00000000 00004d0c`d3f23edd 00000000`00000008 : user32!GetClipboardData+0x9f
000000d8`4b9fc480 00007ffd`3b523124 : aaaaaaaa`aaaaaaaa 00000000`00000008 fffffffc`00000000 00007ffd`32172e96 : msedge!EdgeLaunchBrowserToHandleBackgroundTaskEvent+0x401720
000000d8`4b9fc530 00007ffd`3a665464 : 00000000`00000400 000000d8`4b9fcd40 00000000`00000000 00000000`00000000 : msedge!argon2_encodedlen+0x50edc4
000000d8`4b9fc6f0 00007ffd`34f17802 : 00000000`00000000 00000000`00000000 000000d8`4b9fd230 00006dd8`0c3db840 : msedge!CreateTestWebClientProxy+0x29d914
000000d8`4b9fd0e0 00007ffd`351f1310 : 000000d8`4b9fd170 000000d8`4b9fd138 aaaaaaaa`00000000 aaaaaaaa`aaaaaa00 : msedge!CreateSmartScreenClient+0x20c572
000000d8`4b9fd120 00007ffd`351f1172 : 00000000`00000000 00007ffd`351f1123 00000000`00000001 00000000`00000001 : msedge!RelaunchChromeBrowserWithNewCommandLineIfNeeded+0x23e560
000000d8`4b9fd300 00007ffd`3508b1aa : 00000000`00000000 00000000`00000000 00004d0c`d3f229bd 00000000`00000000 : msedge!RelaunchChromeBrowserWithNewCommandLineIfNeeded+0x23e3c2
000000d8`4b9fd350 00007ffd`3508af63 : 00006dd8`1475bae0 00006dd8`082a5a00 fffffffc`00000000 fffffffc`00000000 : msedge!RelaunchChromeBrowserWithNewCommandLineIfNeeded+0xd83fa
000000d8`4b9fd3e0 00007ffd`350b4538 : 00000000`00000001 00000000`0000e95b 00006dd8`1475bae8 00000000`00000070 : msedge!RelaunchChromeBrowserWithNewCommandLineIfNeeded+0xd81b3
000000d8`4b9fd450 00007ffd`34f9e3f3 : 00000000`00000000 00000000`00000018 00006dd8`13e188f0 00000000`00000000 : msedge!RelaunchChromeBrowserWithNewCommandLineIfNeeded+0x101788
000000d8`4b9fd4c0 00007ffd`34f9e355 : 00007ffd`40eceeb0 00000000`00000020 00007ffd`32eb9430 00007ffd`327f0db8 : msedge!CreateSmartScreenClient+0x293163
000000d8`4b9fd520 00007ffd`34f9e2c1 : 00006dd8`13e188f0 00006dd8`14933e10 00000000`00000000 00007ffd`35756f8f : msedge!CreateSmartScreenClient+0x2930c5
000000d8`4b9fd580 00007ffd`398700e6 : 00000000`00000000 00004d0c`d3f22e9d aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa : msedge!CreateSmartScreenClient+0x293031
000000d8`4b9fd5d0 00007ffd`3986fd7d : 00000040`000003e0 aaaaaaaa`aaaaaa00 00000000`00000000 00000570`00000a00 : msedge!CrashForExceptionInNonABICompliantCodeRange+0x28f6b86
000000d8`4b9fd660 00007ffd`398994f3 : 000000d8`4b9fd778 00000000`00000000 00000570`00000a00 00004d0c`d3f22dad : msedge!CrashForExceptionInNonABICompliantCodeRange+0x28f681d
000000d8`4b9fd740 00007ffd`398632e7 : 00006dd8`08924ff0 000000d8`4b9fd950 aaaaaaaa`aaaaaa00 00007ffd`348687f2 : msedge!CrashForExceptionInNonABICompliantCodeRange+0x291ff93
000000d8`4b9fd780 00007ffd`3486869b : 000000d8`4b9fd950 000000d8`4b9fda50 000000d8`4b9fd838 00007ffd`349e824c : msedge!CrashForExceptionInNonABICompliantCodeRange+0x28e9d87
000000d8`4b9fd7f0 00007ffd`349e8381 : 00004d0c`d3f2229d 00006dd8`14933e78 00000000`00000000 000000d8`4b9fd938 : msedge!IsSandboxedProcess+0x2839aab
000000d8`4b9fd840 00007ffd`349e8029 : 00000016`0000034f 4453c000`00000000 aaaaaa01`41b00000 aaaaaaaa`aaaaaa00 : msedge!IsSandboxedProcess+0x29b9791
000000d8`4b9fd890 00007ffd`349e7d99 : ffffffff`44780000 ffffffff`ffffffff ffffffff`ffffffff ffffffff`ffffffff : msedge!IsSandboxedProcess+0x29b9439
000000d8`4b9fd910 00007ffd`349e7c47 : 000000d8`4b9fda50 000000d8`4b9fe258 00006dd8`14933e10 00006dd8`1406c000 : msedge!IsSandboxedProcess+0x29b91a9
000000d8`4b9fd9b0 00007ffd`3a808faa : 42800000`44780000 42800000`44780000 000000d8`4b9fda68 00000002`00000030 : msedge!IsSandboxedProcess+0x29b9057
000000d8`4b9fda20 00007ffd`398609fd : 00006dd8`0f0560b0 00007ffd`3478afff 00006dd8`0b50a840 00007ffd`39859f6c : msedge!CreateTestWebClientProxy+0x44145a
000000d8`4b9fdba0 00007ffd`3486869b : 000000d8`4b9fdd80 000000d8`4b9fe180 000000d8`4b9fdc68 00007ffd`349e824c : msedge!CrashForExceptionInNonABICompliantCodeRange+0x28e749d
000000d8`4b9fdc20 00007ffd`349e8381 : 00004d0c`d3f226cd 00006dd8`037f2f98 00000000`00000000 000000d8`4b9fdd68 : msedge!IsSandboxedProcess+0x2839aab
000000d8`4b9fdc70 00007ffd`349e8029 : 00004d0c`d3f226fd 00006dd8`067004c0 00006dd8`037f2f40 000000d8`4b9fdd70 : msedge!IsSandboxedProcess+0x29b9791
000000d8`4b9fdcc0 00007ffd`349e7d99 : 000000d8`4b9fe180 00007ffd`3488c9c2 00006dd8`037f5a00 00007ffd`3493b9f0 : msedge!IsSandboxedProcess+0x29b9439
000000d8`4b9fdd40 00007ffd`349e7c47 : ffffffff`ffffffff 00006dd8`14024bc0 000000d8`4b9fe180 00006dd8`037f5a00 : msedge!IsSandboxedProcess+0x29b91a9
000000d8`4b9fdde0 00007ffd`349e79bb : 00000000`000001eb 00007ffd`336c23a9 aaaaaaaa`aaaaaaaa d9852248`d9ae3e8b : msedge!IsSandboxedProcess+0x29b9057
000000d8`4b9fde50 00007ffd`349e77fc : 000000d8`4b9fdfd0 00007ffd`336c230d 00000000`00000000 7fffffff`ffffffff : msedge!IsSandboxedProcess+0x29b8dcb
000000d8`4b9fdef0 00007ffd`34da359c : 00007ffd`3fda099f 00000000`00000027 000000d8`4b9fdf78 00000000`00009939 : msedge!IsSandboxedProcess+0x29b8c0c
000000d8`4b9fdf30 00007ffd`34da3517 : 000000d8`4b9fe180 00007ffd`34a45c56 00000022`1ef3fcf3 00007ffd`34a45eee : msedge!CreateSmartScreenClient+0x9830c
000000d8`4b9fdfa0 00007ffd`34a4559a : 00000000`00000000 000001db`c4a48420 00000000`00000000 00007ffd`df87a6a2 : msedge!CreateSmartScreenClient+0x98287
000000d8`4b9fe020 00007ffd`34bc8345 : 00007ffd`40eceeb0 00000000`00000001 00007ffd`32eb9430 00007ffd`327f0db8 : msedge!IsSandboxedProcess+0x2a169aa
000000d8`4b9fe320 00007ffd`34bc77ca : aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa 000001db`c53e9b20 00007ffd`411427a0 : msedge!IsSandboxedProcess+0x2b99755
000000d8`4b9fe3a0 00007ffd`34775f0d : 00000000`00000000 00007ffd`df2a665a aaaaaaaa`aaaaaaaa aaaaaaaa`aaaaaaaa : msedge!IsSandboxedProcess+0x2b98bda
000000d8`4b9fe450 00007ffd`34775e7f : 40000000`00000000 aaaaaaaa`aaaaaaaa 00005457`2e3e80e3 aaaaaaaa`aaaaaaaa : msedge!IsSandboxedProcess+0x274731d
000000d8`4b9fe4b0 00007ffd`df2989a1 : 00004d0c`d3f21e3d 00002994`00221420 00000000`00000000 00000000`80000022 : msedge!IsSandboxedProcess+0x274728f
000000d8`4b9fe4e0 00007ffd`df298461 : 00000000`00000000 00007ffd`34775e70 00000000`000405e2 000000d8`4b9fe750 : user32!UserCallWinProcCheckWow+0x2d1
000000d8`4b9fe640 00007ffd`35357765 : 000000d8`4b9fe750 00002994`00000000 00000000`00000001 000000d8`4b9fe750 : user32!DispatchMessageWorker+0x1f1
000000d8`4b9fe6c0 00007ffd`35590001 : 000000d8`4b9fe8f0 00007ffd`33b80e57 00006dd8`02225aa0 00007ffd`4105a100 : msedge!RelaunchChromeBrowserWithNewCommandLineIfNeeded+0x3a49b5
000000d8`4b9fe860 00007ffd`33b80c28 : 00000000`00000000 00002994`002781e0 00000000`00000000 000001db`c4a1cb48 : msedge!RelaunchChromeBrowserWithNewCommandLineIfNeeded+0x5dd251
000000d8`4b9fe8d0 00007ffd`33901555 : 00002994`002781e0 000000d8`4b9feba0 000000d8`4b9feb88 000000d8`4b9fea48 : msedge!IsSandboxedProcess+0x1b52038
000000d8`4b9fe950 00007ffd`34661314 : aaaaaaaa`aaaaaa00 aaaaaaaa`aaaaaa00 aaaaaaaa`aaaaaa00 00000000`00000000 : msedge!IsSandboxedProcess+0x18d2965
000000d8`4b9fea00 00007ffd`31b8f07a : 000000d8`4b9fea87 00007ffd`33430000 01000000`00000000 000000d8`4b9feba0 : msedge!IsSandboxedProcess+0x2632724
000000d8`4b9fea70 00007ffd`31b8e06d : 000000d8`4b9fecb0 00002994`002781e0 aaaaaaaa`aaaaaaaa 000000d8`4b9fec30 : msedge!ChromeMain+0x1249a
000000d8`4b9feb20 00007ffd`31b8d599 : 00000000`00000004 00007ffd`3210820e 00000000`00000000 00004d0c`d3f213ad : msedge!ChromeMain+0x1148d
000000d8`4b9fec70 00007ffd`31b7e839 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : msedge!ChromeMain+0x109b9
000000d8`4b9fede0 00007ffd`31b7e099 : 00000000`00000000 00004d0c`d3f215ad aaaaaa01`00000004 00007ffd`31c66918 : msedge!ChromeMain+0x1c59
000000d8`4b9fef50 00007ffd`31b7d541 : 00002994`002582d0 00007ffd`31b859b9 000000d8`4b9ff210 00002994`002781e0 : msedge!ChromeMain+0x14b9
000000d8`4b9ff1b0 00007ffd`31b7cea9 : 00007ff6`190e0000 000000d8`4b9ff5d0 000075dc`0024c190 000000d8`4b9ff410 : msedge!ChromeMain+0x961
000000d8`4b9ff240 00007ff6`19126831 : 00007ff6`193939d0 00007ffd`31b7cbe0 00000000`00000201 000075dc`002741b0 : msedge!ChromeMain+0x2c9
000000d8`4b9ff570 00007ff6`1912447d : 00000000`ffffff00 00007ff6`19160110 00000000`ffffff01 00007ff6`190e0000 : msedge_exe!MainDllLoader::Launch+0x373
000000d8`4b9ff800 00007ff6`192091a2 : 00007ff6`193670a0 00007ff6`19209219 00000000`00000000 00000000`00000000 : msedge_exe!wWinMain+0x40d
000000d8`4b9ffd30 00007ffd`df15257d : 00000000`00000000 00000000`00000000 00000000`00000800 80000000`00000800 : msedge_exe!__scrt_common_main_seh+0x106
000000d8`4b9ffd70 00007ffd`e024af28 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : kernel32!BaseThreadInitThunk+0x1d
000000d8`4b9ffda0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!RtlUserThreadStart+0x28
STACK_COMMAND: ~0s ; .cxr ; kb
SYMBOL_NAME: win32u!NtUserGetClipboardData+14
MODULE_NAME: win32u
IMAGE_NAME: win32u.dll
FAILURE_BUCKET_ID: APPLICATION_HANG_cfffffff_win32u.dll!NtUserGetClipboardData
OS_VERSION: 10.0.22621.1
BUILDLAB_STR: ni_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
IMAGE_VERSION: 6.2.22621.3880
FAILURE_ID_HASH: {eab0f5e2-9d73-1b5f-dce1-511d65e146c8}
Followup: MachineOwner
---------
根据!分析器输出,挂起线程为
615cGetClipboardData该函数仅接受一个
UINT如果我们
uf0:000> uf win32u!NtUserGetClipboardData+0x14
win32u!NtUserGetClipboardData:
00007ffd`dd9f3160 4c8bd1 mov r10,rcx
00007ffd`dd9f3163 b8e6100000 mov eax,10E6h
00007ffd`dd9f3168 f604250803fe7f01 test byte ptr [SharedUserData+0x308 (00000000`7ffe0308)],1
00007ffd`dd9f3170 7503 jne win32u!NtUserGetClipboardData+0x15 (00007ffd`dd9f3175) Branch
win32u!NtUserGetClipboardData+0x12:
00007ffd`dd9f3172 0f05 syscall
00007ffd`dd9f3174 c3 ret
win32u!NtUserGetClipboardData+0x15:
00007ffd`dd9f3175 cd2e int 2Eh
00007ffd`dd9f3177 c3 ret
我想我可以共享数据结构
dt KUSER_SHARED_DATA 00000000 7ffe0308我跑了
!locks!critsec几个问题:
00007ffd 4105a100GetClipboardData() 函数中的死锁并不一定表明挂起的应用程序存在问题。相反,完全不同的应用程序可能会挂起。
演示:使用以下代码在 Visual Studio 中创建 Windows 桌面应用程序。运行后,使用文本编辑器并按 Ctrl+V 从剪贴板插入“某些内容”。文本编辑器将挂起一分钟。就我而言(Notepad++)它挂在
User32!GetClipboardData+5e#include <windows.h>
#include <thread>
#include <chrono>
void RenderClipboardData(HWND hwnd) {
// Simulate deadlock. 10 seconds should be enough for displaying the "not responding" indicator
std::this_thread::sleep_for(std::chrono::minutes(1));
}
LRESULT CALLBACK WindowProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam) {
switch (uMsg) {
case WM_RENDERFORMAT:
if (wParam == CF_TEXT) {
RenderClipboardData(hwnd);
}
break;
case WM_CREATE:
CreateWindow(
L"STATIC",
L"This application demonstrates delayed clipboard rendering. "
L"When clipboard data is requested, it will cause a delay of 1 minute, "
"so that the receiving app displays a 'not responding' message.",
WS_VISIBLE | WS_CHILD,
10, 10, 600, 100,
hwnd,
nullptr,
reinterpret_cast<LPCREATESTRUCT>(lParam)->hInstance,
nullptr);
if (OpenClipboard(hwnd)) {
EmptyClipboard();
SetClipboardData(CF_TEXT, nullptr); // Delayed rendering
CloseClipboard();
}
break;
case WM_DESTROY:
PostQuitMessage(0);
break;
default:
return DefWindowProc(hwnd, uMsg, wParam, lParam);
}
return 0;
}
int APIENTRY wWinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPWSTR lpCmdLine, int nCmdShow) {
constexpr wchar_t CLASS_NAME[] = L"SampleWindowClass";
WNDCLASS wc = {};
wc.lpfnWndProc = WindowProc;
wc.hInstance = hInstance;
wc.lpszClassName = CLASS_NAME;
RegisterClass(&wc);
HWND hwnd = CreateWindowEx(
0, // Optional window styles.
CLASS_NAME, // Window class
L"Delayed Clipboard Rendering", // Window text
WS_OVERLAPPEDWINDOW, // Window style
// Size and position
CW_USEDEFAULT, CW_USEDEFAULT, 640, 120,
nullptr, // Parent window
nullptr, // Menu
hInstance, // Instance handle
nullptr // Additional application data
);
if (hwnd == nullptr) {
return 0;
}
ShowWindow(hwnd, nCmdShow);
MSG msg = {};
while (GetMessage(&msg, nullptr, 0, 0)) {
TranslateMessage(&msg);
DispatchMessage(&msg);
}
return 0;
}