Windbg 线程状态笔记

时间:2023-03-09 04:02:45
Windbg 线程状态笔记

  1、ntdll!ZwWaitForSingleObject

  线程被挂起,如果下面跟着是这样子:

RetAddr           : Args to Child                                                           : Call Site

`7766e518 : `ffffffff ` ` `1019d8e0 : ntdll!ZwWaitForSingleObject+0xa

`7766e40b : 000007fe` `09e7f300 ` 000007fe`f1a3d4e8 : ntdll!RtlpWaitOnCriticalSection+0xe8

000007fe`f140f174 : `0a0ab120 `0000000a 000007fe`f1a3d4e8 `0a0ab120 : ntdll!RtlEnterCriticalSection+0xd1

000007fe`f1821433 : ` `0a0ab120 ffffffff`fffffffe `09e7f300 : mscorwks!UnsafeEEEnterCriticalSection+0x20

000007fe`f128563b : 000007fe`f1a3d4e8 000007fe`f12a7266 000007fe`e7fafc23 `09e7f300 : mscorwks!CrstBase::Enter+0x123

000007fe`f1299f5a : ` `09e7f300 ` `09e7f300 : mscorwks!UnManagedPerAppDomainTPCount::DispatchWorkItem+0x1bb

000007fe`f124b3ac : ` ` `0ae0fbc0 ` : mscorwks!ThreadpoolMgr::WorkerThreadStart+0x1ba

`7751652d : ` ` ` ` : mscorwks!Thread::intermediateThreadProc+0x78

`7764c541 : ` ` ` ` : kernel32!BaseThreadInitThunk+0xd

` : ` ` ` ` : ntdll!RtlUserThreadStart+0x1d

  那么线程是在等待进入临界区,有可能是死锁引起的。

  如果下面跟着是这个样子:

RetAddr           : Args to Child                                                           : Call Site

000007fe`fd6d10dc : `09e7e7c8 `0b93384f ` ` : ntdll!ZwWaitForSingleObject+0xa

000007fe`f128d0e0 : `ffffffff `ffffffff ` ` : KERNELBASE!WaitForSingleObjectEx+0x79

000007fe`f128d1e3 : ` `09e7e760 ` `ffffffff : mscorwks!MethodTableBuilder::MethodSignature::GetMethodAttributes+0xa8

000007fe`f13c3cc1 : ` ` ` `0b8f87c1 : mscorwks!CLREvent::WaitEx+0x63

000007fe`f1820de1 : `0efe4a78 ` `1044ef60 `0a1dc670 : mscorwks!SVR::GCHeap::WaitUntilGCComplete+0x31

  那说明此线程在等待GC释放,极有可能是内出了问题导致GC如此猛烈。

  如果跟的是

:> ~* kb

...

    Id: 7558.6914 Suspend:  Teb: 000007ff`ffe56000 Unfrozen

RetAddr           : Args to Child                                                           : Call Site

000007fe`fd6d10dc : `2f3cfe10 `5faa1eb0 ` 000007fe`fd6d64da : ntdll!ZwWaitForSingleObject+0xa

000007fe`f128d0e0 : `ffffffff `ffffffff ` ` : KERNELBASE!WaitForSingleObjectEx+0x79

000007fe`f128d1e3 : ` `09e7e190 ` `ffffffff : mscorwks!MethodTableBuilder::MethodSignature::GetMethodAttributes+0xa8

000007fe`f138e250 : `0b65c640 000007fe`f138e289 0000739d` ` : mscorwks!CLREvent::WaitEx+0x63

000007fe`f15a9596 : ` 000007fe`f129b6cb ffffffff`fffffffe 000007fe`f1286920 : mscorwks!SVR::gc_heap::wait_for_gc_done+0x80

000007fe`f17339cc : ` 000007fe`f129b6ef `1ff9e250 ` : mscorwks!SVR::GCHeap::GarbageCollectGeneration+0x206

000007fe`f13996a2 : ` `0b65c810 ` 000007fe` : mscorwks!SVR::gc_heap::try_allocate_more_space+0x1ac

000007fe`f136ecef : ` ` ` ` : mscorwks!SVR::gc_heap::allocate_more_space+0x32

000007fe`f12d7278 : ` ` `09e7e1f8 000007fe`f12d71b1 : mscorwks!SVR::gc_heap::allocate_large_object+0x5f

000007fe`f12d758e : `010b25e0 `838d92c8 `0006492c `0003248a : mscorwks!SVR::GCHeap::Alloc+0x198

000007fe`f17b9433 : `7f8ce378 `09e7e190 `0b65c9a8 `09e7e190 : mscorwks!SlowAllocateString+0x7e

000007fe`f051beec : ` ` ` ` : mscorwks!FramedAllocateString+0xd3

000007ff`00cf0313 : `5f3ecd98 `1ff9e098 ` ` : mscorlib_ni+0x2ebeec

000007ff`012b0ac5 : `5f3ecd98 `5f418988 `ff350370 `4f89cd50 : 0x7ff`00cf0313

  那么就是触发GC操作。

相关文章