\nOne of the things programmers send to each other when they\nare trying to collaborate on a debugging problem is stack traces.\nUsually something along the lines of\n“My program does X, then Y, then Z, and then it crashes.\nHere is a stack trace.\nCan you tell me what’s wrong?”\n<\/p>\n
\nIt helps if you at least glance at the stack trace before\nyou send it, because there are often signs that the stack\ntrace you’re about to send is completely useless because\nthe symbols are wrong.\nHere’s an example:\n<\/p>\n
\n\nWe are testing our program and it gradually grinds to a halt.\nWhen we connect a debugger, we find that all of our threads,\nno matter what they are doing, eventually wind up\nhung in
kernel32!EnumResourceLanguagesA<\/code>.\nCan someone explain why that function is hanging,\nand why it seems all roads lead to it?\n<\/p>\n\n 0 Id: 12a4.1468 Suspend: 1 Teb: 000006fb`fffdc000 Unfrozen\nkernel32!EnumResourceLanguagesA+0xbea00\nkernel32!EnumResourceLanguagesA+0x2b480\nbogosoft!CObjMarker::RequestBlockForFetch+0xf0\n...\n 1 Id: 12a4.1370 Suspend: 1 Teb: 000006fb`fffda000 Unfrozen\nkernel32!EnumResourceLanguagesA+0xbea00\nkernel32!EnumResourceLanguagesA+0x2b480\nbsnetlib!CSubsystem::CancelMain+0x90\n 2 Id: 12a4.1230 Suspend: 1 Teb: 000006fb`fffd8000 Unfrozen\nNETAPI32!I_NetGetDCList+0x117e0\nkernel32!EnumResourceLanguagesA+0x393a0\nntdll!LdrResFindResource+0x58b20\n...\n 3 Id: 12a4.cc0 Suspend: 1 Teb: 000006fb`fffd6000 Unfrozen\nkernel32!EnumResourceLanguagesA+0xa80\nbsnetlib!BSFAsyncWait+0x190\n...\n 4 Id: 12a4.1208 Suspend: 1 Teb: 000006fb`fffd4000 Unfrozen\nkernel32!EnumResourceLanguagesA+0xbea00\nkernel32!EnumResourceLanguagesA+0x2b480\nbogosoft!TObjList<DistObj>::Get+0xb0\n 5 Id: 12a4.1538 Suspend: 1 Teb: 000006fb`fffae000 Unfrozen\nkernel32!EnumResourceLanguagesA+0xbf3d0\nkernel32!EnumResourceLanguagesA+0x2c800\nbsnetlib!Tcp::ReadSync+0x340\n...\n 6 Id: 12a4.16e0 Suspend: 1 Teb: 000006fb`fffac000 Unfrozen\nntdll!LdrResFindResource+0x61808\nntdll!LdrResFindResource+0x1822a0\nkernel32!EnumResourceLanguagesA+0x393a0\nntdll!LdrResFindResource+0x58b20\n...\n<\/pre>\n<\/blockquote>\n\nThis stack trace looks suspicious for a variety of reasons.\n<\/p>\n
\nFirst of all,\nlook at that offset\n
EnumResourceLanguagesA+0xbea00<\/u><\/code>.\nIt’s unlikely that the\nEnumResourceLanguagesA<\/code>\nfunction (or any other function)\nis over 750KB in size, as this offset suggests.\n<\/p>\n\nSecond, it’s unlikely that the
EnumResourceLanguagesA<\/code>\nfunction (or any other function, aside from obvious cases\nlike tree walking) is recursive.\nAnd it’s certainly unlikely that a huge function will also be\nrecursive.\n<\/p>\n\nThird, it seems unlikely that the
EnumResourceLanguagesA<\/code>\nfunction would call,\nNETAPI32!I_NetGetDCList<\/code>.\nWhat does enumerating resource languages have to do with getting\na DC list?\n<\/p>\n\nFourth, look at those functions that are allegedly\ncallers of
EnumResourceLanguagesA<\/code>:\nbogosoft!CObjMarker::RequestBlockForFetch<\/code>,\nbsnetlib!CSubsystem::CancelMain<\/code>,\nbsnetlib!Tcp::ReadSync<\/code>.\nWhy would any of these functions want to enumerate resource\nlanguages?\n<\/p>\n\nThese symbols are obvious wrong.\nThe huge offsets are present because the debugger has access only\nto exported functions,\nand it’s merely showing you the name of the nearest symbol,\neven though it has nothing to do with the actual function.\nIt’s just using the nearest signpost it can come up with.\nIt’s like if somebody gave you directions to the movie theater like this:\n“Go to city hall downtown and then go north for 35 miles.”\nThis doesn’t mean that the movie theater is in the downtown district\nor that the downtown district is 35 miles long.\nIt’s just that the person who’s giving you directions can’t come\nup with a better landmark than city hall.\n<\/p>\n
\nThis is just another case of the principle that\n\nyou have to know what’s right before you can see what’s wrong<\/a>.\nIf you have no experience with good stack traces,\nyou don’t know how to recognize a bad one.\n<\/p>\n