{"id":2937,"date":"2019-10-15T13:58:04","date_gmt":"2019-10-15T05:58:04","guid":{"rendered":"https:\/\/www.aoisnow.net\/blog\/?p=2937"},"modified":"2019-10-15T13:58:04","modified_gmt":"2019-10-15T05:58:04","slug":"tont-38363-%e4%b8%ba%e4%bb%80%e4%b9%88%e6%9c%89%e4%ba%9b%e8%bf%9b%e7%a8%8b%e5%9c%a8%e8%a2%ab%e4%b8%ad%e6%ad%a2%e5%90%8e%ef%bc%8c%e4%bb%8d%e7%84%b6%e5%9c%a8%e8%bf%9b%e7%a8%8b%e7%ae%a1%e7%90%86%e5%99%a8","status":"publish","type":"post","link":"https:\/\/www.aoisnow.net\/blog\/archives\/2937","title":{"rendered":"TONT 38363 \u4e3a\u4ec0\u4e48\u6709\u4e9b\u8fdb\u7a0b\u5728\u88ab\u4e2d\u6b62\u540e\uff0c\u4ecd\u7136\u5728\u8fdb\u7a0b\u7ba1\u7406\u5668\u4e2d\u663e\u793a\u7740\uff1f"},"content":{"rendered":"<p>\u539f\u6587\u94fe\u63a5\uff1a<a href=\"https:\/\/devblogs.microsoft.com\/oldnewthing\/20040723-00\/?p=38363\" target=\"_blank\" rel=\"noopener\">https:\/\/devblogs.microsoft.com\/oldnewthing\/20040723-00\/?p=38363<\/a><\/p>\n<p>When a process ends (either of natural causes or due to something harsher like <a href=\"http:\/\/msdn.microsoft.com\/library\/en-us\/dllproc\/base\/terminateprocess.asp\" target=\"_blank\" rel=\"noopener\">TerminateProcess<\/a>), the user-mode part of the process is thrown away. But the kernel-mode part can\u2019t go away until all drivers are finished with the thread, too.<\/p>\n<p>\u5f53\u4e00\u4e2a\u8fdb\u7a0b\u88ab\u4e2d\u6b62\u65f6\uff08\u4e0d\u8bba\u662f\u901a\u8fc7\u6bd4\u8f83\u81ea\u7136\u7684\u65b9\u5f0f\uff0c\u8fd8\u662f\u6bd4\u8f83\u4e25\u5389\u7684\u5982 <a href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/win32\/api\/processthreadsapi\/nf-processthreadsapi-terminateprocess?redirectedfrom=MSDN\" target=\"_blank\" rel=\"noopener\">TerminateProcess<\/a>\uff08\u8bd1\u6ce8\uff1a\u539f\u6587\u94fe\u63a5\u5df2\u5931\u6548\uff0c\u6b64\u5904\u4e3aMSDN\u4e0a\u5bf9\u5e94\u7684\u6587\u7ae0\u76ee\u524d\u53ef\u7528\u7684\u94fe\u63a5\uff09 \u7684\u65b9\u5f0f\uff09\uff0c\u5176\u7528\u6237\u6a21\u5f0f\u4e0b\u7684\u90e8\u5206\u5c31\u88ab\u629b\u5f03\u4e86\uff0c\u4e0d\u8fc7\u5176\u5185\u6838\u90e8\u5206\u5728\u7ebf\u7a0b\u4e2d\u7684\u6240\u6709\u9a71\u52a8\u7ed3\u675f\u64cd\u4f5c\u524d\uff0c\u662f\u65e0\u6cd5\u88ab\u79fb\u9664\u7684\u3002<\/p>\n<p>For example, if a thread was in the middle of an I\/O operation, the kernel signals to the driver responsible for the I\/O that the operation should be cancelled. If the driver is well-behaved, it cleans up the bookkeeping for the incomplete I\/O and releases the thread.<\/p>\n<p>\u4f8b\u5982\uff0c\u5982\u679c\u67d0\u4e2a\u7ebf\u7a0b\u6b63\u5904\u5728\u4e00\u4e2a I\/O \u64cd\u4f5c\u4e2d\uff0c\u5185\u6838\u5c06\u901a\u77e5\u8be5 I\/O \u64cd\u4f5c\u5bf9\u5e94\u7684\u9a71\u52a8\u53d6\u6d88\u8be5\u64cd\u4f5c\u3002\u5018\u82e5\u8fd9\u4e2a\u9a71\u52a8\u8fd0\u4f5c\u6b63\u5e38\u7684\u8bdd\uff0c\u5c31\u5e94\u5f53\u5bf9\u8fd9\u4e2a\u672a\u5b8c\u6210\u7684 I\/O \u64cd\u4f5c\u8fdb\u884c\u6e05\u7406\uff0c\u5e76\u6700\u7ec8\u91ca\u653e\u5bf9\u5e94\u7684\u7ebf\u7a0b\u3002<\/p>\n<p>If the driver is not as well-behaved (or if the hardware that the driver is managing is acting up), it may take a long time for it to clean up the incomplete I\/O. During that time, the driver holds that thread (and therefore the process that the thread belongs to) hostage.<\/p>\n<p>\u4f46\u5982\u679c\u9a71\u52a8\u8fd0\u4f5c\u4e0d\u6b63\u5e38\uff08\u6216\u5176\u6240\u7ba1\u8f96\u7684\u786c\u4ef6\u51fa\u73b0\u4e86\u95ee\u9898\uff09\uff0c\u53ef\u80fd\u5c31\u9700\u8981\u6bd4\u8f83\u957f\u7684\u65f6\u95f4\u6765\u6e05\u7406\u8fd9\u4e2a\u672a\u5b8c\u6210\u7684 I\/O \u64cd\u4f5c\u3002\u5728\u6b64\u671f\u95f4\uff0c\u8be5\u9a71\u52a8\u5c06\u6301\u7eed\u4fdd\u6709\u76f8\u5e94\u7684\u7ebf\u7a0b\uff08\u8be5\u7ebf\u7a0b\u6240\u5c5e\u7684\u8fdb\u7a0b\u4ea6\u7136\uff09\u3002<\/p>\n<p>(This is a simplification of what actually goes on. <a href=\"http:\/\/weblogs.asp.net\/oldnewthing\/archive\/2004\/07\/22\/191123.aspx#191459\" target=\"_blank\" rel=\"noopener\">Commenter Skywing gave a more precise explanation, for those who like more precise explanations.<\/a>)<\/p>\n<p>\uff08\u8fd9\u662f\u5bf9\u7c7b\u4f3c\u4e8b\u60c5\u53d1\u751f\u65f6\u7684\u60c5\u51b5\u7684\u4e00\u4e2a\u7b80\u5316\u63cf\u8ff0\uff0c\u8bbf\u5ba2 Skywing \u64b0\u5199\u4e86\u4e00\u4efd\u66f4\u52a0\u51c6\u786e\u7684\u63cf\u8ff0\uff08\u8bd1\u6ce8\uff1a\u94fe\u63a5\u5df2\u5931\u6548\uff0c\u6211\u4eec\u6c38\u8fdc\u90fd\u65e0\u6cd5\u518d\u77e5\u9053\u90a3\u5929dalao\u8bf4\u4e86\u4e9b\u4ec0\u4e48\u4e86\uff09\uff0c\u559c\u6b22\u7ec6\u8282\u63cf\u8ff0\u7684\u4eba\u53ef\u4ee5\u53bb\u770b\u770b\u3002\uff09<\/p>\n<p>If you think your problem is a wedged driver, you can drop into the kernel debugger, find the process that is stuck and look at its threads to see why they aren\u2019t exiting. You can use the !irp debugger command to view any pending IRPs to see what device is not completing.<\/p>\n<p>\u5982\u679c\u4f60\u8ba4\u4e3a\u95ee\u9898\u51fa\u5728\u67d0\u4e2a\u52a0\u6954\u800c\u5165\u7684\u9a71\u52a8\u4e0a\uff0c\u4f60\u53ef\u4ee5\u6253\u5f00\u5185\u6838\u8c03\u8bd5\u5668\uff0c\u627e\u5230\u90a3\u4e2a\uff08\u5173\u4e0d\u6389\u7684\uff09\u8fdb\u7a0b\uff0c\u68c0\u89c6\u5176\u7ebf\u7a0b\u5217\u8868\u6765\u5224\u65ad\u4e3a\u4ec0\u4e48\u5b83\u4e0d\u80af\u9000\u51fa\uff0c\u4e5f\u53ef\u4ee5\u5728\u8c03\u8bd5\u5668\u4e2d\u4f7f\u7528 !irp \u547d\u4ee4\u6765\u89c2\u5bdf\u5904\u4e8e\u7b49\u5f85\u72b6\u6001\u4e0b\u7684 IRP\uff08\u8bd1\u6ce8\uff1aI\/O Request Package\uff0cI\/O \u8bf7\u6c42\u5305\uff09\uff0c\u5e76\u7531\u6b64\u5224\u65ad\u662f\u54ea\u4e2a\u8bbe\u5907\u6ca1\u6709\u5b8c\u6210\u5176\u64cd\u4f5c\u3002<\/p>\n<p>After all the drivers have acknowledged the death of the process, the \u201cmeat\u201d of the process finally goes away. All that remains is the \u201cprocess object\u201d, which lingers until all handles to the process and all the threads in the process have been closed. (You did remember to <a href=\"http:\/\/msdn.microsoft.com\/library\/en-us\/sysinfo\/base\/closehandle.asp\" target=\"_blank\" rel=\"noopener\">CloseHandle<\/a> the handles returned in the <a href=\"http:\/\/msdn.microsoft.com\/library\/en-us\/dllproc\/base\/process_information_str.asp\" target=\"_blank\" rel=\"noopener\">PROCESS_INFORMATION<\/a> structure that you passed to the <a href=\"http:\/\/msdn.microsoft.com\/library\/en-us\/dllproc\/base\/createprocess.asp\" target=\"_blank\" rel=\"noopener\">CreateProcess function<\/a>, didn\u2019t you?)<\/p>\n<p>\u5f53\u6240\u6709\u7684\u9a71\u52a8\u5f97\u77e5\u67d0\u8fdb\u7a0b\u88ab\u4e2d\u6b62\u7684\u60c5\u51b5\u540e\uff0c\u8be5\u8fdb\u7a0b\u7684\u300e\u8089\u4f53\u300f\u624d\u7ec8\u4e8e\u6d88\u5931\uff0c\u800c\u5269\u4e0b\u7684\u53ea\u662f\u4e00\u4e2a\u300e\u8fdb\u7a0b\u5bf9\u8c61\u300f\u7ee7\u7eed\u7b49\u5f85\u7740\uff0c\u76f4\u5230\u6240\u6709\u9762\u5411\u8be5\u8fdb\u7a0b\u7684\u53e5\u67c4\u53ca\u8fdb\u7a0b\u7684\u6240\u6709\u7ebf\u7a0b\u90fd\u5173\u95ed\u4f4d\u7f6e\u3002\uff08\u4f60\u5e94\u8be5\u6709\u8bb0\u5f97\u628a\u5728\u8c03\u7528 <a href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/win32\/api\/processthreadsapi\/nf-processthreadsapi-createprocessw\" target=\"_blank\" rel=\"noopener\">CreateProcess<\/a> \u65f6\u5728 <a href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/win32\/api\/processthreadsapi\/ns-processthreadsapi-process_information\" target=\"_blank\" rel=\"noopener\">PROCESS_INFORMATION<\/a> \u7ed3\u6784\u4e2d\u8fd4\u56de\u7684\u53e5\u67c4\u4eec\u7528 <a href=\"https:\/\/docs.microsoft.com\/en-us\/windows\/win32\/api\/handleapi\/nf-handleapi-closehandle\" target=\"_blank\" rel=\"noopener\">CloseHandle<\/a> \u90fd\u5173\u6389\u6765\u7740\uff08\u8bd1\u6ce8\uff1a\u539f\u6587\u94fe\u63a5\u5df2\u5931\u6548\uff0c\u6b64\u5904\u4e3a\u76ee\u524dMSDN\u4e0a\u7684\u65b0\u94fe\u63a5\uff09\uff0c\u6ca1\u9519\u5427\uff1f\uff09<\/p>\n<p>In other words, if a process hangs around after you\u2019ve terminated it, it\u2019s really dead, but its remnants will remain in the system until all drivers have cleaned up their process bookkeeping, and all open handles to the process have been closed.<\/p>\n<p>\u6362\u53e5\u8bdd\u8bf4\uff0c\u5982\u679c\u67d0\u4e2a\u8fdb\u7a0b\u5728\u88ab\u4e2d\u6b62\u540e\u4ecd\u7136\u6302\u5728\u90a3\u91cc\uff0c\u5b9e\u9645\u4e0a\u8fd9\u4e2a\u8fdb\u7a0b\u7684\u786e\u5df2\u7ecf\u88ab\u4e2d\u6b62\u4e86\uff0c\u53ea\u662f\u8fd8\u6709\u70b9\u5c0f\u300e\u6b8b\u4f59\u300f\u7559\u5728\u4e86\u7cfb\u7edf\u4e2d\uff0c\u76f4\u5230\u6240\u6709\u76f8\u5173\u7684\u9a71\u52a8\u5b8c\u6210\u4e86\u9488\u5bf9\u8fd9\u4e2a\u8fdb\u7a0b\u7684\u6e05\u7406\u5de5\u4f5c\uff0c\u4ee5\u53ca\u6240\u6709\u7531\u8be5\u8fdb\u7a0b\u6253\u5f00\u7684\u53e5\u67c4\u88ab\u5173\u95ed\u4e3a\u6b62\u3002<\/p>\n","protected":false},"excerpt":{"rendered":"<p>\u539f\u6587\u94fe\u63a5\uff1ahttps:\/\/devblogs.microsoft.com\/oldnewthing\/2004072 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[],"class_list":["post-2937","post","type-post","status-publish","format-standard","hentry","category-tont_history"],"_links":{"self":[{"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/posts\/2937","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/comments?post=2937"}],"version-history":[{"count":0,"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/posts\/2937\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/media?parent=2937"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/categories?post=2937"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.aoisnow.net\/blog\/wp-json\/wp\/v2\/tags?post=2937"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}