代码拉取完成,页面将自动刷新
技术分析:wxbot在执行hook和unhook的时候会把其它所有线程suspend掉,有其它线程进入了内存分配并且未退出,重启后,导致执行hook或unhook的线程在进入内存”分配“在等待被suspend的线程完成内存分配
模拟malloc死锁
void domalloc()
{
for (;;) {
void* p = malloc(100);
//std::this_thread::sleep_for(std::chrono::milliseconds(10));
free(p);
}
}
void test()
{
static bool first = true;
if (first) {
std::thread(domalloc).detach();
first = false;
}
int i = 0;
std::time_t msOvertime = 10000;
bool isClean = false;
auto timestamp = wb_process::GetCurrentTimestamp(true);
wb_memory::init_internal_allocator();
wb_process::SuspendAllOtherThread(wb_process::GetCurrentProcessId(), wb_process::GetCurrentThreadId());
for (;;) {
void* p = malloc(100);
free(p);
isClean = i++ > 100;
if (isClean || wb_process::GetCurrentTimestamp(true) - timestamp > msOvertime) {
break;
}
wb_process::ResumeAllThread(wb_process::GetCurrentProcessId());
std::this_thread::sleep_for(std::chrono::milliseconds(100));
wb_process::SuspendAllOtherThread(wb_process::GetCurrentProcessId(), wb_process::GetCurrentThreadId());
}
wb_process::ResumeAllThread(wb_process::GetCurrentProcessId());
wb_memory::deinit_internal_allocator();
}
此处可能存在不合适展示的内容,页面不予展示。您可通过相关编辑功能自查并修改。
如您确认内容无涉及 不当用语 / 纯广告导流 / 暴力 / 低俗色情 / 侵权 / 盗版 / 虚假 / 无价值内容或违法国家有关法律法规的内容,可点击提交进行申诉,我们将尽快为您处理。
尝试加入一个“看门狗”线程,它在执行SuspendAllOtherThread时不被suspend掉并且在看门狗线程routine内也不会调用可能触发死锁的调用,使用者在启动看门狗后,每轮循环需要调用wb_process::TouchSuspendLockWatchDog(),让看门狗更新时间戳,一旦超时那么看门狗会自动给所有线程执行一遍ResumeThread
TEST(wxbox_utils_, thread_suspend_malloc_lock_watch_dog)
{
// begin a loop malloc thread
std::thread([] {
for (;;) {
void* p = malloc(100);
//std::this_thread::sleep_for(std::chrono::milliseconds(10));
free(p);
}
}).detach();
std::time_t msOvertime = 10000;
bool isClean = false;
auto timestamp = wb_process::GetCurrentTimestamp(true);
// 启动看门狗
wb_process::TID watchDogTid = wb_process::StartSuspendLockWatchDog(1000);
wb_memory::init_internal_allocator();
wb_process::SuspendAllOtherThread(wb_process::GetCurrentProcessId(), wb_process::GetCurrentThreadId(), watchDogTid);
for (;;) {
// lock
void* p = malloc(100);
free(p);
// foo
isClean =false && wb_process::HitTestAllOtherThreadCallFrame((void*)0x10000, 0xff00f);
if (isClean || wb_process::GetCurrentTimestamp(true) - timestamp > msOvertime) {
break;
}
wb_process::ResumeAllThread(wb_process::GetCurrentProcessId());
std::this_thread::sleep_for(std::chrono::milliseconds(100));
wb_process::SuspendAllOtherThread(wb_process::GetCurrentProcessId(), wb_process::GetCurrentThreadId(), watchDogTid);
// touch看门狗
wb_process::TouchSuspendLockWatchDog();
}
wb_process::ResumeAllThread(wb_process::GetCurrentProcessId());
wb_memory::deinit_internal_allocator();
// 停止看门狗
spdlog::info("watch catch lock times : {}", wb_process::StopSuspendLockWatchDog());
}
登录 后才可以发表评论