After loading up Word today, I noticed it would become hung each time I went to the Insert tab. I was able to reproduce the behavior after killing the process and starting it up again. To troubleshoot, I started by going to the Windows 7 Task Manager, right-clicking, and selecting Create Dump File from the context menu:
The dump is written to C:\Users\username\AppData\Local\Temp:
I opened it from here with WinDbg from the Windows Debugging Tools and ran !analyze –v –hang and dumped all the threds with ~*k. The output wasn’t what I expected, however:
Dl Eid Cid WaitType
— — ——- ————————–
0 102c.1c74 UnknownWAIT_CHAIN_COMMAND: ~0s;k;;
BLOCKING_THREAD: 0000000000001c74
PRIMARY_PROBLEM_CLASS: APPLICATION_HANG
LAST_CONTROL_TRANSFER: from 0000000074e7ac9e to 0000000074e9fc3a
STACK_TEXT:
00000000`0027dca8 00000000`74e7ac9e : 00000000`0027e6f8 00000000`00000000 00000000`00000000 00000000`0042d4c4 : wow64win!ZwUserMessageCall+0xa
00000000`0027dcb0 00000000`74e91817 : 00000000`74ec88d2 00000000`00ae42d0 fffffa80`0000003d 00000000`74ed5c85 : wow64win!whNT32NtUserMessageCallCB+0x32
00000000`0027dd00 00000000`74e925bb : 00000000`7ffeffff 00000000`74e754b0 00000000`74e74e48 00000000`00000087 : wow64win!Wow64MsgFncWM_GETDLGCODE+0x33
00000000`0027dd90 00000000`74e7adda : 00000000`000002b1 00000000`0042d57c 00000000`00000087 00000000`00000000 : wow64win!Wow64DoMessageThunk+0x8b
00000000`0027ddd0 00000000`74eccf87 : 00000000`0042d544 00000000`7efdb000 00000000`7efdd000 00000000`74e7acac : wow64win!whNtUserMessageCall+0x12e
00000000`0027de70 00000000`74e52776 : 00000000`764172b9 00000000`74ec0023 00000000`00000246 00000000`0042d5c0 : wow64!Wow64SystemServiceEx+0xd7
00000000`0027e730 00000000`74ecd07e : 00000000`00000000 00000000`74e51920 00000000`0027e9c0 00000000`779decd1 : wow64cpu!TurboDispatchJumpAddressEnd+0x2d
00000000`0027e7f0 00000000`74ecc549 : 00000000`00000000 00000000`00000000 00000000`74ec4ac8 00000000`7ffe0030 : wow64!RunCpuSimulation+0xa
00000000`0027e840 00000000`779f4956 : 00000000`00163c30 00000000`00000000 00000000`77ae2670 00000000`77ab5978 : wow64!Wow64LdrpInitialize+0x429
00000000`0027ed90 00000000`779f1a17 : 00000000`00000000 00000000`779f4061 00000000`0027f340 00000000`00000000 : ntdll!LdrpInitializeProcess+0x17e4
00000000`0027f280 00000000`779dc32e : 00000000`0027f340 00000000`00000000 00000000`7efdf000 00000000`00000000 : ntdll! ?? ::FNODOBFM::`string’+0x29220
00000000`0027f2f0 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : ntdll!LdrInitializeThunk+0xe
FOLLOWUP_IP:
wow64win!ZwUserMessageCall+a
00000000`74e9fc3a c3 ret
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: wow64win!ZwUserMessageCall+a
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: wow64win
IMAGE_NAME: wow64win.dll
DEBUG_FLR_IMAGE_TIMESTAMP: 4ce7caa0
STACK_COMMAND: ~0s ; kb
BUCKET_ID: X64_HANG_wow64win!ZwUserMessageCall+a
FAILURE_BUCKET_ID: APPLICATION_HANG_cfffffff_wow64win.dll!ZwUserMessageCall
WATSON_STAGEONE_URL: http://watson.microsoft.com/00000000.htm?Retriage=1
Followup: MachineOwner
———
0:000> ~*k
. 0 Id: 102c.1c74 Suspend: 0 Teb: 00000000`7efdb000 Unfrozen
Child-SP RetAddr Call Site
00000000`0027dca8 00000000`74e7ac9e wow64win!ZwUserMessageCall+0xa
00000000`0027dcb0 00000000`74e91817 wow64win!whNT32NtUserMessageCallCB+0x32
00000000`0027dd00 00000000`74e925bb wow64win!Wow64MsgFncWM_GETDLGCODE+0x33
00000000`0027dd90 00000000`74e7adda wow64win!Wow64DoMessageThunk+0x8b
00000000`0027ddd0 00000000`74eccf87 wow64win!whNtUserMessageCall+0x12e
00000000`0027de70 00000000`74e52776 wow64!Wow64SystemServiceEx+0xd7
00000000`0027e730 00000000`74ecd07e wow64cpu!TurboDispatchJumpAddressEnd+0x2d
00000000`0027e7f0 00000000`74ecc549 wow64!RunCpuSimulation+0xa
00000000`0027e840 00000000`779f4956 wow64!Wow64LdrpInitialize+0x429
00000000`0027ed90 00000000`779f1a17 ntdll!LdrpInitializeProcess+0x17e4
00000000`0027f280 00000000`779dc32e ntdll! ?? ::FNODOBFM::`string’+0x29220
00000000`0027f2f0 00000000`00000000 ntdll!LdrInitializeThunk+0xe
1 Id: 102c.1328 Suspend: 0 Teb: 00000000`7efd5000 Unfrozen
Child-SP RetAddr Call Site
00000000`08ddebd8 00000000`74e5283e wow64cpu!CpupSyscallStub+0x9
00000000`08ddebe0 00000000`74ecd07e wow64cpu!WaitForMultipleObjects32+0x3b
00000000`08ddeca0 00000000`74ecc549 wow64!RunCpuSimulation+0xa
00000000`08ddecf0 00000000`77a2e707 wow64!Wow64LdrpInitialize+0x429
00000000`08ddf240 00000000`779dc32e ntdll! ?? ::FNODOBFM::`string’+0x29364
00000000`08ddf2b0 00000000`00000000 ntdll!LdrInitializeThunk+0xe |
Ack! I am running the 32 bit version of Office, but this is a 64 bit dump. I need the 32 bit stacks to make more sense of hang. However, I don’t need to install and run the 32 bit version of WinDbg. Instead, I can just load the wow64 extensions so I can see the 32 bit stacks. I also need to change the processor mode to x86. The two commands are:
.load wow64exts
.effmach x86
Now I have something more meaningful to look at:
Dl Eid Cid WaitType
— — ——- ————————–
0 18d8.1bb8 SendMessageWAIT_CHAIN_COMMAND: ~0s;k;;
BLOCKING_THREAD: 0000000000001bb8
DEFAULT_BUCKET_ID: APPLICATION_HANG_BlockedIn_SendMessage
PRIMARY_PROBLEM_CLASS: APPLICATION_HANG_BlockedIn_SendMessage
PRIMARY_PROBLEM_CLASS_DATA: HWND: 0xbbaac0
LAST_CONTROL_TRANSFER: from 0000000076422161 to 00000000764172b9
STACK_TEXT:
003ed50c 76422161 00781512 00000087 00000000 user32!NtUserMessageCall+0x15
003ed54c 764196c5 00bbaac0 00000000 73c5bf21 user32!SendMessageWorker+0x5e9
003ed570 71a99116 00781512 00000087 00000000 user32!SendMessageW+0x7f
003ed598 71a990b5 00411484 00000001 11fd21b0 oleacc!GetLabelString+0x55
003ed5b0 71a97359 00411484 00000001 003ed698 oleacc!HrGetWindowName+0x4f
003ed5cc 71aa53df 11fd21b0 00000003 ffffffeb oleacc!CClient::get_accName+0x32
003ed5f8 71a95854 11fd21b0 00000003 ffffffeb oleacc!CEdit::get_accName+0xbd
003ed620 71a95282 0f9efb00 00000003 ffffffeb oleacc!AccWrap_Base::get_accName+0x22
003ed658 5b7f2ac9 0f9efb00 00000003 ffffffeb oleacc!AccWrap_Annotate::get_accName+0x59
WARNING: Stack unwind information not available. Following frames may be wrong.
003ed6b8 5b7f2c84 00411484 003ed6d8 01790678 MsoCmdSearchAddin!DllUnregisterServer+0xd8f9
003ed6d0 5b7f2ccd 00000000 0a926f80 003ed700 MsoCmdSearchAddin!DllUnregisterServer+0xdab4
003ed6e0 5b7f2d0b 00008001 00000000 00411484 MsoCmdSearchAddin!DllUnregisterServer+0xdafd
003ed700 764162fa 01790678 00008001 00000000 MsoCmdSearchAddin!DllUnregisterServer+0xdb3b
003ed72c 76416d3a 5b7f2ce0 01790678 00008001 user32!InternalCallWinProc+0x23
003ed7a4 764177c4 00000000 5b7f2ce0 01790678 user32!UserCallWinProcCheckWow+0x109
003ed804 7641788a 5b7f2ce0 00000000 003ed824 user32!DispatchMessageWorker+0x3bc
003ed814 5dd32690 5ebb96a0 5ebb96a0 003ed84c user32!DispatchMessageW+0xf
003ed824 5dd31709 5ebb96a0 0040008c 00400000 WWLIB!GetAllocCounters+0x4b8c8
003ed84c 5dd313e6 5dcd0000 761d1222 5dcd50f7 WWLIB!GetAllocCounters+0x4a941
003ef9bc 2f2c1602 2f2c0000 00000000 0069424f WWLIB!GetAllocCounters+0x4a61e
003ef9e0 2f2c159a 2f2c0000 00000000 0069424f WINWORD+0x1602
003efa70 761d33ca 7efde000 003efabc 77bc9ed2 WINWORD+0x159a
003efa7c 77bc9ed2 7efde000 5320a665 00000000 kernel32!BaseThreadInitThunk+0xe
003efabc 77bc9ea5 2f2c10ec 7efde000 ffffffff ntdll_77b90000!__RtlUserThreadStart+0x70
003efad4 00000000 2f2c10ec 7efde000 00000000 ntdll_77b90000!_RtlUserThreadStart+0x1b |
The presence of an after market add-in for Word is obvious. Knowing this, I only need to disable the COM Add-in in Word:
Afterwards, Word no longer hangs.
Update
I discovered after writing this post you can use the 32bit version of the Task Manager to obtain a 32bit dump in a 64bit OS. The 32bit version of the Task Manager can be located in C:\Windows\SysWOW64.
Like this:
Like Loading...
Related
Windows Explored 
Mike said
Just about time! Couldn’t figure out why all the garbage in the call stack 🙂