iohook icon indicating copy to clipboard operation
iohook copied to clipboard

Published 20 hours ago verified publisher icon wilix-team

iohook causes the windows 10 to freeze

Open killghost opened this issue 4 years ago • 1 comments
trafficstars

Some users report that the system freezes after using the hotkey function. After analyzing with windbg, I found that it was stuck in load_input_helper (it appeared after iohook.dll was loaded).

The problem is in this code

`// DLL Entry point. BOOL WINAPI DllMain(HINSTANCE hInstDLL, DWORD fdwReason, LPVOID lpReserved) { switch (fdwReason) { case DLL_PROCESS_ATTACH: // Save the DLL address. hInst = hInstDLL;

		// Initialize native input helper functions.
		 load_input_helper();  this line  this line <<<<<<<<<<<<<<<<<<<<<<<<
		break;

	case DLL_PROCESS_DETACH:
		// Unregister any hooks that may still be installed.
		unregister_running_hooks();

		// Deinitialize native input helper functions.
		unload_input_helper();
		break;

	case DLL_THREAD_ATTACH:
	case DLL_THREAD_DETACH:
		// Do Nothing.
		break;
}

return TRUE;

}`

Now I put the call of load_input_helper in hook_run and hook_stop. My problem is solved 。

The following is the analysis result of windbg

DBGHELP: 6e646add_044e_4813_b189_1692d0c6ea43_tmp - export symbols 32 0017d700 5c7495fc 08040804 00000000 00000001 ntdll_77dd0000!KiUserCallbackDispatcher+0x2e 33 0017da44 5c74922a 00000001 5c74888d 0017da94 6e646add_044e_4813_b189_1692d0c6ea43_tmp!hook_get_pointer_sensitivity+0xacc 34 0017da54 5c74af9d 5c740000 00000001 00000000 6e646add_044e_4813_b189_1692d0c6ea43_tmp!hook_get_pointer_sensitivity+0x6fa 35 0017da94 5c74b078 5c740000 00000001 00000000 6e646add_044e_4813_b189_1692d0c6ea43_tmp!hook_get_pointer_sensitivity+0x246d 36 0017daa8 77e09280 5c740000 00000001 00000000 6e646add_044e_4813_b189_1692d0c6ea43_tmp!hook_get_pointer_sensitivity+0x2548 37 0017dac8 77e0feb7 5c74b05c 5c740000 00000001 ntdll_77dd0000!LdrpCallInitRoutine+0x14 38 0017dbbc 77e0ea8e 00000000 77c9078f 0017dd60 ntdll_77dd0000!LdrpRunInitializeRoutines+0x26f 39 0017dd30 77e4d3ff 0017dda0 0017dd60 00000000 ntdll_77dd0000!LdrpLoadDll+0x472 3a 0017dd6c 76ee2e6a 00000000 0017ddc0 0017dda0 ntdll_77dd0000!LdrLoadDll+0xc7 3b 0017ddb4 0340f766 00000000 00000000 00000008 KERNELBASE!LoadLibraryExW+0x233 3c 0018ddd4 02edc5b2 0fc8dee8 0f89f7e0 0f89f7a8 !uv_dlopen+0x46 3d 0018ddf0 02edd3f9 000000ae 0018df62 0833ff98 !node_module_register+0xa2 3e 0018e224 02edc9e7 0018e234 77dfe192 0f89f7a8 !node::binding::get_linked_module+0x909 3f 0018e69c 010472d7 0018e6b0 00000000 065b72f8 !node_module_register+0x4d7

killghost avatar Apr 27 '21 04:04 killghost

These traces aren't very helpful. Can you not repro in your dev environment or provide some log from one of the users that experienced this?

ash0x0 avatar Jun 11 '21 23:06 ash0x0