[ros-bugs] [Bug 3710] 7-zip can crash the system when it exits

ReactOS.Bugzilla at www.reactos.org ReactOS.Bugzilla at www.reactos.org
Fri May 8 00:03:04 CEST 2009 

http://www.reactos.org/bugzilla/show_bug.cgi?id=3710


Haos <olaf_siejka at o2.pl> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |olaf_siejka at o2.pl
             Status|NEW                         |RESOLVED
         Resolution|                            |WORKSFORME




--- Comment #3 from Haos <olaf_siejka at o2.pl>  2009-05-08 00:03:03 CET ---
Tested with KQEMU and official trunk rev. 40786. Link provided is dead. I was
not able to download the package with the same name as the one linked here.
Tried the replication methode with several exe files, but 7zip didnt display
any error message.

Was able to reproduce it while opening Iron installer. Reactos froze on error
message without any crash in debug log:

(subsystems/win32/csrss/win32csr/guiconsole.c:1524) GuiConsoleResize X 0 Y 0
MainFrameBase::OpenShellFolders(): parent_pidl=D:\
MainFrameBase::OpenShellFolders(): pidl_abs=D:\Browser
MDIMainFrame PM_OPEN_WINDOW: path=D:\Browser
(subsystems/win32/win32k/ntuser/hook.c:733) HOOK WH_CBT!
(subsystems/win32/win32k/ntuser/hook.c:737) HOOK HCBT_CREATEWND
(subsystems/win32/win32k/objects/gdiobj.c:814) Attempted to lock object
0xffffffff of wrong type (Handle: 0x7f
0000, requested: 0x40000)
(subsystems/win32/win32k/ntuser/timer.c:437) Invalid window handle
(subsystems/win32/win32k/ntuser/window.c:1588) FIXME - Parent is HWND_MESSAGE
fixme:(dll/win32/advapi32/sec/lsa.c:185)
(00598920,00598C48,0058FE58,0x00000001) stub
(drivers/filesystems/cdfs/dirctl.c:769) IRP_MN_NOTIFY_CHANGE_DIRECTORY
(drivers/filesystems/cdfs/dirctl.c:769) IRP_MN_NOTIFY_CHANGE_DIRECTORY
WARNING:  MmLockPagableSectionByHandle at ntoskrnl/mm/drvlck.c:43 is
UNIMPLEMENTED!
WARNING:  MmUnlockPagableImageSection at ntoskrnl/mm/drvlck.c:79 is
UNIMPLEMENTED!
(subsystems/win32/win32k/ntuser/window.c:2118) IntCreateWindowEx(): send CREATE
message failed. No cleanup performed!

Backtrace of 7zip FileManager:

kdb:> thread list
  TID         State        Prior.  Affinity    EBP         EIP
 *0x0000048c  Ready          8     0x00000001  0x0058feec  0x7c9061e2
kdb:> bt
Eip:
<00000000>
Frames:
<win32k.sys 7d9f1 (subsystems/win32/win32k/ntuser/window.c:725
(@co_DestroyThreadWindows at 4))>
<win32k.sys 4cf57 (subsystems/win32/win32k/main/dllmain.c:300
(Win32kThreadCallback at 8))>
<NTOSKRNL.EXE a6742 (ntoskrnl/ps/kill.c:694 (PspExitThread at 4))>
<NTOSKRNL.EXE a73a2 (ntoskrnl/ps/kill.c:964 (PspTerminateThreadByPointer at 12))>
<NTOSKRNL.EXE a7901 (ntoskrnl/ps/kill.c:1188 (NtTerminateProcess at 8))>
<NTOSKRNL.EXE ba6a4 (ntoskrnl/ke/i386/trap.s:244 (KiFastCallEntry))>
<ntdll.dll:61e2 (dll/ntdll/dispatch/i386/dispatch.S:267
(KiFastSystemCallRet at 0))>
<msvcrt.dll:c86e (lib/sdk/crt/stdlib/_exit.c:12 (exit))>
<msvcrt.dll:c88a (lib/sdk/crt/stdlib/_exit.c:24 (exit))>
<7zFM.exe:3c3a4>
<kernel32.dll:22f64 (dll/win32/kernel32/process/procsup.c:68
(BaseProcessStartup at 4))>
<00000000>
kdb:> disasm 0x7c9061e2
<ntdll.dll:61e2 (dll/ntdll/dispatch/i386/dispatch.S:267
(KiFastSystemCallRet at 0))>: ret

Backtrace of 7z.exe

kdb:> thread list
  TID         State        Prior.  Affinity    EBP         EIP
 *0x000003b0  Waiting        8     0x00000001  0x0055f8a0  0x7c9061e2
kdb:> bt
Eip:
<NTOSKRNL.EXE d3aa (ntoskrnl/ke/thrdschd.c:370 (@KiSwapThread at 8))>
Frames:
<NTOSKRNL.EXE 1138e (ntoskrnl/ke/wait.c:813 (KeWaitForMultipleObjects at 32))>
<win32k.sys 73078 (subsystems/win32/win32k/ntuser/msgqueue.c:1392
(@co_MsqWaitForNewMessages at 16))>
<win32k.sys 6e782 (subsystems/win32/win32k/ntuser/message.c:1084
(@co_IntWaitMessage at 12))>
<win32k.sys 6f415 (subsystems/win32/win32k/ntuser/message.c:1962
(NtUserWaitMessage at 0))>
<NTOSKRNL.EXE ba6a4 (ntoskrnl/ke/i386/trap.s:244 (KiFastCallEntry))>
<ntdll.dll:61e2 (dll/ntdll/dispatch/i386/dispatch.S:267
(KiFastSystemCallRet at 0))>
<USER32.dll:36340 (dll/win32/user32/windows/menu.c:3642 (MenuTrackKbdMenuBar))>
<USER32.dll:24a6c (dll/win32/user32/windows/defwnd.c:820
(DefWndHandleSysCommand))>
<USER32.dll:251e8 (dll/win32/user32/windows/defwnd.c:1386
(User32DefWindowProc at 20))>
<USER32.dll:26226 (dll/win32/user32/windows/defwnd.c:2150 (DefWindowProcW at 16))>
<USER32.dll:287ef (dll/win32/user32/windows/dialog.c:1636 (DefDlgProcW at 16))>
<USER32.dll:3888b (dll/win32/user32/windows/message.c:1177
(@IntCallWindowProcW at 24))>
<USER32.dll:38b6a (dll/win32/user32/windows/message.c:1325
(IntCallMessageProc at 24))>
<USER32.dll:392f8 (dll/win32/user32/windows/message.c:1775 (SendMessageW at 16))>
<USER32.dll:257f1 (dll/win32/user32/windows/defwnd.c:1404
(User32DefWindowProc at 20))>
<USER32.dll:26226 (dll/win32/user32/windows/defwnd.c:2150 (DefWindowProcW at 16))>
<USER32.dll:1259 (dll/win32/user32/controls/button.c:580
(ButtonWndProc_common))>
<USER32.dll:1c7a (dll/win32/user32/controls/button.c:595 (ButtonWndProcW at 16))>
<USER32.dll:3888b (dll/win32/user32/windows/message.c:1177
(@IntCallWindowProcW at 24))>
<USER32.dll:38b6a (dll/win32/user32/windows/message.c:1325
(IntCallMessageProc at 24))>
<USER32.dll:38cf3 (dll/win32/user32/windows/message.c:1428
(DispatchMessageW at 4))>--- Press q to abort, any oth
er key to continue ---

<USER32.dll:29293 (dll/win32/user32/windows/dialog.c:2422
(IsDialogMessageW at 8))>
<USER32.dll:26d01 (dll/win32/user32/windows/dialog.c:551 (DIALOG_DoDialogBox))>
<USER32.dll:2892c (dll/win32/user32/windows/dialog.c:1727
(DialogBoxParamA at 20))>
<7z465.exe:39b6>
<8d30ec83>
Couldn't access memory at 0x53E58959!


-- 
Configure bugmail: http://www.reactos.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
You are the assignee for the bug.

More information about the Ros-bugs mailing list