[ros-dev] CMD Overload.
Thomas Weidenmueller
w3seek at reactos.com
Fri May 6 18:01:28 CEST 2005
James Tabor wrote:
> Okay, this was from ls.bat which is a batch file with "xls -CF %1 %2" in
> it.
> The cmd locks up and kdb is started;
>
> (NTDLL:ldr/utils.c:2039) Failed to create or open dll section of
> '\SystemRoot\sy
> stem32\winlogon.exe' (Status c0000135)
> (mm/i386/page.c:283) Pde for 00c00000 - 00ffffff is not freed, RefCount 1
> (dispatch.c:166)(dispatch) Select: 0
> (dispatch.c:166)(dispatch) Select: 0
> (dispatch.c:166)(dispatch) Select: 0
> Entered debugger on last-chance exception number 14 (Page Fault)
> Memory at 0x200068 could not be read: Page not present.
> kdb:> bt
> Eip:
> <ntoskrnl.exe:98ebb (kdbg/kdb_symbols.c:541 (KdbSymFreeProcessSymbols))>
> Frames:
> <ntoskrnl.exe:9211a (kdbg/kdb.c:1487 (KdbDeleteProcessHook))>
> <ntoskrnl.exe:7b9dd (ps/kill.c:163 (PspDeleteProcess))>
> <ntoskrnl.exe:772a9 (ob/object.c:998 (ObpDeleteObject))>
> <ntoskrnl.exe:773b5 (ob/object.c:1055 (ObpDeleteObjectDpcLevel))>
> <ntoskrnl.exe:7757e (ob/object.c:1165 (ObfDereferenceObject))>
> <ntoskrnl.exe:73b99 (ob/handle.c:78 (ObpDecrementHandleCount))>
> <ntoskrnl.exe:73fd1 (ob/handle.c:212 (ObpDeleteHandle))>
> <ntoskrnl.exe:7508c (ob/handle.c:909 (NtClose))>
> <ntoskrnl.exe:3602 (/tmp/ccLjPSWL.s:180 (KiSystemService))>
> Entered debugger on last-chance exception number 14 (Page Fault)
> Memory at 0x200038 could not be read: Page not present.
> KeBugCheckWithTf at ke/catch.c:217
> (ke/process.c:282) Invalid detach (thread was not attached)
> KeBugCheck at ke/process.c:283
> A problem has been detected and ReactOS has been shut down to prevent
> damage to
> your computer.
>
I just looked at KdbpSymFindUserModule() and it's implemented scarily,
no serialization and the PEB (user memory) is accessed from kernel mode
without any protection...
Thomas
More information about the Ros-dev
mailing list