What is wrong with this Windows API call WaitForSingleObject?

Question

What is wrong with this Windows API call WaitForSingleObject?

Windows 7 crashed. I use the !analyze -vin command WinDbgto analyze exceptions. He provides below information. The exception is actually thrown by the function WaitForSingleObjectthat is being called IrsSim!IrsNet_BlockOutput. WinDbg exception analysis told me that it was a mistake INVALID_POINTER_READ.

For the calling code pChannel->hMutexnot NULL. I already dropped it and checked its value.

IRSNETRET IrsNet_BlockOutput( IRSNET    *pChannel)
{

// Check channel
    IRSNET_CHECK_CHANNEL(pChannel);

// Wait for synchronization mutex
    switch(WaitForSingleObject(pChannel->hMutex, INFINITE))
    {
...
}

<<<<<===========
FAULTING_IP: IrsSim! Channel :: SendIrsMessage + 285 [s: \ som5 \ ics \ scsv \ isv \ test.u \ irssim \ irsiftransport.cpp @ 539] 00520ed5 8b06 mov eax, dword ptr [esi]
EXCEPTION_RECORD: ffffffff - (.exr 0xffffffffffffffff) Address: 77db4639 (Ntdll! RtlDeactivateActivationContextUnsafeFast + 0x00000058)
ExceptionCode: c0150010 ExceptionFlags: 00000001 NumberParameters: 3 [0]: 00000000 [1]: 07befc58 [2]: 00000000
DEFAULT_BUCKET_ID: INVALID_POINTER_READ
PROCESS_NAME: IrsSim.exe
ERROR_CODE: (NTSTATUS) 0xc0150010 - .
EXCEPTION_CODE: (NTSTATUS) 0xc0150010 - , .
EXCEPTION_PARAMETER1: 00000000
EXCEPTION_PARAMETER2: 07befc58
EXCEPTION_PARAMETER3: 00000000
STACK_TEXT: 07d2fce0 00520ed5 irssim! :: SendIrsMessage + 0x285 07d2fd1c 00521072 irssim! CChannelArray:: SendIrsMessage + 0x132 07d2fd50 0052208a irssim! CNetLibInterface:: SendIrsMessage + 0xba 07d2fd78 005c01b6 irssim! CSendActivity:: Execute + 0x76 07d2fdac 005e0b3f irssim! SimulationThreadState:: ExecuteOneActivity + 0x11f 07d2fdf8 005cc937 irssim! CSimulationSubThreadState:: ExecuteState + 0x267 07d2fe8c 005ccf02 irssim! ThreadFctSubSimulation + 0xf2 07d2fec4 73b1e3ee msgstr " msvcr90! _endthreadex + 0x44 07d2ff84 739f34c7 msvcr90! _endthreadex + 0xd8 07d2ff90 767d339a kernel32! BaseThreadInitThunk + 0xe 07d2ff9c 77d69ed2 . Ntdll! _RtlUserThreadStart + 0x1b
================================
teb, .
0: 011 > k L = 07beec2c 100 ChildEBP RetAddr 07bef54c 76be0bdd ntdll! NtWaitForMultipleObjects + 0x15 07bef5e8 767d1a2c KERNELBASE! WaitForMultipleObjectsEx + 0x100 07bef630 767d4208 kernel32! WaitForMultipleObjectsExImplementation + 0xe0 07bef64c 767f80a4 kernel32! WaitForMultipleObjects + 0x18 07bef6b8 767f7f63 kernel32! WerpReportFaultInternal + 0x186 07bef6cc 767f7858 kernel32! WerpReportFault + 0x70 07bef6dc 767f77d7 kernel32! BasepReportFault + 0x20 07bef768 77da21d7 kernel32! UnhandledExceptionFilter + 0x1af 07bef770 77da20b4 ntdll! __ RtlUserThreadStart + 0x62 07bef784 77da1f59 ntdll! _EH4_CallFilterFunc + 0x12 07bef7ac 77d76ab9 ntdll! _except_handler4 + 0x8e 07bef7d0 77d76a8b ntdll! ExecuteHandler2 + 0x26 07bef7f4 77d76a2d ntdll! ExecuteHandler + 0x24 07bef880 77d40143 ntdll! RtlDispatchException + 0x127 07bef880 77db4639 ntdll! KiUserExceptionDispatcher + 0xf 07befc34 76be0ad7 ntdll! RtlDeactivateActivationContextUnsafeFast + 0x58 07befc38 76be0abc KERNELBASE! WaitForSingleObjectEx + 0xde 07befc98 767d1194 KERNELBASE! WaitForSingleObjectEx + 0xc3 07befcb0 767d1148 kernel32! WaitForSingleObjectExImplementation + 0x75
07befcc4 005e3b6e kernel32! WaitForSingleObject + 0x12
07befcd4 00520d3b IrsSim! IrsNet_BlockOutput + 0x1e
07befd14 00521072 IrsSim! Channel:: SendIrsMessage + 0xeb 07befd48 0052208a IrsSim! CChannelArray:: SendIrsMessage + 0x132 07befd70 005c01b6 IrsSim! CNetLibInterface:: SendIrsMessage + 0xba 07befda4 005e0b3f IrsSim! CSendActivity:: Execute + 0x76 07befdf0 005cc937 IrsSim! SimulationThreadState:: ExecuteOneActivity + 0x11f 07befe84 005ccf02 IrsSim! CSimulationSubThreadState:: ExecuteState + 0x267 07befebc 73b1e3ee IrsSim! ThreadFctSubSimulation + 0xf2 07beff44 739f3433 mfc90u! _AfxThreadEntry + 0xf2 07beff7c 739f34c7 msvcr90! _endthreadex + 0x44 07beff88 767d339a msvcr90! _endthreadex + 0xd8 07beff94 77d69ed2 kernel32! BaseThreadInitThunk + 0xe 07beffd4 77d69ea5 ntdll! __ RtlUserThreadStart + 0x70 07beffec 00000000 Ntdll! _RtlUserThreadStart + 0x1b
==================================== → → →

+3

c++ windows exception windbg activation-context-api

Cary 23 '12 8:55

4

R.D. Holland · Answer 1 · 2012-08-10T13:57:38+0000

0xC015000f, MFC ( " ".)

, , . , , . - , , AFX_MANAGE_STATE. , , , , - AFX_MAINTAIN_STATE2:: ~ AFX_MAINTAIN_STATE2, cookie .

( , AV) , . , . , AV, -, , try/catch (...). , , , , ( , ).

: " , 64- Win XP 64- Win7, VC6 VC9".

MFC. MFC 6 ( cookie), , , Visual Studio 2005. , . , MFC , , , . , try/catch (...), , MFC, , AV. , , MFC (- ). ( ), ( CWnd). , ( ), dmp, , , .

David Heffernan · Answer 2 · 2012-05-23T08:57:36+0000

, , ,

pChannel->hMutex

. pChannel, hMutex. , .

Edchum · Answer 3 · 2012-05-23T10:07:01+0000

You should check to see if the descriptor is invalid not just NULLas:

if (myHandle != INVALID_HANDLE_VALUE)
{
    // do something
}

Normally, the create handle function returns this value if there is an error.

Evgenii gostiukhin · Answer 4 · 2012-05-23T13:48:11+0000

Looks like a problem in context deactivation (thoughts based on windbg dump). See the article http://blogs.msdn.com/b/junfeng/archive/2006/03/19/sxs-activation-context-activate-and-deactivate.aspx .

What is wrong with this Windows API call WaitForSingleObject?

More articles: