Uploaded image for project: 'Core ReactOS'
  1. Core ReactOS
  2. CORE-13619

LiveCD crashes when pressing next / previous buttons in the initial screen

    XMLWordPrintable

Details

    • 75,304

    Description

      kd> kp
      ChildEBP RetAddr  
      f71dacbc f76b7261 win32k!IntQueryTrackMouseEvent(struct tagTRACKMOUSEEVENT * lpEventTrack = 0xf71dacd0)+0x64 [r:\src\trunk\reactos\win32ss\user\ntuser\mouse.c @ 361]
      f71dad08 8050817b win32k!NtUserTrackMouseEvent(struct tagTRACKMOUSEEVENT * lpEventTrack = 0x0012fbc4)+0x121 [r:\src\trunk\reactos\win32ss\user\ntuser\mouse.c @ 490]
      f71dad1c 8050639f nt!KiSystemCallTrampoline(void * Handler = 0xf76b7140, void * Arguments = 0x0012fb40, unsigned long StackBytes = 4)+0x1b [r:\src\trunk\reactos\ntoskrnl\include\internal\i386\ke.h @ 748]
      f71dad5c 80403e23 nt!KiSystemServiceHandler(struct _KTRAP_FRAME * TrapFrame = 0xf71dad64, void * Arguments = 0x0012fb40)+0x22f [r:\src\trunk\reactos\ntoskrnl\ke\i386\traphdlr.c @ 1815]
      f71dad5c 7c92c8fe nt!KiFastCallEntry+0x8c
      0012fb34 7c555254 ntdll!KiFastSystemCallRet
      0012fb38 7c1a5a8b user32!ZwUserTrackMouseEvent+0xc
      0012fc98 7c1a56cd comctl32!ButtonWndProc_common(struct HWND__ * hWnd = 0x000d0082, unsigned int uMsg = 0x200, unsigned long wParam = 0, long lParam = 0n786452, int unicode = 0n1)+0x3ab [r:\src\trunk\reactos\dll\win32\comctl32\button.c @ 555]
      0012fcb4 7c5514ba comctl32!ButtonWndProcW(struct HWND__ * hWnd = 0x000d0082, unsigned int uMsg = 0x200, unsigned long wParam = 0, long lParam = 0n786452)+0x2d [r:\src\trunk\reactos\dll\win32\comctl32\button.c @ 1061]
      0012fce4 7c543730 user32!CALL_EXTERN_WNDPROC+0x1a
      0012fd84 7c54680c user32!IntCallWindowProcW(int IsAnsiProc = 0n0, <function> * WndProc = 0x7c1a56a0, struct _WND * pWnd = 0x00342ae0, struct HWND__ * hWnd = 0x000d0082, unsigned int Msg = 0x200, unsigned int wParam = 0, long lParam = 0n786452)+0x3e0 [r:\src\trunk\reactos\win32ss\user\user32\windows\message.c @ 1521]
      0012fdb4 7c546234 user32!IntCallMessageProc(struct _WND * Wnd = 0x00342ae0, struct HWND__ * hWnd = 0x000d0082, unsigned int Msg = 0x200, unsigned int wParam = 0, long lParam = 0n786452, int Ansi = 0n0)+0x1ac [r:\src\trunk\reactos\win32ss\user\user32\windows\message.c @ 1767]
      0012fe08 7c534164 user32!DispatchMessageW(struct tagMSG * lpmsg = 0x0012fe68)+0x1d4 [r:\src\trunk\reactos\win32ss\user\user32\windows\message.c @ 2020]
      0012fe58 7c531f20 user32!IsDialogMessageW(struct HWND__ * hDlg = 0x0004007e, struct tagMSG * lpMsg = 0x0012fe68)+0x554 [r:\src\trunk\reactos\win32ss\user\user32\windows\dialog.c @ 2634]
      0012fe94 7c53331e user32!DIALOG_DoDialogBox(struct HWND__ * hwnd = 0x0004007e, struct HWND__ * owner = 0x00000000)+0x150 [r:\src\trunk\reactos\win32ss\user\user32\windows\dialog.c @ 560]
      0012feb0 0040225f user32!DialogBoxParamW(struct HINSTANCE__ * hInstance = 0x00400000, wchar_t * lpTemplateName = 0x0000012c "--- memory read error at address 0x0000012c ---", struct HWND__ * hWndParent = 0x00000000, <function> * lpDialogFunc = 0x00402600, long dwInitParam = 0n1244892)+0x9e [r:\src\trunk\reactos\win32ss\user\user32\windows\dialog.c @ 1884]
      0012fed0 00404027 userinit!RunLiveCD(struct STATE * pState = 0x0012fedc)+0x6f [r:\src\trunk\reactos\base\system\userinit\livecd.c @ 838]
      0012ff04 004057d0 userinit!wWinMain(struct HINSTANCE__ * hInst = 0x00400000, struct HINSTANCE__ * hPrevInstance = 0x00000000, wchar_t * lpszCmdLine = 0x00131a24 "", int nCmdShow = 0n10)+0x57 [r:\src\trunk\reactos\base\system\userinit\userinit.c @ 631]
      0012ff1c 004054dc userinit!wmain(int flags = 0n1, wchar_t ** cmdline = 0x00137a60, wchar_t ** inst = 0x001316c0)+0x20 [r:\src\trunk\reactos\sdk\lib\crt\startup\crt0_w.c @ 26]
      0012ffb4 00405701 userinit!__tmainCRTStartup(void)+0x25c [r:\src\trunk\reactos\sdk\lib\crt\startup\crtexe.c @ 308]
      0012ffc0 7c76e5b2 userinit!wWinMainCRTStartup(void)+0x21 [r:\src\trunk\reactos\sdk\lib\crt\startup\crtexe.c @ 168]
      0012fff0 00000000 kernel32!BaseProcessStartup(<function> * lpStartAddress = 0x004056e0)+0x42 [r:\src\trunk\reactos\dll\win32\kernel32\client\proc.c @ 478]
       

      pDesk->spwndTrack->head.pti is 0x65
      Some other values in spwndTrack also dont make sense (spwndParent being 0x8, ppwndPrev being 0x34 etc)

      See:

      Attachments

        1. does_not_reproduce.patch
          3 kB
          Mark Jansen
        2. does_reproduce.patch
          0.6 kB
          Mark Jansen
        3. reproduce_log.txt
          26 kB
          Mark Jansen
        4. vmware_2017-07-30_23-16-42.png
          75 kB
          Mark Jansen
        5. windbg_2017-07-30_23-12-12.png
          26 kB
          Mark Jansen
        6. window.c.patch
          1 kB
          Mark Jansen
        7. window.c.patch
          0.6 kB
          Mark Jansen

        Issue Links

          Activity

            People

              learn_more Mark Jansen
              learn_more Mark Jansen
              Votes:
              4 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: