Description
This manifests in the following message (with example backtrace):
(..\..\ntoskrnl\se\accesschk.c:253) HACK: RemainingAccess = 0x00000112 DesiredAccess = 0x0010019b
|
Break instruction exception - code 80000003 (first chance)
|
nt!SepAccessCheckEx+0x527:
|
80527757 cc int 3
|
kd> kp
|
ChildEBP RetAddr
|
f70a2020 80527903 nt!SepAccessCheckEx(void * SecurityDescriptor = 0xe1006218, struct _SECURITY_SUBJECT_CONTEXT * SubjectSecurityContext = 0xb4ae6494, unsigned long DesiredAccess = 0x10019b, struct _OBJECT_TYPE_LIST * ObjectTypeList = 0x00000000, unsigned long ObjectTypeListLength = 0, unsigned long PreviouslyGrantedAccess = 0x20000, struct _PRIVILEGE_SET ** Privileges = 0xf70a2100, struct _GENERIC_MAPPING * GenericMapping = 0x805c908c, char AccessMode = 0n1 '', unsigned long * GrantedAccessList = 0xf70a210c, long * AccessStatusList = 0xf70a20e0, unsigned char UseResultList = 0x00 '')+0x527 [c:\ros\reactos-clean\reactos\ntoskrnl\se\accesschk.c @ 254]
|
f70a2058 80527ad7 nt!SepAccessCheck(void * SecurityDescriptor = 0xe1006218, struct _SECURITY_SUBJECT_CONTEXT * SubjectSecurityContext = 0xb4ae6494, unsigned long DesiredAccess = 0x10019b, unsigned long PreviouslyGrantedAccess = 0x20000, struct _PRIVILEGE_SET ** Privileges = 0xf70a2100, struct _GENERIC_MAPPING * GenericMapping = 0x805c908c, char AccessMode = 0n1 '', unsigned long * GrantedAccess = 0xf70a210c, long * AccessStatus = 0xf70a20e0)+0x33 [c:\ros\reactos-clean\reactos\ntoskrnl\se\accesschk.c @ 312]
|
f70a2094 f7793a42 nt!SeAccessCheck(void * SecurityDescriptor = 0xe1006218, struct _SECURITY_SUBJECT_CONTEXT * SubjectSecurityContext = 0xb4ae6494, unsigned char SubjectContextLocked = 0x01 '', unsigned long DesiredAccess = 0x10019b, unsigned long PreviouslyGrantedAccess = 0x20000, struct _PRIVILEGE_SET ** Privileges = 0xf70a2100, struct _GENERIC_MAPPING * GenericMapping = 0x805c908c, char AccessMode = 0n1 '', unsigned long * GrantedAccess = 0xf70a210c, long * AccessStatus = 0xf70a20e0)+0x1c7 [c:\ros\reactos-clean\reactos\ntoskrnl\se\accesschk.c @ 445]
|
f70a211c f7794275 npfs!NpCreateClientEnd(struct _NP_FCB * Fcb = 0xe1554cb0, struct _FILE_OBJECT * FileObject = 0xb4979888, unsigned long DesiredAccess = 0x12019f, struct _SECURITY_QUALITY_OF_SERVICE * SecurityQos = 0x00000000, struct _ACCESS_STATE * AccessState = 0xb4ae6478, char PreviousMode = 0n1 '', struct _ETHREAD * Thread = 0xb497e020, struct _LIST_ENTRY * List = 0xf70a2164 [ 0xf70a2164 - 0xf70a2164 ])+0x92 [c:\ros\reactos-clean\reactos\drivers\filesystems\npfs\create.c @ 142]
|
f70a21c0 804883a0 npfs!NpFsdCreate(struct _DEVICE_OBJECT * DeviceObject = 0xb4bae6c0, struct _IRP * Irp = 0xb49fda10)+0x295 [c:\ros\reactos-clean\reactos\drivers\filesystems\npfs\create.c @ 499]
|
f70a21e8 80477e84 nt!IofCallDriver(struct _DEVICE_OBJECT * DeviceObject = 0xb4bae6c0, struct _IRP * Irp = 0xb49fda10)+0xc0 [c:\ros\reactos-clean\reactos\ntoskrnl\io\iomgr\irp.c @ 1214]
|
f70a230c 8050b813 nt!IopParseDevice(void * ParseObject = 0xb4bae6c0, void * ObjectType = 0x00000000, struct _ACCESS_STATE * AccessState = 0xb4ae6478, char AccessMode = 0n1 '', unsigned long Attributes = 0x40, struct _UNICODE_STRING * CompleteName = 0xf70a242c "\Device\NamedPipe\plugplay", struct _UNICODE_STRING * RemainingName = 0xf70a23a4 "\plugplay", void * Context = 0xb49a1ba0, struct _SECURITY_QUALITY_OF_SERVICE * SecurityQos = 0x00000000, void ** Object = 0xf70a23c8)+0xd44 [c:\ros\reactos-clean\reactos\ntoskrnl\io\iomgr\file.c @ 858]
|
f70a23d0 80505298 nt!ObpLookupObjectName(void * RootHandle = 0x00000000, struct _UNICODE_STRING * ObjectName = 0xf70a242c "\Device\NamedPipe\plugplay", unsigned long Attributes = 0x40, struct _OBJECT_TYPE * ObjectType = 0x00000000, char AccessMode = 0n1 '', void * ParseContext = 0xb49a1ba0, struct _SECURITY_QUALITY_OF_SERVICE * SecurityQos = 0x00000000, void * InsertObject = 0x00000000, struct _ACCESS_STATE * AccessState = 0xb4ae6478, struct _OBP_LOOKUP_CONTEXT * LookupContext = 0xb4ae651c, void ** FoundObject = 0xf70a243c)+0x833 [c:\ros\reactos-clean\reactos\ntoskrnl\ob\obname.c @ 818]
|
f70a2444 8047aae5 nt!ObOpenObjectByName(struct _OBJECT_ATTRIBUTES * ObjectAttributes = 0x00b5db84, struct _OBJECT_TYPE * ObjectType = 0x00000000, char AccessMode = 0n1 '', struct _ACCESS_STATE * PassedAccessState = 0xb4ae6478, unsigned long DesiredAccess = 0xc0100080, void * ParseContext = 0xb49a1ba0, void ** Handle = 0xf70a24c4)+0x1b8 [c:\ros\reactos-clean\reactos\ntoskrnl\ob\obhandle.c @ 2514]
|
f70a24e8 8047bd9a nt!IoCreateFile(void ** FileHandle = 0x00b5db54, unsigned long DesiredAccess = 0xc0100080, struct _OBJECT_ATTRIBUTES * ObjectAttributes = 0x00b5db84, struct _IO_STATUS_BLOCK * IoStatusBlock = 0x00b5db74, union _LARGE_INTEGER * AllocationSize = 0x00000000, unsigned long FileAttributes = 0, unsigned long ShareAccess = 0, unsigned long Disposition = 1, unsigned long CreateOptions = 0x60, void * EaBuffer = 0x00000000, unsigned long EaLength = 0, _CREATE_FILE_TYPE CreateFileType = CreateFileTypeNone (0), void * ExtraCreateParameters = 0x00000000, unsigned long Options = 0)+0xa25 [c:\ros\reactos-clean\reactos\ntoskrnl\io\iomgr\file.c @ 2463]
|
f70a2528 80542689 nt!NtCreateFile(void ** FileHandle = 0x00b5db54, unsigned long DesiredAccess = 0xc0100080, struct _OBJECT_ATTRIBUTES * ObjectAttributes = 0x00b5db84, struct _IO_STATUS_BLOCK * IoStatusBlock = 0x00b5db74, union _LARGE_INTEGER * AllocateSize = 0x00000000, unsigned long FileAttributes = 0, unsigned long ShareAccess = 0, unsigned long CreateDisposition = 1, unsigned long CreateOptions = 0x60, void * EaBuffer = 0x00000000, unsigned long EaLength = 0)+0x3a [c:\ros\reactos-clean\reactos\ntoskrnl\io\iomgr\file.c @ 3228]
|
f70a2564 8054219d nt!KiSystemCallTrampoline(void * Handler = 0x8047bd60, void * Arguments = 0x00b5daf4, unsigned long StackBytes = 0x2c)+0x19 [c:\ros\reactos-clean\reactos\ntoskrnl\include\internal\i386\ke.h @ 725]
|
f70a25ac 80403e03 nt!KiSystemServiceHandler(struct _KTRAP_FRAME * TrapFrame = 0xf70a25b4, void * Arguments = 0x00b5daf4)+0x23d [c:\ros\reactos-clean\reactos\ntoskrnl\ke\i386\traphdlr.c @ 1717]
|
f70a25ac 7c92fb8e nt!KiFastCallEntry+0x8c
|
00b5dae8 7c95ab25 ntdll!KiFastSystemCallRet
|
00b5daec 77db49ba ntdll!NtCreateFile+0xc
|
00b5dba0 77db452f kernel32!CreateFileW(wchar_t * lpFileName = 0x7ffdec00 "\\.\pipe\plugplay", unsigned long dwDesiredAccess = 0xc0100080, unsigned long dwShareMode = 0, struct _SECURITY_ATTRIBUTES * lpSecurityAttributes = 0x00000000, unsigned long dwCreationDisposition = 1, unsigned long dwFlagsAndAttributes = 0, void * hTemplateFile = 0x00000000)+0x46a [c:\ros\reactos-clean\reactos\dll\win32\kernel32\client\file\create.c @ 326]
|
00b5dbd0 777786e3 kernel32!CreateFileA(char * lpFileName = 0x00145410 "\\.\pipe\plugplay", unsigned long dwDesiredAccess = 0xc0000000, unsigned long dwShareMode = 0, struct _SECURITY_ATTRIBUTES * lpSecurityAttributes = 0x00000000, unsigned long dwCreationDisposition = 3, unsigned long dwFlagsAndAttributes = 0, void * hTemplateFile = 0x00000000)+0x7f [c:\ros\reactos-clean\reactos\dll\win32\kernel32\client\file\create.c @ 81]
|
00b5dc14 77778dd0 rpcrt4!rpcrt4_conn_open_pipe(struct _RpcConnection * Connection = 0x00145358, char * pname = 0x00145410 "\\.\pipe\plugplay", int wait = 1)+0x123 [c:\ros\reactos-clean\reactos\dll\win32\rpcrt4\rpc_transport.c @ 220]
|
00b5dc70 77780dc7 rpcrt4!rpcrt4_ncacn_np_open(struct _RpcConnection * Connection = 0x00145358)+0x240 [c:\ros\reactos-clean\reactos\dll\win32\rpcrt4\rpc_transport.c @ 367]
|
00b5dc80 7776410d rpcrt4!RPCRT4_OpenClientConnection(struct _RpcConnection * Connection = 0x00145358)+0x87 [c:\ros\reactos-clean\reactos\dll\win32\rpcrt4\rpc_transport.c @ 3473]
|
00b5dc9c 77765b21 rpcrt4!RpcAssoc_GetClientConnection(struct _RpcAssoc * assoc = 0x00144f90, struct _RPC_SYNTAX_IDENTIFIER * InterfaceId = 0x761ba254, struct _RPC_SYNTAX_IDENTIFIER * TransferSyntax = 0x761ba268, struct _RpcAuthInfo * AuthInfo = 0x00000000, struct _RpcQualityOfService * QOS = 0x00000000, wchar_t * CookieAuth = 0x00000000 "", struct _RpcConnection ** Connection = 0x00b5dce4)+0x9d [c:\ros\reactos-clean\reactos\dll\win32\rpcrt4\rpc_assoc.c @ 398]
|
00b5dcc0 777701a9 rpcrt4!RPCRT4_OpenBinding(struct _RpcBinding * Binding = 0x00144f28, struct _RpcConnection ** Connection = 0x00b5dce4, struct _RPC_SYNTAX_IDENTIFIER * TransferSyntax = 0x761ba268, struct _RPC_SYNTAX_IDENTIFIER * InterfaceId = 0x761ba254)+0x81 [c:\ros\reactos-clean\reactos\dll\win32\rpcrt4\rpc_binding.c @ 263]
|
00b5dcf0 77770351 rpcrt4!I_RpcNegotiateTransferSyntax(struct _RPC_MESSAGE * pMsg = 0x00b5e290)+0x189 [c:\ros\reactos-clean\reactos\dll\win32\rpcrt4\rpc_message.c @ 1582]
|
00b5dd04 7774579b rpcrt4!I_RpcGetBuffer(struct _RPC_MESSAGE * pMsg = 0x00b5e290)+0x141 [c:\ros\reactos-clean\reactos\dll\win32\rpcrt4\rpc_message.c @ 1639]
|
00b5dd14 77760c11 rpcrt4!NdrGetBuffer(struct _MIDL_STUB_MESSAGE * stubmsg = 0x00b5e1ac, unsigned int buflen = 0x8c, void * handle = 0x00144f28)+0x7b [c:\ros\reactos-clean\reactos\dll\win32\rpcrt4\ndr_clientserver.c @ 156]
|
00b5e2d8 77761a69 rpcrt4!ndr_client_call(struct _MIDL_STUB_DESC * pStubDesc = 0x761ba708, unsigned char * pFormat = 0x761ba884 "H", void ** stack_top = 0x00b5e310, void ** fpu_stack = 0x00000000)+0xd21 [c:\ros\reactos-clean\reactos\dll\win32\rpcrt4\ndr_stubless.c @ 870]
|
00b5e2f8 761ae158 rpcrt4!NdrClientCall2(struct _MIDL_STUB_DESC * desc = 0x761ba708, unsigned char * format = 0x761ba868 "")+0x39 [c:\ros\reactos-clean\reactos\dll\win32\rpcrt4\ndr_stubless.c @ 956]
|
00b5e32c 76179f03 setupapi!PNP_ValidateDeviceInstance(void * hBinding = 0x00144f28, unsigned short * pDeviceID = 0x00b5e37c, unsigned long ulFlags = 1)+0x48 [c:\ros\reactos-clean\reactos\output-vs10-i386\reactos\dll\win32\setupapi\pnp_c.c @ 170]
|
00b5e528 76181e9d setupapi!CM_Locate_DevNode_ExW(unsigned long * pdnDevInst = 0x00145060, unsigned short * pDeviceID = 0x00b5e5bc, unsigned long ulFlags = 1, void * hMachine = 0x00000000)+0x253 [c:\ros\reactos-clean\reactos\dll\win32\setupapi\cfgmgr.c @ 4005]
|
00b5e54c 7617e9ad setupapi!CreateDeviceInfo(struct DeviceInfoSet * list = 0x00143e80, wchar_t * InstancePath = 0x00b5e5bc "PCI\VEN_1022&DEV_2000&SUBSYS_20001022&REV_10\4&3af1281e&01", struct _GUID * pClassGuid = 0x00b5e570 {4d36e972-e325-11ce-bfc1-08002be10318}, struct DeviceInfo ** pDeviceInfo = 0x00b5e5ac)+0x8d [c:\ros\reactos-clean\reactos\dll\win32\setupapi\devinst.c @ 552]
|
00b5e9f0 7617e59d setupapi!SETUP_CreateDevicesListFromEnumerator(struct DeviceInfoSet * list = 0x00143e80, struct _GUID * pClassGuid = 0x71eb2b08 {4d36e972-e325-11ce-bfc1-08002be10318}, wchar_t * Enumerator = 0x00b5ea24 "PCI", struct HKEY__ * hEnumeratorKey = 0x000001f8)+0x31d [c:\ros\reactos-clean\reactos\dll\win32\setupapi\devclass.c @ 223]
|
00b5ec54 761855b9 setupapi!SETUP_CreateDevicesList(struct DeviceInfoSet * list = 0x00143e80, wchar_t * MachineName = 0x00000000 "", struct _GUID * Class = 0x71eb2b08 {4d36e972-e325-11ce-bfc1-08002be10318}, wchar_t * Enumerator = 0x00000000 "")+0x1dd [c:\ros\reactos-clean\reactos\dll\win32\setupapi\devclass.c @ 318]
|
00b5ec80 761852b9 setupapi!SetupDiGetClassDevsExW(struct _GUID * class = 0x71eb2b08 {4d36e972-e325-11ce-bfc1-08002be10318}, wchar_t * enumstr = 0x00000000 "", struct HWND__ * parent = 0x00000000, unsigned long flags = 2, void * deviceset = 0x00000000, wchar_t * machine = 0x00000000 "", void * reserved = 0x00000000)+0x299 [c:\ros\reactos-clean\reactos\dll\win32\setupapi\devinst.c @ 2548]
|
00b5ecb0 7618520e setupapi!SetupDiGetClassDevsExA(struct _GUID * class = 0x71eb2b08 {4d36e972-e325-11ce-bfc1-08002be10318}, char * enumstr = 0x00000000 "", struct HWND__ * parent = 0x00000000, unsigned long flags = 2, void * deviceset = 0x00000000, char * machine = 0x00000000 "", void * reserved = 0x00000000)+0x99 [c:\ros\reactos-clean\reactos\dll\win32\setupapi\devinst.c @ 2424]
|
00b5ecd4 71ea5412 setupapi!SetupDiGetClassDevsA(struct _GUID * class = 0x71eb2b08 {4d36e972-e325-11ce-bfc1-08002be10318}, char * enumstr = 0x00000000 "", struct HWND__ * parent = 0x00000000, unsigned long flags = 2)+0x1e [c:\ros\reactos-clean\reactos\dll\win32\setupapi\devinst.c @ 2387]
|
00b5f450 71ea5a8c netshell!CNetConnectionManager::EnumerateINetConnections(void)+0x172 [c:\ros\reactos-clean\reactos\dll\shellext\netshell\connectmanager.cpp @ 554]
|
00b5f46c 71ea9cd0 netshell!INetConnectionManager_Constructor(struct IUnknown * pUnkOuter = 0x00000000, struct _GUID * riid = 0x71eb1198 {c08956a2-1cd3-11d1-b1c5-00805fc1270e}, void ** ppv = 0x00b5f4d0)+0xfc [c:\ros\reactos-clean\reactos\dll\shellext\netshell\connectmanager.cpp @ 689]
|
00b5f8a0 71eaa4a8 netshell!CLanStatus::InitializeNetTaskbarNotifications(void)+0x190 [c:\ros\reactos-clean\reactos\dll\shellext\netshell\lanstatusui.cpp @ 999]
|
00b5f8a8 00a11127 netshell!CLanStatus::Exec(struct _GUID * pguidCmdGroup = 0x00a1cebc {000214d2-0000-0000-c000-000000000046}, unsigned long nCmdID = 2, unsigned long nCmdexecopt = 0, struct tagVARIANT * pvaIn = 0x00000000, struct tagVARIANT * pvaOut = 0x00000000)+0x28 [c:\ros\reactos-clean\reactos\dll\shellext\netshell\lanstatusui.cpp @ 1190]
|
00b5f8d8 00a1127b stobject!CSysTray::InitNetShell(void)+0x77 [c:\ros\reactos-clean\reactos\dll\shellext\stobject\csystray.cpp @ 29]
|
00b5f8f0 00a11a85 stobject!CSysTray::InitIcons(void)+0xab [c:\ros\reactos-clean\reactos\dll\shellext\stobject\csystray.cpp @ 54]
|
00b5f904 00a126ba stobject!CSysTray::ProcessWindowMessage(struct HWND__ * hWnd = 0x000500c8, unsigned int uMsg = 1, unsigned int wParam = 0, long lParam = 0xb5faf0, long * lResult = 0x00b5f93c, unsigned long dwMsgMapID = 0)+0x55 [c:\ros\reactos-clean\reactos\dll\shellext\stobject\csystray.cpp @ 211]
|
00b5f970 77a844b7 stobject!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<2252341248,392> >::WindowProc(struct HWND__ * hWnd = 0x000500c8, unsigned int uMsg = 1, unsigned int wParam = 0, long lParam = 0xb5faf0)+0x9a [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 479]
|
00b5fa2c 77a88303 user32!IntCallWindowProcW(int IsAnsiProc = 0, <function> * WndProc = 0x00a50000, struct _WND * pWnd = 0x003459d0, struct HWND__ * hWnd = 0x000500c8, unsigned int Msg = 1, unsigned int wParam = 0, long lParam = 0xb5faf0)+0x417 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 1490]
|
00b5fab8 7c92fae1 user32!User32CallWindowProcFromKernel(void * Arguments = 0x00b5fad0, unsigned long ArgumentLength = 0x56)+0x1f3 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\message.c @ 2920]
|
00b5fc4c 77a92228 ntdll!KiUserCallbackDispatcher+0x2e
|
00b5fce8 00a12962 user32!CreateWindowExW(unsigned long dwExStyle = 0x188, wchar_t * lpClassName = 0x0000c065 "--- memory read error at address 0x0000c065 ---", wchar_t * lpWindowName = 0x00000000 "", unsigned long dwStyle = 0x86400000, int x = 0x80000000, int y = 0x80000000, int nWidth = 0x80000000, int nHeight = 0x80000000, struct HWND__ * hWndParent = 0x00000000, struct HMENU__ * hMenu = 0x00000000, struct HINSTANCE__ * hInstance = 0x00a10000, void * lpParam = 0x00000000)+0x318 [c:\ros\reactos-clean\reactos\win32ss\user\user32\windows\window.c @ 567]
|
00b5fd28 00a11efb stobject!ATL::CWindowImplBaseT<ATL::CWindow,ATL::CWinTraits<2252341248,392> >::Create(struct HWND__ * hWndParent = 0x00000000, class ATL::_U_RECT rect = class ATL::_U_RECT, wchar_t * szWindowName = 0x00000000 "", unsigned long dwStyle = 0x86400000, unsigned long dwExStyle = 0x188, class ATL::_U_MENUorID MenuOrID = class ATL::_U_MENUorID, unsigned short atom = 0xc065, void * lpCreateParam = 0x00000000)+0xd2 [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 528]
|
00b5fd60 00a1181a stobject!ATL::CWindowImpl<CSysTray,ATL::CWindow,ATL::CWinTraits<2252341248,392> >::Create(struct HWND__ * hWndParent = 0x00000000, class ATL::_U_RECT rect = class ATL::_U_RECT, wchar_t * szWindowName = 0x00000000 "", unsigned long dwStyle = 0x86400000, unsigned long dwExStyle = 0x188, class ATL::_U_MENUorID MenuOrID = class ATL::_U_MENUorID, void * lpCreateParam = 0x00000000)+0xab [c:\ros\reactos-clean\reactos\lib\atl\atlwin.h @ 565]
|
00b5ffac 00a116f9 stobject!CSysTray::SysTrayThreadProc(void)+0x7a [c:\ros\reactos-clean\reactos\dll\shellext\stobject\csystray.cpp @ 153]
|
00b5ffb8 77da2c0d stobject!CSysTray::s_SysTrayThreadProc(void * param = 0x00140908)+0x19 [c:\ros\reactos-clean\reactos\dll\shellext\stobject\csystray.cpp @ 124]
|
00b5ffec 00000000 kernel32!BaseThreadStartup(<function> * lpStartAddress = 0x00a116e0, void * lpParameter = 0x00140908)+0x5d [c:\ros\reactos-clean\reactos\dll\win32\kernel32\client\thread.c @ 69]
|
Attachments
Issue Links
- is blocked by
-
CORE-18250 Regression: 0.4.15-4523 breaks VirtualBox shared folders map to drive letter
-
- Resolved
-
-
-
- Resolved
-