17 Mar
2005
17 Mar
'05
7:43 p.m.
Hartmut Birr wrote:
Hi,
while looking for the console closing problem, I've seen that win2k
calls PsLookupProcessByProcessId very often with a id of 0xffffffff.
- Hartmut
I've put ASSERT(ProcessId != (HANDLE)-1) in PsLookupProcessByProcessId
on my local copy and it was never triggered. My test was booting to
Explorer and running OpenOffice.org 1.1.1 Word Processor...
(ex/handle.c:721) Looking up invalid handle 0xffffffff
Frames:
<ntoskrnl.exe:26f2d (ex/handle.c:722 (ExpLookupHandleTableEntry))>
<ntoskrnl.exe:275ce (ex/handle.c:919 (ExMapHandleToPointer))>
<ntoskrnl.exe:74af8 (ps/cid.c:106 (PsLookupCidHandle))>
<ntoskrnl.exe:7c6d5 (ps/process.c:2709 (PsLookupProcessByProcessId))>
<win32k.sys:45c16 (objects/gdiobj.c:1219 (GDIOBJ_SetOwnership))>
^ Honestly I can't see how can you ever get ProcessId == -1 from this
line of code (assuming it's the correct line):
Status = PsLookupProcessByProcessId((HANDLE)((ULONG_PTR)PrevProcId &
~0x1), &OldProcess);
Since a "binary and" with 0xfffffffe is performed, the result can never
be 0xfffffffff.
<win32k.sys:6840 (eng/surface.c:466
(EngDeleteSurface))>
<win32k.sys:52456 (objects/text.c:1922 (NtGdiExtTextOut))>
<win32k.sys:539ef (objects/text.c:2770 (NtGdiTextOut))>
<ntoskrnl.exe:3fb2 (D:\DOKUME~1\hb\LOKALE~1\Temp/ccgPaaaa.s:178
(KiSystemService))>
<gdi32.dll:99bc (objects/text.c:45 (TextOutW))>
Regards,
Filip