[ros-dev] SysInternals Process Explorer

Hi all!

http://www.sysinternals.com/ntw2k/freeware/procexp.shtml

Debug output from execution of procexp on ROS,

(api/handle.c:71) CsrGetObject returning invalid handle (NTDLL:ldr/utils.c:2092) Relocating (76260000 -> 700000) C:\ReactOS\system32\ole aut32.dll (NTDLL:ldr/utils.c:2092) Relocating (77800000 -> 4e1000) C:\ReactOS\system32\win spool.drv 0 bytes requested - initiating pool verification 0 bytes requested - initiating pool verification FIXME: CopyImage doesn't support IMAGE_ICON correctly! 0 bytes requested - initiating pool verification 0 bytes requested - initiating pool verification (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find mxdMessage (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find auxMessage (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find mxdMessage (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find midMessage (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find modMessage (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find widMessage (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find wodMessage (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find auxMessage (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find mxdMessage (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find midMessage (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find widMessage (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find wodMessage (cm/ntfunc.c:379) NtDeleteKey(KeyHandle dc) called (cm/ntfunc.c:418) PointerCount 1 (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find AllocateAndGetTcpE xTableFromStack (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find AllocateAndGetUdpE xTableFromStack (NTDLL:ldr/utils.c:2034) Failed to create or open dll section of '.dll' (Status c0000135) (NTDLL:ldr/utils.c:2092) Relocating (76160000 -> db1000) C:\ReactOS\system32\dbg help.dll (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find NtSuspendProcess (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find NtResumeProcess (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find EnumServicesStatus ExA (NTDLL:ldr/utils.c:1211) LdrGetExportByName(): failed to find QueryServiceConfig 2A (NTDLL:ldr/utils.c:2034) Failed to create or open dll section of 'winsta.dll' (S tatus c0000135) (NTDLL:ldr/utils.c:1091) LdrGetExportByName(): no export directory! (NTDLL:ldr/utils.c:2034) Failed to create or open dll section of 'uxtheme.dll' ( Status c0000135) (NTDLL:ldr/utils.c:1091) LdrGetExportByName(): no export directory! (NTDLL:ldr/utils.c:1091) LdrGetExportByName(): no export directory! (NTDLL:ldr/utils.c:1091) LdrGetExportByName(): no export directory! (fsctl.c:277) SysType (KERNEL32:mem/global.c:412) Memory Load: 4

*My little hack*

(ex/sysinfo.c:827) NtQuerySystemInformation - SystemHandleInformation (ex/sysinfo.c:835) SystemHandleInformation 1 (ex/sysinfo.c:854) SystemHandleInformation 2 (ex/sysinfo.c:872) SystemHandleInformation 4

(sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub (NTDLL:ldr/utils.c:2034) Failed to create or open dll section of 'Powrprof.dll' (Status c0000135) (NTDLL:ldr/utils.c:1091) LdrGetExportByName(): no export directory! (ex/sysinfo.c:1046) NtQuerySystemInformation - SystemInterruptInformation not im plemented (sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub

*Here again*

(ex/sysinfo.c:827) NtQuerySystemInformation - SystemHandleInformation (ex/sysinfo.c:835) SystemHandleInformation 1 (ex/sysinfo.c:854) SystemHandleInformation 2 (ex/sysinfo.c:872) SystemHandleInformation 4

(sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (KERNEL32:misc/stubs.c:1457) GetLongPathNameA() is UNIMPLEMENTED! (sec/lsa.c:221) LsaOpenPolicy - stub (sec/lsa.c:32) (ffffffff):LsaClose stub KeBugCheckWithTf at ke/catch.c:177 Bug detected (code 1e param 0 0 0 0) KMODE_EXCEPTION_NOT_HANDLED

Page Fault Exception: 14(0) Processor: 0 CS:EIP 8:8009f441 <ntoskrnl.exe: 9f441> cr2 4ea000 cr3 3b854000 Proc: 80c246b8 Pid: 130 <procexp.> Thrd: 80cc2af0 Tid: 1 34 DS 10 ES 10 FS 30 GS 23 EAX: 80c246b8 EBX: 0000009b ECX: 00001800 EDX: 00010000 EBP: 9e2d7cf8 ESI: 004ea000 ESP: 9e2d7c7c EDI: 005e8424 EFLAGS: 00010216 kESP 9e2d7c7c kernel stack base 9e2d5000 Frames: <ntoskrnl.exe: 72801> <ntoskrnl.exe: 399b> <7FFE0304>