Message242808
> 1. Bug in Windows 10, which should be reported to Microsoft.
It appears to be a bug in the kernel. It's isn't updating the value of of the output parameter *lpReturnLength.
C:\>ver
Microsoft Windows [Version 10.0.10074]
C:\>cdb -xi ld py
Microsoft (R) Windows Debugger Version 10.0.10075.9 X86
Copyright (c) Microsoft Corporation. All rights reserved.
CommandLine: py
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred
symsrv*symsrv.dll*C:\Symbols*
http://msdl.microsoft.com/download/symbols
Symbol search path is:
symsrv*symsrv.dll*
C:\Symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
(b5c.9cc): Break instruction exception - code 80000003 (first chance)
eax=00000000 ebx=00000000 ecx=8ce20000 edx=00000000 esi=00d600e8 edi=7f9ea000
eip=776dfb65 esp=0056f980 ebp=0056f9ac iopl=0 nv up ei pl zr na pe nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000246
ntdll!LdrpDoDebuggerBreak+0x2b:
776dfb65 cc int 3
0:000> bp kernel32!QueryInformationJobObject
0:000> g
Breakpoint 0 hit
eax=0056f36c ebx=00d70c90 ecx=0056f370 edx=00000000 esi=00000184 edi=00db50cc
eip=7759c4c0 esp=0056f2e8 ebp=0056f3e8 iopl=0 nv up ei pl zr na pe nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000246
KERNEL32!QueryInformationJobObject:
7759c4c0 8bff mov edi,edi
0:000> dd esp l6
0056f2e8 00d619e5 00000184 00000009 0056f370
0056f2f8 00000070 0056f36c
hJob == 0x184
JobObjectInfoClass == JobObjectExtendedLimitInformation
cbJobObjectInfoLength == 0x70 (32-bit)
*lpReturnLength (rc in run_child) is uninitialized:
0:000> dd 56f36c l1
0056f36c 77748600
Step to the system call, NtQueryInformationJobObject:
0:000> pc
eax=0056f370 ebx=00000001 ecx=00000184 edx=0056f36c esi=0056f268 edi=00db50cc
eip=7759c523 esp=0056f244 ebp=0056f2e4 iopl=0 nv up ei pl nz na po nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000202
KERNEL32!QueryInformationJobObject+0x63:
7759c523 ff158c0e5d77 call
dword ptr [KERNEL32!_imp__NtQueryInformationJobObject (775d0e8c)]
ds:002b:775d0e8c={ntdll!NtQueryInformationJobObject (776a6c60)}
0:000> dd esp l5
0056f244 00000184 00000009 0056f268 00000070
0056f254 0056f36c
0:000> p
eax=00000000 ebx=00000001 ecx=8ce20000 edx=0046e3e0 esi=0056f268 edi=00db50cc
eip=7759c529 esp=0056f258 ebp=0056f2e4 iopl=0 nv up ei pl nz na po nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000202
KERNEL32!QueryInformationJobObject+0x69:
7759c529 85c0 test eax,eax
It returns STATUS_SUCCESS (register eax), but *lpReturnLength hasn't been updated:
0:000> dd 56f36c l1
0056f36c 77748600
Likewise the Win32 call is successful.
0:000> pt
eax=00000001 ebx=00d70c90 ecx=541ed0d4 edx=00000000 esi=00000184 edi=00db50cc
eip=7759c5c4 esp=0056f2e8 ebp=0056f3e8 iopl=0 nv up ei pl zr na pe nc
cs=0023 ss=002b ds=002b es=002b fs=0053 gs=002b efl=00000246
KERNEL32!QueryInformationJobObject+0x104:
7759c5c4 c21400 ret 14h
0:000> dd 56f36c l1
0056f36c 77748600 |
|
Date |
User |
Action |
Args |
2015-05-09 12:19:10 | eryksun | set | recipients:
+ eryksun, paul.moore, vinay.sajip, jaraco, tim.golden, zach.ware, steve.dower, dstufft, hheimbuerger, gavstar |
2015-05-09 12:19:10 | eryksun | set | messageid: <1431173950.11.0.358745821907.issue24127@psf.upfronthosting.co.za> |
2015-05-09 12:19:10 | eryksun | link | issue24127 messages |
2015-05-09 12:19:09 | eryksun | create | |
|