Re: Randon Access Violation on dhcpcsvc6.DLL
Posted: Tue Apr 11, 2017 9:48 am
Seems like a crash in a system DLL. Don't know what's causing it. Doesn't seem to be madExcept's fault, if that's what you're wondering about?
high quality low level programming
http://forum.madshi.net/
Nope, I think it's very similar to what is in this thread. This environment (Server/Terminal services) and so on are similar, the thread above.madshi wrote:Seems like a crash in a system DLL. Don't know what's causing it. Doesn't seem to be madExcept's fault, if that's what you're wondering about?
Code: Select all
thread $7a8:
727f1ca0 +173 dhcpcsvc.DLL DhcpIsEnabled
72fb6a84 +037 IPHLPAPI.DLL GetAdaptersAddresses
008d462d +00d KirjanpitoClient.exe madExcept CallThreadProcSafe
008d4d9a +032 KirjanpitoClient.exe madExcept UserWorkItemExceptFrame
75a43368 +010 kernel32.dll BaseThreadInitThunk
Code: Select all
date/time : 2017-08-11, 11:33:51, 87ms
computer name : xxxx
wts client name : xxxx
user name : Administrator <admin>
registered owner : Windows User
operating system : Windows 2008 R2 x64 Service Pack 1 build 7601
system language : Finnish
system up time : 1 day 8 hours
program up time : 1 second
processors : 4x Intel(R) Xeon(R) CPU E3-1220 V2 @ 3.10GHz
physical memory : 30010/32736 MB (free/total)
free disk space : (C:) 10,77 GB (K:) 262,97 GB
display mode : 1920x1080, 16 bit
process id : $e74
allocated memory : 30,93 MB
largest free block : 1,04 GB
executable : KirjanpitoClient.exe
exec. date/time : 2017-08-10 13:04
version : 2017.1.1.1105
bde version : 5.2.0.2
compiled with : Delphi 10.2 Tokyo
Lisenssinumero : xxxx
contact name : xxxx
contact email : xxxx
madExcept version : 4.0.18
callstack crc : $fbec8fbf, $4532391e, $434fe045
exception number : 1
exception class : EAccessViolation
exception message : Access violation at address 727F1CA0 in module 'dhcpcsvc.DLL'. Execution of address 727F1CA0.
thread $7a8:
727f1ca0 +173 dhcpcsvc.DLL DhcpIsEnabled
72fb6a84 +037 IPHLPAPI.DLL GetAdaptersAddresses
008d462d +00d KirjanpitoClient.exe madExcept CallThreadProcSafe
008d4d9a +032 KirjanpitoClient.exe madExcept UserWorkItemExceptFrame
75a43368 +010 kernel32.dll BaseThreadInitThunk
main thread ($fac):
77cb342c +5366 ntdll.dll RtlAllocateHeap
75b80cbd +06f1 KERNELBASE.dll MultiByteToWideChar
00ed5bba +0036 KirjanpitoClient.exe GR32 2225 +6 TCustomMap.SetSize
00676320 +000c KirjanpitoClient.exe Vcl.Controls TControl.WMWindowPosChanged
0049b795 +0069 KirjanpitoClient.exe System.TypInfo {System.TypInfo}TPropSet<System.string>.SetProc
00499a71 +0099 KirjanpitoClient.exe System.TypInfo SetStrProp
0040a6f4 +004c KirjanpitoClient.exe System 16 +0 TObject.GetInterface
00ed5953 +000f KirjanpitoClient.exe GR32 2107 +1 TPlainInterfacedPersistent.QueryInterface
0040a6f4 +004c KirjanpitoClient.exe System 16 +0 TObject.GetInterface
00ede0aa +005a KirjanpitoClient.exe GR32 6364 +10 TCustomBackend.ChangeSize
00ed5f4f +0013 KirjanpitoClient.exe GR32 2400 +1 TCustomBitmap32.ChangeSize
00ed5bba +0036 KirjanpitoClient.exe GR32 2225 +6 TCustomMap.SetSize
01633f35 +00b5 KirjanpitoClient.exe STComponent.ValueWidget 191 +17 TSTValueWidget.Create
004d2331 +00ad KirjanpitoClient.exe System.Classes CreateComponent
004d255c +0088 KirjanpitoClient.exe System.Classes TReader.ReadComponent
004d2831 +0089 KirjanpitoClient.exe System.Classes TReader.ReadDataInner
004d279f +0067 KirjanpitoClient.exe System.Classes TReader.ReadData
004e0159 +0001 KirjanpitoClient.exe System.Classes TComponent.ReadState
00672ea3 +002f KirjanpitoClient.exe Vcl.Controls TControl.ReadState
00677751 +0025 KirjanpitoClient.exe Vcl.Controls TWinControl.ReadState
004d25f3 +011f KirjanpitoClient.exe System.Classes TReader.ReadComponent
004d2831 +0089 KirjanpitoClient.exe System.Classes TReader.ReadDataInner
004d2770 +0038 KirjanpitoClient.exe System.Classes TReader.ReadData
004e0159 +0001 KirjanpitoClient.exe System.Classes TComponent.ReadState
00672ea3 +002f KirjanpitoClient.exe Vcl.Controls TControl.ReadState
00677751 +0025 KirjanpitoClient.exe Vcl.Controls TWinControl.ReadState
004d3785 +01f5 KirjanpitoClient.exe System.Classes TReader.ReadRootComponent
004cd292 +0032 KirjanpitoClient.exe System.Classes TStream.ReadComponent
004c477f +0057 KirjanpitoClient.exe System.Classes InternalReadComponentRes
004c5edf +005f KirjanpitoClient.exe System.Classes InitComponent
004c5f6d +0061 KirjanpitoClient.exe System.Classes InitInheritedComponent
0063f86c +0064 KirjanpitoClient.exe Vcl.Forms TCustomFrame.Create
016389aa +0016 KirjanpitoClient.exe MNFrame.Tilannekuvaus.Tunnusluvut 88 +1 TMNTilannekuvausTunnusluvutFrame.Create
017dce51 +0071 KirjanpitoClient.exe MNForm.Main 460 +11 TMNMainForm.FormCreate
00640055 +0031 KirjanpitoClient.exe Vcl.Forms TCustomForm.DoCreate
0063fbc5 +013d KirjanpitoClient.exe Vcl.Forms TCustomForm.Create
0064b0d6 +0076 KirjanpitoClient.exe Vcl.Forms TApplication.CreateForm
0180f869 +0115 KirjanpitoClient.exe KirjanpitoClient 402 +30 initialization
75a43368 +0010 kernel32.dll BaseThreadInitThunk
thread $32c:
77ca0166 +0e ntdll.dll NtWaitForMultipleObjects
75a43368 +10 kernel32.dll BaseThreadInitThunk
thread $970:
77ca1f4f +0b ntdll.dll NtWaitForWorkViaWorkerFactory
75a43368 +10 kernel32.dll BaseThreadInitThunk
thread $99c (TSTUpdateThread):
77c9f8da +00e ntdll.dll NtWaitForSingleObject
75b615c8 +092 KERNELBASE.dll WaitForSingleObjectEx
75a4118f +03e kernel32.dll WaitForSingleObjectEx
75a41143 +00d kernel32.dll WaitForSingleObject
004337da +002 KirjanpitoClient.exe System.SysUtils WaitForSyncWaitObj
00433923 +01f KirjanpitoClient.exe System.SysUtils WaitOrSignalObj
0040b569 +065 KirjanpitoClient.exe System 16 +0 TMonitor.Wait
0040b5f8 +020 KirjanpitoClient.exe System 16 +0 TMonitor.Wait
004def3c +140 KirjanpitoClient.exe System.Classes TThread.Synchronize
004df009 +04d KirjanpitoClient.exe System.Classes TThread.Synchronize
009309a7 +2df KirjanpitoClient.exe STUpdateAgent 227 +71 TSTUpdateThread.Execute
008d4747 +02b KirjanpitoClient.exe madExcept HookedTThreadExecute
004de501 +049 KirjanpitoClient.exe System.Classes ThreadProc
0040c390 +028 KirjanpitoClient.exe System 16 +0 ThreadWrapper
008d462d +00d KirjanpitoClient.exe madExcept CallThreadProcSafe
008d4692 +032 KirjanpitoClient.exe madExcept ThreadExceptFrame
75a43368 +010 kernel32.dll BaseThreadInitThunk
>> created by main thread ($fac) at:
00930660 +034 KirjanpitoClient.exe STUpdateAgent 128 +6 TSTUpdateThread.Create
thread $6e8:
77ca1f4f +0b ntdll.dll NtWaitForWorkViaWorkerFactory
75a43368 +10 kernel32.dll BaseThreadInitThunk
thread $390:
77ca1f4f +0b ntdll.dll NtWaitForWorkViaWorkerFactory
75a43368 +10 kernel32.dll BaseThreadInitThunk
thread $ed8:
77c9fd9a +0e ntdll.dll NtDelayExecution
75b63d36 +5f KERNELBASE.dll SleepEx
75b64607 +0a KERNELBASE.dll Sleep
008d462d +0d KirjanpitoClient.exe madExcept CallThreadProcSafe
008d4692 +32 KirjanpitoClient.exe madExcept ThreadExceptFrame
75a43368 +10 kernel32.dll BaseThreadInitThunk
>> created by main thread ($fac) at:
75cbd9be +00 ole32.dll
thread $d38 (TEventSendThread):
77c9f8da +00e ntdll.dll NtWaitForSingleObject
77506944 +04f WS2_32.dll connect
009ef965 +229 KirjanpitoClient.exe CRVioTcp 290 +55 TCRVioTcp.InternalConnect
009efd52 +26e KirjanpitoClient.exe CRVioTcp 401 +60 TCRVioTcp.TryConnect
009f2c08 +098 KirjanpitoClient.exe DBMonitorMessages 480 +16 TSocketMessagePacker.Open
009f3c34 +050 KirjanpitoClient.exe DBMonitorClient 261 +9 TDBMonitor.IsMonitorActive
009f409f +07f KirjanpitoClient.exe DBMonitorClient 415 +15 TEventSendThread.Execute
008d4747 +02b KirjanpitoClient.exe madExcept HookedTThreadExecute
004de501 +049 KirjanpitoClient.exe System.Classes ThreadProc
0040c390 +028 KirjanpitoClient.exe System 16 +0 ThreadWrapper
008d462d +00d KirjanpitoClient.exe madExcept CallThreadProcSafe
008d4692 +032 KirjanpitoClient.exe madExcept ThreadExceptFrame
75a43368 +010 kernel32.dll BaseThreadInitThunk
>> created by main thread ($fac) at:
009f3f47 +01b KirjanpitoClient.exe DBMonitorClient 368 +1 TEventSendThread.Create
thread $e98:
77c9f8da +0e ntdll.dll NtWaitForSingleObject
75b615c8 +92 KERNELBASE.dll WaitForSingleObjectEx
75a4118f +3e kernel32.dll WaitForSingleObjectEx
75a41143 +0d kernel32.dll WaitForSingleObject
008d462d +0d KirjanpitoClient.exe madExcept CallThreadProcSafe
008d4692 +32 KirjanpitoClient.exe madExcept ThreadExceptFrame
75a43368 +10 kernel32.dll BaseThreadInitThunk
>> created by thread $99c (TSTUpdateThread) at:
758a4ab7 +00 wininet.dll
thread $bac:
77ca1f4f +0b ntdll.dll NtWaitForWorkViaWorkerFactory
75a43368 +10 kernel32.dll BaseThreadInitThunk
cpu registers:
eax = 00000000
ebx = 75a422b1
ecx = 00000000
edx = 77cdc36e
esi = 00000000
edi = 00000000
eip = 727f1ca0
esp = 07d4f5ec
ebp = 07d4f894
stack dump:
07d4f5ec 74 43 39 02 a0 42 39 02 - a0 42 39 02 00 00 00 00 tC9..B9..B9.....
07d4f5fc 00 00 00 00 00 00 00 00 - a4 1d 7f 72 01 00 00 00 ...........r....
07d4f60c 01 00 00 00 00 00 00 00 - 34 f6 d4 07 08 00 00 00 ........4.......
07d4f61c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
07d4f62c 58 f6 d4 07 38 02 00 00 - 00 00 00 04 00 00 83 00 X...8...........
07d4f63c 04 00 00 00 00 00 00 00 - 4c 00 4e 00 b0 66 34 02 ........L.N..f4.
07d4f64c 08 f9 d4 07 6c 04 00 00 - 00 00 00 00 0b 00 00 00 ....l...........
07d4f65c 30 00 4d 00 69 00 63 00 - 72 00 6f 00 73 00 6f 00 0.M.i.c.r.o.s.o.
07d4f66c 66 00 74 00 20 00 49 00 - 53 00 41 00 54 00 41 00 f.t. .I.S.A.T.A.
07d4f67c 50 00 20 00 41 00 64 00 - 61 00 70 00 74 00 65 00 P. .A.d.a.p.t.e.
07d4f68c 72 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 r...............
07d4f69c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
07d4f6ac 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
07d4f6bc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
07d4f6cc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
07d4f6dc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
07d4f6ec 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
07d4f6fc 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
07d4f70c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
07d4f71c 00 00 00 00 00 00 00 00 - 00 00 00 00 00 00 00 00 ................
disassembling:
[...]
727f1c89 mov edi, eax
727f1c8b cmp edi, esi
727f1c8d jnz loc_727f1ccf
727f1c8d
727f1c8f lea eax, [ebp-$250]
727f1c95 push eax
727f1c96 lea eax, [ebp-$24]
727f1c99 push eax
727f1c9a call dword ptr [$727f109c] ; RtlStringFromGUID (ntdll.dll)
727f1c9a
727f1ca0 > push eax
727f1ca1 call dword ptr [$727f1098] ; RtlNtStatusToDosError (ntdll.dll)
727f1ca1
727f1ca7 mov edi, eax
727f1ca9 cmp edi, esi
727f1cab jnz loc_727f1ccf
727f1cab
727f1cad lea eax, [ebp-$240]
727f1cb3 push eax
727f1cb4 push 1
727f1cb6 push esi
[...]