EldoS | Feel safer!

Software components for data protection, secure storage and transfer

Process sometimes crashes at CbFsCloseFileFunc

Posted: 10/07/2014 00:00:23
by Toshiki Yagi (Basic support level)
Joined: 10/06/2014
Posts: 1


I found my program sometimes crashes at CbFsCloseFileFunc, line 1264.
Here is details:

Callback File System version.5.1.151
Problem: Heap corruption (possible double-free)
Call trace:
ntdll.dll!_ZwWaitForSingleObject@12 () Unknown
ntdll.dll!_RtlReportExceptionEx@16 () Unknown
ntdll.dll!_RtlReportException@12 () Unknown
ntdll.dll!_RtlpTerminateFailureFilter@8 () Unknown
ntdll.dll!_RtlReportCriticalFailure@8 () Unknown
ntdll.dll!@_EH4_CallFilterFunc@8 () Unknown
ntdll.dll!ExecuteHandler2@20 () Unknown
ntdll.dll!ExecuteHandler@20 () Unknown
ntdll.dll!_RtlDispatchException@8 () Unknown
ntdll.dll!_KiUserExceptionDispatcher@8 () Unknown
ntdll.dll!_RtlReportCriticalFailure@8 () Unknown
ntdll.dll!_RtlpReportHeapFailure@4 () Unknown
ntdll.dll!_RtlpLogHeapFailure@24 () Unknown
ntdll.dll!_RtlFreeHeap@12 () Unknown
> kernel32.dll!_HeapFree@12 () Unknown
msvcr110.dll!free(void * pBlock) Line 51 C
lbcasd2.exe!CbFsCloseFileFunc(unsigned int Vcb) Line 1264 C++
lbcasd2.exe!CbFsiUcbCloseFile() Line 1149 C
lbcasd2.exe!CbFsUcbClose() Line 1049 C
lbcasd2.exe!CbFsUcbRequest() Line 345 C
lbcasd2.exe!UcbWorkerThreadProc() Line 726 C
kernel32.dll!@BaseThreadInitThunk@12 () Unknown
ntdll.dll!___RtlUserThreadStart@8 () Unknown
ntdll.dll!__RtlUserThreadStart@8 () Unknown

Posted: 10/07/2014 00:35:41
by Volodymyr Zinin (Team)

It seems the heap has already been corrupted at the time of the crash. Check first your CBFS callbacks implementation. Especially the OnClose callback. Perhaps use Application Verifier or some other verification tool for additional control of the memory integrity.



Topic viewed 1711 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!