mahalax

We have a WCF service hosted as a console application. We tried the test case 32 with the console application using the below commands:

threadhijacker.exe /tid:2768 /processname:BancassuranceHost.exe /crash:av

Result:

Attempting to hijack thread 2768
Causing Access Violation Exception
Found Process, ID: 744 (dec), 0x2E8 (hex)
Code Injected to: 04060000, code injected from: 0006EBD4

 

threadhijacker.exe /pid:744 /processname:BancassuranceHost.exe /crash:av

Result:

Found Thread, ID: 2768 (dec), 0xAD0 (hex)
Attempting to hijack thread 2768
Causing Access Violation Exception
Found Process, ID: 744 (dec), 0x2E8 (hex)
Code Injected to: 04070000, code injected from: 0006EBD4

But it seems like the threadhijacker has not injected the AV into the application. To verify this, we tried catching a GeneralException in the application's main thread and writing it to the console. But we notice that no AV exception is caught. We have checked the whole Host application for GeneralException catches, but none is there. Please help.

Thanks.




Re: Application Compatibility for Windows Vista TC32: ThreadHijacker does not inject AV into Console Application

Oliver Lundt - LN

Are all processes running at the same level "asInvoker" and under the same user



Re: Application Compatibility for Windows Vista TC32: ThreadHijacker does not inject AV into Console Application

mahalax

The Console Application runs as Administrator and we ran the threadhijacker from an elevated console under the same user(administrator).




Re: Application Compatibility for Windows Vista TC32: ThreadHijacker does not inject AV into Console Application

mahalax

Please help us find whether we are missing something.

Thanks.






Re: Application Compatibility for Windows Vista TC32: ThreadHijacker does not inject AV into Console Application

Bruce N. Baker - MSFT

What does the event log say




Re: Application Compatibility for Windows Vista TC32: ThreadHijacker does not inject AV into Console Application

mahalax

I actually found that the way thread hijacker works is it injects an access violation into one of the threads. If the thread lays dormant (which is the case in many console apps) the access violation is not encountered. After injecting the crash, performing an action on the application ensures the access violation is encountered. I did some actoin on the Console Application, which actually showed Access Violation and crashed. We get the WER dialog and there is also a application error reported in the Event log. However, I do not get the WER error into the Event log.

The console application acts as a host to our WCF services and we have automatic WER for all users in the "Problems & Solutions" snap-in from the Control Panel. Please let me know if this is ok to pass TC32, or am I missing something in my app.

Thanks.






Re: Application Compatibility for Windows Vista TC32: ThreadHijacker does not inject AV into Console Application

Bruce N. Baker - MSFT

1. You should get a application error in the log - Which you did

2. You should get a INFORMATION message with the source as WER






Re: Application Compatibility for Windows Vista TC32: ThreadHijacker does not inject AV into Console Application

mahalax

We are getting the INFORMATION message with source as WER, but we find that we do not get everytime we inject AV to the app. The behavior is inconsistent. We are not sure what are we missing.




Re: Application Compatibility for Windows Vista TC32: ThreadHijacker does not inject AV into Console Application

mahalax

We found out that the WER record is logged into the event log only if the machine is connected to the internet. The issue is now solved.