HEAP and FarCry installer

Sun, 29 Aug 2010 00:52:26 -0700 

Hope i don't bother you much, but i guess you would tell me...

I still have a problem with FarCry installer. During that i found
HEAP issue - based on assumption, that message "Heap invalid in-use
arena magic 00eefeee" is unhealthy.

So program allocates 6fc bytes at 0x14c160 and free those bytes at
the end of the following list, but immediately tries to free another
heap at 14c188 which belongs to the freed area already, right?. Also
there is no trace, that the program allocates that 14c188 memory. Is
that bug or nothing unusual?

Longer log attached.

0009:Call ntdll.RtlAllocateHeap(00110000,00000000,000006fc)
ret=7dfef944
0009:Ret  ntdll.RtlAllocateHeap() retval=0014c160 ret=7dfef944
0009:Call version.GetFileVersionInfoW(00157a88 L"C:\\Program
Files\\Common Files\\InstallShield\\Driver\\9\\Intel
32\\IDriver.exe",00000000,000006fc,0014c160) ret=7dff45c1

...

0009:Ret  version.GetFileVersionInfoW() retval=00000001 ret=7dff45c1
0009:Call version.VerQueryValueW(0014c160,7e078b84
L"\\",0034beec,0034bee4) ret=7dff45e7
0009:Ret  version.VerQueryValueW() retval=00000001 ret=7dff45e7
0009:Call ntdll.RtlFreeHeap(00110000,00000000,0014c160) ret=7dfefa1e
0009:Ret  ntdll.RtlFreeHeap() retval=00000001 ret=7dfefa1e
0009:Call ntdll.RtlFreeHeap(00110000,00000000,0014c188) ret=7dfefa1e
warn:heap:HEAP_ValidateInUseArena Heap 0x110000: invalid in-use
arena magic 00eefeee for 0x14c180
0009:Ret  ntdll.RtlFreeHeap() retval=00000000 ret=7dfefa1e


0009:Call ntdll.RtlAllocateHeap(00110000,00000000,000006fc) ret=7dfef944
0009:Ret  ntdll.RtlAllocateHeap() retval=0014c160 ret=7dfef944
0009:Call version.GetFileVersionInfoW(00157a88 L"C:\\Program Files\\Common 
Files\\InstallShield\\Driver\\9\\Intel 
32\\IDriver.exe",00000000,000006fc,0014c160) ret=7dff45c1
0009:Call KERNEL32.LZOpenFileW(00157a88 L"C:\\Program Files\\Common 
Files\\InstallShield\\Driver\\9\\Intel 32\\IDriver.exe",0034bd70,00000000) 
ret=7ee0c5be
0009:Ret  KERNEL32.LZOpenFileW() retval=00000044 ret=7ee0c5be
0009:Call KERNEL32.LZSeek(00000044,00000000,00000000) ret=7ee0f04d
0009:Ret  KERNEL32.LZSeek() retval=00000000 ret=7ee0f04d
0009:Call KERNEL32.LZRead(00000044,0034bcc8,00000040) ret=7ee0f06a
0009:Ret  KERNEL32.LZRead() retval=00000040 ret=7ee0f06a
0009:Call KERNEL32.LZSeek(00000044,00000108,00000000) ret=7ee0f0f7
0009:Ret  KERNEL32.LZSeek() retval=00000108 ret=7ee0f0f7
0009:Call KERNEL32.LZRead(00000044,0034bcc5,00000002) ret=7ee0f114
0009:Ret  KERNEL32.LZRead() retval=00000002 ret=7ee0f114
0009:Call KERNEL32.LZSeek(00000044,00000108,00000000) ret=7ee0f140
0009:Ret  KERNEL32.LZSeek() retval=00000108 ret=7ee0f140
0009:Call KERNEL32.LZSeek(00000044,00000000,00000001) ret=7ee0f59e
0009:Ret  KERNEL32.LZSeek() retval=00000108 ret=7ee0f59e
0009:Call KERNEL32.LZRead(00000044,0034bb88,00000108) ret=7ee0f5c4
0009:Ret  KERNEL32.LZRead() retval=00000108 ret=7ee0f5c4
0009:Call ntdll.RtlAllocateHeap(00110000,00000000,000000a0) ret=7ee0f6f4
0009:Ret  ntdll.RtlAllocateHeap() retval=00147c88 ret=7ee0f6f4
0009:Call KERNEL32.LZSeek(00000044,00000200,00000000) ret=7ee0f73a
0009:Ret  KERNEL32.LZSeek() retval=00000200 ret=7ee0f73a
0009:Call KERNEL32.LZRead(00000044,00147c88,000000a0) ret=7ee0f771
0009:Ret  KERNEL32.LZRead() retval=000000a0 ret=7ee0f771
0009:Call ntdll.RtlAllocateHeap(00110000,00000000,0001e000) ret=7ee0f8d7
0009:Ret  ntdll.RtlAllocateHeap() retval=001e9ad0 ret=7ee0f8d7
0009:Call KERNEL32.LZSeek(00000044,0009c000,00000000) ret=7ee0f942
0009:Ret  KERNEL32.LZSeek() retval=0009c000 ret=7ee0f942
0009:Call KERNEL32.LZRead(00000044,001e9ad0,0001e000) ret=7ee0f95e
0009:Ret  KERNEL32.LZRead() retval=0001e000 ret=7ee0f95e
0009:Call ntdll.RtlFreeHeap(00110000,00000000,001e9ad0) ret=7ee0fc38
0009:Ret  ntdll.RtlFreeHeap() retval=00000001 ret=7ee0fc38
0009:Call ntdll.RtlFreeHeap(00110000,00000000,00147c88) ret=7ee0fc63
0009:Ret  ntdll.RtlFreeHeap() retval=00000001 ret=7ee0fc63
0009:Call KERNEL32.LZSeek(00000044,0009d4f0,00000000) ret=7ee0c606
0009:Ret  KERNEL32.LZSeek() retval=0009d4f0 ret=7ee0c606
0009:Call KERNEL32.LZRead(00000044,0014c160,0000037c) ret=7ee0c62d
0009:Ret  KERNEL32.LZRead() retval=0000037c ret=7ee0c62d
0009:Call KERNEL32.LZClose(00000044) ret=7ee0c63e
0009:Ret  KERNEL32.LZClose() retval=00000000 ret=7ee0c63e
0009:Ret  version.GetFileVersionInfoW() retval=00000001 ret=7dff45c1
0009:Call version.VerQueryValueW(0014c160,7e078b84 L"\\",0034beec,0034bee4) 
ret=7dff45e7
0009:Ret  version.VerQueryValueW() retval=00000001 ret=7dff45e7
0009:Call ntdll.RtlFreeHeap(00110000,00000000,0014c160) ret=7dfefa1e
0009:Ret  ntdll.RtlFreeHeap() retval=00000001 ret=7dfefa1e
0009:Call ntdll.RtlFreeHeap(00110000,00000000,0014c188) ret=7dfefa1e
warn:heap:HEAP_ValidateInUseArena Heap 0x110000: invalid in-use arena magic 
00eefeee for 0x14c180
0009:Ret  ntdll.RtlFreeHeap() retval=00000000 ret=7dfefa1e























					Reply via email to