Microsoft KB Archive/214491

= SNA Server Access Violation in Function S1PWHSES =

Article ID: 214491

Article Last Modified on 9/22/2005

-

APPLIES TO


 * Microsoft SNA Server 1.0

-



This article was previously published under Q214491





SYMPTOMS
The SNA Server service may terminate unexpectedly causing all connected users to lose their existing host sessions. If Drwtsn32.exe is configured as the default debugger on the system, a Drwtsn32.log file similar to the following will be generated when this problem occurs: Application exception occurred: App: exe\snaservr.dbg (pid= ) When: @ Exception number: c0000005 (access violation)

[...]

function: s1pwhses 0105ca83 0fbf542420      movsx   edx,word ptr [esp+0x20] ss:020de930=???? 0105ca88 4a              dec     edx 0105ca89 bf02000000      mov     edi,0x2 0105ca8e 83fa09          cmp     edx,0x9 0105ca91 0f8754040000    jnbe    s1pwhses+0x4ab (0105ceeb) 0105ca97 ff2495bccf0501 ds:0000001d=???????? jmp    dword ptr [s1pwhses+0x57c (0105cfbc)+edx*4] 0105ca9e 66837d1401      cmp     word ptr [ebp+0x14],0x1 ss:03f0ea09=???? 0105caa3 0f8542040000    jne     s1pwhses+0x4ab (0105ceeb) 0105caa9 e928040000      jmp     s1pwhses+0x496 (0105ced6) 0105caae 660fb65015      movzx   dx,byte ptr [eax+0x15] ds:02475074=?? FAULT ->0105cab3 6689551c        mov     [ebp+0x1c],dx ss:03f0ea09=???? 0105cab7 668b5022        mov     dx,[eax+0x22] ds:02475073=???? 0105cabb 66895508        mov     [ebp+0x8],dx ss:03f0ea09=???? 0105cabf 8a5024          mov     dl,[eax+0x24] ds:02475072=?? 0105cac2 88550a          mov     [ebp+0xa],dl ss:03f0ea08=?? 0105cac5 668b400c        mov     ax,[eax+0xc] ds:02475073=???? 0105cac9 6689450c        mov     [ebp+0xc],ax ss:03f0ea09=???? 0105cacd 0fbf5104        movsx   edx,word ptr [ecx+0x4] ds:02e735fb=???? 0105cad1 8a440a29        mov     al,[edx+ecx+0x29] ds:02e735fb=?? 0105cad5 884520          mov     [ebp+0x20],al ss:03f0ea08=?? 0105cad8 8b5109          mov     edx,[ecx+0x9] ds:02e735fa=???????? 0105cadb 895530          mov     [ebp+0x30],edx ss:03f0ea08=????????


 * > Stack Back Trace <*

FramePtr ReturnAd Param#1 Param#2  Param#3  Param#4  Function Name 03000002 00000000 00000000 00000000 00000000 00000000 snaservr!s1pwhses (FPO: [EBP 0x00000000] [2,3,4]) 03000012 00000000 00000000 00000000 00000000 00000000 snaservr! In addition, the SNA Server will log a message similar to the following in the Windows NT Application Event Log:

Event ID: 624

Source: SNA Server

Description: Creating dump file \traces\snadump.log for snaservr.exe.

For additional information about another SNA Server access violation that is caused by an invalid emulator message, click the following article number to view the article in the Microsoft Knowledge Base:

196921 SNA Server Access Violation in Functions S1PWLUSE



CAUSE
The access violation in the S1PWHSES function is caused because the SNA Server service attempts to process an incorrectly formatted message that it received from a client across the native 3270 emulator interface (3270 Emulator Interface Specification).



SNA Server 4.0
To resolve this problem, obtain the latest service pack for SNA Server version 4.0. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

215838 How to Obtain the Latest SNA Server Version 4.0 Service Pack

SNA Server 3.0
To resolve this problem, obtain the latest service pack for SNA Server version 3.0. For additional information, click the following article number to view the article in the Microsoft Knowledge Base:

184307 How to Obtain the Latest SNA Server Version 3.0 Service Pack



STATUS
Microsoft has confirmed that this is a problem in Microsoft SNA Server versions 2.11, 2.11 SP1,2.11 SP2, 3.0, 3.0 SP1, 3.0 SP2, 3.0 SP3, 4.0, 4.0 SP1, and 4.0 SP2. This problem was first corrected in SNA Server version 3.0 Service Pack 4 and SNA Server version 4.0 Service Pack 3.



MORE INFORMATION
After applying the update, the SNA Server service will discard the invalid message that caused this access violation. In addition, the following message will be logged in the Windows NT Application Event Log when one of these invalid messages is detected:

Event ID: 98

Source: SNA Server

Description: A 3270 emulator sent an invalid message, which has been discarded by SNA Server.

Client Workstation:

Client Domain:

Client User:

