SNA Server Access Violation in Function S1PWHSES()

ID: Q214491

The information in this article applies to:
  • Microsoft SNA Server, versions 2.11, 2.11SP1, 2.11SP2, 3.0, 3.0SP1, 3.0SP2, 3.0SP3, 4.0, 4.0SP1, 4.0SP2

SYMPTOMS

The SNA Server service may terminate unexpectedly causing all connected users to lose their existing host sessions. If Drwtsn32.exe is configured as the default debugger on the system, a Drwtsn32.log file similar to the following will be generated when this problem occurs:


Application exception occurred:
        App: exe\snaservr.dbg (pid=<process id>)
        When: <date> @ <time>
        Exception number: c0000005 (access violation)

[...]

function: s1pwhses
        0105ca83 0fbf542420       movsx   edx,word ptr [esp+0x20]
ss:020de930=????
        0105ca88 4a               dec     edx
        0105ca89 bf02000000       mov     edi,0x2
        0105ca8e 83fa09           cmp     edx,0x9
        0105ca91 0f8754040000     jnbe    s1pwhses+0x4ab (0105ceeb)
        0105ca97 ff2495bccf0501
ds:0000001d=????????
                                  jmp     dword ptr [s1pwhses+0x57c
(0105cfbc)+edx*4]
        0105ca9e 66837d1401       cmp     word ptr [ebp+0x14],0x1
ss:03f0ea09=????
        0105caa3 0f8542040000     jne     s1pwhses+0x4ab (0105ceeb)
        0105caa9 e928040000       jmp     s1pwhses+0x496 (0105ced6)
        0105caae 660fb65015       movzx   dx,byte ptr [eax+0x15]
ds:02475074=??
FAULT ->0105cab3 6689551c         mov     [ebp+0x1c],dx
ss:03f0ea09=????
        0105cab7 668b5022         mov     dx,[eax+0x22]
ds:02475073=????
        0105cabb 66895508         mov     [ebp+0x8],dx
ss:03f0ea09=????
        0105cabf 8a5024           mov     dl,[eax+0x24]
ds:02475072=??
        0105cac2 88550a           mov     [ebp+0xa],dl
ss:03f0ea08=??
        0105cac5 668b400c         mov     ax,[eax+0xc]
ds:02475073=????
        0105cac9 6689450c         mov     [ebp+0xc],ax
ss:03f0ea09=????
        0105cacd 0fbf5104         movsx   edx,word ptr [ecx+0x4]
ds:02e735fb=????
        0105cad1 8a440a29         mov     al,[edx+ecx+0x29]
ds:02e735fb=??
        0105cad5 884520           mov     [ebp+0x20],al
ss:03f0ea08=??
        0105cad8 8b5109           mov     edx,[ecx+0x9]
ds:02e735fa=????????
        0105cadb 895530           mov     [ebp+0x30],edx
ss:03f0ea08=????????

*----> Stack Back Trace <----*

FramePtr ReturnAd Param#1  Param#2  Param#3  Param#4  Function Name
03000002 00000000 00000000 00000000 00000000 00000000 snaservr!s1pwhses
(FPO: [EBP 0x00000000] [2,3,4])
03000012 00000000 00000000 00000000 00000000 00000000 snaservr!<nosymbols>

In addition, the SNA Server will log a message similar to the following in the Windows NT Application Event Log:
Event ID: 624
Source: SNA Server
Description: Creating dump file <snaroot>\traces\snadump.log for snaservr.exe.

For additional information about another SNA Server access violation caused by an invalid emulator message, please see the following article in the Microsoft Knowledge Base:
ARTICLE-ID: Q196921
TITLE : SNA Server Access Violation in Function S1PWLUSE()


CAUSE

The access violation in the S1PWHSES() function is caused because the SNA Server service attempts to process an incorrectly formatted message that it received from a client across the native 3270 emulator interface (3270 Emulator Interface Specification).


RESOLUTION

SNA Server 4.0

To resolve this problem, obtain the latest service pack for SNA Server version 4.0. For additional information, please see the following article in the Microsoft Knowledge Base:
Q215838 How to Obtain the Latest SNA Server Version 4.0 Service Pack

SNA Server 3.0

To resolve this problem, obtain the latest service pack for SNA Server version 3.0. For additional information, please see the following article in the Microsoft Knowledge Base:
Q184307 How to Obtain the Latest SNA Server Version 3.0 Service Pack


STATUS

Microsoft has confirmed this to be a problem in Microsoft SNA Server versions 2.11, 2.11 SP1, 2.11 SP2, 3.0, 3.0 SP1, 3.0 SP2, 3.0 SP3, 4.0, 4.0 SP1, and 4.0 SP2. This problem was first corrected in SNA Server version 3.0 Service Pack 4 and SNA Server version 4.0 Service Pack 3.


MORE INFORMATION

After applying the update, the SNA Server service will discard the invalid message that caused this access violation. In addition, the following message will be logged in the Windows NT Application Event Log when one of these invalid messages is detected:

Event ID: 98
Source: SNA Server
Description: A 3270 emulator sent an invalid message, which has been discarded by SNA Server.

Client Workstation: <workstation name>
Client Domain: <domain name>
Client User: <user name>


For additional information about configuring Drwtsn32.exe as the default debugger, please see the following article in the Microsoft Knowledge Base:
ARTICLE-ID: Q188296
TITLE : How to Disable Dr. Watson for Windows NT

Additional query words:

Keywords : sna3sp4fix sna4sp3fix
Version : WINDOWS:2.11,2.11SP1,2.11SP2,3.0,3.0SP1,3.0SP2,3.0SP3,4.0,4.0SP1
Platform : WINDOWS
Issue type : kbbug


Last Reviewed: September 29, 1999
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.