CreateProcessAsUser fails on Windows XP with System error 233

Today I fixed one bug that was very hard to reproduce. Many hours were spent to figure out what combination caused it:

  • It happens only on Windows XP (not on Vista, Server 2003, 2008, Win 7);
  • It does not happens on all Windows XP, because it is Race condition;
  • I was unable to reproduce it with physical glass/monitor attached to the computer; It only happened using Remote Desktop;
  • It does not happen when debugger is attached and breakpoint is being hit;

Latter I found people that have similar issue:

The code is the following:
WTSQueryUserToken(..., &hToken);
SetTokenInformation(hToken, ...);
SomeVistaAndWin7ElevatedTokenStuff(hToken);
CreateProcessAsUser(hToken, ...);

And CreateProcessAsUser fails with GetLastError() = 233. Looking in System Error Codes (0-499) – ERROR_PIPE_NOT_CONNECTED 233 (0xE9) – No process is on the other end of the pipe.

The confusing part is about Pipe, because you didn’t expect to get pipe error here – you have not created any pipe.

In the first post I have linked, Thomas Graefenhain writes:

I’ve debugged a little bit with the kernel debugger, and have found the
problem: CreateProcessAsUser uses internally, when creating a process in an
other session, the function CreateRemoteProcessW from ADVAPI32.DLL. This
function opens a pipe with the name
\\.\Pipe\TerminalServer\SystemExecSrvr\%d where %d is the SessionID and
sending the request over to csrss.exe. …

In another post someone mentioned that Sleep(2000) fixed the problem. This explains why under debugger everything works without an error.

The good news is that it happens only under Windows XP and under Remote Desktop, so small group of users are affected. The bad new is that there are no elegant workarounds. Windows XP is in the Extended Support Phase, so I am not counting on fix from Microsoft.

Currently I use the following workaround (simplified version, see below). If you have something better or more elegant, please let me know in the comments below.
{
     Sleep(100);
     CreateProcessAsUser(hToken, ...);
} while (wasError && GetLastError() == 233 && IsWindowsXP());

Microsoft’s PowerShell hangs when output is captured using Windows API

I was debugging a program that uses Windows API (Creating a Child Process with Redirected Input and Output) to capture stdout of Microsoft’s Windows PowerShell.

Script passed to PowerShell (-File switch) didn’t execute and PowerShell just hanged until killed by Task Manager.

It turns out that you need to use undocumented parameter “-InputFormat none”:
C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe -InputFormat none -File file.ps1

This is discussed in MS Connect site: PowerShell.exe can hang if STDIN is redirected.

Similar issue at StackOverflow: Silently executing a PowerShell script from WiX Hangs PowerShell.

2011 links no. 2

Stack Overflow profiler open sourced: Profiling your website like a true Ninja.

Smaller is Faster (and Safer Too). Chrome team have just started using a new compression algorithm called Courgette to make Google Chrome updates small. Read more.

Ask Amir Taaki About Bitcoin. From Slashdot.

The Four Stages of NTFS File Growth from Windows Server Core Team.

Some articles from CodeProject:

Rosa Golijan writes about what happens on the Internet every 60 seconds.

The Biggest Changes in C++11 (and Why You Should Care) by Danny Kalev.

Are You Too Good For Code Reviews? Articles and discussion in Slashdot.

Google’s Swiffy converts Flash SWF files to HTML5.

Have you wondered whether WordPress can handle high-volume traffic? High Traffic Tips For WordPress.

The most detailed story about Stuxnet: How Digital Detectives Deciphered Stuxnet, the Most Menacing Malware in History.

How to build your own 135TB RAID6 storage pod for $7,384 from extremetech.com.

Investigation: Is Your SSD More Reliable Than A Hard Drive? from tomshardware.com.

pdf.js is a technology demonstrator prototype to explore whether the HTML5 platform is complete enough to faithfully and efficiently render the ISO 32000-1:2008 Portable Document Format (PDF) without native code assistance. From Dr. Andreas Gal.