Squirrelly GPFs back

vefatica · 2012-04-02

I used to have a problem with TCC GPFing in a loop while processing the mail-server intruders on lucky (think I sent script, et c.). That went away for quite a while. It's doing it again rather serendipitously. Here's one GPF file.

TCC 13.04.56
Module=D:\tc13\TakeCmd.dll
Address=10092766
Exception=C0000005
EAX=010E4DF8 EBX=7C80BAF4 ECX=0642B084 EDX=010D4E04
ESI=00000018 EDI=00000004 EBP=010ECE30 ESP=010D4DE8
CS=0000001B DS=00000023 ES=00000023 SS=00000023
Flags=00010246
Stack:
1 : TakeCmd.dll 00000001:00091766
2 : TakeCmd.dll 00000001:00023baf

rconn · 2012-04-02

That's in the RunPlugin() code, called from VariableFunctions() -- something wrong in one of the plugins you've loaded?

Can you reproduce it reliably?

vefatica · 2012-04-02

rconn said:
That's in the RunPlugin() code, called from VariableFunctions() -- something wrong in one of the plugins you've loaded?

Can you reproduce it reliably?

No I can't. In fact it will bomb in the same place several times and the next try make it past that place. And that's how it was some months ago when I had the same problem. It uses exactly one plugin (XREPLACE) once each time through its loop. I've built in a before/after message to see if that's where it's crashing but I'll have to wait for more unwanted SMTP connections to test it.

The line looks like this and is only executed if "%string" NE "". It picks out a two-letter country code.

Code:

set country=%@upper[%@xreplace["(?i)country:\s*(..).*",\1,%string]]

vefatica · 2012-04-11

It's crashing in here (nothing to do with the plugin) ... and not always the same time through the enclosing loop (given the same data)

Code:

do while "%string" EQ ""
  iff %reg eq 3 then
   set string=%@execstr[d:\uty\whois.exe -h %[reg%reg] "n + %ip" | d:\ttk\grep ountry.* 2> NUL]
  else
   set string=%@execstr[d:\uty\whois.exe -h %[reg%reg] %ip | d:\ttk\grep ountry.* 2> NUL]
  if "%string" eq "" delay 30
 enddo

rconn · 2012-04-11

Have you tried running it in the debugger to see exactly where the crash occurs?

And can you simplify that to something that doesn't run external apps that I don't have? (And with some idea what data you're passing it?)

vefatica · 2012-04-12

vefatica said:
It's crashing in here (nothing to do with the plugin) ... and not always the same time through the enclosing loop (given the same data)

Code:

do while "%string" EQ "" iff %reg eq 3 then set string=%@execstr[d:\uty\whois.exe -h %[reg%reg] "n + %ip" | d:\ttk\grep ountry.* 2> NUL] else set string=%@execstr[d:\uty\whois.exe -h %[reg%reg] %ip | d:\ttk\grep ountry.* 2> NUL] if "%string" eq "" delay 30 enddo

I'm working on a slimmed down version (not easy) that shows the same error. In doing so, I noticed a missing ENDIFF in the code above; it should be after the second "set string". Would that omission **sometimes** (rather randomly) cause a GPF? The script, even with that omission has (almost always) worked well for nearly two years.

rconn · 2012-04-12

You will eventually consume all the stack and crash, but it will require a fair amount of looping.

vefatica · 2012-04-12

rconn said:
You will eventually consume all the stack and crash, but it will require a fair amount of looping.

That wasn't it then. I run the script every few days, processing only a handful or two data. I'll keep watching.

Search

Welcome!

Squirrelly GPFs back

vefatica

rconn

Administrator

vefatica

vefatica

rconn

Administrator

vefatica

rconn

Administrator

vefatica