|
|
Joined: Oct 2003
Posts: 4
Self-satisified door
|
OP
Self-satisified door
Joined: Oct 2003
Posts: 4 |
This happens everytime I connect to a random IRC server, with mIRC running a custom script. This only happened after I had to install the .NET framework because of VS.NET. I tried upgrading to .NET SP2 but no help. I'm running Win XP with all the security patches. The mIRC error during crash is:
The instruction at "0x77f83aed" referenced memory at "0x00000000". The memory could not be "written".
A chunk of disassembly (break point indended):
77F83AC7 mov al,byte ptr [edi+5]
77F83AC7 mov al,byte ptr [edi+5]
77F83ACA and al,10h
77F83ACC test al,10h
77F83ACE mov byte ptr [esi+5],al
77F83AD1 je 77F83ADE
77F83AD3 movzx eax,byte ptr [esi+4]
77F83AD7 mov eax,dword ptr [ebx+eax*4+58h]
77F83ADB mov dword ptr [eax+38h],esi
77F83ADE push edi
77F83ADF push ebx
77F83AE0 call 77F82F79
77F83AE5 mov eax,dword ptr [edi+8]
77F83AE8 mov ecx,dword ptr [edi+0Ch]
77F83AEB cmp eax,ecx
77F83AED mov dword ptr [ecx],eax
77F83AEF mov dword ptr [eax+4],ecx
77F83AF2 jne 77F83B15
77F83AF4 mov ax,word ptr [edi]
77F83AF7 cmp ax,80h
77F83AFB jae 77F83B15
77F83AFD movzx ecx,ax
77F83B00 mov eax,ecx
77F83B02 and ecx,7
77F83B05 mov dl,1
77F83B07 shr eax,3
77F83B0A shl dl,cl
77F83B0C lea eax,[eax+ebx+158h]
77F83B13 xor byte ptr [eax],dl
77F83B15 mov al,byte ptr [edi+5]
77F83B18 test al,4
77F83B1A je 77F83B88
77F83B1C test al,2
77F83B1E movzx ecx,word ptr [edi]
77F83B21 lea ecx,[ecx*8-10h]
77F83B28 mov dword ptr [ebp+14h],ecx
77F83B2B je 77F83B36
Note that this is reproducible down to the exact same memory addresses and assembly instuctions for every crash, but shouldn't be an exploit by someone as I connect to a random server and mIRC crashes within 2 minutes. Appreciate any help, let me know any more info you need me to provide to trace this bug. Is anyone having the same problem ?
|
|
|
|
|
Joined: Dec 2002
Posts: 3,138
Hoopy frood
|
|
Hoopy frood
Joined: Dec 2002
Posts: 3,138 |
This happens everytime I connect to a random IRC server, with mIRC running a custom script. Have you tried it on a plain installation of mIRC with no scripts? Try turning remotes off with /!remote off, restarting mIRC and see if it still happens.
|
|
|
|
|
Joined: Dec 2002
Posts: 1,527
Hoopy frood
|
|
Hoopy frood
Joined: Dec 2002
Posts: 1,527 |
ok im gonna take a guess and say u have a dll that performs a function on connect, and im going to also take another assumption and say the dll subclasses the mirc to perform certain things, im only guessing this because i too encountered the same problem immediatly after installing VS.net and then found outthat my problem was caused by order of unload on the dlls, remember if a dll subclasses mirc then the next dll u load would be calling functions under that subclassed mirc not the normal mirc. so if u unload dll 1 before dll2 u will get a memory error, something like unable to write to memory block and address 234r123(example not real address block) hopefully this helps alil
D3m0nnet.com
|
|
|
|
|
Joined: Jan 2003
Posts: 3,012
Hoopy frood
|
|
Hoopy frood
Joined: Jan 2003
Posts: 3,012 |
-KingTomato
|
|
|
|
|
Joined: Oct 2003
Posts: 4
Self-satisified door
|
|
OP
Self-satisified door
Joined: Oct 2003
Posts: 4 |
replying to another post, no mirc doesn't crash with a clean copy. It crashes when I run a script I wrote which yes, Does load a dll which I need to directly interface with Mysql: http://www.mircscripts.org/comments.php?id=1542Nice to hear that you are having the same issue after installing .NET, coz I too have this problem only after installing .NET, I've been running this script for months now. (it does crash occasionally but not like this) I've taken your advice and tried disabling ocassional unloading of dll (there is only 1 dll). No luck, still crashes within 2 minutes of connecting (when traffic comes in and the dll actually gets used a few times). I would uninstall this .NET POS, but i need it right now for Visual C.net which i need for a school project. Any idea for a fix beside uninstalling .NET? Or a possibly a more permanent fix in next version of mIRC, since this bug seems to be reproducible with .NET and dlls?
|
|
|
|
|
Joined: Oct 2003
Posts: 4
Self-satisified door
|
|
Self-satisified door
Joined: Oct 2003
Posts: 4 |
I think this problem is related with DCC's. Precisely, with DCC's Closing. Do you have any DCC Send/Chat in this script?
|
|
|
|
|
Joined: Oct 2003
Posts: 4
Self-satisified door
|
|
OP
Self-satisified door
Joined: Oct 2003
Posts: 4 |
actually nah, I fixed it. It was a corrupted Mysql database table that caused problems with the dll, which in turn crashed Mirc. The dll doesn't seem to do null pointers et al. very well, oh well. At least it works now if everything plays nicely.
However, I'm curious if mIRC can be made more resilient to crashes due to dlls, or it's inherently the dll's job to do memory handling properly and not crash mIRC?
|
|
|
|
|
Joined: Dec 2002
Posts: 1,527
Hoopy frood
|
|
Hoopy frood
Joined: Dec 2002
Posts: 1,527 |
mirc cant really be made more resiliant for crashes on dlls that alter or retunr info to mirc, until mirc becomes multithreaded, and given the ability to end process of corrupted thread. mine was a simple fix for me and it only happened to me on close of mirc, i reordered the loading and unloading of dlls and it fixed it, thanx to naru for that lil suggestion.
D3m0nnet.com
|
|
|
|
|
Joined: Oct 2003
Posts: 4
Self-satisified door
|
|
OP
Self-satisified door
Joined: Oct 2003
Posts: 4 |
multithreads... Khaled, are you listening??  and thx to your help too, it got me looking more closely at what the dll is doing.
|
|
|
|
|
Joined: Jun 2003
Posts: 195
Vogon poet
|
|
Vogon poet
Joined: Jun 2003
Posts: 195 |
actually there would be little mirc could do. a dll can try to write to memory that simply doesnt exist for example char *blah; blah[0] = 'c'; because the dll is loaded into the address space of mircs main thread then that thread is closed (by windows). adding additional threads would add to the complexity of the situation. A dll may be loaded in a seperate thread and tries to access shared resources. this can also cause crashes and at the very least corruption of said resource. There are of course solutions one can use such as semaphores ctritical sections mutex's and the like however the code can become quite complex and quite difficult to track down errors. in this example it was the fault of the dll not handling NULL pointers and not mirc's perhaps a quick message to the author of the dll might be helpful 
Have Fun
|
|
|
|
|
Joined: Apr 2003
Posts: 210
Fjord artisan
|
|
Fjord artisan
Joined: Apr 2003
Posts: 210 |
Doesn't $dllcall run the DLL in it's own thread?
|
|
|
|
|
Joined: Jan 2003
Posts: 3,012
Hoopy frood
|
|
Hoopy frood
Joined: Jan 2003
Posts: 3,012 |
I would assume since mirc is single threaded, no.
-KingTomato
|
|
|
|
|
Joined: Oct 2003
Posts: 11
Pikka bird
|
|
Pikka bird
Joined: Oct 2003
Posts: 11 |
*sigh* KingTomato, before replying to other people's posts, please get your facts straight. $dllcall does indeed call the dll in its own thread. It says so right in the DLL section of the mIRC help file. I quote:
$dllcall() is multi-threaded so it will not halt the script and will call the specified alias once the call returns.
kthxbye
^------rintaun irl
|
|
|
|
|
