Hi, I've traced this and problem is in API function WriteFile, further in some NT internal call (int 2E), it only occurs when console is used as the output file. A have two different results, on one computer this leads to system reset, on the other to BSOD (0xc000021a STOP). All were W2K, SP2. I'll try tomorrow on NT4. The registers before int 2E call were: EAX = 000000B0 EBX = 00000000 ECX = 0094007C EDX = 0012F914 ESI = 0012F954 EDI = 00000000 EIP = 77F8224B ESP = 0012F910 EBP = 0012F92C EFL = 00000246 MM0 = 0000000000000000 MM1 = 0000000000000000 MM2 = 0000000000000000 MM3 = 0000000000000000 MM4 = 0000000000000000 MM5 = 0000000000000000 MM6 = 0000000000000000 MM7 = 0000000000000000 CS = 001B DS = 0023 ES = 0023 SS = 0023 FS = 0038 GS = 0000 OV=0 UP=0 EI=1 PL=0 ZR=1 AC=0 PE=1 CY=0 ST0 = +0.00000000000000000e+0000 ST1 = +0.00000000000000000e+0000 ST2 = +0.00000000000000000e+0000 ST3 = +0.00000000000000000e+0000 ST4 = +0.00000000000000000e+0000 ST5 = +0.00000000000000000e+0000 ST6 = +0.00000000000000000e+0000 ST7 = +0.00000000000000000e+0000 CTRL = 027F STAT = 0000 TAGS = FFFF EIP = 00000000 CS = 0000 DS = 0000 EDO = 00000000 Martin. ______________________________________________________________ > Od: Teodor Cimpoesu <teoat_private> > Komu: vuln-devat_private > CC: > Datum: Mon, 29 Oct 2001 17:19:47 +0200 > Předmět: weird Windows 2000/XP bug > > Some guys arround here are having fun with a little C program which causes > Windows200/XP to reboot: > > #include <stdio.h> > > int main(void) > { > while (1) > printf("\t\t\b\b\b\b\b\b"); > return 0; > } > > I don't know exactly where it was first seen, and who discovered it; just > thought to forward it here maybe others have insights. > > comments? > > -- teodor > ----- Nový vyhledávač pro český internet www.webfast.cz - prostě najde ...
This archive was generated by hypermail 2b30 : Tue Oct 30 2001 - 11:19:38 PST