flat assembler
Message board for the users of flat assembler.

Index > Heap > Windows stability issue

Author
Thread Post new topic Reply to topic
DustWolf



Joined: 26 Jan 2006
Posts: 373
Location: Ljubljana, Slovenia
DustWolf
Hello,

I remember a few years back it was mentioned on this forum that there is some kind of Windows kernel bug that makes Windows systems become unstable (or less stable, or memoryleaky or whatever) over time, of course until a reboot.

I was wondering what it was and if somebody could provide a source or some context for that, so that the argument could be used in discussion. Smile

Thanks guys.

LP,
Jure
Post 25 Apr 2009, 18:23
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17346
Location: In your JS exploiting you and your system
revolution
I would be surprised to learn that there is only one such bug.

But anecdotally, I still have one PC running without a reboot since August 2006. Maybe in that system I don't use any of the services/DLLs/drivers that have memory leaks? (FWIW: system is XP SP2, Dell drivers)

Also anecdotally, I have heard that the video drivers are the most common offender for generating BSODs. So perhaps they are also responsible for most of the memory leaks?

Perhaps now, a few years later, the manufacturers have upgraded their drivers and have begun to eliminate a lot of the leaks?
Post 26 Apr 2009, 00:48
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Quote:

But anecdotally, I still have one PC running without a reboot since August 2006.

So, almost three years of uninterrupted power supply? For me it is impossible to have Windows running for more than 3 months as there is always a power outage in between Sad
Post 26 Apr 2009, 01:54
View user's profile Send private message Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
UPS

_________________
Previously known as The_Grey_Beast
Post 26 Apr 2009, 02:04
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17346
Location: In your JS exploiting you and your system
revolution
4Hr UPS, aka, a laptop.
Post 26 Apr 2009, 02:22
View user's profile Send private message Visit poster's website Reply with quote
windwakr



Joined: 30 Jun 2004
Posts: 827
Location: Michigan, USA
windwakr
Why leave it on all the time? Thats a big waste of electricity.
Post 26 Apr 2009, 02:51
View user's profile Send private message Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Quote:

4Hr UPS, aka, a laptop.

Well, with this advantage I could perhaps extend the time I need a power cycle but yet the limit wouldn't be the OS and/or hardware stability but the duration of the outage that can last up to 10 hours when scheduled (and several days like in the storm of March 2008 that seriously damaged the electricity net and that the company deployed a ridiculously low amount of repairman squads).
Post 26 Apr 2009, 03:10
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17346
Location: In your JS exploiting you and your system
revolution
windwakr wrote:
Why leave it on all the time? Thats a big waste of electricity.
It is not wasting any electricity. Quite the opposite, it is busy 24/7 and is much more electrically efficient than a standard desktop or server would be. Anyhow, it also has a PSU problem and can't switch on reliably, so the last time it came on I just turned of auto-updates and left it running.

But I do think this says something about the XP SP2 kernel stability. With the right drivers and reliable well designed hardware, it is possible to have a system run for extended periods.

Perhaps the OPs question can be broken down into which part of Windows shall we consider to be a core component? The kernel is stable, but a lot of the other fluff around it (like drivers from external companies, especially video drivers) is also needed to be reliable. The OS is only as strong as the weakest link.
Post 26 Apr 2009, 05:07
View user's profile Send private message Visit poster's website Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17346
Location: In your JS exploiting you and your system
revolution
LocoDelAssembly wrote:
Well, with this advantage I could perhaps extend the time I need a power cycle but yet the limit wouldn't be the OS and/or hardware stability but the duration of the outage that can last up to 10 hours when scheduled (and several days like in the storm of March 2008 that seriously damaged the electricity net and that the company deployed a ridiculously low amount of repairman squads).
Get yourself a small generator. It doesn't have to be big, just enough to keep your critical system running. Alternatively a stationary bicycle with a dynamo might do the job (and keep you fit) Wink
Post 26 Apr 2009, 05:13
View user's profile Send private message Visit poster's website Reply with quote
Borsuc



Joined: 29 Dec 2005
Posts: 2466
Location: Bucharest, Romania
Borsuc
revolution wrote:
4Hr UPS, aka, a laptop.
A medium-to-large capacity UPS can hold a power-efficient computer (that means the CPUs efficiency comparable to laptops, not raw performance) for 4-6 hours without a monitor or active video card (which would overheat the laptop anyway). There's no reason it would provide less power than a laptop battery, it's a lot bigger and more efficient.

and of course turn off the damn monitor.

_________________
Previously known as The_Grey_Beast
Post 26 Apr 2009, 23:36
View user's profile Send private message Reply with quote
DustWolf



Joined: 26 Jan 2006
Posts: 373
Location: Ljubljana, Slovenia
DustWolf
revolution wrote:
But I do think this says something about the XP SP2 kernel stability. With the right drivers and reliable well designed hardware, it is possible to have a system run for extended periods.


We have a bunch of laptops at work that could work just fine for years... so long as don't run any programs or use any of the hardware components. Hell the neon lights we have can run continuously for decades with no stability issues at all. My point was that the system becomes unstable, will run of course since you can run a computer in BSODed state forever even with every stability issue you can think of, you just can't use it for anything or run any applications and expect them to behave as they should. That is what I call "unstable".

Quote:
Perhaps the OPs question can be broken down into which part of Windows shall we consider to be a core component? The kernel is stable, but a lot of the other fluff around it (like drivers from external companies, especially video drivers) is also needed to be reliable. The OS is only as strong as the weakest link.


I wasn't thinking of drivers... unless you mean like clock handlers which could be considered to be drivers in hybrid kernel propagandaspeak. I was thinking of the Windows kernel as such. There was mention of such stability issues which occur over long term operation. May have something to do with the system clock, but I can't really remember (and of course I can't Google it since publications of people who know what they're talking about aren't that popular).

It was mentioned here on the FASM board, allas old posts get cleared away eventually and I am left with no source for the claim.

LP,
Jure
Post 27 Apr 2009, 22:23
View user's profile Send private message AIM Address Yahoo Messenger MSN Messenger Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Quote:

May have something to do with the system clock, but I can't really remember


Well, there was a problem with some (or all?) Win9x versions that made it impossible to use for 50 days without reboot because of the tick count overflow. I wonder how many people managed to get Win9x working enough time to reproduce this bug, though...
Post 27 Apr 2009, 23:03
View user's profile Send private message Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
f0dder
DustWolf: might just be urban legends, apart from the Win9x issue where the tick counter overflows after ~53 days.

There's windows servers with several years of uptime, and it's not like they sit idle doing nothing.

From my own experience, the only things that have given me BSODs have been bad hardware or faulty drivers. Faulty drivers have been relatively seldom, but mostly video drivers, or Creative sound drivers. ATI had some really nasty crashbugs with filesystem corruption, but that's years ago.

But crashing out of the blue, caused by usermode programs? Nope. The max uptime I've had on a Windows box was around a month for an XP system, and that was a voluntary poweroff because I didn't need it powered on anymore. System was used for background computation, some p2p stuff, and normal workstation use (including games) during that time. No crashes or slowdowns or whatever.

YMMV, but generally the kernel is pretty stable, as long as you don't taint it with bad drivers, or use flaky hardware. I only recall seeing one usermode non-admin exploitable BSOD crash bug during the last few years, and that was related to some GDI flaw - and not something you'd normally hit by accident.
Post 28 Apr 2009, 00:34
View user's profile Send private message Visit poster's website Reply with quote
LocoDelAssembly
Your code has a bug


Joined: 06 May 2005
Posts: 4633
Location: Argentina
LocoDelAssembly
Quote:

I only recall seeing one usermode non-admin exploitable BSOD crash bug during the last few years, and that was related to some GDI flaw - and not something you'd normally hit by accident.

There was another with MessageBox (with MB_SERVICE_NOTIFICATION type if I remember correctly) that was posted on this forum before it got patched* (and before the bug was massively disclosed?). The first time I ran the code it shown a message box with garbled text, the second time was a loss-of-virginity BSOD (first BSOD ever on this computer with WinXP SP2).

*Don't know what is the current status of this bug but I think it must be patched already.

[edit] http://www.securiteam.com/windowsntfocus/6D00R0AHPK.html . But someone here posted fasm code exploiting this.

[edit2] Better check http://board.flatassembler.net/topic.php?p=50648#50648 (and the posts below for further information).
Post 28 Apr 2009, 01:32
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17346
Location: In your JS exploiting you and your system
revolution
Maybe I should be worried that my system will crash in 30828 when the 64bit time goes to 2^63 Confused
Post 28 Apr 2009, 02:04
View user's profile Send private message Visit poster's website Reply with quote
f0dder



Joined: 19 Feb 2004
Posts: 3170
Location: Denmark
f0dder
LocoDelAssembly: thanks for those links - I didn't mean to say that there weren't any other usermode BSOD crashes, just that I hadn't seen them Smile

And of course if you use a privilege escalation exploit (there's been a few of those), you can do whatever you want since you'll be able to load drivers... at least on XP.
Post 28 Apr 2009, 07:12
View user's profile Send private message Visit poster's website Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  


< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.