M
Melissa
The "ntsd" program breaks after installing Service Pack 2.
This is very easy to reproduce. Go to start/run and
type "ntsd notepad". A debugger window for Notepad will
come up. At the debugger prompt, type the following:
a esp-100
mov eax,1
ntsd will crash, after trying to load symbol data to try
to resolve the meaning of "1". This happens every time
under XP SP2, but not under any other version of Windows
NT.
esp-100 is valid memory, because esp is initialized to the
end of a page and -100 from there is still within a page.
This means that writing to that memory is a reasonable
request. This occurs on both Pentium 4 machines and
Athlon 64 machines, which have the NX bit. Since this is
data memory, no exception should be occurring.
Interestingly, the following does not crash:
e esp-100 b8 01 00 00 00
which should be exactly equivalent.
Melissa
This is very easy to reproduce. Go to start/run and
type "ntsd notepad". A debugger window for Notepad will
come up. At the debugger prompt, type the following:
a esp-100
mov eax,1
ntsd will crash, after trying to load symbol data to try
to resolve the meaning of "1". This happens every time
under XP SP2, but not under any other version of Windows
NT.
esp-100 is valid memory, because esp is initialized to the
end of a page and -100 from there is still within a page.
This means that writing to that memory is a reasonable
request. This occurs on both Pentium 4 machines and
Athlon 64 machines, which have the NX bit. Since this is
data memory, no exception should be occurring.
Interestingly, the following does not crash:
e esp-100 b8 01 00 00 00
which should be exactly equivalent.
Melissa