STATUS_ACCESS_VIOLATION

[GoogleCodeExporter]

Hi, do you know why would I be getting this error with 2.04b:

Exception: STATUS_ACCESS_VIOLATION at eip=61127503
eax=2008BFEE ebx=00000000 ecx=00000000 edx=00000000 esi=2009E83E edi=004318D9
ebp=0028C538 esp=0028C510 
program=C:\Users\[USERNAME]\Desktop\skipfish\skipfish-2.04b\skipfish.exe, pid 
2444, thread main
cs=0023 ds=002B es=002B fs=0053 gs=002B ss=002B
Stack trace:
Frame     Function  Args
0028C538  61127503  (00000000, 004318D9, 14094A96, 20094B39)
0028C558  004035FC  (00000014, 004318D9, 00000000, 2009E83E)
0028C648  00424D65  (2009E826, 2009C3D6, 00000000, 000003C6)
0028C678  004161E3  (2009E826, 2009C3D6, 200A3672, 000003C6)
0028C6E8  0040B7F9  (0028C7A8, 00000000, 00000008, 61183630)
0028CC38  0040251F  (00000006, 0028CC60, 20028290, 6119DDB6)
0028CD28  61006F58  (00000000, 0028CD78, 61006550, 00000000)
End of stack trace

* * *

1. skipfish.exe executed on windows 7 4-bit
2. skipfish.exe compiled on 32-bit windows server 2003, by cygwin
3. The following cygwin libraries detected as required and they are in the same 
dir with the exe at runtime:
  - cygcrypto-0.9.8.dll
  - cyggcc_s-1.dll
  - cygiconv-2.dll
  - cygidn-11.dll
  - cygintl-8.dll
  - cygssl-0.9.8.dll
  - cygwin1.dll
  - cygz.dll
4. The error text was taken from file "skipfish.exe.stackdump"
5. I don't know if this is useful:
Scan statistics:

      Scan time : 0:00:04.683
  HTTP requests : 407 (93.3/s), 647 kB in, 83 kB out (155.9 kB/s)
    Compression : 0 kB in, 0 kB out (0.0% gain)
    HTTP faults : 6 net errors, 0 proto errors, 4 retried, 0 drops
 TCP handshakes : 23 total (27.7 req/conn)
     TCP faults : 0 failures, 0 timeouts, 1 purged
 External links : 36 skipped
   Reqs pending : 231

Database statistics:

         Pivots : 28 total, 2 done (7.14%)
    In progress : 10 pending, 8 init, 8 attacks, 0 dict
  Missing nodes : 0 spotted
     Node types : 1 serv, 9 dir, 7 file, 0 pinfo, 2 unkn, 9 par, 0 val
   Issues found : 8 info, 2 warn, 0 low, 5 medium, 0 high impact
      Dict size : 25 words (25 new), 5 extensions, 256 candidates
      1 [main] skipfish 2444 exception::handle: Exception: STATUS_ACCESS_VIOLATION
   2473 [main] skipfish 2444 open_stackdumpfile: Dumping stack trace to skipfish.exe.stackdump

* * * 

Unrelated question: the SVN repository 
"http://skipfish.googlecode.com/svn/trunk/" comes back empty for me. I was 
going to try to see if I can get one of the previous versions. Version 1.29b 
worked for me; however, I downloaded the compiled exe from somewhere, and I 
have trust issues, so, I don't want to use that one outside of my lab. Thanks.

* * * 

Thank you!

Original issue reported on code.google.com by hlubo...@gmail.com on 3 Mar 2012 at 2:54

[GoogleCodeExporter]

windows 7 64-bit
:)

Original comment by hlubo...@gmail.com on 3 Mar 2012 at 2:54

[GoogleCodeExporter]

Regarding the SVN question: silly me, I didn't notice the source of all older 
versions published (search filter). Sorry about that.

Original comment by hlubo...@gmail.com on 3 Mar 2012 at 3:28

[GoogleCodeExporter]

Update: 2.03b does not have the same problem with the same site, only it took 
twice as longer compared to 1.29b (if that matters; this might be expected, as 
newer version may be doing more work).

Original comment by hlubo...@gmail.com on 3 Mar 2012 at 3:55

[GoogleCodeExporter]

Was this a the end of the scan ?   Are you sure that the 2.03b test was the 
same? It seemed that the site was unreachable as the program crashed within 4 
seconds and a high error/pivot rate. Not an excuse for having it crash of 
course.. just making sure we made the right comparison.

Can you reproduce the issue by doing:

make clean debug
export CYGWIN="$CYGWIN error_start=dumper -d %1 %2"

./skipfish [...previous options...] 2>logfile.txt

gdb --batch -ex back ./skipfish core* &>debug.log
tail -20 logfile.txt >>debug.log

And send the "debug.log" file?  

Original comment by niels.he...@gmail.com on 3 Mar 2012 at 10:01

• Added labels: OpSys-Windows, Priority-Low
• Removed labels: Priority-Medium

[GoogleCodeExporter]

I forgot to say earlier how the options that I was using are "-W /dev/null", 
and nothing else (besides the url and the output directory).

I just tried it again: same site, same options, 2.03b works, 2.04b chokes only 
a few seconds after it starts.

I'd like to try what you suggested, but besides compiling with symbols ("make 
clean debug") and adding the argument to dump log to a text file, I'm not sure 
I understand the rest of them (export, gdb, tail). Unless you tell me where 
those come in, I don't know what to do (I'm a windows user; it took me a whole 
day and a whole night just to figure out how to instal cygwin and compile your 
source; I know nothing about unix).

Original comment by hlubo...@gmail.com on 3 Mar 2012 at 10:28

[GoogleCodeExporter]

Ah yikes and thanks for the additional details! Could edit crawler.c and change 
line 3490. The current line looks like:

  if (req->user_val != 2) return 0;

But it actually should be:

  if (req->user_val != 4) return 0;

Cheers!
Niels

Original comment by niels.he...@gmail.com on 5 Mar 2012 at 8:38

[GoogleCodeExporter]

I just uploaded 2.05b in which a bad crash is fixed. Can you give it a try and 
ping this bug when you still experience crashes? 

http://skipfish.googlecode.com/files/skipfish-2.05b.tgz

Cheers,
Niels

Original comment by niels.he...@gmail.com on 5 Mar 2012 at 8:01

• Changed state: Fixed

[GoogleCodeExporter]

Excellent! Same conditions (args, site) - 2.05b worked.

If you're still in good mood, please add the wrap-up & exit on some custom 
keystroke. Apparently, Cygwin rendered CTRL+C inoperable. Thanks.

Original comment by hlubo...@gmail.com on 6 Mar 2012 at 2:17