UnrealIRCd Forums

STING wrote:Now Unreal does not give any error messages.. but now wircd.exe goes 99% CPU again
Using 3.21 SSL.. but also had this with 3.2 non-SSL.

Windows NT4.0 SP6
I don't run it as a service.
I did run it as a service, but that made things worse.
The service couldn't be de-activated or wircd.exe could not be killed.

2133 342 430 NtFreeVirtualMemory (-1, (0xd30000), 32768, 16384, ... (0xd30000), 32768, ) == 0x0
2134 342 430 NtFsControlFile (144, 0, 0x0, 0x0, 0x90028, 0x0, 0, 0, ... {status=0x0, info=0}, 0x0, ) == 0x0
2135 342 430 NtCreateFile (0x80100080, {24, 144, 0x42, 0, 1242488, "ircd.tune"}, 0x0, 128, 3, 1, 96, 0, 0, ... ) == STATUS_OBJECT_NAME_NOT_FOUND
2136 342 430 NtFsControlFile (144, 0, 0x0, 0x0, 0x90028, 0x0, 0, 0, ... {status=0x0, info=0}, 0x0, ) == 0x0
2137 342 430 NtCreateFile (0x80100080, {24, 144, 0x42, 0, 1243380, "server.cert.pem"}, 0x0, 128, 3, 1, 96, 0, 0, ... 156, {status=0x0, info=1}, ) == 0x0
2138 342 430 NtQueryVolumeInformationFile (156, 1243508, 8, Device, ... {status=0x0, info=8}, ) == 0x0
2139 342 430 NtReadFile (156, 0, 0, 0, 4096, 0x0, 0, ... {status=0x0, info=920}, "-----BEGIN CERTIFICATE-----\12MIICezCCAeSgAwIBAgIBADANBgkqhkiG9w0BAQQFADB4MQswCQYDVQQGEwJOTDES\12MBAGA1UECBMJQW1zdGVyZGFtMRIwEAYDVQQHEwlBbXN0ZXJkYW0xEDAOBgNVBAoT\12B0JvcmdJUkMxDDAKBgNVBAsTA0RldjEhMB8GA1UEAxMYcHQwMjE5My5pbnRyYS50\12ZWxmb3J0Lm5sMB4XDTA0MDcwNjA2MTQzMFoXDTA1MDcwNjA2MTQzMFoweDELMAkG\12A1UEBhMCTkwxEjAQBgNVBAgTCUFtc3RlcmRhbTESMBAGA1UEBxMJQW1zdGVyZGFt\12MRAwDgYDVQQKEwdCb3JnSVJDMQwwCgYDVQQLEwNEZXYxITAfBgNVBAMTGHB0MDIx\12OTMuaW50cmEudGVsZm9ydC5ubDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\12nClRfRrw6uXKdynM8", ) == 0x0
2140 342 430 NtClose (156, ... ) == 0x0
2141 342 430 NtFsControlFile (144, 0, 0x0, 0x0, 0x90028, 0x0, 0, 0, ... {status=0x0, info=0}, 0x0, ) == 0x0
2142 342 430 NtCreateFile (0x80100080, {24, 144, 0x42, 0, 1243380, "server.key.pem"}, 0x0, 128, 3, 1, 96, 0, 0, ... 20, {status=0x0, info=1}, ) == 0x0
2143 342 430 NtQueryVolumeInformationFile (20, 1243508, 8, Device, ... {status=0x0, info=8}, ) == 0x0
2144 342 430 NtReadFile (20, 0, 0, 0, 4096, 0x0, 0, ... {status=0x0, info=887}, "-----BEGIN RSA PRIVATE KEY-----\12MIICXQIBAAKBgQCcKVF9GvDq5cp3Kczz14lHPZrSiLfYksF8fBTI4zxiMG0VEd96\12LeQlO/H1W3xm0K/3VtcqOh35WaxJLFomUBedaCsRnxzcA4uYuFG0AU0JipNyiGjR\12cgC/aiFVdnpy3z92NsnhUNqQowLWxGdBROpSi83wcnXmfCVjYV6EUt6woQIDAQAB\12AoGAZtgLU8IfcgO+MHZ2BQ0o2qMmyIrD0TztcmdhZN/Kj7vmyx6HODbq7t6ovfbv\12WeMMUG9/qs61mNdG0LYF9P+AXOG0Hob6MaWjXpOOX6er8OdJp4FNISmfcoRakbzf\12Wqj+V1DQox9ko2DK/uQDQNyg4BTj3h4/aXQSI7XJ+OffGMECQQDJs0ZpIZ+08Lv4\12lvJrtHaS1pxn9BFOmxMZjTIlalpInETWR9+85OGzj7AgEvhXwXqI7xTk8Xw0eKDX\12qRffV99ZAkEAx", ) == 0x0
2145 342 430 NtClose (20, ... ) == 0x0
2146 342 430 NtFsControlFile (144, 0, 0x0, 0x0, 0x90028, 0x0, 0, 0, ... {status=0x0, info=0}, 0x0, ) == 0x0
2147 342 430 NtCreateFile (0x80100080, {24, 144, 0x42, 0, 1243380, "server.cert.pem"}, 0x0, 128, 3, 1, 96, 0, 0, ... 152, {status=0x0, info=1}, ) == 0x0
2148 342 430 NtQueryVolumeInformationFile (152, 1243508, 8, Device, ... {status=0x0, info=8}, ) == 0x0
2149 342 430 NtReadFile (152, 0, 0, 0, 4096, 0x0, 0, ... {status=0x0, info=920}, "-----BEGIN CERTIFICATE-----\12MIICezCCAeSgAwIBAgIBADANBgkqhkiG9w0BAQQFADB4MQswCQYDVQQGEwJOTDES\12MBAGA1UECBMJQW1zdGVyZGFtMRIwEAYDVQQHEwlBbXN0ZXJkYW0xEDAOBgNVBAoT\12B0JvcmdJUkMxDDAKBgNVBAsTA0RldjEhMB8GA1UEAxMYcHQwMjE5My5pbnRyYS50\12ZWxmb3J0Lm5sMB4XDTA0MDcwNjA2MTQzMFoXDTA1MDcwNjA2MTQzMFoweDELMAkG\12A1UEBhMCTkwxEjAQBgNVBAgTCUFtc3RlcmRhbTESMBAGA1UEBxMJQW1zdGVyZGFt\12MRAwDgYDVQQKEwdCb3JnSVJDMQwwCgYDVQQLEwNEZXYxITAfBgNVBAMTGHB0MDIx\12OTMuaW50cmEudGVsZm9ydC5ubDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA\12nClRfRrw6uXKdynM8", ) == 0x0
2150 342 430 NtClose (152, ... ) == 0x0
2151 342 430 NtFsControlFile (144, 0, 0x0, 0x0, 0x90028, 0x0, 0, 0, ... {status=0x0, info=0}, 0x0, ) == 0x0
2152 342 430 NtCreateFile (0x80100080, {24, 144, 0x42, 0, 1243380, "server.key.pem"}, 0x0, 128, 3, 1, 96, 0, 0, ... 160, {status=0x0, info=1}, ) == 0x0
2153 342 430 NtQueryVolumeInformationFile (160, 1243508, 8, Device, ... {status=0x0, info=8}, ) == 0x0
2154 342 430 NtReadFile (160, 0, 0, 0, 4096, 0x0, 0, ... {status=0x0, info=887}, "-----BEGIN RSA PRIVATE KEY-----\12MIICXQIBAAKBgQCcKVF9GvDq5cp3Kczz14lHPZrSiLfYksF8fBTI4zxiMG0VEd96\12LeQlO/H1W3xm0K/3VtcqOh35WaxJLFomUBedaCsRnxzcA4uYuFG0AU0JipNyiGjR\12cgC/aiFVdnpy3z92NsnhUNqQowLWxGdBROpSi83wcnXmfCVjYV6EUt6woQIDAQAB\12AoGAZtgLU8IfcgO+MHZ2BQ0o2qMmyIrD0TztcmdhZN/Kj7vmyx6HODbq7t6ovfbv\12WeMMUG9/qs61mNdG0LYF9P+AXOG0Hob6MaWjXpOOX6er8OdJp4FNISmfcoRakbzf\12Wqj+V1DQox9ko2DK/uQDQNyg4BTj3h4/aXQSI7XJ+OffGMECQQDJs0ZpIZ+08Lv4\12lvJrtHaS1pxn9BFOmxMZjTIlalpInETWR9+85OGzj7AgEvhXwXqI7xTk8Xw0eKDX\12qRffV99ZAkEAx", ) == 0x0
2155 342 430 NtClose (160, ... ) == 0x0
2156 342 430 NtOpenKey (0x1, {24, 16, 0x40, 0, 0, "System\CurrentControlSet\Services\Tcpip\Parameters"}, ... 164, ) == 0x0
2157 342 430 NtOpenKey (0x9, {24, 164, 0x40, 0, 0, "Interfaces"}, ... ) == STATUS_OBJECT_NAME_NOT_FOUND
2158 342 430 NtQueryValueKey (164, "Domain", Partial, 144, ... TitleIdx=0, Type=1, Data="\0\0"}, 14, ) == 0x0
2159 342 430 NtQueryValueKey (164, "DhcpDomain", Partial, 144, ... TitleIdx=0, Type=1, Data="i\0n\0t\0r\0a\0.\0t\0e\0l\0f\0o\0r\0t\0.\0n\0l\0\0\0"}, 46, ) == 0x0
2160 342 430 NtQueryValueKey (164, "SearchList", Partial, 144, ... TitleIdx=0, Type=1, Data="\0\0"}, 14, ) == 0x0
2161 342 430 NtQueryValueKey (164, "DhcpSearchList", Partial, 144, ... ) == STATUS_OBJECT_NAME_NOT_FOUND

1 342 430 NtOpenKey (0x80000000, {24, 0, 0x40, 0, 0, "\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wircd.exe"}, ... ) == STATUS_OBJECT_NAME_NOT_FOUND

164 342 430 NtOpenSection (0xe, {24, 12, 0x40, 0, 0, "DBGHELP.dll"}, ... ) == STATUS_OBJECT_NAME_NOT_FOUND

205 342 430 NtOpenSection (0xe, {24, 12, 0x40, 0, 0, "zlibwapi.dll"}, ... ) == STATUS_OBJECT_NAME_NOT_FOUND

215 342 430 NtOpenSection (0xe, {24, 12, 0x40, 0, 0, "MSVCR70D.dll"}, ... ) == STATUS_OBJECT_NAME_NOT_FOUND

219 342 430 NtQueryAttributesFile ({24, 20, 0x40, 0, 0, "MSVCR70D.dll"}, 1243420, ... ) == STATUS_OBJECT_NAME_NOT_FOUND

241 342 430 NtOpenSection (0xe, {24, 12, 0x40, 0, 0, "SSLEAY32.dll"}, ... ) == STATUS_OBJECT_NAME_NOT_FOUND


249 342 430 NtMapViewOfSection (16, -1, (0x0), 0, 0, 0x0, 0, 1, 0, 4, ... (0x230000), 0x0, 200704, ) == STATUS_IMAGE_NOT_AT_BASE
250 342 430 NtProtectVirtualMemory (-1, (0x231000), 139264, 4, ... (0x231000), 139264, 32, ) == 0x0
251 342 430 NtProtectVirtualMemory (-1, (0x253000), 12288, 4, ... (0x253000), 12288, 2, ) == 0x0
252 342 430 NtProtectVirtualMemory (-1, (0x25f000), 8192, 4, ... (0x25f000), 8192, 2, ) == 0x0
253 342 430 NtMapViewOfSection (16, -1, (0x230000), 0, 0, 0x0, 200704, 1, 0, 4, ... ) == STATUS_CONFLICTING_ADDRESSES


259 342 430 NtOpenSection (0xe, {24, 12, 0x40, 0, 0, "LIBEAY32.dll"}, ... ) == STATUS_OBJECT_NAME_NOT_FOUND


267 342 430 NtMapViewOfSection (28, -1, (0x0), 0, 0, 0x0, 0, 1, 0, 4, ... (0x270000), 0x0, 987136, ) == STATUS_IMAGE_NOT_AT_BASE
268 342 430 NtProtectVirtualMemory (-1, (0x271000), 630784, 4, ... (0x271000), 630784, 32, ) == 0x0
269 342 430 NtProtectVirtualMemory (-1, (0x30b000), 131072, 4, ... (0x30b000), 131072, 2, ) == 0x0
270 342 430 NtProtectVirtualMemory (-1, (0x359000), 32768, 4, ... (0x359000), 32768, 2, ) == 0x0
271 342 430 NtMapViewOfSection (28, -1, (0x270000), 0, 0, 0x0, 987136, 1, 0, 4, ... ) == STATUS_CONFLICTING_ADDRESSES

428 342 430 NtQueryVirtualMemory (-1, 0x7ffd2000, Basic, 28, ... {BaseAddress=0x7ffd2000,AllocationBase=0x7ffb0000,AllocationProtect=0x2,RegionSize=0x2000,State=0x1000,Protect=0x2,Type=0x40000,}, 0x0, ) == 0x0
429 342 430 NtOpenSection (0x4, {24, 0, 0x40, 0, 0, "\NLS\NlsSectionSortkey00000409"}, ... ) == STATUS_OBJECT_NAME_NOT_FOUND
430 342 430 NtOpenSection (0x4, {24, 0, 0x40, 0, 0, "\NLS\NlsSectionSortkey00000413"}, ... ) == STATUS_OBJECT_NAME_NOT_FOUND
431 342 430 NtRequestWaitReplyPort (28, {28, 52, new_msg, 0, 0, 1242644, 1252968, 0} "\300\5-\2\1\0\0\0\0\0\0\0\224$\23\0\2\0\0\0\340\5-\2,\6\0\0" ... {28, 52, reply, 0, 342, 430, 1410649, 0} "\230,$\0\1\0\0\0\0\0\0\0\224$\23\0\2\0\0\0\340\5-\2,\6\0\0" ) == 0x0
432 342 430 NtAllocateVirtualMemory (-1, 1265664, 0, 4096, 4096, 4, ... 1265664, 4096, ) == 0x0
433 342 430 NtRequestWaitReplyPort (28, {28, 52, new_msg, 0, 1, 4, 65536, 8192} "\300\5-\2\1\0\0\0\354\1\23\0\0\0\0\0\3\0\0\0\340\5-\2\374\0\0\0" ... {28, 52, reply, 0, 342, 430, 1410650, 0} "\310\237#\0\1\0\0\0\0\0\0\0\0\0\0\0\3\0\0\0\340\5-\2\374\0\0\0" ) == 0x0
434* 342 430 NtMapViewOfSection (52, -1, (0x0), 0, 0, 0x0, 0, 2, 0, 2, ... (0x720000), 0x0, 274432, ) == 0x0
435* 342 430 NtCreateEvent (0x1f0003, 0x0, 1, 0, ... 56, ) == 0x0
436* 342 430 NtQueryObject (56, Handle, 2, ... {Inherit=0,ProtectFromClose=0,}, -1, ) == 0x0
437* 342 430 NtSetInformationObject (56, Handle, {Inherit=0,ProtectFromClose=1,}, 256, ... ) == 0x0
438* 342 430 NtOpenThreadToken (-2, 0x8, 1, ... ) == STATUS_NO_TOKEN
439* 342 430 NtOpenProcessToken (-1, 0x8, ... 16, ) == 0x0
440* 342 430 NtQueryInformationToken (16, Statistics, 0, ... ) == STATUS_BUFFER_TOO_SMALL
.
.
.
448 342 430 NtOpenKey (0x20019, {24, 0, 0x40, 0, 0, "\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Compatibility"}, ... 48, ) == 0x0
449* 342 430 NtQueryValueKey (48, "wircd", Partial, 332, ... ) == STATUS_OBJECT_NAME_NOT_FOUND
450* 342 430 NtClose (48, ... ) == 0x0
451 342 430 NtOpenKey (0x20019, {24, 0, 0x40, 0, 0, "\Registry\Machine\Software\Microsoft\Windows NT\CurrentVersion\Compatibility"}, ... 16, ) == 0x0
452* 342 430 NtQueryValueKey (16, "wircd", Partial, 332, ... ) == STATUS_OBJECT_NAME_NOT_FOUND
.
.
.
468 342 430 NtQueryVolumeInformationFile (3, 1243628, 8, Device, ... ) == STATUS_INVALID_HANDLE
469 342 430 NtQueryVolumeInformationFile (100, 1243628, 8, Device, ... ) == STATUS_INVALID_HANDLE
470 342 430 NtQueryVolumeInformationFile (11, 1243628, 8, Device, ... ) == STATUS_OBJECT_TYPE_MISMATCH
.
.
475 342 430 NtOpenKey (0x2000000, {24, 16, 0x40, 0, 0, "Software\Microsoft\Windows\CurrentVersion\Explorer\Performance"}, ... ) == STATUS_OBJECT_NAME_NOT_FOUND
476 342 430 NtOpenThreadToken (-2, 0x20008, 1, ... ) == STATUS_NO_TOKEN

1776 342 430 NtFsControlFile (144, 0, 0x0, 0x0, 0x90028, 0x0, 0, 0, ... {status=0x0, info=0}, 0x0, ) == 0x0
1777 342 430 NtQueryAttributesFile ({24, 0, 0x40, 0, 0, "\??\C:\Program Files\Unreal3.2\tmp\BACB0F07.commands.dll"}, 1242036, ... ) == 0x0
1778 342 430 NtFsControlFile (144, 0, 0x0, 0x0, 0x90028, 0x0, 0, 0, ... {status=0x0, info=0}, 0x0, ) == 0x0
1779 342 430 NtFsControlFile (144, 0, 0x0, 0x0, 0x90028, 0x0, 0, 0, ... {status=0x0, info=0}, 0x0, ) == 0x0
1780 342 430 NtOpenFile (0x100020, {24, 0, 0x40, 0, 0, "\??\C:\Program Files\Unreal3.2\tmp\BACB0F07.commands.dll"}, 5, 96, ... 104, {status=0x0, info=1}, ) == 0x0
1781 342 430 NtCreateSection (0xe, 0x0, 0x0, 16, 16777216, 104, ... 120, ) == 0x0
1782 342 430 NtClose (104, ... ) == 0x0
1783 342 430 NtMapViewOfSection (120, -1, (0x0), 0, 0, 0x0, 0, 1, 0, 4, ... (0xef0000), 0x0, 368640, ) == STATUS_IMAGE_NOT_AT_BASE
1784 342 430 NtProtectVirtualMemory (-1, (0xef1000), 217088, 4, ... (0xef1000), 217088, 32, ) == 0x0
1785 342 430 NtProtectVirtualMemory (-1, (0xf26000), 16384, 4, ... (0xf26000), 16384, 2, ) == 0x0
1786 342 430 NtProtectVirtualMemory (-1, (0xf46000), 16384, 4, ... (0xf46000), 16384, 2, ) == 0x0
1787 342 430 NtMapViewOfSection (120, -1, (0xef0000), 0, 0, 0x0, 368640, 1, 0, 4, ... ) == STATUS_CONFLICTING_ADDRESSES

2061 291 371 NtAllocateVirtualMemory (-1, 15540224, 0, 8192, 4096, 4, ... 15540224, 8192, ) == 0x0
2062 291 371 NtAllocateVirtualMemory (-1, 15556608, 0, 4096, 4096, 4, ... 15556608, 4096, ) == 0x0
2063 291 371 NtAllocateVirtualMemory (-1, 15560704, 0, 4096, 4096, 4, ... 15560704, 4096, ) == 0x0
2064 291 371 NtAllocateVirtualMemory (-1, 15663104, 0, 4096, 4096, 4, ... 15663104, 4096, ) == 0x0
2065 291 371 NtAllocateVirtualMemory (-1, 15691776, 0, 12288, 4096, 4, ... 15691776, 12288, ) == 0x0
2066 291 371 NtFreeVirtualMemory (-1, (0xc80000), 32768, 16384, ... (0xc80000), 32768, ) == 0x0
2067 291 371 NtFreeVirtualMemory (-1, (0xc88000), 32768, 16384, ... (0xc88000), 32768, ) == 0x0
2068 291 371 NtFreeVirtualMemory (-1, (0xc90000), 32768, 16384, ... (0xc90000), 32768, ) == 0x0
2069 291 371 NtFsControlFile (144, 0, 0x0, 0x0, 0x90028, 0x0, 0, 0, ... {status=0x0, info=0}, 0x0, ) == 0x0
2070 291 371 NtCreateFile (0x80100080, {24, 144, 0x42, 0, 1242488, "ircd.tune"}, 0x0, 128, 3, 1, 96, 0, 0, ... ) == STATUS_OBJECT_NAME_NOT_FOUND
2071 291 371 NtOpenKey (0x1, {24, 40, 0x40, 0, 0, "System\CurrentControlSet\Services\Tcpip\Parameters"}, ... 156, ) == 0x0
2072 291 371 NtOpenKey (0x9, {24, 156, 0x40, 0, 0, "Interfaces"}, ... ) == STATUS_OBJECT_NAME_NOT_FOUND
2073 291 371 NtQueryValueKey (156, "Domain", Partial, 144, ... TitleIdx=0, Type=1, Data="\0\0"}, 14, ) == 0x0
2074 291 371 NtQueryValueKey (156, "DhcpDomain", Partial, 144, ... TitleIdx=0, Type=1, Data="i\0n\0t\0r\0a\0.\0t\0e\0l\0f\0o\0r\0t\0.\0n\0l\0\0\0"}, 46, ) == 0x0
2075 291 371 NtQueryValueKey (156, "SearchList", Partial, 144, ... TitleIdx=0, Type=1, Data="\0\0"}, 14, ) == 0x0
2076 291 371 NtQueryValueKey (156, "DhcpSearchList", Partial, 144, ... ) == STATUS_OBJECT_NAME_NOT_FOUND

2073 362 314 NtOpenKey (0x9, {24, 156, 0x40, 0, 0, "Interfaces"}, ... 20, ) == 0x0
2074 362 314 NtQueryValueKey (156, "Domain", Partial, 144, ... TitleIdx=0, Type=1, Data="\0\0"}, 14, ) == 0x0
2075 362 314 NtQueryValueKey (156, "DhcpDomain", Partial, 144, ... TitleIdx=0, Type=1, Data="i\0n\0t\0r\0a\0.\0t\0e\0l\0f\0o\0r\0t\0.\0n\0l\0\0\0"}, 46, ) == 0x0
2076 362 314 NtQueryValueKey (156, "SearchList", Partial, 144, ... TitleIdx=0, Type=1, Data="\0\0"}, 14, ) == 0x0
2077 362 314 NtQueryValueKey (156, "DhcpSearchList", Partial, 144, ... TitleIdx=0, Type=1, Data="\0\0"}, 14, ) == 0x0
2078 362 314 NtEnumerateKey (20, 0, Basic, 288, ... ) == STATUS_NO_MORE_ENTRIES
2079 362 314 NtEnumerateKey (20, 0, Basic, 288, ... ) == STATUS_NO_MORE_ENTRIES
2080 362 314 NtQueryValueKey (156, "NameServer", Partial, 144, ... TitleIdx=0, Type=1, Data="\0\0"}, 14, ) == 0x0
2081 362 314 NtQueryValueKey (156, "DhcpNameServer", Partial, 144, ... TitleIdx=0, Type=1, Data="1\07\02\0.\03\01\0.\02\03\01\0.\01\05\04\0 \01\07\02\0.\03\01\0.\02\03\01\0.\01\05\03\0\0\0"}, 72, ) == 0x0

codemastr wrote:I'll look at this more closely later, but, how did you find that info?

codemastr wrote:Is there any chance you could come to irc://irc.unrealircd.com so that we could try and debug this? I believe I see the cause.