292.aspx

EXCEPTION_ACCESS_VIOLATION in SQL Server 2000 (SP3) on multiple CPU system

Now this is a strange one. The following stored procedure crashes the SQL worker process that is executing it:

CREATE PROCEDURE usp_UpdateDeviceEnabled
@idDettaglio int,
@sDevicelist text

AS

UPDATE CP_Valori
   set CP_Valori.sCPValore = @sDevicelist
   FROM         
      Colonne_Personalizzate INNER JOIN  CP_Valori ON Colonne_Personalizzate.idColonna = CP_Valori.idColonna INNER JOIN Dettaglio ON CP_Valori.idDettaglio = Dettaglio.idDettaglio
   WHERE    
     (CP_Valori.idDettaglio = @idDettaglio) AND (Colonne_Personalizzate.sType = 'CMB_DEVICE')

 

It bombs with the following errors:

Event Type: Error
Event Category: (2)
Event ID: 17052
Description:
Error: 0, Severity: 19, State: 0
SqlDumpExceptionHandler: Process 59 generated fatal exception c0000005 EXCEPTION_ACCESS_VIOLATION. SQL Server is terminating this process.

Event Type: Error
Event Source: MSSQL$DB
Event Category: (2)
Event ID: 17052
Error: 0, Severity: 19, State: 0
language_exec: Process 59 generated an access violation. SQL Server is terminating this process.

It works on a single CPU system (Win2k3) but bombs on all multiple CPUs systems we tried it on (Win2k, Win2k3).  Tired most tricks in the book like recompiling the stored, dbcc, recreating the db on another machine etc without luck.

Most of the EXCEPTION_ACCESS_VIOLATION hits on Google refer to text fields, so we changed

@sDevicelist text

to

@sDevicelist varchar(8000)

And, believe it or not, the stored procedure doesn't bomb anymore.

It explains why we could not reproduce the problem by running the query in query analyzer, as it doesn't support local variables of type text. But it does not explain why it bombs in the first place. Suggestions?

281.aspx

The Return of Caller ID and other alternatives

Microsoft's original Caller ID for e-mail wasn't approved so they have merged their proposal with the Sender Policy Framework (SPF) written by Meng Weng Wong and Mark Lentczner. Have a look at the Sender ID Framework Executive Overview for a quick intro to what the Sender ID is.

My thoughts on it? SPAM sucks and there must be a way to fight it. Sender ID may be a step in the right direction, as it makes it easier to detect spam by automatic systems, but it does not prevent spam from being sent. It would be a lot better to kill the spam before it even reaches the internet. These days a lot of spam is sent by trojans and virus infected PCs with fast internet connections. There is, as far as I can see, no reason why any person or small company with a consumer broadband connection needs to send more than 1 mail every minute. Large companies are a different story but they don't have a consumer internet connection.

Internet Service Providers could block all outgoing traffic on port 25 and force clients to use their SMTP server with authentication to send mails. Mail clients are getting more secure so trojans/viruses don't use OLE Automation to send mails anymore but rely on their own spam sending SMTP client. SMTP authentication would fix the problem as they can't send mail directly to the internet anymore and they don't know the user name or password to use the ISPs SMTP server. Even if they magically found the username/password the damage would be limited as an infected host could only send 1 mail a minute and not several per second like they do now. Filtering is trivial as the ISP can work on a mail server level and not on a TCP/IP level.

I already use a similar setup on my LAN but I haven't gotten around to writing the outbound mail filter yet. You can reduce the chance of becoming a spam spewing bot by denying all outgoing connections to port 25 unless it is to your IPSs mail server

Other documents recently posted by Microsoft:

• Sender ID: Authenticating E-Mail Specification (Draft) : This core document describes how the Sender ID Framework works


• Sender ID Framework and Intellectual Property Overview and FAQ : FAQ regarding the need and use of Microsoft's royalty-free license for implementation of the Sender ID Framework. 


• Purported Responsible Address in E-Mail Messages Specification (Draft) : Describes how to extract from an e-mail message the Purported Responsible Address (PRA).


• Sender Policy Framework: Authorizing Use of Domains in Mail From : This document describes the content and format of the SPF record, the information that senders need to publish in DNS regarding their outbound e-mail servers. It also describes how receivers use this information to validate the Mail From domain of an e-mail message.


• Sender ID Framework Deployment Overview : Steps e-mail senders must take to comply with the Sender ID Framework specification. 

275.aspx

Busy working on 3G and .NET

Wish I had more time to blog… I'm on a tight schedule working on compatibility and performance issues when delivering  contents to the latest and greatest UMTS/3G phones like SonyEricsson Z1010 and Samsung Z107 (wonder why all the latest models are all called Z something; Lack of fantasy? The End Of The English Alphabet?).

Only Coding & Music while I wait for the official release of project #100. More info after 4/11 when I should be able to say something without risking my job.

274.aspx

One the CD player: Kings of Convenience; Riot on an empty street

Bought the Riot on an empty street album by Kings of Convenience yesterday. Great music for coding sessions; easy listening and acoustic instruments.

One of the Amazon.com reviewers wrote "Okay if you are 30 something,". He must be a genius :-)

271.aspx

Visual Studio plugin to copy source code as html

A great little time saver; the CopySourceAsHtml plugin for Visual Studio makes it possible to copy html formatted source code to your blog without cutting and pasting it via Word.

Pasted via CopySourceAsHtml:

if (itWorks) 
{
    Console.WriteLine("Cool Or What?");
}

Word is better from one point of view though: I can paste the code directly in the .Text edit window. With the plugin I have to go to the html source and paste the code in the correct place. OK for small posts like this but a bit of a pain in larger posts like the one on accessing the Pocket Outlook from .NET CF 1.0

Via [PowerToys]

264.aspx

Small, beautiful and fast: MenuetOS

Running a decent OS from a single floppy reminds of the first Linux builds I used (0.90-something). MenuetOS promises a lot more though with a full GUI as well:

MenuetOS is an Operating System for the PC written entirely in 32bit assembly language, and released under the GPL. It supports 32 bit x86 assembly programming since this allows for smaller, faster and less resource hungry applications to be created.

Menuet has no roots within unix or the posix standards, nor is it based on any particular operating system. The design goal has been to remove the extra layers between different parts of an OS, which normally complicates programming and create bugs.

Features
- Pre-emptive multitasking, multithreading, ring-3 protection
- Responsive GUI with resolutions up to 1280x1024, 16 million colours
- IDE: Editor/Macro Assembler for building kernel and applications
- TCP/IP stack with Loopback, PPP & Ethernet drivers
- Network applications include ftp/http/mp3/smtp servers,
- irc, http, nntp and tftp clients
- Free-form, skinnable application windows
- Hard real-time data fetch
- Fits uncompressed on a single floppy!

 

259.aspx

Apache and IIS security

Michael Howard, author of  Writing Secure Code  (2nd edition), compares IIS6 and Apache security stats

IIS 6 has been rock solid on the production systems where I use it and I have had no security problems. Got infected by Code Red on my Win2k dev machine a loooong time ago before I learned, the hard way, to harden my machines.