From:	invalid AT erehwon DOT invalid (Graaagh the Mighty)
Newsgroups:	comp.os.msdos.djgpp
Subject:	Sabotage!
Organization:	Low Charisma Anonymous
Message-ID:	<3b59ebfb.298502@news.primus.ca>
X-Newsreader:	Forte Free Agent 1.11/32.235
Lines:	86
Date:	Sat, 21 Jul 2001 21:13:19 GMT
NNTP-Posting-Host:	207.176.153.87
X-Complaints-To:	news AT primus DOT ca
X-Trace:	news1.tor.primus.ca 995750021 207.176.153.87 (Sat, 21 Jul 2001 17:13:41 EDT)
NNTP-Posting-Date:	Sat, 21 Jul 2001 17:13:41 EDT
To:	djgpp AT delorie DOT com
DJ-Gateway:	from newsgroup comp.os.msdos.djgpp
Reply-To:	djgpp AT delorie DOT com

This is going to sound a little weird.

Earlier today, I came back from some shopping to find that a certain
someone who I fervently wish did not have easy access to my box had
apparently been messing with it again. It had been sitting at a Win98
desktop with a couple of folder windows and a DOS box open, totally
idle save for some bottom-feeders (Prime95 and United Devices), task
scheduler, and a wallpaper changer, all of which are known to be
stable and none of which interact. Task scheduler was not set to run
anything during that time period except for the usual critical update
notification, which would be a no-op since the machine was not
connected to the net. When I came back, I found it in a radically
different state: there were crash dialogs for no fewer than 3 apps --
the wallpaper changer and two components of my antivirus system
(McAfee); the former couldn't have crashed without someone having
interacted with it, and the latter only wake up (and have the
opportunity to crash) when files are downloaded or other actions taken
by a user that can potentially introduce viruses into the box. (There
was no network connection or automatic downloader running.) Also, my
firewall (ZoneAlarm 2.6) had been manually shut down by the pest. No
network dial-out had occurred in my absence -- fortunate, given that
the pest had (accidentally or otherwise) managed to turn off nearly
all of the machine's shields!

I restarted some stuff, then modified some source file and compiled
something. To my horror, I discovered that my DJGPP installation was
non-functional:

D:\quickm>gcc -c colorlsm.c -g -O6 -ffast-math -fomit-frame-pointer
-fforce-addr
 -funroll-loops -march=k6 -malign-double
Load error: can't switch mode

D:\quickm>gcc colorlsm.o -o colorlsm.exe -lalleg
Load error: can't switch mode

(Yeah, I use a batch file -- for this dinky little thing, using make
is like swatting a fly with a tactical nuke.)

I have never seen these error messages before, and the last time I
checked, nothing of the sort was in the FAQ. Other stuff had been
misconfigured or meddled with, also; for one thing, when I tried to
open more than two files at once in my programmer's editor I got an
out of memory error -- with 256 megabytes of memory! Nothing short of
a fork bomb or similar could have consumed most of the heap; the
programmer's editor reported that there was insufficient space to
allocate about 16K.

Suspecting that the pest had in fact played with my compiler and
detonated some kind of a fork bomb, I checked the task list using
wintop -- nothing unusual. No extra DOS processes for instance. Still,
it seemed to have to be something of the sort. If it was, a reboot
should correct the problem.

It did indeed, or so it appears -- after the reboot, editor and
compiler seem to be acting normal again. However, it seems prudent of
me to investigate precisely what happened, and whether there might be
any permanent effects. Perhaps something is corrupt and should be
reinstalled or edited. I figure someone here is probably knowledgeable
enough to identify the above, rather uninformative-looking error
messages and explain what conditions would cause the compiler and
linker to generate them. (They don't *look* like allocation failures.)
Perhaps they can even shed some light on exactly what it was that was
done to my computer while I was out. Clearly *something* was done,
since its state was changed outside of the predictable cyclic behavior
it should have maintained indefinitely in my absence. (The only
stateful, non-idle things running being Prime95 and United Devices,
neither of which were anywhere near finishing their respective tasks
and both of which are very well behaved -- they only indirectly call
the ill-behaved and somewhat unpredictable networking layer of Windoze
when they complete a task or similar.) It wasn't a power failure (I'd
have found it sitting at a Linux password prompt, since it default
boots to Linux, or still powered off) and it sure as heck didn't wind
down like a pocketwatch. Until I can secure some more privacy around
here, I need to know just what the heck a certain pest is doing, lest
it blow up into serious data loss some day. He probably only tried to
play Quake 3 with all the bells and whistles or something on my box
that isn't quite up to the requirements the latest games have, but it
still seems like a good idea to know for sure, if possible... and with
this incident, the mysterious compiler errors look like a big fat
clue.
-- 
Bill Gates: "No computer will ever need more than 640K of RAM." -- 1980
"There's nobody getting rich writing software that I know of." -- 1980
"This antitrust thing will blow over." -- 1998
Combine neo, an underscore, and one thousand sixty-one to make my hotmail addy.

- Raw text -