Hello all,

I am responding to my own post, but thought I'd share this with the list
all the same.

>If there were a deadlock bug in NPF.SYS (like the proverbial "JMP -1" 
>or "jump self", if you prefer) infinite loop, could that cause:
>1) Application becomes totally unresponsive, showing zero CPU consumption
>2) The debugger cannot halt the application
>3) Windows cannot halt the application, and Windows can't shut down
>4) On rare occasions, an instantaneous Windows crash+reboot, without
>even a blue screen

The answer to all of the above questions is "YES, but it wasn't a bug
in NPF.SYS".  I just found a bug in a rarely-used piece of my code 
which allowed me to call pcap_sendpacket() with an obviously illegal 
length of 1528 bytes.  Depending on what pcap had done prior to 
getting this illegal call, any/all of the above symptoms could occur.

Gee, tracking this down reminded me of the days of watching MS-DOS
gracefully signal a fatal exception:  By freezing entirely, or instantly 

Cheers to all,


 This is the WinPcap users list. It is archived at

 To unsubscribe use 

Reply via email to