[ros-kernel] problems with debugging a umode exception

Gunnar André Dalsnes hardon at online.no
Tue Jan 27 02:03:59 CET 2004 

Hi,

I'm trying to find a umode bug but have big problems. I'm trying to run
avifrate.exe (small borland/delphi app) but it crash right after entering
gui mode. Note that avifrate.exe doesn't load with current cvs due to a bug
in the loader (fixed locally).

There are several strange things: 
-tlist doesn't give any info about avifrate
-BaseProcessStart call avifrate entrypoint at 4355dc. I have examined
avifrate.exe in a debugger, but it doesn't make any sense when i try to
follow the stack trace from 4355dc (entrypont) or from (40)47d6.

Symbol resovling work great btw, except for a small bug (missing filename):
<ntoskrnl.exe: 3851 (:131 (KeAddSystemServiceTable))>
Should be (according to addr2line):
<ntoskrnl.exe: 3851 (ke/i386/usercall.c:131 (KeAddSystemServiceTable))>

-Gunnar

Debug output follows:

(NTDLL:ldr/utils.c:2459) LdrpAttachProcess() done
(NTDLL:ldr/utils.c:1940) ImageBase = 400000
(NTDLL:ldr/utils.c:1941) AddressOfEntryPoint = 355dc
(NTDLL:ldr/utils.c:1946) LdrPEStartup() = 4355dc
(NTDLL:ldr/utils.c:2486) LdrpAttachThread() called for avifrate.exe
(NTDLL:ldr/utils.c:188) LdrpInitializeTlsForThread() called for avifrate.exe
(LDR:ldr/utils.c:206) Initialize tls data for avifrate.exe
(NTDLL:ldr/utils.c:220) LdrpInitializeTlsForThread() done
(LDR:ldr/utils.c:2505) gdi32.dll - Calling entry point at 77ed1000 for
thread at
taching
(LDR:ldr/utils.c:2505) user32.dll - Calling entry point at 77e7985f for
thread a
ttaching
(LDR:ldr/utils.c:2505) msvcrt.dll - Calling entry point at 78008da0 for
thread a
ttaching
(LDR:ldr/utils.c:2505) libwine.dll - Calling entry point at 6fec1000 for
thread
attaching
(LDR:ldr/utils.c:2505) libwine_unicode.dll - Calling entry point at 6b2f40f0
for
 thread attaching
(LDR:ldr/utils.c:2505) shell32.dll - Calling entry point at 77270ec3 for
thread
attaching
(LDR:ldr/utils.c:2505) winspool.drv - Calling entry point at 5a51a0 for
thread a
ttaching
(NTDLL:ldr/utils.c:2518) LdrpAttachThread() done
(NTDLL:rtl/apc.c:53) KiUserApcDispatcher in ntdll: about to call NtContinue
(KERNEL32:process/create.c:380) BaseProcessStart: call exe start 4355dc
Entered debugger on exception number 14.

Entered kernel debugger (type "help" for a list of commands)

kdb:>
kdb:> tlist
current->Tcb.State 7 PID.TID 6.42 Name services Stack:
Ebp 0xCEAD6E60
CEAD6EA0 C00D1297  CEAD6F00 C0016108  CEAD6F30 C0015156  CEAD6F70 C0016632
CEAD
6F84 C0003ACC  0060CE78 77F61D33
current->Tcb.State 7 PID.TID 6.44 Name services Stack:
Ebp 0xCEAE1D84
CEAE1DC4 C00D1297  CEAE1E24 C0016108  CEAE1E54 C0015156  CEAE1E94 CDF15500
CEAE
1ED4 CDF1599B  CEAE1F04 C0089869  CEAE1F14 C008987F  CEAE1F54 C00869F7
CEAE1F84 C0003ACC  00998F28 77F61409
current->Tcb.State 7 PID.TID 7.45 Name eventlog Stack:
Ebp 0xCEAE8E60
CEAE8EA0 C00D1297  CEAE8F00 C0016108  CEAE8F30 C0015156  CEAE8F70 C0016632
CEAE
8F84 C0003ACC  0060BED8 77F61D33
current->Tcb.State 7 PID.TID 8.46 Name cmd Stack:
Ebp 0xCEAF2E60
CEAF2EA0 C00D1297  CEAF2F00 C0016108  CEAF2F30 C0015156  CEAF2F70 C0016632
CEAF
2F84 C0003ACC  006216C8 77F61D33
current->Tcb.State 7 PID.TID 7.49 Name eventlog Stack:
Ebp 0xCEB2EDD4
CEB2EE14 C00D1297  CEB2EE74 C0016108  CEB2EEA4 C0015156  CEB2EF24 C0079216
CEB2
EF54 C0079442  CEB2EF74 C00783A3  CEB2EF84 C0003ACC  00997E08 77F61480

current->Tcb.State 2 PID.TID 9.50 Name avifrate Stack:

kdb:> bugcheck
KeBugCheck at dbg/kdb.c:892
Bug detected (code 1 param 0 0 0 0)
  APC_INDEX_MISMATCH

Pid: 9 <avifrate> Thrd: c1a77c50 Tid: 32
Frames: <ntoskrnl.exe: c46b (ke/bug.c:332 (KeBugCheck))>
<ntoskrnl.exe: 365fa (dbg/kdb.c:892 (DbgBugCheckCommand))>
<ntoskrnl.exe: 367a1 (dbg/kdb.c:967 (KdbDoCommand))>
<ntoskrnl.exe: 36874 (dbg/kdb.c:986 (KdbMainLoop))>
<ntoskrnl.exe: 3689f (dbg/kdb.c:995 (KdbInternalEnter))>
<ntoskrnl.exe: 36911 (dbg/kdb.c:1007 (KdbEnterDebuggerException))>
<ntoskrnl.exe: c707 (ke/catch.c:90 (KiDispatchException))>
<ntoskrnl.exe: 6c23 (ke/i386/usertrap.c:151 (KiUserTrapHandler))>
<ntoskrnl.exe: 1dc3 (ke/i386/exp.c:590 (KiTrapHandler))>
<ntoskrnl.exe: 3851 (:131 (KeAddSystemServiceTable))>
<avifrate.exe: 47d6>
<avifrate.exe: 7a01>
<avifrate.exe: 997f>
<avifrate.exe: 355c>
<avifrate.exe: 35b2>
<kernel32.dll: 1944d (process/create.c:381 (BaseProcessStart))>

Entered debugger on exception number 3.

Entered kernel debugger (type "help" for a list of commands)

kdb:>

More information about the Ros-kernel mailing list