The KMDF driver crashes with no useful information from !analyze -v
I am trying to debug Hello World KMDF driver from MSDN in Virtual Box. Symbols loads and everything looks fine. But when I am trying to debug the code the following happens:
-----------------------------------------------------------------------
-----------------------------------------------------------------------
Starting New Debugger Session
-----------------------------------------------------------------------
-----------------------------------------------------------------------
[debug session data]
Break instruction exception - code 80000003 (first chance)
nt!DbgBreakPointWithStatus:
fffff807`0d262390 cc int 3
I don't know what that breakpoint is. Moreover it remains when I am debugging another example driver.
The following message the only message I recieve when I run the driver and hit Break All button regardless of another breakpoints setted or not.
kd> g
Break instruction exception - code 80000003 (first chance)
*******************************************************************************
* *
* You are seeing this message because you pressed either *
* CTRL+C (if you run console kernel debugger) or, *
* CTRL+BREAK (if you run GUI kernel debugger), *
* on your debugger machine's keyboard. *
* *
* THIS IS NOT A BUG OR A SYSTEM CRASH *
* *
* If you did not intend to break into the debugger, press the "g" key, then *
* press the "Enter" key now. This message might immediately reappear. If it *
* does, press "g" and "Enter" again. *
* *
*******************************************************************************
nt!DbgBreakPointWithStatus:
fffff807`0d262390 cc int 3
And adress of the breakpont is always the same. Also the debugger does not pick up the source code and local variables.
The !analyze -v response is hard to interpret because it almost has no specific information:
kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Unknown bugcheck code (0)
Unknown bugcheck description
Arguments:
Arg1: 0000000000000000
Arg2: 0000000000000000
Arg3: 0000000000000000
Arg4: 0000000000000000
Debugging Details:
------------------
KEY_VALUES_STRING: 1
STACKHASH_ANALYSIS: 1
TIMELINE_ANALYSIS: 1
DUMP_CLASS: 1
DUMP_QUALIFIER: 0
BUILD_VERSION_STRING: 17763.1.amd64fre.rs5_release.180914-1434
DUMP_TYPE: 0
BUGCHECK_P1: 0
BUGCHECK_P2: 0
BUGCHECK_P3: 0
BUGCHECK_P4: 0
PROCESS_NAME: svchost.exe
FAULTING_IP:
nt!DbgBreakPointWithStatus+0
fffff807`0d262390 cc int 3
ERROR_CODE: (NTSTATUS) 0x80000003 - {EXCEPTION} Breakpoint A breakpoint has been reached.
EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - One or more arguments are invalid
EXCEPTION_CODE_STR: 80000003
EXCEPTION_PARAMETER1: 0000000000000000
CPU_COUNT: 1
CPU_MHZ: e10
CPU_VENDOR: GenuineIntel
CPU_FAMILY: 6
CPU_MODEL: 9e
CPU_STEPPING: 9
CPU_MICROCODE: 6,9e,9,0 (F,M,S,R) SIG: 0'00000000 (cache) 0'00000000 (init)
DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT
BUGCHECK_STR: 0x0
CURRENT_IRQL: d
ANALYSIS_SESSION_HOST: DESKTOP-7FEEGEP
ANALYSIS_SESSION_TIME: 05-17-2019 13:39:22.0086
ANALYSIS_VERSION: 10.0.17763.132 amd64fre
STACK_TEXT:
fffff807`0f46db78 fffff807`0d27721e : fffff807`0ce14180 00000000`00000001 ffffd087`89a36080 00000000`0000806c : nt!DbgBreakPointWithStatus
fffff807`0f46db80 fffff807`0d2d3c04 : ffffd087`84602020 00000000`00000000 00000000`0000806b fffff807`0d01446f : nt!KdCheckForDebugBreak+0x90e66
fffff807`0f46dbb0 fffff807`0d18bdf4 : 00000000`00000000 00000000`00000000 00000000`0000806c fffff807`0ce14180 : nt!KeAccumulateTicks+0x144cd4
fffff807`0f46dc10 fffff807`0d011332 : 00000000`00000000 fffff807`0d074be8 fffff903`28437b80 00000000`00000000 : nt!KeClockInterruptNotify+0x604
fffff807`0f46df30 fffff807`0d1da195 : 000000b9`9e48c277 fffff807`0d077850 fffff807`0d077900 fffff903`28437b80 : hal!HalpTimerClockInterrupt+0xf2
fffff807`0f46df60 fffff807`0d25c12a : fffff903`28437b80 fffff807`0d077850 00000000`000000bc fffff807`0d077850 : nt!KiCallInterruptServiceRoutine+0xa5
fffff807`0f46dfb0 fffff807`0d25c677 : 00000127`1c58e310 fffff903`28437b80 ffffba01`a64f3c80 ffffd087`00001680 : nt!KiInterruptSubDispatchNoLockNoEtw+0xfa
fffff903`28437b00 00007ffe`6d921d90 : 00007ffe`63c76dc9 00000000`00000030 00000127`1c58e310 00000127`1cf29fc6 : nt!KiInterruptDispatchNoLockNoEtw+0x37
0000001b`4ddfda48 00007ffe`63c76dc9 : 00000000`00000030 00000127`1c58e310 00000127`1cf29fc6 00000000`00000086 : ntdll!RtlLeaveCriticalSection
0000001b`4ddfda50 00007ffe`63c75c4a : 00000127`1c58e310 00000000`00000000 00000127`1cf29fc6 00000000`00000001 : StateRepository_Core!dbMallocRawFinish+0xf9
0000001b`4ddfda80 00007ffe`63c74318 : 0000001b`4ddfdc90 00000127`218eaab5 0000001b`4ddfdad0 0000001b`4ddfe500 : StateRepository_Core!sqlite3ExprListAppend+0x10a
0000001b`4ddfdab0 00007ffe`63c73f4f : 00000127`218eaab5 00000000`0000003b 0000001b`4ddfe600 00000127`218eaab5 : StateRepository_Core!yy_reduce+0x138
0000001b`4ddfdb60 00007ffe`63c714d0 : 00000000`0000000b 00000127`1d48d4c0 00000127`17a60000 00000127`1c58e310 : StateRepository_Core!sqlite3RunParser+0x18f
0000001b`4ddfe5a0 00007ffe`63c7fad6 : 00000127`0000000b 00000127`210c9e50 00000127`1d48d4c0 00000127`1c58e310 : StateRepository_Core!sqlite3Prepare+0x140
0000001b`4ddfe8a0 00007ffe`63c77470 : 00000000`00000000 00000000`00000001 00000127`227c5620 00000127`1c58e310 : StateRepository_Core!sqlite3Reprepare+0xa6
0000001b`4ddfe910 00007ffe`5baa75ed : 0000001b`4ddfea40 00000000`00000000 0000001b`4ddfeb30 00000000`00000001 : StateRepository_Core!sqlite3_step+0x1e0
0000001b`4ddfe940 0000001b`4ddfea40 : 00000000`00000000 0000001b`4ddfeb30 00000000`00000001 00000127`227c5620 : appxdeploymentserver+0x1975ed
0000001b`4ddfe948 00000000`00000000 : 0000001b`4ddfeb30 00000000`00000001 00000127`227c5620 00000000`00000000 : 0x0000001b`4ddfea40
THREAD_SHA1_HASH_MOD_FUNC: 7624d44a362bc09f63010be40dd2f10b30164688
THREAD_SHA1_HASH_MOD_FUNC_OFFSET: 116dd5b296cb899eb0af37455673964c028141de
THREAD_SHA1_HASH_MOD: eeaa9c3cd71569b57a2e0c61a2a59028a432624c
FOLLOWUP_IP:
nt!DbgBreakPointWithStatus+0
fffff807`0d262390 cc int 3
FAULT_INSTR_CODE: ccccc3cc
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt!DbgBreakPointWithStatus+0
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: nt
IMAGE_NAME: ntkrnlmp.exe
DEBUG_FLR_IMAGE_TIMESTAMP: 438ffec3
STACK_COMMAND: .thread ; .cxr ; kb
BUCKET_ID: MANUAL_BREAKIN
PRIMARY_PROBLEM_CLASS: MANUAL_BREAKIN
FAILURE_BUCKET_ID: MANUAL_BREAKIN
TARGET_TIME: 2019-05-17T10:34:32.000Z
OSBUILD: 17763
OSSERVICEPACK: 0
SERVICEPACK_NUMBER: 0
OS_REVISION: 0
SUITE_MASK: 272
PRODUCT_TYPE: 1
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
OSEDITION: Windows 10 WinNt TerminalServer SingleUserTS
OS_LOCALE:
USER_LCID: 0
OSBUILD_TIMESTAMP: 2005-12-02 00:58:59
BUILDDATESTAMP_STR: 180914-1434
BUILDLAB_STR: rs5_release
BUILDOSVER_STR: 10.0.17763.1.amd64fre.rs5_release.180914-1434
ANALYSIS_SESSION_ELAPSED_TIME: 69b
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:manual_breakin
FAILURE_ID_HASH: {30cbeaaa-35e3-de0f-a585-406cd241c851}
Followup: MachineOwner
---------
I confused a little by DEFAULT_BUCKET_ID: WIN8_DRIVER_FAULT line because I build the driver for Windows 10. And also by IMAGE_NAME: ntkrnlmp.exe. Looks like something happens in nt module. Googling gave no results.
Same things happens with another driver samples I tried to debug.
How can I handle this problem or at least to get more information about it?
Host: Windows 10 x64 build 17134.765, VS Community 2017 build 15.9.11, WDK 10.0.17740.1000
Target: Virtual Box build 6.0.4r128413, Windows 10 x64 build 17763.437
Cain A0 Answers
Nobody has answered this question yet.
User contributions licensed under CC BY-SA 3.0