Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Blue screen when run the winkvm.bat #1

Closed
clcarwin opened this issue May 25, 2011 · 3 comments
Closed

Blue screen when run the winkvm.bat #1

clcarwin opened this issue May 25, 2011 · 3 comments

Comments

@clcarwin
Copy link

Blue screen when run the winkvm.bat

The problem is occur in:
void kvm_exit_arch(void)
on_each_cpu(kvm_arch_ops->hardware_disable, NULL, 0, 1);

Maybe the kvm_arch_ops is NULL.

This is the minidump analyze:

Symbol search path is: *** Invalid ***

  • Symbol loading may be unreliable without a symbol search path. *
  • Use .symfix to have the debugger choose a symbol path. *
  • After setting your symbol path, use .reload to refresh symbol locations. *
    Executable search path is:
  • Symbols can not be loaded because symbol path is not initialized. *
  •                                                               *
  • The Symbol Path can be set by: *
  • using the _NT_SYMBOL_PATH environment variable. *
  • using the -y <symbol_path> argument when starting the debugger. *
  • using .sympath and .sympath+ *

Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows XP Kernel Version 2600 (Service Pack 3) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Machine Name:
Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055e720
Debug session time: Tue May 24 16:18:35.312 2011 (GMT+8)
System Uptime: 0 days 0:06:47.899

  • Symbols can not be loaded because symbol path is not initialized. *
  •                                                               *
  • The Symbol Path can be set by: *
  • using the _NT_SYMBOL_PATH environment variable. *
  • using the -y <symbol_path> argument when starting the debugger. *
  • using .sympath and .sympath+ *

Unable to load image ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
..........
Loading User Symbols
Loading unloaded module list
...........
Unable to load image winkvmstab.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for winkvmstab.sys
*** ERROR: Module load completed but symbols could not be loaded for winkvmstab.sys

  •                                                                         *

  •                    Bugcheck Analysis                                    *

  •                                                                         *

Use !analyze -v to get detailed debugging information.

BugCheck 1000008E, {c0000005, a91ced24, a96bbbc8, 0}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*** Your debugger is not using the correct symbols ***

*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***

*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***

*** Type referenced: nt!_KPRCB ***

*** Your debugger is not using the correct symbols ***

*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***

*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***

*** Type referenced: nt!_KPRCB ***

  • Symbols can not be loaded because symbol path is not initialized. *
  •                                                               *
  • The Symbol Path can be set by: *
  • using the _NT_SYMBOL_PATH environment variable. *
  • using the -y <symbol_path> argument when starting the debugger. *
  • using .sympath and .sympath+ *
  • Symbols can not be loaded because symbol path is not initialized. *
  •                                                               *
  • The Symbol Path can be set by: *
  • using the _NT_SYMBOL_PATH environment variable. *
  • using the -y <symbol_path> argument when starting the debugger. *
  • using .sympath and .sympath+ *

Probably caused by : winkvmstab.sys ( winkvmstab+1d24 )

Followup: MachineOwner

kd> !analyze -v

  •                                                                         *

  •                    Bugcheck Analysis                                    *

  •                                                                         *

KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: a91ced24, The address that the exception occurred at
Arg3: a96bbbc8, Trap Frame
Arg4: 00000000

Debugging Details:

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

*** Your debugger is not using the correct symbols ***

*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***

*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***

*** Type referenced: nt!_KPRCB ***

*** Your debugger is not using the correct symbols ***

*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***

*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***

*** Type referenced: nt!_KPRCB ***

  • Symbols can not be loaded because symbol path is not initialized. *
  •                                                               *
  • The Symbol Path can be set by: *
  • using the _NT_SYMBOL_PATH environment variable. *
  • using the -y <symbol_path> argument when starting the debugger. *
  • using .sympath and .sympath+ *
  • Symbols can not be loaded because symbol path is not initialized. *
  •                                                               *
  • The Symbol Path can be set by: *
  • using the _NT_SYMBOL_PATH environment variable. *
  • using the -y <symbol_path> argument when starting the debugger. *
  • using .sympath and .sympath+ *

ADDITIONAL_DEBUG_TEXT:
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.

FAULTING_MODULE: 804d8000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 4c99dc35

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - "0x%08lx"

FAULTING_IP:
winkvmstab+1d24
a91ced24 8b400c mov eax,dword ptr [eax+0Ch]

TRAP_FRAME: a96bbbc8 -- (.trap 0xffffffffa96bbbc8)
ErrCode = 00000000
eax=00000000 ebx=89a09b40 ecx=00000001 edx=00000004 esi=8a29cb10 edi=8a3ce978
eip=a91ced24 esp=a96bbc3c ebp=a96bbc68 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
winkvmstab+0x1d24:
a91ced24 8b400c mov eax,dword ptr [eax+0Ch] ds:0023:0000000c=????????
Resetting default scope

DEFAULT_BUCKET_ID: DRIVER_FAULT

BUGCHECK_STR: 0x8E

LAST_CONTROL_TRANSFER: from 804f018f to a91ced24

STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
a96bbc68 804f018f 89723028 8a3ce968 8a3ce968 winkvmstab+0x1d24
a96bbcb0 805bc466 00a09b40 00000000 89a09b28 nt+0x1818f
a96bbccc 805276ca 89a09b40 00000000 0000078c nt+0xe4466
a96bbcfc 805bd3d1 e29317c0 89a09b40 0000078c nt+0x4f6ca
a96bbd44 805bd509 0000078c 00000001 00000000 nt+0xe53d1
a96bbd58 8054261c 0000078c 0022cb04 7c92e4f4 nt+0xe5509
a96bbd64 7c92e4f4 badb0d00 0022cb00 00000000 nt+0x6a61c
a96bbd68 badb0d00 0022cb00 00000000 00000000 0x7c92e4f4
a96bbd6c 0022cb00 00000000 00000000 00000000 0xbadb0d00
a96bbd70 00000000 00000000 00000000 00000000 0x22cb00

STACK_COMMAND: kb

FOLLOWUP_IP:
winkvmstab+1d24
a91ced24 8b400c mov eax,dword ptr [eax+0Ch]

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: winkvmstab+1d24

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: winkvmstab

IMAGE_NAME: winkvmstab.sys

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner

kd> u
winkvmstab+0x1d24:
a91ced24 8b400c mov eax,dword ptr [eax+0Ch]
a91ced27 890424 mov dword ptr [esp],eax
a91ced2a e841fe0000 call winkvmstab+0x11b70 (a91deb70)
a91ced2f a150641ea9 mov eax,dword ptr [winkvmstab+0x19450 (a91e6450)]
a91ced34 ff5014 call dword ptr [eax+14h]
a91ced37 c7442404ef251ea9 mov dword ptr [esp+4],offset winkvmstab+0x155ef (a91e25ef)
a91ced3f c7042400000000 mov dword ptr [esp],0
a91ced46 c70550641ea900000000 mov dword ptr [winkvmstab+0x19450 (a91e6450)],0
@ddk50
Copy link
Owner

ddk50 commented Jun 1, 2011

What's your Windows version?
Currently, we only have support WindowsXPsp3.

@clcarwin
Copy link
Author

clcarwin commented Jun 2, 2011

System: Microsoft Windows XP Professional Version 2002 Service Pack 3, English Version
Computer:AMD Athlon(tm) II X4 635 Processor

WinDBG Analyze Minidump Result:
STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
a8402c68 804ef19f 89776028 8982bf68 8982bf68 winkvmstab+0x1d24
a8402c78 80583b1e 8960c330 00000000 00000000 nt!IopfCallDriver+0x31
a8402cb0 805bb4aa 0060c348 00000000 8960c330 nt!IopDeleteFile+0x132
a8402ccc 805266fa 8960c348 00000000 00000740 nt!ObpRemoveObjectRoutine+0xe0
a8402ce4 805bc37f 897199a0 e11253c8 898929a0 nt!ObfDereferenceObject+0x4c
a8402cfc 805bc415 e11253c8 8960c348 00000740 nt!ObpCloseHandleTableEntry+0x155
a8402d44 805bc54d 00000740 00000001 00000000 nt!ObpCloseHandle+0x87
a8402d58 8054167c 00000740 0022cb04 7c90e514 nt!NtClose+0x1d
a8402d58 7c90e514 00000740 0022cb04 7c90e514 nt!KiFastCallEntry+0xfc
0022cb04 00000000 00000000 00000000 00000000 0x7c90e514

I use WinKVM-20101018.zip to test and set XPSP3 run into onecpu mode. I send the minidump to your email.

@ddk50
Copy link
Owner

ddk50 commented Jun 2, 2011

OK, I found crash reason.
You have to use IntelCPU, not AMD Processor.
WinKVM currently supports only IntelVT-x.

@clcarwin clcarwin closed this as completed Jun 2, 2011
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@ddk50 @clcarwin