Andalu Posted April 8, 2022 Share Posted April 8, 2022 @Mov AX, 0xDEAD There's no problem. I'm in no hurry Link to comment Share on other sites More sharing options...
Dietmar Posted April 8, 2022 Share Posted April 8, 2022 (edited) @Mov AX, 0xDEAD I have the same SHA-1 checksum for pci.sys (Debug) before modd as you and also the same SHA-1 checksum after modd exakt as you. But no output for PCI, only Acpi as before. May be the reason is the following: When I set a breakpoint via bu pci!DriverEntry the Bsod 0x7E (0xC0000005, xxx, yyy, zzz) happens before the compi breaks there Dietmar PS: I also check the Symbol path for the Debug and modded pci.sys. It is 805e8000 8060ef80 pci (pdb symbols) c:\symbolssss\sys\pci.pdb This is correct, because in C:\symbolssss folder I extract the Debug *.pdb. EDIT: What do you write in kd> line after Windbg starts? Edited April 8, 2022 by Dietmar Link to comment Share on other sites More sharing options...
Mov AX, 0xDEAD Posted April 8, 2022 Author Share Posted April 8, 2022 37 minutes ago, Dietmar said: @Mov AX, 0xDEAD I have the same SHA-1 checksum for pci.sys (Debug) before modd as you and also the same SHA-1 checksum after modd exakt as you. But no output for PCI, only Acpi as before @Dietmar you missed something with pci.sys i have insant output without any additonal commands, just g g Quote Opened \\.\pipe\kd_WinXP_vbox Waiting to reconnect... Connected to Windows XP 2600 x86 compatible target at (Sat Apr 9 03:36:26.449 2022 (UTC + 5:00)), ptr64 FALSE Kernel Debugger connection established. ************* Symbol Path validation summary ************** Response Time (ms) Location Deferred srv*C:\SYMBOLS*http://msdl.microsoft.com/download/symbols Symbol search path is: srv*C:\SYMBOLS*http://msdl.microsoft.com/download/symbols Executable search path is: Windows XP Kernel Version 2600 UP Free x86 compatible Built by: 2600.xpsp.080413-2111 Machine Name: Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055b1c0 System Uptime: not available Break instruction exception - code 80000003 (first chance) nt!DbgBreakPoint: 804e3586 cc int 3 kd> g Breakpoint 0 hit pci!DriverEntry: f99b7c96 8bff mov edi,edi kd> g Adding Hack entry for Vendor:0x1045 Device:0xc621 = 0x4 Adding Hack entry for Vendor:0x1095 Device:0x0640 = 0x4 Adding Hack entry for Vendor:0x8086 Device:0x1230 = 0x4 Link to comment Share on other sites More sharing options...
Dietmar Posted April 8, 2022 Share Posted April 8, 2022 (edited) Hihi, I make small joke with the acpi.sys V2 where I did the Ryzen hack against AcpiArbCrackPRT in the morning. And voila, now pci.sys Debug gives output. Hm, can this mean, that the driver entry for pci.sys is never reached because the crash via AcpiArbCrackPRT happens before this? Microsoft (R) Windows Debugger Version 6.3.9600.17200 X86 Copyright (c) Microsoft Corporation. All rights reserved. Using NET for debugging Opened WinSock 2.0 Waiting to reconnect... Connected to target 192.168.2.104 on port 50000 on local IP 192.168.2.101. Connected to Windows XP 2600 x86 compatible target at (Sat Apr 9 00:58:19.572 2022 (UTC + 2:00)), ptr64 FALSE Kernel Debugger connection established. ************* Symbol Path validation summary ************** Response Time (ms) Location OK C:\Symbols ************* Symbol Path validation summary ************** Response Time (ms) Location OK C:\symbolssss Symbol search path is: C:\symbolssss Executable search path is: C:\Symbols Windows XP Kernel Version 2600 MP (1 procs) Checked x86 compatible Built by: 2600.xpsp.080413-2133 Machine Name: Kernel base = 0x80a02000 PsLoadedModuleList = 0x80b019e8 System Uptime: not available ************* Symbol Path validation summary ************** Response Time (ms) Location OK E:\binaries.x86fre\Symbols ************* Symbol Path validation summary ************** Response Time (ms) Location OK C:\Symbols ************* Symbol Path validation summary ************** Response Time (ms) Location OK C:\symbolssss OK C:\symbols OK C:\symbolss OK C:\symbolsss OK E:\binaries.x86fre\Symbols Deferred https://msdl.microsoft.com/download/symbols Deferred srv* Closing open log file otto7 Opened log file 'otto7' Break instruction exception - code 80000003 (first chance) nt!DbgBreakPoint: 80ac37e0 cc int 3 kd> bu pci!DriverEntry kd> g MM: Loader/HAL memory block indicates large pages cannot be used for 80100000->8012777F MM: Loader/HAL memory block indicates large pages cannot be used for 810A6000->8258AFFF MM: Disabling large pages for all ranges due to overlap Breakpoint 0 hit pci!DriverEntry: 8059fc96 8bff mov edi,edi 15: kd> g Adding Hack entry for Vendor:0x1045 Device:0xc621 = 0x4 Adding Hack entry for Vendor:0x1095 Device:0x0640 = 0x4 Adding Hack entry for Vendor:0x8086 Device:0x1230 = 0x4 Adding Hack entry for Vendor:0x8086 Device:0x7010 = 0x4 Adding Hack entry for Vendor:0x104b Device:0x0140 = 0x8 Adding Hack entry for Vendor:0x1179 Device:0x0603 = 0x8 Adding Hack entry for Vendor:0x8086 Device:0x7113 = 0x8 Adding Hack entry for Vendor:0x4978 Device:0x84c5 = 0x8 Adding Hack entry for Vendor:0x1106 Device:0x3040 = 0x8 Adding Hack entry for Vendor:0x0e11 Device:0x1000 = 0x10 Adding Hack entry for Vendor:0x0e11 Device:0x2000 = 0x10 Adding Hack entry for Vendor:0x1039 Device:0x0406 = 0x10 Adding Hack entry for Vendor:0x8086 Device:0x0482 = 0x4000 Adding Hack entry for Vendor:0x8086 Device:0x0008 = 0x10 Adding Hack entry for Vendor:0x1014 Device:0x0002 = 0x10 Adding Hack entry for Vendor:0x1080 Device:0x0600 = 0x20 Adding Hack entry for Vendor:0x1013 Device:0x1100 = 0x40 Adding Hack entry for Vendor:0x10b9 Device:0x5219 = 0x80 Adding Hack entry for Vendor:0x1c1c Device:0x0001 = 0x100 Adding Hack entry for Vendor:0x1097 Device:0x0038 = 0x100 Adding Hack entry for Vendor:0x100b Device:0xd001 = 0x400 Adding Hack entry for Vendor:0x8086 Device:0x04a3 = 0x800 Adding Hack entry for Vendor:0x10aa Device:0x0000 = 0x800 Adding Hack entry for Vendor:0x5333 Device:0x88d1 = 0x100000000 Adding Hack entry for Vendor:0x1179 Device:0x0605 = 0x1000 Adding Hack entry for Vendor:0x1013 Device:0x1110 = 0x2000 Adding Hack entry for Vendor:0x1180 Device:0x0478 = 0x2000 Adding Hack entry for Vendor:0x1180 Device:0x0475 = 0x2000 Adding Hack entry for Vendor:0x1180 Device:0x0476 = 0x2000 Adding Hack entry for Vendor:0x1004 Device:0x0101 = 0x4000 Adding Hack entry for Vendor:0x1042 Device:0x1000 = 0x4000 Adding Hack entry for Vendor:0x104c Device:0xac12 = 0x10000 Adding Hack entry for Vendor:0x1180 Device:0x0466 = 0x10000 Adding Hack entry for Vendor:0x1014 Device:0x0095 = 0x40000 Adding Hack entry for Vendor:0x8086 Device:0x2418 = 0x40000 Adding Hack entry for Vendor:0x8086 Device:0x2428 = 0x40000 Adding Hack entry for Vendor:0x8086 Device:0x244e = 0x40000 Adding Hack entry for Vendor:0x8086 Device:0x2448 = 0x40000 Adding Hack entry for Vendor:0x8086 Device:0x122e = 0x80000 Adding Hack entry for Vendor:0x8086 Device:0x7000 = 0x80000 Adding Hack entry for Vendor:0x8086 Device:0x7110 = 0x80000 Adding Hack entry for Vendor:0x8086 Device:0x7600 = 0x80000 Adding Hack entry for Vendor:0x1002 Device:0x4747 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4754 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x8901 = 0x100000000 Adding Hack entry for Vendor:0x1013 Device:0x00d6 = 0x400000 Adding Hack entry for Vendor:0x104c Device:0xac15 = 0x400000 Adding Hack entry for Vendor:0x110b Device:0x0004 = 0x400000 Adding Hack entry for Vendor:0x1000 Device:0x000f = 0x400000 Adding Hack entry for Vendor:0x104c Device:0xac17 = 0x400000 Adding Hack entry for Vendor:0x1023 Device:0x9397 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4742 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4744 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4749 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4750 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4751 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4755 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4757 = 0x20400000 Adding Hack entry for Vendor:0x1002 Device:0x4759 = 0x20400000 Adding Hack entry for Vendor:0x1002 Device:0x4c42 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4c44 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4c47 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4c49 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4c50 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x4c51 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x5654 = 0x100000000 Adding Hack entry for Vendor:0x1002 Device:0x5655 = 0x400000 Adding Hack entry for Vendor:0x1002 Device:0x5656 = 0x400000 Adding Hack entry for Vendor:0x121a Device:0x0003 = 0x400000 Adding Hack entry for Vendor:0x1045 Device:0xc861 SybSys:0x9300 SubVendor:0x107b = 0x400000 Adding Hack entry for Vendor:0x1045 Device:0xc861 SybSys:0xc861 SubVendor:0x1045 = 0x400000 Adding Hack entry for Vendor:0x8086 Device:0x1231 = 0x1000000 Adding Hack entry for Vendor:0x1273 Device:0x0002 = 0x1000000 Adding Hack entry for Vendor:0x1014 Device:0x007d = 0x1000000 Adding Hack entry for Vendor:0x1285 Device:0x0100 = 0x1000000 Adding Hack entry for Vendor:0x1217 Device:0x6836 = 0x8000000 Adding Hack entry for Vendor:0x1217 Device:0x6832 = 0x8000000 Adding Hack entry for Vendor:0x1091 Device:0x07a0 = 0x20000000 Adding Hack entry for Vendor:0x8086 Device:0x7800 = 0x20000000 Adding Hack entry for Vendor:0x10c8 Device:0x8005 = 0x20000000 Adding Hack entry for Vendor:0x10c8 Device:0x8006 = 0x20000000 Adding Hack entry for Vendor:0x10c8 Device:0x0005 = 0x20000000 Adding Hack entry for Vendor:0x10c8 Device:0x0006 = 0x20000000 Adding Hack entry for Vendor:0x102b Device:0x1001 = 0x80000000 Adding Hack entry for Vendor:0x10dd Device:0x0100 = 0x20000000 Adding Hack entry for Vendor:0x1095 Device:0x0646 = 0x20000000 Adding Hack entry for Vendor:0x1095 Device:0x0670 = 0x20000000 Adding Hack entry for Vendor:0x1095 Device:0x0648 = 0x20000000 Adding Hack entry for Vendor:0x1011 Device:0x0026 = 0x20000000 Adding Hack entry for Vendor:0x8086 Device:0xb154 = 0x20000000 Adding Hack entry for Vendor:0x5333 Device:0x8904 = 0x20000000 Adding Hack entry for Vendor:0x1106 Device:0x8598 = 0x20000000 Adding Hack entry for Vendor:0x1106 Device:0x8605 = 0x20000000 Adding Hack entry for Vendor:0x1179 Device:0x0609 = 0x40000000 Adding Hack entry for Vendor:0x1014 Device:0x0047 = 0x40000000 Adding Hack entry for Vendor:0x102b Device:0x051b = 0x80000000 Adding Hack entry for Vendor:0x102b Device:0x0520 = 0x80000000 Adding Hack entry for Vendor:0x102b Device:0x0521 = 0x80000000 Adding Hack entry for Vendor:0x102b Device:0x1025 = 0x80000000 Adding Hack entry for Vendor:0x102b Device:0x0525 = 0x80000000 Adding Hack entry for Vendor:0x8086 Device:0x7121 = 0x80000000 Adding Hack entry for Vendor:0x8086 Device:0x7123 = 0x80000000 Adding Hack entry for Vendor:0x8086 Device:0x7125 = 0x80000000 Adding Hack entry for Vendor:0x8086 Device:0x1132 = 0x80000000 Adding Hack entry for Vendor:0x9005 Device:0x0050 = 0x80000000 Adding Hack entry for Vendor:0x9005 Device:0x005f = 0x80000000 Adding Hack entry for Vendor:0x1002 Device:0x4752 = 0x80000000 Adding Hack entry for Vendor:0x1002 Device:0x474f = 0x80000000 Adding Hack entry for Vendor:0x1002 Device:0x474d = 0x80000000 Adding Hack entry for Vendor:0x1002 Device:0x4753 = 0x80000000 Adding Hack entry for Vendor:0x1002 Device:0x474c = 0x80000000 Adding Hack entry for Vendor:0x1002 Device:0x474e = 0x80000000 Adding Hack entry for Vendor:0x1002 Device:0x4c4d = 0x80000000 Adding Hack entry for Vendor:0x1002 Device:0x4c4e = 0x80000000 Adding Hack entry for Vendor:0x1002 Device:0x4c52 = 0x80000000 Adding Hack entry for Vendor:0x1002 Device:0x4c53 = 0x80000000 Adding Hack entry for Vendor:0x1023 Device:0x9880 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x00a0 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x00a1 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x00a3 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x00b0 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x00b1 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x00b3 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0100 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0101 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0102 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0103 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0120 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0121 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0122 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0123 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0150 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0151 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0152 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0153 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0200 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0201 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0202 = 0x80000000 Adding Hack entry for Vendor:0x10de Device:0x0203 = 0x80000000 Adding Hack entry for Vendor:0x12d2 Device:0x0018 = 0x80000000 Adding Hack entry for Vendor:0x12d2 Device:0x0019 = 0x80000000 Adding Hack entry for Vendor:0x1013 Device:0x6003 = 0x80000000 Adding Hack entry for Vendor:0x3d3d Device:0x000a = 0x80000000 Adding Hack entry for Vendor:0x1002 Device:0x4158 = 0x100000000 Adding Hack entry for Vendor:0x1002 Device:0x4354 = 0x100000000 Adding Hack entry for Vendor:0x1002 Device:0x4358 = 0x100000000 Adding Hack entry for Vendor:0x1002 Device:0x4554 = 0x100000000 Adding Hack entry for Vendor:0x1002 Device:0x4758 = 0x100000000 Adding Hack entry for Vendor:0x1002 Device:0x4c54 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x8810 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x8811 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x8812 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x8814 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x8880 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x88b0 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x88c0 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x88c1 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x88d0 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x88f0 = 0x100000000 Adding Hack entry for Vendor:0x5333 Device:0x8902 = 0x100000000 Adding Hack entry for Vendor:0x0e11 Device:0xb109 = 0x200000000 Adding Hack entry for Vendor:0x1002 Device:0x4342 = 0x8000000000 Adding Hack entry for Vendor:0x1002 Device:0x4362 = 0x8000000000 Adding Hack entry for Vendor:0x1002 Device:0x4371 = 0x8000000000 Adding Hack entry for Vendor:0x100c Device:0x3202 = 0x8a00 Adding Hack entry for Vendor:0x1066 Device:0x8002 = 0x300000 Adding Hack entry for Vendor:0x1066 Device:0x0002 = 0x300000 Adding Hack entry for Vendor:0x1004 Device:0x0102 = 0x2004000 Adding Hack entry for Vendor:0x1045 Device:0xc814 = 0x20400000 Adding Hack entry for Vendor:0x1002 Device:0x4756 = 0x20400000 Adding Hack entry for Vendor:0x1002 Device:0x475a = 0x20400000 Adding Hack entry for Vendor:0x8086 Device:0x1161 = 0x1040000000 Adding Hack entry for Vendor:0x8086 Device:0x1461 = 0x1040000000 Adding Hack entry for Vendor:0x1000 Device:0x000b = 0xa0000000 Adding Hack entry for Vendor:0x10de Device:0x0020 = 0xa0000000 Adding Hack entry for Vendor:0x10de Device:0x0028 = 0xa0000000 Adding Hack entry for Vendor:0x10de Device:0x0029 = 0xa0000000 Adding Hack entry for Vendor:0x10de Device:0x002a = 0xa0000000 Adding Hack entry for Vendor:0x10de Device:0x002b = 0xa0000000 Adding Hack entry for Vendor:0x10de Device:0x002c = 0xa0000000 Adding Hack entry for Vendor:0x10de Device:0x002d = 0xa0000000 Adding Hack entry for Vendor:0x10de Device:0x002e = 0xa0000000 Adding Hack entry for Vendor:0x10de Device:0x002f = 0xa0000000 Adding Hack entry for Vendor:0x1013 Device:0x00d6 SybSys:0x80d6 SubVendor:0x1018 = 0x0 Debug device @ Segment 0, 3.0.0 PCI - Unexpected status c0000034 from ZwQueryValueKey, expected STATUS_BUFFER_TOO_SMALL (c0000023). PCI - Unexpected status c0000034 from ZwQueryValueKey, expected STATUS_BUFFER_TOO_SMALL (c0000023). *** Assertion failed: IopInitHalResources == NULL *** Source File: d:\xpsp\base\ntos\io\pnpmgr\pnpinit.c, line 1455 Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i i *** Fatal System Error: 0x0000007b (0xBACC7518,0xC0000034,0x00000000,0x00000000) Break instruction exception - code 80000003 (first chance) A fatal system error has occurred. Debugger entered on first try; Bugcheck callbacks have not been invoked. A fatal system error has occurred. Connected to Windows XP 2600 x86 compatible target at (Sat Apr 9 00:59:12.057 2022 (UTC + 2:00)), ptr64 FALSE Loading Kernel Symbols ................................... Loading User Symbols ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 7B, {bacc7518, c0000034, 0, 0} Probably caused by : ntkrpamp.exe ( nt!IopMarkBootPartition+f5 ) Followup: MachineOwner --------- nt!RtlpBreakWithStatusInstruction: 80ac37ec cc int 3 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* INACCESSIBLE_BOOT_DEVICE (7b) During the initialization of the I/O system, it is possible that the driver for the boot device failed to initialize the device that the system is attempting to boot from, or it is possible for the file system that is supposed to read that device to either fail its initialization or to simply not recognize the data on the boot device as a file system structure that it recognizes. In the former case, the argument (#1) is the address of a Unicode string data structure that is the ARC name of the device from which the boot was being attempted. In the latter case, the argument (#1) is the address of the device object that could not be mounted. If this is the initial setup of the system, then this error can occur if the system was installed on an unsupported disk or SCSI controller. Note that some controllers are supported only by drivers which are in the Windows Driver Library (WDL) which requires the user to do a custom install. See the Windows Driver Library for more information. This error can also be caused by the installation of a new SCSI adapter or disk controller or repartitioning the disk with the system partition. If this is the case, on x86 systems the boot.ini file must be edited or on ARC systems setup must be run. See the "Advanced Server System Administrator's User Guide" for information on changing boot.ini. If the argument is a pointer to an ARC name string, then the format of the first two (and in this case only) longwords will be: USHORT Length; USHORT MaximumLength; PWSTR Buffer; That is, the first longword will contain something like 00800020 where 20 is the actual length of the Unicode string, and the next longword will contain the address of buffer. This address will be in system space, so the high order bit will be set. If the argument is a pointer to a device object, then the format of the first word will be: USHORT Type; That is, the first word will contain a 0003, where the Type code will ALWAYS be 0003. Note that this makes it immediately obvious whether the argument is a pointer to an ARC name string or a device object, since a Unicode string can never have an odd number of bytes, and a device object will always have a Type code of 3. Arguments: Arg1: bacc7518, Pointer to the device object or Unicode string of ARC name Arg2: c0000034, (reserved) Arg3: 00000000, (reserved) Arg4: 00000000 Debugging Details: ------------------ DEFAULT_BUCKET_ID: DRIVER_FAULT BUGCHECK_STR: 0x7B PROCESS_NAME: System ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) x86fre DPC_STACK_BASE: FFFFFFFFBACCC000 LAST_CONTROL_TRANSFER: from 80a30d7b to 80ac37ec STACK_TEXT: bacc7080 80a30d7b 00000003 bacc73dc 00000000 nt!RtlpBreakWithStatusInstruction bacc70cc 80a319e6 00000003 80085000 e12ec418 nt!KiBugCheckDebugBreak+0x19 bacc74ac 80a31f77 0000007b bacc7518 c0000034 nt!KeBugCheck2+0x574 bacc74cc 80d32863 0000007b bacc7518 c0000034 nt!KeBugCheckEx+0x1b bacc7634 80d380f6 80085000 00000000 80085000 nt!IopMarkBootPartition+0xf5 bacc7684 80d341f1 80085000 bacc76a0 00034000 nt!IopInitializeBootDrivers+0x53e bacc7830 80d31940 80085000 00000000 8a528da8 nt!IoInitSystem+0x82d bacc7dac 80bd81ac 80085000 00000000 00000000 nt!Phase1Initialization+0xb12 bacc7ddc 80ae4212 80d30e2e 80085000 00000000 nt!PspSystemThreadStartup+0x34 00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16 STACK_COMMAND: kb FOLLOWUP_IP: nt!IopMarkBootPartition+f5 80d32863 8d85e0feffff lea eax,[ebp-120h] SYMBOL_STACK_INDEX: 4 SYMBOL_NAME: nt!IopMarkBootPartition+f5 FOLLOWUP_NAME: MachineOwner MODULE_NAME: nt IMAGE_NAME: ntkrpamp.exe DEBUG_FLR_IMAGE_TIMESTAMP: 4802b3ce IMAGE_VERSION: 5.1.2600.5512 FAILURE_BUCKET_ID: 0x7B_nt!IopMarkBootPartition+f5 BUCKET_ID: 0x7B_nt!IopMarkBootPartition+f5 ANALYSIS_SOURCE: KM FAILURE_ID_HASH_STRING: km:0x7b_nt!iopmarkbootpartition+f5 FAILURE_ID_HASH: {e710697b-9762-1225-4a06-575d839651e1} Followup: MachineOwner --------- Edited April 8, 2022 by Dietmar Link to comment Share on other sites More sharing options...
Mov AX, 0xDEAD Posted April 8, 2022 Author Share Posted April 8, 2022 (edited) 12 minutes ago, Dietmar said: Hihi, I make small joke with the acpi.sys V2 where I did the Ryzen hack against Acpiarbcrack in the morning. And voila, now pci.sys Debug gives output. Hm, can this mean, that the driver entry for pci.sys is never reached because the crash via Acpiarbcrack happens before this? Mixed output: Quote kd> bl 0 eu 0001 (0001) (pci!DriverEntry) 1 eu 0001 (0001) (acpi!DriverEntry) kd> g Breakpoint 1 hit ACPI!DriverEntry: f9a21a06 8bff mov edi,edi kd> ed Kd_ACPI_Mask 0xFFFFFFFF kd> g OSOpenUnicodeHandle: ZwOpenKey = 0xc0000034 OSOpenUnicodeHandle: ZwOpenKey = 0xc0000034 OSReadRegValue: OSOpenHandle = 0xc0000034 OSReadRegValue: 0x00000a < 0x00000d 81BEA3F8 ACPI\PNP0C08-0x5F534750 (0x81bea008): IRP_MN_QUERY_INTERFACE - Res 0 Type = {06141966-7245-6369-462e-4e656c736f6e} 81BEA3F8 ACPI\PNP0C08-0x5F534750 (0x81bea008): IRP_MN_QUERY_INTERFACE = 0xc00000bb 81BEA3F8 ACPI\PNP0C08-0x5F534750 (0x81bea008): IRP_MN_QUERY_INTERFACE - Res 0 Type = {f14f609b-cbbd-4957-a674-bc00213f1c97} 81BEA3F8 ACPI\PNP0C08-0x5F534750 (0x81bea008): IRP_MN_QUERY_INTERFACE = 0xc00000bb ACPIGetWmiLogGlobalHandle: Global handle aquired. Handle = 1 81BEA3F8 ACPI\PNP0C08-0x5F534750 ACPIDispatchAddDevice: 00000000 81BEA3F8 ACPI\PNP0C08-0x5F534750 (0x81bea008): ACPIRootIrpStartDevice 81BEA3F8 ACPI\PNP0C08-0x5F534750 (0x81bea008): IRP_MN_START_DEVICE = 00000000 (Complete) ... 81BEA3F8 ACPI\PNP0C08-0x5F534750 (0x81bea008): IRP_MN_QUERY_DEVICE_RELATIONS (u) = 00000000 81BAD3E8 ACPI\FixedButton (0x81bb63c0): IRP_MN_QUERY_DEVICE_RELATIONS - Unhandled Type 0 81BAD3E8 ACPI\FixedButton (0x81bb63c0): IRP_MN_QUERY_DEVICE_RELATIONS = 0xc00000bb Breakpoint 0 hit pci!DriverEntry: f99b7c96 8bff mov edi,edi kd> g Adding Hack entry for Vendor:0x1045 Device:0xc621 = 0x4 Adding Hack entry for Vendor:0x1095 Device:0x0640 = 0x4 Adding Hack entry for Vendor:0x8086 Device:0x1230 = 0x4 Adding Hack entry for Vendor:0x8086 Device:0x7010 = 0x4 Adding Hack entry for Vendor:0x104b Device:0x0140 = 0x8 Adding Hack entry for Vendor:0x1179 Device:0x0603 = 0x8 Adding Hack entry for Vendor:0x8086 Device:0x7113 = 0x8 yes, acpi started first, but why bsod before loading pci - i don't see reason probably problem in acpi.sys inside - it never call AcpiArbInitializePciRouting(), no request to pci, etc Edited April 8, 2022 by Mov AX, 0xDEAD Link to comment Share on other sites More sharing options...
Mov AX, 0xDEAD Posted April 8, 2022 Author Share Posted April 8, 2022 (edited) @Dietmar I think i found what is wrong - pci root bus don't have name PNP0A03 -> acpi.sys didn't set DEV_CAP_PCI property -> no call to AcpiArbInitializePciRouting( DeviceObject ), thanks to @Damnation for tip with DEV_CAP_PCI ! Quote INTERNAL_DEVICE_FLAG_TABLE AcpiInternalDeviceFlagTable[] = { ... "PNP0A03", DEV_CAP_PCI, ... #define PCI_PNP_ID "PNP0A03" Dietmar, can you share dsdt table from this amd board? Edited April 8, 2022 by Mov AX, 0xDEAD Link to comment Share on other sites More sharing options...
Dietmar Posted April 9, 2022 Share Posted April 9, 2022 @Mov AX, 0xDEAD Here is DSDT from Bios 4007 from 8. Dezember 2020 for the AMD board rog strix b450-f gaming ii Dietmar dsdt4007ORIRaw.7z Link to comment Share on other sites More sharing options...
Mov AX, 0xDEAD Posted April 9, 2022 Author Share Posted April 9, 2022 3 minutes ago, Dietmar said: @Mov AX, 0xDEAD Here is DSDT from Bios 4007 from 8. Dezember 2020 for the AMD board rog strix b450-f gaming ii Thanks, i was wrong, pci bus has proper names Quote Scope (_SB) { Device (PCI0) { Name (_HID, EisaId ("PNP0A08") /* PCI Express Bus */) // _HID: Hardware ID Name (_CID, EisaId ("PNP0A03") /* PCI Bus */) // _CID: Compatible ID Link to comment Share on other sites More sharing options...
Mov AX, 0xDEAD Posted April 9, 2022 Author Share Posted April 9, 2022 (edited) @Dietmar tracing on vm with "free" pci.sys kd> bl 0 eu 0001 (0001) (pci!DriverEntry) 1 eu 0001 (0001) (acpi!DriverEntry) 2 eu 0001 (0001) (acpi!AcpiArbInitializePciRouting) 3 eu 0001 (0001) (acpi!ACPIBusIrpStartDevice) 1) acpi entry point 2) pci.sys entry point 3) called ACPIBusIrpStartDevice() 4) deviceExtension->Flags & DEV_CAP_PCI is 1, we call AcpiArbInitializePciRouting() 5) status = ACPIInternalSendSynchronousIrp(topDeviceInStack, &irpSp, &buffer); return status =0 = OK , then we set PciInterfacesInstantiated = TRUE; Edited April 9, 2022 by Mov AX, 0xDEAD Link to comment Share on other sites More sharing options...
Damnation Posted April 9, 2022 Share Posted April 9, 2022 @Mov AX, 0xDEAD So is acpi.sys expecting DEV_CAP_PCI to be a PDO but it is something else? 1 Link to comment Share on other sites More sharing options...
Dietmar Posted April 9, 2022 Share Posted April 9, 2022 @Mov AX, 0xDEAD I make the ultimative test, if driverentry of pci.sys is reached before Bsod via AcpiArbCrackPRT or not. For this I changed first 2 Bytes in pci.sys at adress driverentry of the for outpit modded debug against EB FE. Voila, when I start compi, Bsod via AcpiArbCrackPRT happens BEFORE the endless loop in driverentry of pci.sys with running bar is reached. So, driverentry of pci.sys is never reached on Ryzen with normal acpi.sys Dietmar PS: Here is my pci.sys debug, modded for output, and with EB FE at driverentry, checksum corrected. Please take a look at this pci.sys, if I did everything right with EB FE at driverentry. Dietmar pciEBFE.7z Link to comment Share on other sites More sharing options...
Mov AX, 0xDEAD Posted April 9, 2022 Author Share Posted April 9, 2022 (edited) 1 hour ago, Dietmar said: @Mov AX, 0xDEAD Bsod via AcpiArbCrackPRT happens BEFORE the endless loop in driverentry of pci.sys with running bar is reached. So, driverentry of pci.sys is never reached on Ryzen with normal acpi.sys @Dietmar Set 4 breakpoints as my example and trace ACPIBusIrpStartDevice manualy step-by-step(F10) if you reach it before BSOD, source window will open only if windbg was started on PC where sources was compiled Edited April 9, 2022 by Mov AX, 0xDEAD Link to comment Share on other sites More sharing options...
Mov AX, 0xDEAD Posted April 9, 2022 Author Share Posted April 9, 2022 7 hours ago, Damnation said: @Mov AX, 0xDEAD So is acpi.sys expecting DEV_CAP_PCI to be a PDO but it is something else? We don't know even ACPIBusIrpStartDevice was called or not... Link to comment Share on other sites More sharing options...
Dietmar Posted April 9, 2022 Share Posted April 9, 2022 @Mov AX, 0xDEAD For sure the driverentry of pci.sys is not reached. The driverentry for acpi.sys is reached. But I dont understand, how to set your 4 Breakpoints. Can you please tell me step by step, when Windbg starts, what I have to do for to reach thoses breakpoints Dietmar Link to comment Share on other sites More sharing options...
Dietmar Posted April 9, 2022 Share Posted April 9, 2022 (edited) @Mov AX, 0xDEAD ACPIBusIrpStartDevice cant be called, because this happens after driverentry of pci.sys Dietmar Edited April 9, 2022 by Dietmar Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now