hi all,
i am trying to debug he same code in Windows using ITP and Windbg. What I
see is, when I set a windows bp and break into windbg, and thenintercept the
same call at the same place by ITP I do *noT* see the same instructions.
Why is that so? I should be seeing the same segments and eip and stuff on
the same core. I have tried verifying all cores, but none of them match.
I am sure i am missing the obvious here, but what is it???
–
amitr0 wrote:
hi all,
i am trying to debug he same code in Windows using ITP and Windbg.
What I see is, when I set a windows bp and break into windbg, and
thenintercept the same call at the same place by ITP I do *noT* see
the same instructions.Why is that so? I should be seeing the same segments and eip and stuff
on the same core. I have tried verifying all cores, but none of them
match.I am sure i am missing the obvious here, but what is it???
What is ITP?
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
ITP, like ‘Intel Test Probe,’ a. k. a. JTAG emulation/hardware assisted debugging?
mm
yes it ia JTAG assisted debugging for hardwares.
anyway, digging deeper I could find a few possible culprits, but i donno yet
which one is the bugger…
any pointers would certainly help…
ab
On Sat, Nov 21, 2009 at 3:17 AM, wrote:
> ITP, like ‘Intel Test Probe,’ a. k. a. JTAG emulation/hardware assisted
> debugging?
>
>
> mm
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
–
- amitr0
I’m not sure that I understand what you’re doing or trying to do.
It sounds like what you’re saying is that windbg doesn’t report the same information as your JTAG emulator in response to an SMI. The thing is, unless you’ve done some reprogramming of your MCH, windbg shouldn’t even be able to see SMRAM; further what windbg does in response to an SMI, I really don’t recall.
Even assuming that all of this works, windbg knows about virtual address; SMI doesn’t (as far as the initial IP goes).
Let’s back up:
What model of JTAG emulator are you using? (Arium ECM-50, ECM-XDP, other?)
Are you sure that you are using an ITP socket; could it be an XDP socket?
Why do you need to use both debuggers? I mean, I know why you want to use windbg when you can, but why in response to an SMI?
What are you expecting to see?
What is the general nature of your project? What you’re trying to do is very much out of the ordinary as far as windbg goes, so I’m trying to understand why you need to get this working together.
What’s your target os?
What’s your target chipset?
What are you trying to accomplish?
mm
ok, let me go into a little more detail here…
we have a driver that generates SMI, very similar to the windows acpi
driver, we work on all kindsof chipsets, he current debug setup where we see
this is on intel ICH and PCH based ones (RV,MV and CP)
this driver, in certain situations will replace the windows acpi driver or
add to it’s functionality.
*No* I am not in SRAM space from windbg. I am seeing this when the out
instruciton is being generated, I assume that the IP of the out will be that
seem in SMI handler by BIOS. now, that is what we do not see, I see some
other memory address being pointed to by the ITP EIP. However, when we
manipulate the ITP EIP to point to what Windbg was pointing t, I can see my
code there, which makes me wonder whether there is another layer which
windbg is unaware of lying b/w the hardweare and os (HAL in this case).
we are using Intel’s ITP and we have CRBs with us.
do let me know if you need any other info…
On Mon, Nov 23, 2009 at 11:49 AM, wrote:
> I’m not sure that I understand what you’re doing or trying to do.
>
> It sounds like what you’re saying is that windbg doesn’t report the same
> information as your JTAG emulator in response to an SMI. The thing is,
> unless you’ve done some reprogramming of your MCH, windbg shouldn’t even be
> able to see SMRAM; further what windbg does in response to an SMI, I really
> don’t recall.
>
> Even assuming that all of this works, windbg knows about virtual address;
> SMI doesn’t (as far as the initial IP goes).
>
> Let’s back up:
>
> 1. What model of JTAG emulator are you using? (Arium ECM-50, ECM-XDP,
> other?)
>
> 2. Are you sure that you are using an ITP socket; could it be an XDP
> socket?
>
> 3. Why do you need to use both debuggers? I mean, I know why you want to
> use windbg when you can, but why in response to an SMI?
>
> 4. What are you expecting to see?
>
> 5. What is the general nature of your project? What you’re trying to do
> is very much out of the ordinary as far as windbg goes, so I’m trying to
> understand why you need to get this working together.
>
> 6. What’s your target os?
>
> 7. What’s your target chipset?
>
>
> What are you trying to accomplish?
>
>
> mm
>
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
–
- amitr0
Do you mean that the address reported by the hardware debugger as EIP in the saved state != the out instruction that I guess you’re using to trigger an SMI via chipset specific functionality?
mm
yes, the eip in windbg is the ret statement right after out instrucion in
the HAL routine to write a byte to a port, where as the one in ITP is
completely different…
On Mon, Nov 23, 2009 at 5:16 PM, wrote:
> Do you mean that the address reported by the hardware debugger as EIP in
> the saved state != the out instruction that I guess you’re using to trigger
> an SMI via chipset specific functionality?
>
> mm
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
–
- amitr0
Give me an example of the values of each (ret after out v. SMRAM.EIP).
mm
oops, w ehave a dearth of ITPs here, someone else is using it, i will update
this thread once i grab the device again 
On Mon, Nov 23, 2009 at 5:34 PM, wrote:
> Give me an example of the values of each (ret after out v. SMRAM.EIP).
>
>
> mm
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
–
- amitr0
amitr0 wrote:
yes, the eip in windbg is the ret statement right after out instrucion
in the HAL routine to write a byte to a port, where as the one in ITP
is completely different…
Are the low-order 12 bits the same? Martin previously said the ITP
works in physical addresses. Windbg, of course, works in virtual
addresses. Are you simply ignoring the physical/virtual difference?
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
i thought of this tim, but then just adjusting ITP’s EIP to the windbg EIP y
copy pasting wouldn’t have worked, as windbg’s one would have been a virt
one and ITP would be a physical one…
BTW, i dont think the reg values would be virtual in windbg, how can one
have virtual EIP, ESP values, there is ONE register for each after all,
right? Unless windows virtualizes the regs also…
On Mon, Nov 23, 2009 at 11:26 PM, Tim Roberts wrote:
> amitr0 wrote:
> > yes, the eip in windbg is the ret statement right after out instrucion
> > in the HAL routine to write a byte to a port, where as the one in ITP
> > is completely different…
>
> Are the low-order 12 bits the same? Martin previously said the ITP
> works in physical addresses. Windbg, of course, works in virtual
> addresses. Are you simply ignoring the physical/virtual difference?
>
> –
> Tim Roberts, xxxxx@probo.com
> Providenza & Boekelheide, Inc.
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
–
- amitr0
BTW, i dont think the reg values would be virtual in windbg, how can one
have virtual EIP, ESP values, there is ONE register for each after all,
right? Unless windows virtualizes the regs also…
Either I’m missing something, or you are; you mentioned ‘virtualizing’ several times, and I think your missing how SMM works.
mm
hi martin,
what i meant was i *thnk* that win7’s built in hypervisor might be causing
issues…
On Tue, Nov 24, 2009 at 1:08 PM, wrote:
> BTW, i dont think the reg values would be virtual in windbg, how can one
> have virtual EIP, ESP values, there is ONE register for each after all,
> right? Unless windows virtualizes the regs also…
>
> Either I’m missing something, or you are; you mentioned ‘virtualizing’
> several times, and I think your missing how SMM works.
>
> mm
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
–
- amitr0
amitr0 wrote:
i thought of this tim, but then just adjusting ITP’s EIP to the windbg
EIP y copy pasting wouldn’t have worked, as windbg’s one would have
been a virt one and ITP would be a physical one…BTW, i dont think the reg values would be virtual in windbg, how can
one have virtual EIP, ESP values, there is ONE register for each after
all, right? Unless windows virtualizes the regs also…
We’re talking about virtual memory here. That is, virtual addresses vs
physical addresses. Page tables. That’s entirely different from
virtualization in the Hypervisor sense. I assume you understand the
difference between virtual addresses and physical addresses, but if you
don’t, ask and we’ll explain.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
Let’s clear this one up for the archives. Win7 doesn’t have a built-in
hypervisor. Server 2008 and later have a hypervisor which you can
optionally install. It’s not part of any existing client release.
–
Jake Oshins
Hyper-V I/O Architect
Windows Kernel Group
This post implies no warranties and confers no rights.
“amitr0” wrote in message news:xxxxx@ntdev…
hi martin,
what i meant was i thnk that win7’s built in hypervisor might be causing
issues…
On Tue, Nov 24, 2009 at 1:08 PM, wrote:
BTW, i dont think the reg values would be virtual in windbg, how can one
have virtual EIP, ESP values, there is ONE register for each after all,
right? Unless windows virtualizes the regs also…
Either I’m missing something, or you are; you mentioned ‘virtualizing’
several times, and I think your missing how SMM works.
mm
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
–
- amitr0
ok jake, others,
thanks for eliminating some possibilities. I got this spurious info from a
friend who told me that win7 ultimate has a built inhypervisor. I stand
corrected.
So with Hypervisors out of the way, we are left with only virtual addresses.
so my question would be, do we see virtual addresses for control registers
(eip etc) in windbg? if so, then there definitely will be a layer below
windbg to change them back to phys addresses. so if that is the case, ITP
which sees phy addresses only wil ldiffer from windbg.
amit
On Wed, Nov 25, 2009 at 9:34 AM, Jake Oshins wrote:
> Let’s clear this one up for the archives. Win7 doesn’t have a built-in
> hypervisor. Server 2008 and later have a hypervisor which you can
> optionally install. It’s not part of any existing client release.
>
>
> –
> Jake Oshins
> Hyper-V I/O Architect
> Windows Kernel Group
>
> This post implies no warranties and confers no rights.
>
> --------------------------------------------------------------
>
> “amitr0” wrote in message news:xxxxx@ntdev…
>
> hi martin,
>
> what i meant was i thnk that win7’s built in hypervisor might be causing
> issues…
>
>
>
>
> On Tue, Nov 24, 2009 at 1:08 PM, wrote:
>
> BTW, i dont think the reg values would be virtual in windbg, how can one
> have virtual EIP, ESP values, there is ONE register for each after all,
> right? Unless windows virtualizes the regs also…
>
>
> Either I’m missing something, or you are; you mentioned ‘virtualizing’
> several times, and I think your missing how SMM works.
>
> mm
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
>
>
>
> –
>
> - amitr0
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
–
- amitr0
>> do we see virtual addresses for control registers (eip etc) in windbg?
I have not read the original post but based on last discussion between you and Mr Tim, the answer is Yes. we always see virtual addresses in EIP ESP. Even if virtual memory is turned off.
>if so, then there definitely will be a layer below windbg to change them back to phys addresses.
No layer actually, CPU always assumes an address as virtual and convert it to physical(using page table), so if you present the CPU with a physical address it will go and try converting that which will lead to something unusual.
fair enough aditya, the os makes use of the address virtualization
capabilities ofthe intel hardware. i also agree that ITP always gives you
the phys mem and uses phy mem in all it’s commands.
but then, I would assume that if I forced ITP to point to the virtual EIP
where Windbg is pointing to, it will assume it to be phys mem and point to a
completely junk location.
But this doesnt happen, when we force ITP to point to the EIP pinted by
windbg, it actually shows me my code…
On Wed, Nov 25, 2009 at 11:36 AM, wrote:
> >> do we see virtual addresses for control registers (eip etc) in windbg?
>
> I have not read the original post but based on last discussion between you
> and Mr Tim, the answer is Yes. we always see virtual addresses in EIP ESP.
> Even if virtual memory is turned off.
>
> >>if so, then there definitely will be a layer below windbg to change them
> back to phys addresses.
>
> No layer actually, CPU always assumes an address as virtual and convert it
> to physical(using page table), so if you present the CPU with a physical
> address it will go and try converting that which will lead to something
> unusual.
>
>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
–
- amitr0
I don’t know about ITP at all, I was just asserting that windbg surly uses virtual addresses.
>but then, I would assume that if I forced ITP to point to the virtual EIP where Windbg is pointing to, it will assume it to be phys mem and point to a completely junk location.
Either I am totally out of context or its time to take paid vacation.
Based on my understanding EIP is specific to processor, and its processor; which will execute the instruction pointed by EIP register, and as we discussed processor will always treat this as a virtual address. So be it any debugger, processor (obviously intel architecture) will treat it as virtual. isn’t it?