Setting a write breakpoint from a driver

I have a Windows 2000 driver that is experiencing corruption in a buffer
that is dynamically allocated during a run. It does not always happen,
but I have isolated a case where a single allocation will sometimes fail,
versus the original scenario where many were allocated and one would
sometimes fail. If I could set a hardware “write breakpoint” from the
driver director for the location in this buffer, I could immediately find
where this was happening. Is there a known safe way of doing this?

WinDbg’s “ba w4” command.

----- Original Message -----
From: “AR”
To: “NT Developers Interest List”
Sent: Thursday, April 24, 2003 8:03 PM
Subject: [ntdev] Setting a write breakpoint from a driver

> I have a Windows 2000 driver that is experiencing corruption in a
buffer
> that is dynamically allocated during a run. It does not always
happen,
> but I have isolated a case where a single allocation will sometimes
fail,
> versus the original scenario where many were allocated and one would
> sometimes fail. If I could set a hardware “write breakpoint” from
the
> driver director for the location in this buffer, I could immediately
find
> where this was happening. Is there a known safe way of doing this?
>
> —
> You are currently subscribed to ntdev as: xxxxx@storagecraft.com
> To unsubscribe send a blank email to
xxxxx@lists.osr.com

I need to do this programmatically, from the driver directly, rather than
from the debugger. It only happens every several thousand allocations,
and doing it manually would be slow and error prone. Thanks.

WinDbg’s “ba w4” command.

This works for me (thanks Neil!):

void SetDataBreak(void *pData) {
_asm {
mov eax, pData // load bp address
mov dr0, eax
mov eax, dr7 // read debug control info
and eax, 0xfff0fffc // mask our dr0 info
or eax, 0x000d0002 // mask in dr0 as global break, len 4
mov dr7, eax // load debug control info
}
}

void ClearDataBreak() {
_asm {
mov eax, dr7
and eax, 0xfff0fffc
mov dr7, eax
}
}

This is hardcoded to use DR0 so make sure you don’t set any breakpoints with
windbg (which will also try to use DR0).

/simgr

-----Original Message-----
From: AR [mailto:xxxxx@yahoo.com]
Sent: Thursday, April 24, 2003 1:37 PM
To: NT Developers Interest List

I need to do this programmatically, from the driver directly, rather than
from the debugger. It only happens every several thousand allocations,
and doing it manually would be slow and error prone. Thanks.

WinDbg’s “ba w4” command.


You are currently subscribed to ntdev as: xxxxx@stratus.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Can you use DbgBreakPoint() for this?

Regards,
Tri

-----Original Message-----
From: AR [mailto:xxxxx@yahoo.com]
Sent: Thursday, April 24, 2003 1:37 PM
To: NT Developers Interest List
Subject: [ntdev] Re: Setting a write breakpoint from a driver

I need to do this programmatically, from the driver directly, rather than
from the debugger. It only happens every several thousand allocations,
and doing it manually would be slow and error prone. Thanks.

WinDbg’s “ba w4” command.


You are currently subscribed to ntdev as: xxxxx@unisys.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

Thank you very much. This worked perfectly for me, and I was able to nail
the problem once I put this in place.

This works for me (thanks Neil!):

void SetDataBreak(void *pData) {
_asm {
mov eax, pData // load bp address
mov dr0, eax
mov eax, dr7 // read debug control info
and eax, 0xfff0fffc // mask our dr0 info
or eax, 0x000d0002 // mask in dr0 as global break, len 4
mov dr7, eax // load debug control info
}
}

void ClearDataBreak() {
_asm {
mov eax, dr7
and eax, 0xfff0fffc
mov dr7, eax
}
}

This is hardcoded to use DR0 so make sure you don’t set any breakpoints with
windbg (which will also try to use DR0).

/simgr