[Qemu-devel] Re: Something is probably wrong with "int 3"

["Alexander E. Patrakov" <patrakov@ums.usu.ru>]

Johannes Schindelin wrote:

> Hi,
> 
> On Tue, 4 Jan 2005, Alexander E. Patrakov wrote:
> 
>> Andr? Braga wrote:
>>
>> > On Tue, 04 Jan 2005 18:09:32 +0500, Alexander E. Patrakov
>> > <patrakov@ums.usu.ru> wrote:
>> >> clearly state that the fault is at the "int 3" instruction, not at
>> >> "ret". Can anyone explain this difference? Is this a bug in qemu?
> 
> That is quite normal. As int 3 is already executed when the pop up is
> triggered, the program counter in that frame points to the next insn.

I will nevertheless check that by means of writing and executing a test
program.

>> Look at the crash dump - the DbgBreakPoint() is called from
>> kernel32!SetThreadExecutionState, i.e. from deep inside the Windows
>> kernel.
> 
> If DbgBreakPoint() is called, this normally means that a DebugAssertion
> was called, which is not fulfilled.
> 
> Can you inspect what's going on in SetThreadExecutionState before the
> INT 3 (I mean disassemble it and tell us what Windows is trying to do)?
> This should help understand the problem.

I tried to do that and failed.

The instruction just before the return address from DbgBreakPoint is: "call
[ebp+08]" with a "mov ebp, esp" some lines above, so I have to hunt down
how did the address of DbgBreakPoint make onto the stack. However, all
references to DbgBreakPoint in kernel32.dll are (as far as W32Dasm 8.93 can
tell) of the form "call DbgBreakPoint", not "mov" or "lea". So I have to
investigate some other DLL. Since in VMware a dialog sonfirming my
intention to send possibly confidential information appears instead of the
Firefox crash, I suppose that user32.dll or gdi32.dll is relevant.

-- 
Alexander E. Patrakov