Changes between Initial Version and Version 1 of Ticket #10259, comment 2


Ignore:
Timestamp:
Nov 27, 2013, 8:03:17 PM (11 years ago)
Author:
ttcoder

Legend:

Unmodified
Added
Removed
Modified

  • Ticket #10259, comment 2

    initial v1  
    44(I'm new at this so don't hesitate to criticize/advise/tell me I'm all wrong in the following analysis)
    55
    6 - the faulty address 0x54202d40 seems to come from register ecx plus an offset of 0x20, so I thought about looking at asm to know where that value comes from; luckily enough "dis" exists and seems to be pre-configured with the current ip address by default.
     6- the faulty address {{{0x54202d40}}} seems to come from register ecx plus an offset of 0x20, so I thought about looking at asm to know where that value comes from; luckily enough "dis" exists and seems to be pre-configured with the current ip address by default.
    77- I ran it on an address a few bytes before (the attached screenshot is a cleaned-up session done once I had all my ducks in a row) to get the full context:
    8 - the mov 0x20(ecx) triggers a kernel crash because ecx=0x54202d20
    9 - ecx=0x54202d20 because of mov(edx), ecx a few lines up, and edx == 0xdf077900, which uses the string "The Wanderer" (that's the title of the audio CD I'm trying to rip!) at that address.
     8- the {{{mov 0x20(ecx), eax}}} at ip {{{0x800d3e24}}}  triggers a panic because ecx=={{{0x54202d20}}}
     9- ecx was affected that a little higher up by the line {{{mov(edx), ecx}}}, and edx == {{{0xdf077900}}}, which uses the string "The Wanderer" (that's the title of the audio CD I'm trying to rip!) at that address.
     10- as to edx itself, it was affected by the line {{{mov 0x10(esi), edx}}}, and esi == {{{0xdf07c2c0}}}
    1011
    1112Any of the above helps pinpoint the problem ?
     
    2122
    2223
     24EDIT: improved KDL log to make more sense.