How To Find the Trap Frame If It Is Corrupt

 Last reviewed: March 2, 1998
Article ID: Q159672
The information in this article applies to:
  • Microsoft Windows NT Workstation versions 3.5, 3.51, and 4.0
  • Microsoft Windows NT Server versions 3.5, 3.51, and 4.0

SUMMARY

If the trap frame is corrupt or cannot be found when completing a debugging session, use the method detailed below to determine its location.

MORE INFORMATION

Dump the first ChildEBp’s address on the stack using the dd command. Continue to dump until you see two 23's back-to-back. After you run into this line of the dump, subtract x30 from the address at the beginning of that line and run a !trap against the results.

For example:

KD> kb 

FramePtr  RetAddr   Param1   Param2   Param3   Function Name
fdfa4d3c 80121022 00000000 00000000 00000000 NT!KiTrap0E+0x252

KDx86> dd fdfa4d3c 0xFDFA4D3C fef26ba8 fbde3200 00000000 00000000 .k...2.......... 0xFDFA4D4C 00000000 00104601 fdfa4d80 80104655 .....F...M..UF.. 0xFDFA4D5C fef26ba8 fef26c08 fef26ba8 fbde3260 .k...l...k..`2.. 0xFDFA4D6C 00000000 00000023 00000023 00000400 ....#...#.......

Sequence of 00000000 00000023 00000023 starts at 0xFDFA4D6C.

KD> !trap FDFA4D3C eax=00326b08 ebx=00022500 ecx=e18f6dc0 edx=00000400 esi=00000000 edi=004f2118 

eip=80121022 esp=fdfa4db0 ebp=fdfa4dfc iopl=0         nv up ei pl nz na po
cy
vip=0    vif=0
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010207 ErrCode = 00000000

NOTE: Another way of getting the trap frame is to do a dump on EBP-30 and dump from this address until you get to the sequence of 00000023 00000023. From this point on its just like the first example.

Additional query words: debugref
Keywords : NTSrvWkst
Version : WinNT:3.5,3.51,4.0
Platform : winnt
Issue type : kbinfo

THE INFORMATION PROVIDED IN THE MICROSOFT KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. MICROSOFT DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL MICROSOFT CORPORATION OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES, EVEN IF MICROSOFT CORPORATION OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.

Last reviewed: March 2, 1998
© 1998 Microsoft Corporation. All rights reserved. Terms of Use.