I've tried to avoid bugging you guys with simple stuff but your
the best source on SoftIce problems I know of.

I'm trying to debug a program I'm writing using SI. I'm writing in C++
using Borland on an AMD with SP1. I've had this problem
everytime time I single step through kernel32 to Nt. I get about
two steps in from "Enter System" and I crash. This particular
time I am trying to find why I crash doing a ReadFile to fill
BITMAPFILEINFO struct but I've seen this on other programs I've
single stepped through also. If I "G" straight through, I don't
crash.

I did a search first before writing this thread using "Enter System"
and "Crash on SoftIce Enter System" but come up blank. I feel sure this
is an old SI problem others have had but I can't think of other
items to search on.

If I'm crashing because I'm entering ring 0, why don't I also
crash when I blast through?

why are you using softice instead of ollydbg? the latter is much easier to learn and use for most people.

You should have tried "sysenter"...

http://www.woodmann.com/forum/showthread.php?t=7750

http://www.woodmann.com/forum/showthread.php?t=6275

http://www.woodmann.com/forum/showthread.php?t=8731

http://www.woodmann.com/forum/showthread.php?t=6208

http://www.exetools.com/forum/showthread.php?p=22708


And disavowed, using Softice or OllyDbg has nothing to do with it...

To answer the first question. I worked hard to get SoftIce up and running and I like it.

I solved my problem in my program using PEBrowse Dbg which allowed me to step through. I was trying to load a pointer with an address of "nada". That doesn't work well.

Finally, Thanks for the threads. I'll read each one right now.

hmm if I remember correctly I had same problem on XP without SP, softice used to crash system exactly a few instruction after sysenter at the point when r0.esp is read from KPCR and stored in esp, never was curious to figure what was the problem as SP2 solved the problem.

i didn't mean to imply that the problem was softice-specific. i just try to discourage new people from trying learn softice instead of ollydbg and/or windbg.

You can learn sice anyway and then switch to syser...
------------
mmmh.... just reinstalled sice and it freezes huff...

latest ds 3.2 patches?

Anyhow, softice learning is worth, it helps new driver developers to learn driver writing much faster, instead of using vmware and windbg...

I have a clean DS 3.1 installation on my WinXP Pro SP1 box, this setup works best for me



Remember to do a "Display detect" and then a "Test" while in the configuration. If i don't do this it freezes for me aswell :s

JW.

Yes i did, and test goes ok... I dont wanna run in the madness again...

olly+advanced olly and few plugs does an excellent job anyway (all the times i right-click i find everything i could need). bah, i'll wait syser 2.0...