2017-12-12 00:08 CET

View Issue Details Jump to Notes ]
IDProjectCategoryView StatusLast Update
0000173Cheat Enginepublic2012-07-09 01:06
Reporterbugreporter 
Assigned To 
PrioritynormalSeveritycrashReproducibilityalways
StatusacknowledgedResolutionopen 
Summary0000173: [Windows 7 / 64bit / KernelModeDBG / BSOD]
DescriptionI tried to use kernel mode debugging mode on Windows 7 64-Bit.
I checked VT feature in the BIOS and turned on "using unsigned driver."
After that, I tried to reversing with kernel mode with ""Find out what writes to this address."
However, when I check this, always BSOD happens.
Additional InformationOS: Windows 7 (64 bit)
CE Version: Cheat Engine 6.2 (install / binary both)

CE Mode: 32bit & 64bit both
DBG mode: Kernel Mode
VT: on
Unsigned Driver: on (when this option was turned off, then this symptom didn't happen, but just gave error message "turn on unsigned driver mode.")


Virus Vaccine: None

Intel U7600 @ 1.2GHz
Mobile Intel 965 Express Chipset Family
TagsNo tags attached.
Attached Files

-Relationships
+Relationships

-Notes

~0000349

Dark Byte (developer)

What is the BSOD message/code ?

~0000351

bugreporter (reporter)

Last edited: 2012-07-04 14:10

It was 0x3b with dbk64.sys.

~0000352

Dark Byte (developer)

Hmm, that means unhandled exception
Try the following:
Go to the about screen and click on the line "your system supports dbvm"
Then wait a minute or two and see if it bsod's

also try http://cheatengine.org/temp/CheatEngine62.exe
That one doesn't require you to boot into unsigned mode

~0000354

bugreporter (reporter)

Last edited: 2012-07-05 21:29

Additional Info.
1. Running the program on administrator privilege.
2. Even I attached on Chrome and clicked "Find out what writes to this address", my screen showed BSOD.
3. I turned on Use global Debug routines. Other things were default.

The message is "Your system is running DBVM version 7."


I will try your temp CE62 and report the result.
Result: It works perfectly! BSOD gone.

I will test it works properly.
Result: Everything was perfect.


What was wrong?

~0000355

Dark Byte (developer)

Last edited: 2012-07-05 22:49

Weird, perhaps it's the order you are doing things. Or you previously installed ce 6.2 while the driver of 6.1 was still loaded.

Try rebooting your system and don't click on the "your system supports dbvm" but debug directly.

Also, remember installing ce wipes it's settings, so check that kernelmode debugging is on at the time you start debugging

And if it bsod's, upload a memory dump (kernelmode should suffice)

~0000356

bugreporter (reporter)

Last edited: 2012-07-06 02:42

Hm... weird.. I have no CE 6.1...
BSOD occurred again.
About 2 hours, I had debugged a game, but suddenly BSOD occured.

---
Event Name: BlueScreen
OS Version: 6.1.7601.2.1.0.256.1
Locale ID: 1042

BCCode: 3b
BCP1: 0000000080000004
BCP2: FFFFF88002DD21DE
BCP3: FFFFF8800327DD90
BCP4: 0000000000000000
OS Version: 6_1_7601
Service Pack: 1_0
Product: 256_1
---


I unloaded dbk driver and load again through about.
Yeah, it had worked properly about 5 mins, after that, windows was freezing.

I will run sfc /scannow.

~0000357

Dark Byte (developer)

Just upload the dump file, it contains the location of the crash that I can use to lookup the sourcecode line that causes it

~0000358

bugreporter (reporter)

I uploaded those files!
Thx!

~0000359

Dark Byte (developer)

Last edited: 2012-07-06 15:02

Ok, I see where the exception happens, but not sure why. (touch debugregister)
Did your system go into standby/suspend mode for any reason ? (That unloads dbvm)

~0000360

bugreporter (reporter)

No. My system never turn into stanby or suspend mode.

Ah... Your temp CE 6.2 occur windows freezing and never work again, but original CE 6.2 occur BSOD.

~0000361

bugreporter (reporter)

070712-54600-01.dmp / Original CE 6.2 with "without driver signing option" / no freezing just BSOD

~0000362

Dark Byte (developer)

Last edited: 2012-07-08 03:07

Don't use the original 6.2
I don't have the source for that specific build so can't see what it does.
Only test with the one in the /temp folder (although this dump you posted seems to be the one from the /temp version)

Also, to keep windows the most stable, launch dbvm using the about screen when there's nothing else running and then restart ce. (unloading shouldn't be needed)

~0000363

bugreporter (reporter)

Last edited: 2012-07-09 01:07

In temp 6.2, BSOD occured after I ran "sfc /scannow."
I didn't click DBK LOAD in about menu.

If I click DBK LOAD in about menu, then BSOD doesn't occur.
However, freezing occurs... so there is no BSOD, no debugging message...
Just I should push the power button. Totally freezing.


I tested this after I had turned off every service.

+Notes

-Issue History
Date Modified Username Field Change
2012-07-03 16:51 bugreporter New Issue
2012-07-04 02:18 Dark Byte Note Added: 0000349
2012-07-04 02:18 Dark Byte Status new => acknowledged
2012-07-04 14:00 bugreporter Note Added: 0000351
2012-07-04 14:09 bugreporter Note Edited: 0000351
2012-07-04 14:10 bugreporter Note Edited: 0000351
2012-07-04 19:20 Dark Byte Note Added: 0000352
2012-07-05 21:16 bugreporter Note Added: 0000354
2012-07-05 21:18 bugreporter Note Edited: 0000354
2012-07-05 21:20 bugreporter Note Edited: 0000354
2012-07-05 21:21 bugreporter Note Edited: 0000354
2012-07-05 21:29 bugreporter Note Edited: 0000354
2012-07-05 22:48 Dark Byte Note Added: 0000355
2012-07-05 22:49 Dark Byte Note Edited: 0000355
2012-07-06 02:12 bugreporter Note Added: 0000356
2012-07-06 02:41 bugreporter Note Edited: 0000356
2012-07-06 02:42 bugreporter Note Edited: 0000356
2012-07-06 02:53 Dark Byte Note Added: 0000357
2012-07-06 04:48 bugreporter File Added: 070612-30966-01.dmp
2012-07-06 04:48 bugreporter File Added: 070612-34694-01.dmp
2012-07-06 04:49 bugreporter File Added: 070612-36800-01.dmp
2012-07-06 05:31 bugreporter Note Added: 0000358
2012-07-06 15:01 Dark Byte Note Added: 0000359
2012-07-06 15:02 Dark Byte Note Edited: 0000359
2012-07-06 16:08 bugreporter Note Added: 0000360
2012-07-07 23:33 bugreporter File Added: 070712-54600-01.dmp
2012-07-07 23:35 bugreporter Note Added: 0000361
2012-07-08 02:00 Dark Byte Note Added: 0000362
2012-07-08 02:02 Dark Byte Note Edited: 0000362
2012-07-08 03:07 Dark Byte Note Edited: 0000362
2012-07-09 01:06 bugreporter Note Added: 0000363
2012-07-09 01:07 bugreporter Note Edited: 0000363
+Issue History