HyperPlatform
HyperPlatform copied to clipboard
Published
20 hours ago •
tandasat
tandasat
Access violation - code c0000005
2: kd> g
22:34:38.582 DBG #2 4 8920 System Log thread started (TID= 00000000000022D8).
22:34:50.316 INF #0 4 572 System Log has been initialized.
22:34:50.316 DBG #2 4 572 System Info= FFFFF805BB36C090, Buffer= FFFF9E0C2E302000 FFFF9E0C2E334000, File= \SystemRoot\HyperPlatform.log
22:34:50.316 DBG #2 4 572 System Found a hard coded PTE_BASE at fffff803635ca382
22:34:50.316 DBG #2 4 572 System PXE at ffff81c0e0703000, PPE at ffff81c0e0600000, PDE at ffff81c0c0000000, PTE at ffff818000000000
22:34:50.316 DBG #2 4 572 System Physical Memory Range: 0000000000002000 - 00000000000a0000
22:34:50.316 DBG #2 4 572 System Physical Memory Range: 0000000000100000 - 000000000db83000
22:34:50.316 DBG #2 4 572 System Physical Memory Range: 000000000db84000 - 000000000eaf0000
22:34:50.316 DBG #2 4 572 System Physical Memory Range: 000000000eb18000 - 000000000fb6f000
22:34:50.316 DBG #2 4 572 System Physical Memory Range: 000000000fbff000 - 00000000c0000000
22:34:50.316 DBG #2 4 572 System Physical Memory Range: 0000000100000000 - 0000000180000000
22:34:50.316 DBG #2 4 572 System Physical Memory Total: 5241748 KB
22:34:50.316 DBG #2 4 572 System shared_data = FFFF9E0C29CD9720
22:34:50.316 DBG #2 4 572 System MTRR Default=0, VariableCount=8, FixedSupported=1, FixedEnabled=1
22:34:50.316 INF #0 4 572 System Initializing VMX for the processor 0.
Access violation - code c0000005 (!!! second chance !!!)
HyperPlatform!EptpConstructTables+0x13f:
fffff805`bb36197f 48833800 cmp qword ptr [rax],0
0: kd> g
Access violation - code c0000005 (!!! second chance !!!)
HyperPlatform!EptpConstructTables+0x13f:
fffff805`bb36197f 48833800 cmp qword ptr [rax],0
0: kd> g
Access violation - code c0000005 (!!! second chance !!!)
HyperPlatform!EptpConstructTables+0x13f:
fffff805`bb36197f 48833800 cmp qword ptr [rax],0
0: kd> kv
# Child-SP RetAddr : Args to Child : Call Site
00 ffff998a`74189c90 fffff805`bb36194d : 00000000`00000000 ffff81c0`00000003 00000000`00002000 00000000`00000000 : HyperPlatform!EptpConstructTables+0x13f [D:\code\Windows\vt\HyperPlatform\HyperPlatform\ept.cpp @ 511]
01 ffff998a`74189d30 fffff805`bb37627f : ffff9e0c`2ce7c000 00000000`00000004 00000000`00002000 00000000`00000000 : HyperPlatform!EptpConstructTables+0x10d [D:\code\Windows\vt\HyperPlatform\HyperPlatform\ept.cpp @ 503]
02 ffff998a`74189dd0 fffff805`bb378612 : 00000000`00000200 00000000`00000028 00000000`50707948 00000000`00000000 : HyperPlatform!EptInitialization+0x20f [D:\code\Windows\vt\HyperPlatform\HyperPlatform\ept.cpp @ 435]
03 ffff998a`74189e80 fffff805`bb361033 : ffff998a`74189f20 fffff805`bb361057 ffff9e0c`29cd9720 00000000`00000000 : HyperPlatform!VmpInitializeVm+0xa2 [D:\code\Windows\vt\HyperPlatform\HyperPlatform\vm.cpp @ 379]
04 ffff998a`74189f00 ffff998a`74189f20 : fffff805`bb361057 ffff9e0c`29cd9720 00000000`00000000 ffffe18f`017a51d0 : HyperPlatform!AsmInitializeVm+0x33 [D:\code\Windows\vt\HyperPlatform\HyperPlatform\Arch\x64\x64.asm @ 114]
05 ffff998a`74189f08 fffff805`bb361057 : ffff9e0c`29cd9720 00000000`00000000 ffffe18f`017a51d0 ffff9e0c`2e60ee30 : 0xffff998a`74189f20
06 ffff998a`74189f10 ffff9e0c`29cd9720 : 00000000`00000000 ffffe18f`017a51d0 ffff9e0c`2e60ee30 00000000`00000002 : HyperPlatform!AsmInitializeVm+0x57 [D:\code\Windows\vt\HyperPlatform\HyperPlatform\Arch\x64\x64.asm @ 124]
07 ffff998a`74189f18 00000000`00000000 : ffffe18f`017a51d0 ffff9e0c`2e60ee30 00000000`00000002 ffffffff`80002f44 : 0xffff9e0c`29cd9720
0: kd> vertarget
Windows 10 Kernel Version 22621 MP (4 procs) Free x64
Built by: 22621.1.amd64fre.ni_release.220506-1250
Machine Name:
Kernel base = 0xfffff803`6321a000 PsLoadedModuleList = 0xfffff803`63e2d4f0
Debug session time: Tue Jan 21 22:34:50.316 2025 (UTC + 8:00)
System Uptime: 0 days 0:01:13.898
0: kd> lmvm HyperPlatform
Browse full module list
start end module name
fffff805`bb360000 fffff805`bb37e000 HyperPlatform (private pdb symbols) D:\code\Windows\vt\HyperPlatform\x64\Debug\HyperPlatform.pdb
Loaded symbol image file: HyperPlatform.sys
Image path: HyperPlatform.sys
Image name: HyperPlatform.sys
Browse all global symbols functions data
Timestamp: Tue Jan 21 22:31:35 2025 (678FAFC7)
CheckSum: 00019276
ImageSize: 0001E000
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
Information from resource tables:
this is the code(I didn't modify a single byte of the code):
case 3: {
// table == PDPT (1 GB)
const auto ppe_index = EptpAddressToPpeIndex(physical_address);
const auto ept_pdpt_entry = &table[ppe_index];
if (!ept_pdpt_entry->all) {
const auto ept_pdt = EptpAllocateEptEntry(ept_data);
if (!ept_pdt) {
return nullptr;
}
EptpInitTableEntry(ept_pdpt_entry, table_level, UtilPaFromVa(ept_pdt));
}
return EptpConstructTables(static_cast<EptCommonEntry *>(
UtilVaFromPfn(ept_pdpt_entry->fields.physial_address)),
table_level - 1, physical_address, ept_data);
}
0: kd> !cpuinfo
CP F/M/S Manufacturer MHz PRCB Signature MSR 8B Signature Features
0 6,140,1 GenuineIntel 2803 0000008600000000 >0000008600000000<3d1b3dff
1 6,140,1 GenuineIntel 2803 0000008600000000 3d1b3dff
2 6,140,1 GenuineIntel 2803 0000008600000000 3d1b3dff
3 6,140,1 GenuineIntel 2803 0000008600000000 3d1b3dff
Cached Update Signature 0000008600000000
Initial Update Signature 0000008600000000