Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results

Before Posting...

Please check out the Community Guidelines in the Announcements and Administration Category.

More Info on Driver Writing and Debugging


The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.


Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/


how to WinDbg in NT 3.51

bytemoonbytemoon Member Posts: 7

Hello dear friends! I ask you to help me resolve the issue.
I encountered problems when debugging the NT 3.51 workstation kernel, namely, I just can’t connect with the WinDbg debugger (I tried i386kd and the result was the same) to the target.
To connect host and target (for a debug session) I use a null modem cable.
For debugging I use a real old PC and laptop, I install version NT 3.51 build 782, but when I try to connect to the target, it stops, and I get the following in the Windbg window:
KD version has unknown processor architecture
or
freeze lock
and nothing more can be done except forcefully reload the target...
I would like to ask you, how possible is it to debug the NT 3.51 kernel and do you have a manual?
Thank you in advance for your help!

Comments

  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,832

    What version of WinDbg are you trying to connect to this Model T antique? Remember that NT 3.51 was released more than a quarter of a century ago. You may need to find a 20th Century copy of the DDK in order to get a WinDbg that is compatible.

    Tim Roberts, [email protected]
    Software Wizard Emeritus

  • bytemoonbytemoon Member Posts: 7

    Thanks Tim, I tried WinDbg Preview, WinDbg 6.0, WinDbg 4.0, WinDbg 3.51 (from DDK NT 3.51) and the result is no different...

  • bytemoonbytemoon Member Posts: 7

    Also I can't find a complete guide for debugging NT 3.51 systems, do such guides (or books) exist?

  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,832

    How are you connecting? NT 3.51 only did serial debugging. Do you have a crossover serial cable or a LapLink cable?

    Tim Roberts, [email protected]
    Software Wizard Emeritus

  • bytemoonbytemoon Member Posts: 7

    Hello Tim, yes I have the required cable, for the connection I use a cable with com ports (null modem), speed 19200 (host and target).
    I tried Daytona 782 and 1057 workstation builds.
    The target stops when I press "break" in WinDbg, but in neither case can I step through debugging and use the debugger's capabilities.
    Here is an example log from WinDbg (target NT 3.51 build 1057):

    **Opened \.\COM1

    Microsoft (R) Windows Kernel Debugger Version 4.0.0011.0
    Copyright (c) Microsoft Corporation. All rights reserved.

    Waiting to reconnect...
    FreezeLock was jammed! Backup SpinLock was used!
    Port lock was not acquired!

    *** Assertion failed: AdditionalData->Length == 0
    *** Source File: D:\nt\private\ntos\kd\up..\i386\kdcpuapi.c, line 637

    FreezeLock was jammed! Backup SpinLock was used!
    Port lock was not acquired!
    Break, Ignore, Terminate Process or Terminate Thread (bipt)? **

  • bytemoonbytemoon Member Posts: 7

    I tried WinDbg and the NT 1057 build as host and got this result (WinDbg log):

    Symbol search path is: f:\nt\private
    WARNING: f:\nt\private is not accessible
    WARNING: f:\nt\private is not accessible
    WARNING: f:\nt\private\ntos is not accessible
    WARNING: f:\nt\private\ntos\init\up\obj\i386\ntoskrnl.exe is not accessible
    Opened \.\com1

    Microsoft (R) Windows Kernel Debugger Version 4.0.0011.0
    Copyright (c) Microsoft Corporation. All rights reserved.

    Waiting to reconnect...
    Unable to read selector for PCR for processor 0
    Loaded dbghelp extension DLL
    Loaded ext extension DLL
    Loaded kext extension DLL
    Loaded kdextx86 extension DLL
    Symbol search path is: f:\nt\private\ntos\init\up\obj\i386;f:\nt\private\ntos
    WARNING: f:\nt\private\ntos\init\up\obj\i386 is not accessible
    WARNING: f:\nt\private\ntos is not accessible
    WARNING: f:\nt\private\ntos\init\up\obj\i386 is not accessible
    WARNING: f:\nt\private\ntos is not accessible
    WARNING: f:\nt\private\ntos\init\up\obj\i386\ntoskrnl.exe is not accessible
    WARNING: f:\nt\private\ntos is not accessible
    Connected to Windows NT 4 1057 x86 compatible target, ptr64 FALSE
    Kernel Debugger connection established.
    Symbol search path is: f:\nt\private\ntos\init\up\obj\i386;f:\nt\private\ntos
    Executable search path is: f:\nt\private\ntos\init\up\obj\i386\ntoskrnl.exe
    Module List has empty entry in it - skipping
    Unable to read selector for PCR for processor 0
    Unable to read KLDR_DATA_TABLE_ENTRY at 04c2ed66 - NTSTATUS 0xC0000001

    Module "nt" was not found in the module list.
    Debugger will attempt to load module "nt" by guessing the base address.

    Please provide the full image name, including the extension (i.e. kernel32.dll) for more reliable results.
    *** WARNING: Unable to verify timestamp for nt
    Unable to load module at 00000000
    Windows NT 4 Kernel Version 1057 UP Free x86 compatible
    Kernel base = 0x80100000 PsLoadedModuleList = 0x80145af0
    System Uptime: 0 days 0:00:01
    CS descriptor lookup failed
    Break instruction exception - code 80000003 (first chance)
    0010:0108 ?? ???

  • Tim_RobertsTim_Roberts Member - All Emails Posts: 14,832

    May I take a side trip and ask about the hardware you are using for the target? The header shows you have the single processor kernel. The fact that you got as far as you did is a good sign, however.

    In fact, the fact that you got this far suggests that you have already installed the operating system. Does NT 3.51 boot correctly without the kernel debugger?

    Tim Roberts, [email protected]
    Software Wizard Emeritus

  • bytemoonbytemoon Member Posts: 7

    Good afternoon Tim, as a target, I am using a Toshiba 4300 laptop (Intel Pentium III 650 MHz), 128 Mb RAM, 6Gb HDD, CD-ROM, FDD, USB...)
    , and as a host I have an i5-7600k 16Gb RAM.
    The NT 3.51 operating system loads correctly, regardless of the selected boot option.
    I have several of them (boot options in boot.ini), but I use the option with the parameters /DEBUG, /BAUDRATE=19200, /DEBUGPORT=COM1.

  • bytemoonbytemoon Member Posts: 7

    Here is another log after I downloaded and added the kdextx86 library to the folder with the debugger after the break command
    the target stopped, I selected unhandled exception (kd>gn) and the target rebooted...:

    Please provide the full image name, including the extension (i.e. kernel32.dll) for more reliable results.
    *** WARNING: Unable to verify timestamp for nt
    Unable to load module at 00000000
    Windows NT 4 Kernel Version 1057 UP Free x86 compatible
    Kernel base = 0x80100000 PsLoadedModuleList = 0x80145af0
    Debug session time: Wed Apr 22 22:24:51 2009
    System Uptime: 43063 days 17:28:40
    CS descriptor lookup failed
    Break instruction exception - code 80000003 (first chance)
    0010:0108 ?? ???
    kd> .load c:\kdextx86.dll
    Loaded c:\kdextx86.dll extension DLL
    kd> gn
    Assertion failed: g:\ntdepot\sdktools\debuggers_v4\ntsd64\dbgkdapi.cpp(1138)
    a->ActualBytesWritten <= TransferCount
    SetContext failed, 0x80004005
    MachineInfo::SetContext failed - Thread: 04B41D70 Handle: 1 Id: 1 - Error == 0x80004005

Sign In or Register to comment.

Howdy, Stranger!

It looks like you're new here. Sign in or register to get started.

Upcoming OSR Seminars
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead!
Kernel Debugging 13-17 May 2024 Live, Online
Developing Minifilters 1-5 Apr 2024 Live, Online
Internals & Software Drivers 11-15 Mar 2024 Live, Online
Writing WDF Drivers 20-24 May 2024 Live, Online