Compuware is just the last company to own the SoftIce, frameworks, OS
interface check, etc. kernel mode developer package. It was the only useful
package for Windows 95, 98, & ME because almost all the OS interfaces there
were only documented in assembler while VtoolsD had them implemented for
both C and C++, thanks to Vireo. DriverWorks was an idea before its time.
They did provide source code so you could use it to understand how the OS
worked, but it still had bugs because they still had the same OS
documentation as the rest of the world.
The biggest problem was that Microsoft began to implement their own debugger
with XP and later. True they had one before but it was even flakier than
SoftIce. How can a user mode shell that interfaces to a debugger on another
computer cause the host system where it is running to crash? That is hard
to accomplish, but Microsoft managed to do it regularly for several years.
Then Microsoft began to implement their own frameworks. There is KMDF,
UMDF, and the minifilter. Before that there were miniports for ethernet
devices, SCSI cards, ATAPI, etc.
Microsoft has been clueless for over a decade since the beginning of Windows
NT, but in the last few years they realized that 3rd party drivers crashing
has an impact on how their OS is perceived. In reality is has been their
fault because their OS is a closed source system. How can a third party
write a driver that can function properly when the implementation of that
driver’s foundation is hidden from them? Now we see the maintainers of the
OS posting in newsgroups, writing books, and providing RSS blogs, but it was
not that way early on. That is another reason why most major manufacturers
of computer hardware have a permanent presence on the Microsoft campus so
they can ask questions and get answers directly from those writing the
environment where their devices and sometimes drivers must run.
//ramble on//
The mass storage spec is a relatively new concept for Windows. In NT and
early 2000 most mass storage devices, where cost was the major factor such
as flash memory, had to have drivers. Now the costs of device manufacturing
have been reduced so that even $20 USB flash memory drives require no 3rd
party drivers because the ‘drivers’ are done in firmware. This spec does
require more memory on the device so that the conversion of physical block
to logical blocks with the blocking/deblocking needed can be done. Flash
memory is erased in a fixed block size regardless of the cluster size the OS
may use. A flash memory device cannot write ones but only zeroes as it is
the erase that sets all bits on.
//ramble off//
“Martin O’Brien” wrote in message
news:xxxxx@ntdev…
>I think Michal makes a really good point here that, although I in some
> ways practice, I had never really thought of it as such - what can be
> accomplished using only something to catch KdPrint, et c. These days,
> most of what I do is reverse engineering, so a debugger is most
> definitely not optional, but both previously and in the large amount of
> code I write daily for internal tools for RE, I really can’t say that I
> use any of the “advanced,” for lack of a better word, features of WinDbg
> or, when I used it, SoftICE/Visual SoftICE. Personally, I wonder if I
> am missing something at times, and I think probably am, but it does seem
> to work for me. In any case, the way I see his statements as applicable
> your (the original op) case, is that, while I more than understand your
> hesitancy to learn WinDbg, having done so in the not so distant past
> (about three years ago; I had used SI for years, and, for me, WinDbg was
> a complete was of time until then, only because the only transport was
> the unbearably slow serial port.), that it turned out to be a very good
> thing notwithstanding, it seems like SI is what is holding you up, and,
> given everything that has been said in this thread, it is, at best, a
> very short term solution, I would give his idea a try.
>
> I don’t feel quite as strongly as Michal does about this subject, and
> as such I think eventually the inconvenience of not having a KD
> situationally will outweigh the inconvenience of learning it and just
> general inertia, but you can do it then - for free. SoftICE, last I
> checked, was about $3000. As I mentioned earlier, I was not and am not,
> by a long shot, a WinDbg only diehard; I use both, and will do so for as
> long as I can do so with SoftICE, without having (really my company) to
> pay another $3000. Even though SoftICE is vital for RE in situations
> where WinDbg is completely useless (such as a number of anti-re
> schemes), and, truth be told, as you can run WinDbg extensions in Visual
> SoftICE (and I’m told SI; I’ve never tried), without which WinDbg would
> totally suck, more or less to the point of being completely useless,
> using SI really doesn’t mean you’ll miss anything, I’m just not willing
> to pay again for something with no future, in my opinion, due almost
> entirely to Compuware essentially being pirates. I have no issue with
> them consistently raising the price (not my first choice, of course),
> but rather the very transparent and, well, low rent, series of insulting
> gestures that have occurred over the years known as “bundling.”
> Attempting to justify tripling the price of a KD by including some tools
> for Visual Basic, and even worse, written (in some cases) in the same,
> is just not going to fly with people who use a KD as a primary tool.
> Sooner or later, like say, when they actually have to pay for it
> themselves (which was catalyzed my switch when I worked at home for a
> while), they will look elsewhere.
>
> mm
>
>>>> xxxxx@upek.com 2006-12-15 23:07 >>>
> What about different approach? There is no need for a debugger at all.
> Almost everything can be debugged using traces; I do it for several past
> years for all my development (kernel, user mode, embedded). It is much
> more efficient than playing with the debugger which is also completely
> unusable for real time problems debugging (most of my work). Debugger is
> good mainly for beginners who need to step through code to verify it and
> learn.
>
> WinDbg is very useful for post mortem/crashdump analysis, both kernel
> and user mode. Similarly, it can be used for examining live system the
> same way. So it is great analysis tool if we omit clumsy GUI but as a
> debugger? No idea, I never used it this way. For live debugging all I
> need is DebugView.
>
> The last SoftICE version worked at XP SP2 but there can be problem with
> post-SP2 fixes installed (automatically by live update). It needs to
> hook some unexported kernel functions for which it had configuration
> files (osinfo/b.dat) updated for every SP release. I’m affraid these
> functions were moved since SP2 and it won’t work (SI reported it during
> startup). I have it installed on my old computer but honestly, I don’t
> remember when I started it last time. Probably when needed to catch a
> bug is some 3rd party app; debugger helps when you don’t have a source.
> But for your own code? No need for it.
>
> Best regards,
>
> Michal Vodicka
> UPEK, Inc.
> [xxxxx@upek.com, http://www.upek.com]
>
>> ----------
>> From:
> xxxxx@lists.osr.com[SMTP:xxxxx@lists.osr.com]
> on behalf of Prokash Sinha[SMTP:xxxxx@gmail.com]
>> Reply To: Windows System Software Devs Interest List
>> Sent: Saturday, December 16, 2006 4:41 AM
>> To: Windows System Software Devs Interest List
>> Subject: [ntdev] SoftIce for XP SP2
>>
>> If you have a choice, think about the support you will get. Compuware
> said, they will stop their support for softice in the near future. So
> check it first before buying.
>>
>> How about using Windbg?
>>
>> Recently, I had to bounce back to softice ( driver studio 3.2), and
> it is not nearly as pleasant as it used to be couple yrs back (
> specially 2.7 was very nice ). But you might face a lot of problem from
> not being able to boot to a number of other things including crashes
> from ntice.sys.
>>
>> But if you have no other choice, you can have the patches from the
> support…
>>
>> If you need more infos about where to get patch from and what it
> contents etc…, I will post to your reply.
>>
>> But I don’t encourage wasting time on this. If you happen to have a
> Media center PC or DVI enabled graphics, you could be in for a long run
> …
>>
>> But it works for me …
>>
>>
>> -pro
>>
>>
>> For XP SP2, you need the latest SI version 4.3.2,
>> from Driver Studio 3.2
>>
>> --PA
>>
>> “Ramananda Ramachandra” > mailto:xxxxx> wrote in message
>> news:xxxxx…
>> > Hi All
>> >
>> > After a long time I am back to the system level and driver
> programming.
>> > I have a old version of SoftIce that worked on NT.
>> > I am not able to use the same on Win2K/XP. It says not designed for
> this version
>> of the OS.
>> >
>> > Could someone point me to a location from where I can buy or
> download this?
>> >
>> > Thanks for your help,
>> >
>> > Cheers
>> > Ramananda
>>
>>
>>
>>
>> — Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256 To unsubscribe, visit the
> List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
></news:xxxxx></mailto:xxxxx>