Windows - IDT table entries all 0's

> Check what the debugger says… maybe the first 5 entries are actually 0xFFFFFFFF.



I am afraid his task is “rather problematic” under these circumstances, taking into consideration that INT 1 and INT 3 are debug exceptions…

Anton Bassov

> This is not bussiness Gary, it’s my own learning experience and I am happy to waste my time for now.

Then just debug your code using WinDbg on a virtual machine. MS VPC is fine.

WinDbg has the stuff in it to dump physical addresses.


Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com

Gary: Thanks for such helpful information. Now I am getting more confident in asking questions :slight_smile:
THanks heap.

Question 1: Below is output from local Kernel debug using !idt. I am not seeing all 256 entries. It shows me only quite a few. Does I require another command to view all IDT’s?

Question 2: On multi-processor systems, each CPU’s has it’s own IDT. How do I know which CPU’s IDT results are shown

lkd\> !idt  
  
Dumping IDT:  
  
37: 806e3864 hal!PicSpuriousService37  
3d: 806e4e2c hal!HalpApcInterrupt  
41: 806e4c88 hal!HalpDispatchInterrupt  
50: 806e393c hal!HalpApicRebootService  
62: 89a67a54 atapi!IdePortInterrupt (KINTERRUPT 89a67a18)  
63: 89a8f974 \*\*\* ERROR: Module load completed but symbols could not be loaded for iaStor.sys  
iaStor+0xEC9E (KINTERRUPT 89a8f938)  
 USBPORT!USBPORT_InterruptService (KINTERRUPT 88b7f838)  
73: 89a9cbec ohci1394!OhciIsr (KINTERRUPT 89a9cbb0)  
 VIDEOPRT!pVideoPortInterrupt (KINTERRUPT 88dda9d0)  
 USBPORT!USBPORT_InterruptService (KINTERRUPT 88b58920)  
 NDIS!ndisMIsr (KINTERRUPT 872704b8)  
83: 88b78044 \*\*\* ERROR: Module load completed but symbols could not be loaded for \SystemRoot\system32\DRIVERS\rixdptsk.sys  
rixdptsk+0x50C4 (KINTERRUPT 88b78008)  
 \*\*\* ERROR: Module load completed but symbols could not be loaded for \SystemRoot\system32\DRIVERS\rimsptsk.sys  
rimsptsk+0x5942 (KINTERRUPT 88955398)  
 \*\*\* ERROR: Module load completed but symbols could not be loaded for \SystemRoot\system32\DRIVERS\rimmptsk.sys  
rimmptsk+0x5AC0 (KINTERRUPT 88c4c838)  
 sdbus!SdbusInterrupt (KINTERRUPT 88bae740)  
84: 88946bec USBPORT!USBPORT_InterruptService (KINTERRUPT 88946bb0)  
93: 888435fc i8042prt!I8042KeyboardInterruptService (KINTERRUPT 888435c0)  
94: 8898277c USBPORT!USBPORT_InterruptService (KINTERRUPT 88982740)  
 USBPORT!USBPORT_InterruptService (KINTERRUPT 889abbb0)  
a3: 88843bec i8042prt!I8042MouseInterruptService (KINTERRUPT 88843bb0)  
a4: 876bd9cc HDAudBus!AzController::Isr (KINTERRUPT 876bd990)  
b1: 89af92dc ACPI!ACPIInterruptServiceRoutine (KINTERRUPT 89af92a0)  
b4: 8883d43c NDIS!ndisMIsr (KINTERRUPT 8883d400)  
c1: 806e3ac0 hal!HalpBroadcastCallService  
d1: 806e2e54 hal!HalpClockInterrupt  
e1: 806e4048 hal!HalpIpiHandler  
e3: 806e3dac hal!HalpLocalApicErrorService  
fd: 806e45a8 hal!HalpProfileInterrupt  
fe: 806e4748 hal!HalpPerfInterrupt

> Question 2: On multi-processor systems, each CPU’s has it’s own IDT. How do I know which CPU’s

IDT results are shown

Look at WinDbg docs, it says you can specify the particular IDT.

!pcr command can show you the address of this CPU’s IDT.


Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com

.for (r $t0 = 0; $t0<256 ; r $t0 = $t0+1 ) { !idt $t0 }

Dumping IDT:

2c: 8053dca0 nt!KiSetLowWaitHighThread

Dumping IDT:

2d: 8053e5e0 nt!KiDebugService

Dumping IDT:

2e: 8053d4a1 nt!KiSystemService

Dumping IDT:

2f: 805407b8 nt!KiTrap0F

Dumping IDT:

30: 8053cb60 nt!KiStartUnexpectedRange

Dumping IDT:

31: 8053cb6a nt!KiUnexpectedInterrupt1

Dumping IDT:

32: 8053cb74 nt!KiUnexpectedInterrupt2

Dumping IDT:

33: 8053cb7e nt!KiUnexpectedInterrupt3

lkd> !idt -a

Dumping IDT:

00: 8053e1bc nt!KiTrap00
01: 8053e334 nt!KiTrap01
02: Task Selector = 0x0058
03: 8053e704 nt!KiTrap03
04: 8053e884 nt!KiTrap04
05: 8053e9e0 nt!KiTrap05
06: 8053eb54 nt!KiTrap06
07: 8053f1bc nt!KiTrap07
08: Task Selector = 0x0050
09: 8053f5e0 nt!KiTrap09
0a: 8053f700 nt!KiTrap0A
0b: 8053f840 nt!KiTrap0B
0c: 8053fa9c nt!KiTrap0C
0d: 8053fd80 nt!KiTrap0D

On Sat, May 29, 2010 at 2:13 PM, wrote:

> Gary: Thanks for such helpful information. Now I am getting more confident
> in asking questions :slight_smile:
> THanks heap.
>
> Question 1: Below is output from local Kernel debug using !idt. I am not
> seeing all 256 entries. It shows me only quite a few. Does I require another
> command to view all IDT’s?
>
> Question 2: On multi-processor systems, each CPU’s has it’s own IDT. How do
> I know which CPU’s IDT results are shown
>
> Results from !idt~~~~~~~~~~~
> lkd> !idt
>
> Dumping IDT:
>
> 37: 806e3864 hal!PicSpuriousService37
> 3d: 806e4e2c hal!HalpApcInterrupt
> 41: 806e4c88 hal!HalpDispatchInterrupt
> 50: 806e393c hal!HalpApicRebootService
> 62: 89a67a54 atapi!IdePortInterrupt (KINTERRUPT 89a67a18)
> 63: 89a8f974 ERROR: Module load completed but symbols could not be
> loaded for iaStor.sys
> iaStor+0xEC9E (KINTERRUPT 89a8f938)
> USBPORT!USBPORT_InterruptService (KINTERRUPT 88b7f838)
> 73: 89a9cbec ohci1394!OhciIsr (KINTERRUPT 89a9cbb0)
> VIDEOPRT!pVideoPortInterrupt (KINTERRUPT 88dda9d0)
> USBPORT!USBPORT_InterruptService (KINTERRUPT 88b58920)
> NDIS!ndisMIsr (KINTERRUPT 872704b8)
> 83: 88b78044
ERROR: Module load completed but symbols could not be
> loaded for \SystemRoot\system32\DRIVERS\rixdptsk.sys
> rixdptsk+0x50C4 (KINTERRUPT 88b78008)
> ERROR: Module load completed but symbols could not be
> loaded for \SystemRoot\system32\DRIVERS\rimsptsk.sys
> rimsptsk+0x5942 (KINTERRUPT 88955398)
>
ERROR: Module load completed but symbols could not be
> loaded for \SystemRoot\system32\DRIVERS\rimmptsk.sys
> rimmptsk+0x5AC0 (KINTERRUPT 88c4c838)
> sdbus!SdbusInterrupt (KINTERRUPT 88bae740)
> 84: 88946bec USBPORT!USBPORT_InterruptService (KINTERRUPT 88946bb0)
> 93: 888435fc i8042prt!I8042KeyboardInterruptService (KINTERRUPT
> 888435c0)
> 94: 8898277c USBPORT!USBPORT_InterruptService (KINTERRUPT 88982740)
> USBPORT!USBPORT_InterruptService (KINTERRUPT 889abbb0)
> a3: 88843bec i8042prt!I8042MouseInterruptService (KINTERRUPT 88843bb0)
> a4: 876bd9cc HDAudBus!AzController::Isr (KINTERRUPT 876bd990)
> b1: 89af92dc ACPI!ACPIInterruptServiceRoutine (KINTERRUPT 89af92a0)
> b4: 8883d43c NDIS!ndisMIsr (KINTERRUPT 8883d400)
> c1: 806e3ac0 hal!HalpBroadcastCallService
> d1: 806e2e54 hal!HalpClockInterrupt
> e1: 806e4048 hal!HalpIpiHandler
> e3: 806e3dac hal!HalpLocalApicErrorService
> fd: 806e45a8 hal!HalpProfileInterrupt
> fe: 806e4748 hal!HalpPerfInterrupt
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>


thanks and regards

raj_r

Thanks all heaps!!! Question answered. Ok to close-off this thread