.png?width=100&auto=webp&quality=80&disable=upscale "Picture of John Savill")
.png?width=400&auto=webp&quality=80&disable=upscale "John Savill")
Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
How can I perform a kernel debug?
John Savill
March 4, 1999
3 Min Read
A. To perform a kernel debug, the computer should be connected via a null modem cable or a modem connection for dial in purposes. The computers will be referred to as "Host" for the machine that will perform the debug, and "Target" for the machine that has the problem and is being debugged.
The computers should both be running the same version of Windows NT and the symbol files for the Target machine should be installed on the Host computer. The symbol files are supplied on the Windows NT installation CD-ROM in the SupportDebug directory.
The Target computer's boot.ini entry needs to be modified to allow debugging as follows:
Modify boot.ini to be editable
attrib c:boot.ini -r -sEdit the file and edit the Windows NT start line to include /debug (to tell the system to load the kernel debugger into memory at bootup). Other options are /Debugport to tell which COM port to use (by default COM2) and /Baudrate for the speed (by default 19200, better to be 9600), e.g.
[operating systems]
multi(0)disk(0)rdisk(0)partition(0)WINDOWS="Windows NT Debug" /debug /debugport=com2 /baudrate=9600Save the file
Set boot.ini attributes back
attrib c:boot.ini +r +s
In the example above the Target machine will allow debug connection using Com2: at a speed of 9600 bps.
The host computer needs to be configured with the information it needs to perform the debug and the installation of the symbol files.
To install the symbol files move to the supportdebug directory on the CD-ROM and enter the command
expndsym :
e.g. expndsym f: d:symbols
This may take some time. Remember if you have installed service packs on the target machine the symbol files for these will also need to be installed on the host computer. The symbol files for service packs need to be download from Microsoft separately.
The next stage is to configure the environment variables needed for the debugging, such as the symbol file location etc., these are outlined below.
_NT_DEBUG_PORT | COM port to be used, e.g. COM2: |
_NT_DEBUG_BAUD_RATE | Speed for the connection, e.g. 9600, make sure this matches the /baudrate specified on the target machine |
_NT_SYMBOL_PATH | Location of the symbols files (where you expanded them to using the expndsym utility) |
_NT_LOG_FILE_OPEN | Name of the file used for the log of the debug session (optional) |
It may be worth putting the definition of the above into a command file to avoid having to type in the commands every time, e.g.
echo off
set _nt_debug_port=com2
set _nt_debug_baud_rate=9600
set _nt_symbol_path=d:symbolsi386
set _nt_log_file_open=d:debuglogsdebug.log
Next you should copy over the kernel debug software which is located in the supportdebug directory on the NT installation CD-ROM, e.g. supportdebugI386. It is easier just to copy over the entire directory as it is not very large (around 2.5MB). The actual debugger for the I386 platform is I386KD.EXE and you would just enter I386KD to start the debugger. To enter a command press CTRL+C and wait for the kd> prompt.
About the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
