Part 1    ◄   Part 2   ◄   Part 3   ◄   Part 4   ◄    Part 5

Page 441

#6601Mov AX, 0xDEAD⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6597
@Mov AX, 0xDEAD
0x3f8 (for COM1) and 0x2f8 (for COM2).

change in kdcom.dll constants to yours or recompile kdcom.c
but first check in DOS what COM adapter really works without windows/drivers
#6602diderius6⇗ @Mov AX, 0xDEAD

Today in the morning I take a look with Ida Pro at kdcom.dll and found the entries for COM1 and COM2.
They are there implemented as strings.
Can I just change those strings against the adresses 0x3f8 (for COM1) and 0x2f8 (for COM2)?
And in boot.ini /debugport=0x3f8 ?
The idea I understand but to make it come true is another thing.
How can I check under DOS, that this serial adapter works with only this kdcom.dll as driver?
I have 2 different Serial slot cards. I think, that it works only for a to 100% compatible to 16550 UART
Dietmar

Edit: I have PEX2S553 Startech Serial Card , 2 Port Pci-E , 16550 Uart with mcs9922cv-aa chip.

Seems, that indeed no other driver is needed under DOS

Installation Procedure:
The following procedure explains how to install MosChip serial and parallel I/O ports on DOS.
Step 1: Copy "SXDOSIN.exe" to 'C:\' Drive from Floppy. The command is "copy a:\ SXDOSIN.exe c:\"
Step 2: Type "sxdosin" to confirm Device detection. (Eg. MCS9901)
Following information is displayed For 4 Serial Port
COM1 exists.
COM2 exists
LPT1 exists.
PCI Device configurations.
Found Moschip Semiconductor pci device 9901 (1000A000) Rev00 on Bus01 Slot 00
Found Moschip Semiconductor pci device 9901 (1000A000) Rev00 on Bus01 Slot 00
Found Moschip Semiconductor pci device 9901 (1000A000) Rev00 on Bus01 Slot 00
Found Moschip Semiconductor pci device 9901 (1000A000) Rev00 on Bus01 Slot 00
Detected 4 pci device(s)
= = = = = = = = = = = = = = = =
COM1 exist at 3F8.
COM2 exist at 2F8.
LPT1 exist at 378
= = = = = = = = = = = = == = = = =
#6603YuriyCN
Zitat
Have you tried these;
Realtek HD Audio (HDA) Drivers Version 8186



This driver does not work on Windows XP!!
Windows Vista or newer is required.

============================

I actually got the latest version of "Realtek HD Audio" drivers for Windows XP - it's version 5.10.0.7514 of 23.08.2016.

The supported chips are ALC880, ALC882, ALC883, ALC885, ALC886, ALC887, ALC888, ALC889, ALC892, ALC899, ALC861VC, ALC861VD, ALC867, ALC900, ALC660, ALC662, ALC663, ALC665, ALC668, ALC670, ALC671, ALC672, ALC676, ALC680, ALC221, ALC231, ALC233, ALC235, ALC255, ALC260, ALC262, ALC267 and others.

Realtek_HD_Audio_v5.10.0.7514 driver from 08/23/2016 for Windows XP (35 MBytes) - ⇗ https://www.upload.ee/files/11530218/Rea...8.2016.zip.html

#6604Mov AX, 0xDEAD⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6602
@Mov AX, 0xDEAD
Can I just change those strings against the adresses 0x3f8 (for COM1) and 0x2f8 (for COM2)?
And in boot.ini /debugport=0x3f8 ?

No, kdcom dont understand this, look for integers 3f8 and 2f8 inside dll
you dont need change ports if your card has standart ports already com1=0x3f8, com2=0x2f8

Zitat

COM1 exist at 3F8.
COM2 exist at 2F8.
LPT1 exist at 378


1) download any terminal util for DOS
2) check with remote PC for "echo" after typing  on keyboard, config 115200 8-N-1
3) you need proof that COM hardware works at standart i/o ports
some test utils support loop test of com ports, just connect rx to tx

ntdetect.com may inteference with com ports, i dont knoq how to disable ntdetect

#6605PPeti66x⇗ @YuriyCN
Headphone not works with it. Same result as the R2.74.
The only correct driver is what I linked before.
#6606gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6597
But when you use a slot card for a COM1 serial port,
debugging does not work.
⇗ @diderius6 ...is the serial port turned on in BIOS and is it assigned the correct port numbers? You can change the port numbers in BIOS but I don't know if the serial feature appears if you don't have an onboard serial port. Could you add it to BIOS?

Sometimes the hypervisor takes COM1, if you have a hypervisor. Don't think there is one on XP. Sometimes Bluetooth can grab it or an internal modem chip.

⇗ https://phoenixnap.com/kb/what-is-hypervisor-type-1-2

A common problem with COM ports is an IRQ/port conflict with another device. Usually, COM ports use IRQ 3 and 4. Look in Device Manager to see if any COM ports are available. Make sure 'Show Hidden Devices' is checked in the View tab of Device Manager. If your add-on card is properly installed, it should show up in Device Manager under Ports. Also, for more hardware info, look under View\Resources by type and \Resources by connection. Look there to see if another device is trying to use IRQ 3/4 or a COM port address assigned to COM 1/2. With modern chipsets, it's common for devices to share IRQs.

A real good reason nothing shows up in device manager is that the drivers for the add-on card are not right for XP.

If only COM2 is listed (COM1 is missing) you need to troubleshoot to find out why. One good reason is that nothing is attached to the physical port. It can occur because COM1 was assigned earlier and never released. You can fix it in the registry but I can't remember how. Turning on 'Show Hidden Devices' should reveal it in Device Manager.

In boot.ini, I don't know if you can list the port address in hex, I think you have to specify it as COMx.

You can use Hyperterminal to test serial ports or get one of the free communications apps on the net that talk between COM ports. Google putty serial. Better still.

⇗ https://www.techwalla.com/articles/how-t...rial-connection

ps. On my W7 machine the com ports are listed under:

HKLM\system\controlset001\enum\ACPI\PNP0501\0 and \1. May be something in ACPI causing COM issues.
#6607gordo999
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #6604
ntdetect.com may inteference with com ports, i dont knoq how to disable ntdetect
⇗ @Mov AX, 0xDEAD ...Seems to depend on whether BIOS sets the hardware parameters or whether ACPI is available.

"Ntdetect.com is used on computers that use BIOS firmware. Computers with Extensible Firmware Interface, such as IA-64, use a method of device-detection that is not tied to the operating system.[1]

Hardware detection operates somewhat differently depending on whether or not Advanced Configuration and Power Interface (ACPI) is supported by the hardware. It passes on the hardware details gathered from the BIOS onto the OS. If ACPI is supported, the list of found devices is handed to the kernel, Windows will take responsibility for assigning each device some resources. On older hardware, where ACPI is not supported, the BIOS takes responsibility for assigning resources, not the operating system, so this information is passed to the kernel as well".

⇗ https://en.wikipedia.org/wiki/Ntdetect.com

************

⇗ @Mov AX, 0xDEAD ... Похоже, это зависит от того, устанавливает ли BIOS параметры оборудования или доступен ACPI.

"Ntdetect.com используется на компьютерах, которые используют микропрограмму BIOS. Компьютеры с расширяемым интерфейсом микропрограмм, такие как IA-64, используют метод обнаружения устройств, который не привязан к операционной системе. [1]

Обнаружение оборудования работает несколько по-разному в зависимости от того, поддерживается ли аппаратным обеспечением Advanced Configuration and Power Interface (ACPI). Он передает сведения об оборудовании, собранные из BIOS, в ОС. Если ACPI поддерживается, список найденных устройств передается ядру, Windows берет на себя ответственность за назначение каждому устройству некоторых ресурсов. На старом оборудовании, где ACPI не поддерживается, за назначение ресурсов берет на себя BIOS, а не операционная система, поэтому эта информация также передается ядру ".

[URL] ⇗ https://en.wikipedia.org/wiki/Ntdetect.com [/ URL]
#6608onuracengiz⇗ Realtek HD Audio (HDA) Drivers Version R2.8x (8186) WHQL listed as Xp.maybe installer is not working on Xp but have you tried have disk method?

Could you try the official one from realteks website
⇗ Windows 2000, Windows XP/2003(32/64 bits) 2.74 dated 2014/05/14

And yes ⇗ Intel Realtek ALCxxx Driver v5.10.0.5377 is also for Xp but these are for much older cards

Same goes for ⇗ Microsoft UAA Bus Driver for High Definition Audio even much much older (again intel board)

and here is a bonus; ⇗ K-Lite Codec Pack v13.8.5 Mega
                             ⇗ OpenAl driver v1.1 (cross-platform 3D audio API) some apps and games uses this (Baldur's Gate: Enhanced Edition.
Battlefield 2 etc) get more information ⇗ here
                             ⇗ OpenAL Soft v1.21.1 (updated Win32 and Win64 binaries 4.2.2021)
#6609Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6598
so a Windbg session should be possible during Firewire Slot card

I wonder if it would work through firewire on a PCI, PCIe, PCMCIA or ExpressCard?

Zitat von ⇗ diderius6 im Beitrag ¶ #6602
Today in the morning I take a look with Ida Pro at kdcom.dll and found the entries for COM1 and COM2.

In which offset?

Zitat von ⇗ diderius6 im Beitrag ¶ #6602
How can I check under DOS, that this serial adapter works

  • connect two computers with a nullmodem cable
  • on remote PC run Putty on COMx 19200
  • on local PC run MS-DOS 6.22 and type:
     
    mode com1:19,n,8,1,p
    ctty com1

At this point, you should see the data in Putty:


To use the serial port on the card, e.g. mini-PCIe, you probably need to use the MMIO address - but how to use this in WinDbg ???
⇗ mPCIe serial
⇗ Chromium OS [serial] Console Debugging HOWTO
#6610diderius6⇗ @Gelip

I think, the most important for Windbg via Firewire is the compability of the 1394 card.
I read, that those from Texas Instruments are best for this. Any of them should work for Windbg 1394 Firewire debug.
Because there is no Whitelist from Microsoft for 1394 as for the Lan Slot cards.

⇗ https://docs.microsoft.com/en-us/windows...er-a-1394-cable

Until now, I do not find a report, that someone succeeds with using a Serial Slot card for Windbg.
When you have a board, with a COM1 connector, you have to disable(!) this device in Bios of the target (to be debugged)
computer, when you want to use this Serial Slot card. So, you kill a working connection.
Question for me is, if there is an entry in Bios needed for a working Serial Windbg connection.
I think yes,
and so Windbg will not work with any Serial Slotcard
Dietmar
#6611YuriyCN
Zitat von ⇗ onuracengiz im Beitrag ¶ #6608

And yes ⇗ Intel Realtek ALCxxx Driver v5.10.0.5377 is also for Xp but these are for much older cards


Latest version - Realtek_HD_Audio_v5.10.0.7514 driver 08/23/2016
⇗ https://www.upload.ee/files/11530218/Rea...8.2016.zip.html
#6612onuracengizthank you.inf and files looks legit.i will try to verify the source.in the mean time, majorgeeks is a trustworthy source therefore i will keep that version

#6613PPeti66x⇗ @onuracengiz
You did not uderstand, what I am say: The mentioned Realtek drivers (R2.74, v5.10.0.7514) installs and works on XP, but have missing features on Dell (and probably on some Lenovo) computers. Dell made special drivers (not only repacked, but completely recompiled with specific customizations) for this audio chip, because used some non-standard solutions.
#6614onuracengizthats because realtek versions are often generic ones,in order to cover more devices.manufacturer's version is custom tailored.thats normal
latest does not mean good for everbody.
Also they might have added more files into it afterwards?
Need confirmation from more people that this one is working for them aswell
source traces back to tenforums

this one is from realtek official
#6615genieautravail⇗ @PPeti66x ⇗ @YuriyCN ⇗ @onuracengiz

It's the same thing for display drivers.
My Dell Latitude e6230 laptop use a specific driver from Dell for the Intel HD 4000 chip.
Windows XP won't install the generic driver from Intel even if the driver is more recent...
Regards

 

Page 442

#6616onuracengizyour sata,chipset (not even drivers but still),graphics drivers are device series based "can be considered" generic drivers,but oh well :)
and that may be,just maybe cause of the end of xp support :D
#6617Gelip@diderius

Zitat von ⇗ diderius6 im Beitrag ¶ #6602
Seems, that indeed no other driver is needed under DOS

Installation Procedure:
The following procedure explains how to install MosChip serial and parallel I/O ports on DOS.
Step 1: Copy "SXDOSIN.exe" to 'C:' Drive from Floppy. The command is "copy a: SXDOSIN.exe c:"
Step 2: Type "sxdosin" to confirm Device detection. (Eg. MCS9901)


Please test:
  • connect two PC with nullmodem serial cable
  • on PC1 run WinDbg on serial COM1 115200
  • on PC2 in WinXP config serial debug in boot.ini on COM1: /debug /debugport=COM1: /baudrate=115200
  • reboot PC2 from USB with MS-DOS 6.22 - ready bootable MS-DOS disk image that you need to write to a USB flash drive with Win32DiskImager - link: ⇗ msdos.zip
  • remap COM your PCIe card to standard COM1 3F8 IRQ4 use SXDOSIN.exe
  • run GRUB4DOS grub.exe
  • boot WinXP from GRUB4DOS like this:

    find --set-root /ntldr
    chainloader /ntldr
    boot

Does data on PC1 appear in WinDbg?

If not work try without HIMEM.SYS, SMARTDRV.EXE, SETVER.EXE
#6618diderius6⇗ @Gelip

"reboot PC2 from USB with MS-DOS 6.22 - ready bootable MS-DOS disk image that you need to write to a USB flash drive with Win32DiskImager - link: msdos.zip"

I cant get the USB bootable MS-DOS 6.22 image.
Can you upload it for me, then I test
Dietmar
#6619Gelip⇗ @diderius6
New link: ⇗ https://www97.zippyshare.com/v/rwRpVcxV/file.html
#6620diderius6⇗ @Gelip

I get 403 Forbidden
Dietmar

PS: Use
⇗ https://ufile.io/
#6621Gelip⇗ @diderius6
⇗ msdos.zip

I tested my serial port ExpressCard i-Tec EXRS232 in the early stages of Debian 6 boot and it works beautifully but it's probably thanks to the Linux kernel:
In CMDLINE need like this (0x4000 is address my card):

earlycon=uart8250,io,0x4000,115200n8 or console=uart8250,io,0x4000,115200n8

To check the address in Linux type in terminal: dmesg | grep tty

#6622PPeti66x⇗ @genieautravail
I had no issues with Intel HD4000 except display switching. You can install the driver only if the device is enabled. If you have a discrete VGA, XP probably uses this by default (and others are disabled), and you can not install the Intel driver in this case. You must force the Intel Graphics by BIOS first. In my case (Dell M4800) it is Video/Switchable_Graphics: Enable Switchable Graphics (checkbox) - it is a one-shot option, because then incompatible OS is detected and switched back automatically. So if you installing the XP, you must set at every restart.

...interesting, it worked me before, now I get black screen (display/backlight is ON, I can set even the brightness level). Driver installation worked without error (without Intel Driver, it works). It is caused by a BIOS update? Or something else? Same on x86 and x64 version (both with original and modded ACPI.SYS).
#6623diderius6⇗ @Gelip

Thanks for the nice USB MS-DOS 6.22. This is a very nice, because you can copy any files to the USB stick.
I have to rename Himem.sys, because it tests and tests and tests extended memory (32 GByte:)) ).
Then I make the test with just typing C:\SXDOSIN at the comandline.
But no COM port can be found. I check all PCI-E slots with both Serial cards.
When I disable the com Port in Bios, no port at all can be found.
So it is just a lie from the manufacturer, that this card works under DOS
Dietmar

PS: Shows your Serial Slot card an COM port with C:\sxdosin ?

#6624Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #6623
PS: Shows your Serial Slot card an COM port with C:sxdosin ?


My serial card is on chip Oxford but also not detect. I try SXDOSIN.EXE, DOS_MODE.EXE, NMDOSIN.EXE

but

I have good news! Kernel Debug work on ⇗ ReactOS 0.4.9 with ExpressCard. I need set serial port address in freeldr.ini - my card I/O is 0x4000:

 
[ReactOS_Debug]
BootType=Windows2003
SystemPath=multi(0)disk(0)rdisk(0)partition(1)\ReactOS
Options=/DEBUG /DEBUGPORT=COM:0x4000 /BAUDRATE=115200 /SOS


#6625diderius6⇗ @Gelip
Yes, Reactos is a nice project, but still Win95B is more useful
Dietmar

PS: I notice, that SXDOSIN.EXE shows working Serial PCI slot cards but not PCI-E.
Interesting, if there is any Serial PCI-E card today on the market, which works under DOS also.
I have not found.
Manufacturers you cant trust, see above, only test test test..
#6626Gelip⇗ @diderius6
Try set I/O and IRQ in MS-DOS with setpci tool (included on my msdos.img):

 
setpci -s xx:xx:x INTERRUPT_LINE=04
setpci -s xx:xx.x BASE_ADDRESS_0=0x03f8
setpci -s xx:xx.x command=1


Check the bus slot func address of your card and enter xx:xx.x instead then grub4dos and boot WinXP

#6627Gelip@diderius ⇗ @Mov AX, 0xDEAD

Yeeeesssssaaa! WinDbg work over ExpressCard serial

It is enough to change the I/O address COM1 3F8 in the kdcom.dll 64-bit 5.2.3790.1830 file in offset 1024 by changing F8 03 to the address of our card (I have 00 40)
#6628diderius6⇗ @Gelip Waaaooohh  ,
please help me to do this with my card also.

LSPCI gives for me
03:00.0 0700:9710:9922
03:00.1 0700:9710:9922

So this means, I only have to change F8 03 to 00 07 in kdcom.dll
Dietmar
#6629Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #6628
LSPCI gives for me
03:00.0 0700:9710:9922
03:00.1 0700:9710:9922

So this means, I only have to change F8 03 to 00 07 in kdcom.dll


Nooooo!!! - 0700:9710 is PCI Vendor:Device

You need I/O address - check in Linux Live in terminal: dmesg | grep tty or lspci -s 03:00.0 -v

In line ttyS0 at I/O 0xnnnn where nnnn is I/O address. This address need insert to kdcom.dll in little endian form e.g if your address is 8000 then replace F8 03 to 00 80:

root@debian:~# dmesg | grep tty
[    0.000000] console [tty0] enabled
[    0.843833] ttyS0: detected caps 00000700 should be 00000100
[    0.843908] 0000:05:00.0: ttyS0 at I/O 0x4000 (irq = 19) is a 16C950/954

or

root@debian:~# lspci -s 05:00.0 -v
05:00.0 Serial controller: Oxford Semiconductor Ltd Device c120 (prog-if 02 [16550])
       Subsystem: Oxford Semiconductor Ltd Device c120
       Flags: bus master, fast devsel, latency 0, IRQ 19
       I/O ports at 4000 [size=8]
       Capabilities: [40] Power Management version 3
       Capabilities: [50] MSI: Enable- Count=1/1 Maskable- 64bit+
       Capabilities: [70] Express Legacy Endpoint, MSI 00
       Capabilities: [100] Device Serial Number 00-30-e0-11-11-00-01-20
       Capabilities: [110] Power Budgeting <?>
       Kernel driver in use: serial
#6630GelipThe COM port driver card (PCI, PCIe, PCMCIA or ExpressCard) in the debugged WinXP system must be uninstalled because the debugging process will be interrupted when the driver is loaded.

 

Page 443

#6631diderius6⇗ @Gelip
For my Serial PCI-E slot cards it does not work under XP SP3.
I have the (small) problem, that I have 2 COM connectors on those cards each.
I found out, that the IO address is 0xD000 and 0xD010 for both cards.
In XP SP3 kdcom.dll you have to change the addresses at 2 places,
and I did those changes for COM1 and COM2 but without success.
Dont know, where the problem is
Dietmar

PS: Here is my original kdcom.dll file and the modded one
⇗ https://ufile.io/z9638ayh

EDIT:And the most most crazy is, that also with the modded kdcom.dll I can use the inbuild COM1 port of this board!
So, may be ntoskrnl.exe or ntldr plays a role in XP SP3 also.
By the way I noticed, that Windbg can ONLY run on COM1 with IO address 0x3F8h.
#6632diderius6Yepp,
COM4 COM3 COM2 COM1 appear in this очередь with there IO address also in ntoskrnl.exe of XP SP3
Dietmar
.text:0046889B                 mov     eax, 2E8h
.text:004688A0                 jmp     short loc_4688B5
.text:004688A2 ; ---------------------------------------------------------------------------
.text:004688A2

.text:004688A2 loc_4688A2: ; CODE XREF: InbvPortInitialize(x,x,x,x,x)+5E j
.text:004688A2                 mov     eax, 3E8h
.text:004688A7                 jmp     short loc_4688B5
.text:004688A9 ; ---------------------------------------------------------------------------
.text:004688A9

.text:004688A9 loc_4688A9: ; CODE XREF: InbvPortInitialize(x,x,x,x,x)+5B j
.text:004688A9                 mov     eax, 2F8h
.text:004688AE                 jmp     short loc_4688B5
.text:004688B0 ; ---------------------------------------------------------------------------
.text:004688B0

.text:004688B0 loc_4688B0: ; CODE XREF: InbvPortInitialize(x,x,x,x,x)+58 j
.text:004688B0                 mov     eax, 3F8h
.text:004688B5
 
.text:004688B5 loc_4688B5: ; CODE XREF: InbvPortInitialize(x,x,x,x,x)+38 j
.text:004688B5                                         ; InbvPortInitialize(x,x,x,x,x)+53
j ...
.text:004688B5                 lea     edi, [esi+esi*2]
.text:004688B8                 lea     edi, _CmRegistryLogSizeLimit[edi*4]
.text:004688BF                 cmp     dword ptr [edi], 0
.text:004688C2                 jz      short loc_4688C8
.text:004688C4

.text:004688C4 loc_4688C4: ; CODE XREF: InbvPortInitialize(x,x,x,x,x)+47 j
.text:004688C4                 xor     al, al
.text:004688C6                 jmp     short loc_468916
.text:004688C8 ; ---------------------------------------------------------------------------
.text:004688C8

.text:004688C8 loc_4688C8: ; CODE XREF: InbvPortInitialize(x,x,x,x,x)+8A j
.text:004688C8                 cmp     [ebp+arg_10], 0
.text:004688CC                 jz      short loc_4688F0
.text:004688CE                 xor     ecx, ecx
#6633Gelip⇗ @diderius6
I only changed the second place and after editing the file, you need rebuild the checksum and PE header with CFF Explorer:


Do you have two PCIe cards with serial ports??? If so, take one out.

Show the result of the dmesg | grep tty and lspci -s bus:slot.func -v your card.

In Linux, ttySX is the COMX port number on Windows and in kdcom.dll F803 is the COM1 address. You are interested in the I/O address assigned to the ttyS0 device in Linux.

ttyS0 -> COM1 0x03F8 -> F803 in kdcom.dll
ttyS1 -> COM2 0x02F8 -> F802 in kdcom.dll

and probably

ttyS2 -> COM3 0x03E8 -> E803 in kdcom.dll
ttyS3 -> COM4 0x02E8 -> E802 in kdcom.dll

⇗ COM I/O addresses
#6634gordo999
Zitat von ⇗ Gelip im Beitrag ¶ #6621
I tested my serial port ExpressCard i-Tec EXRS232 in the early stages of Debian 6 boot and it works beautifully but it's probably thanks to the Linux kernel:
⇗ @Gelip ⇗ @diderius6  ...for what it's worth...I have used the Startech USB to serial adapter (ICUSB2321F) with windbg and a null modem cable. It worked well with W7 as host and both W7 ans W10 as target.

My mobo, an ASUS B360M, has two serial ports on the mobo. Have not been able to get it running lately on either OS and not on XP. I think there is a problem with W10 running in a dual boot system with W7. I found that out by mistake. First, I established a LAN connection from W7 as host to W10 as target with windbg. When I switched back to the USB-serial port setup, during the required reboot of the target, which was supposed to be W7, I had forgotten about the dual boot setup and W10 grabbed the connection. As I was messing with it, suddenly the serial connection started working with windbg, but with W7 as target.

That makes me suspect that the boot loaders of either W10 or XP are interfering with the windbg connection. If ntdetect is involved it may not be reporting the serial ports to ntoskrnl. If it's not involved, as in an ACPI system, the ACPI system is not reporting the serial ports correctly.

More specifically, neither W7 nor XP will run natively on the B360M. I needed USB drivers from canonkong and other drivers to get W7 runnong on this board. Makes me think that something is wrong with the drivers related to debugging on both XP and W7 on the newer chipsets.

Here's how I got the debug session going originally between W7 as host and W7 as target, using a USB-serial adapter and a NULL modem cable. I had W7 dual booted with W10, using the W10 boot loader. I forgot that and when I tried to establish the debug session, the W10 bootloader grabbed the connection. I was frustrated about that but it gave me an opportunity to go into the W10 Advanced options screen and I enabled debug mode from there.

Here's the key. While I was in the W10 advanced options screen I also selected W7 as the default OS. So, now I have debug mode set by W10 and W7 selected as the default OS. When I rebooted, as required, it ran back to the W10 boot screen but I could see on the host that I now had a debug connection. When I rebooted again, like magic, it now started in W7 with a full debug session running. After that, I had no problem starting a debug session in W7.

I know there is a problem between the W10 bootloader and XP but I am thinking that W10 has the ability to initiate a debug session that is lacking in W7 or XP. Or, at least, it is partially broken in XP and W7. Ditmar gor a debug session going between a host and XP but I have been unable to do so on the B360M chipset.
#6635diderius6⇗ @Gelip

Even with address hack 03f8h => D000h in kdcom.dll and ntkrnlpa.exe
both Serial PCI-E cards do not work with Windbg.
Now I am out of ideas.
Maybe, that somebody has also a Serial PCI-E card and can try my files from original XP SP3 5512
Dietmar
PS: OH, the most most most crazy: With both of my modded files, the onboard COM port still works, even I changed the adresses,
crazy. Debug address must be hard hard coded in Bios or ntdetect.com fetch them, so no chance for a Serial PCI-E card on a board that has already a COM port..

⇗ https://ufile.io/cgvtu40s
#6636gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6628
So this means, I only have to change F8 03 to 00 07 in kdcom.dll Dietmar
⇗ @diderius6 ...be careful, the change should only be temporary. 03F8 is a standard serial port address for a com port and has been back to the days of DOS. Your other address seems to be its PCI address. Not the same. That address will vary from system to system.

There is no reason why your external cards should not be detected by BIOS is the 0x3F8 range. When the card is detected at boot time by ACPI, there is info in the card's EEPROM that identifies it and it's type. It likely has a hardware ID like Ven_xxxx&Dev_xxxx programmed into it. It seems to me that ACPI is not detecting your card.

The 0x3F8 address does not come from the card itself, it comes from a serial comm controller which is either on the mobo or on the card itself. If the card is not reporting itself correctly, that's the problem.
#6637diderius6⇗ @gordo999

I hacked also ntdetect.com, changing COM1 port there from 03F8h  => D000h
Crazy, XP boots with this 3 hacked files,
but still none of the crazy Serial PCI-E slot cards will work for Windbg
Dietmar

⇗ https://ufile.io/s4u98ipl
#6638gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6623
I have to rename Himem.sys, because it tests and tests and tests extended memory (32 GByte:)) ).
⇗ @diderius6 ...himemsys is a driver to see memory above the DOS 1 meg limit, but just above it. It cannot see 32 Gigs. Furthermore, DOS is a 16 bit OS that cannot address memory beyond 1 Mb. You can use extended memory, which has a base in the DOS memory range between 640K to 1024K,  but that requires an external card and a lot of headaches. Even at that, it could never see the gigabyte addresses of today's OSs.

You'd need DOS 7 to do that, which is the DOS built into modern systems and used in the CMD window.
#6639diderius6⇗ @gordo999

I just try the onboard COM port. Crazy, Windbg works together with those 3 modded files.
So, this address 03F8h stays in Bios and this is enough for Serial Windbg, because now I dont know any file, where it is mentioned also.
In hal.dll this address is not
Dietmar
#6640gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6637
but still none of the crazy Serial PCI-E slot cards will work for Windbg
Dietmar
It seems external cards operate differently than the standard mobo serial ports.  Some useful information here:

⇗ https://community.osr.com/discussion/215...-pci-card-issue

"When you debug via 1394, the debugger has its own miniature 1394 driver
stack. When you debug via COM1, the debugger writes to I/O port 0x3F8.
A PCI-based COM port always has a BIOS-assigned port number, even if the
O/S calls it COM1".

A problem I had when building a NULL modem cable was the difference between the mobo serial pin-out and the RS-232 standard. There may be differences in how your external card is wired to the DB-9 output connector. As it indicates in the forum discussion, windbg uses a primitive system that talks only to the mobo COM port. If it's not there it won't see the external card. Don't know if there's a way to make it see the card.

The wiring of the NULL modem cable is very important. Microsoft supplies the required wiring in one of its debugging articles.

Also see the post from Jan under OSR_Community_User, The name is at the end of the post and there is some good technical info in it.
#6641gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6637
I hacked also ntdetect.com, changing COM1 port there from 03F8h  => D000h
⇗ @diderius6 ...can't d/l files...getting Forbidden warning. I'll try later. If it's not too much trouble can you PM them to me? I want to test them on my system but it may be a few days.
#6642gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6637
Crazy, XP boots with this 3 hacked files
⇗ @diderius6 ...ntdetect is only used on older systems that existed before ACPI. We are using modded ACPI drivers to run XP therefore it's unlikely that ntdetect is being used. ACPI reports the info ntdetect once retrieved directly to ntoskrnl.

Your PCI serial cards are likely finding a different way to report their serial ports. Maybe they cannot report till after the system has booted and there drivers are loaded. However, it seems that ACPI should still be able to interrogate the PCI cards. Maybe the ACPI driver needs further modifications.

I keep forgetting that ACPI will detect an on-board COM port directly, at 0X3F8, or whatever address it is wired to. On my mobo, the COM 1 and COM 2 ports cannot be changed, a device connected to COM2 shows up as being connected to COM2, However, those addresses can be re-assigned via software in Windows.

Port addresses are memory addresses as far as Windows is concerned. In the real world, many of those addresses are dedicated to external hardware.

When my USB to serial interface was working, I was able to break early in the target boot process. I did not test to see how early I could break. However, the USB-serial drivers were already working in the host.
#6643LSS3333⇗ @daniel_k

I'm trying the latest WinXPPAE 3.5, but it doesn't seem to accept the halmacpi.dll version 5.1.2600.5687, citing "Invalid file".

The base SP3 version (5.1.2600.5512) of halmacpi.dll, which can be obtained from official SP3 update, can be patched, but I don't have a detail of the difference between these two HAL versions.

I haven't gotten it working yet with /M:ALL (or /M:131072MB), as that resulted in the system rebooting immediately (no error message, no BSOD). This is observed with 5687 HAL (since I can't patch it), and patched 5512 HAL. Will try lowering the memory limit to 4GB to see if it makes a difference, and start testing from there.

EDIT: Will try this again. Just found out the HAL might have been patched by something else, so it's possible there's another patch in the WXPIE integrator involving the HAL (maybe ACPI?) and is not compatible with WinXPPAE (maybe the order of patching matters). It seems PM Timer Fix from the integrator has its own modified halmacpi.dll that WinXPPAE cannot recognize.

EDIT 2: Tested a bit deeper and can confirm up to 64GB works in my case (as per original PAE specifications), using 128GB or ALL would result in reboot. Haven't done any detailed tests yet, though I haven't encountered any critical issues during the boot process for now.

Support of 128GB might be CPU-dependent so it won't work under all circumstances.

EDIT 3: Tried installing some drivers. nVidia video card drivers work without major issues at the moment, just that Windows XP doesn't seem to work well with some 4K monitors so I got a black screen and had to manually set it to 1080p via registry from Safe Mode. It seems Asus Xonar (C-Media) drivers don't cope well with the patch that I get a BAD_POOL_CALLER BSOD when the driver loads.
#6644Gelip⇗ @diderius6
I just tested debugging with WinXP SP2 32-bit on other laptop IdeaPad S10e and working :-) I edited the second location of F8 03 in the kdcom.dll file offset C50. kdcom.dll EN is exactly same on WinXP SP2 and SP3 regardless of the language version of the system. The card in this laptop has a different I/O address than in the X220, so you need to put the same in the kdcom.dll file.

You do not need to disable the port COM integrated on the motherboard, but then you need to change F8 02 COM2 in the kdcom.dll file (probably offset C47) and set boot.ini to COM2.

I tested COM2 F8 02 on WinXP 64-bit and working OK so it should work on WinXP 32-bit


It has to work and somewhere you are making a mistake - are you sure you are using WinDbg 32-bit for debugging WinXP 32-bit?

⇗ @diderius6
Show me the output of the dmesg | grep tty from Linux I'll make you kdcom.dll
Write ⇗ d6.img to USB stick and boot PC from this.
#6645diderius6⇗ @Gelip

3F8h for COM1 is also mentioned at 3 places in NTLDR.
Now I am downloading your d6.img and I will send you photo
Dietmar

 

Page 444

#6646Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6645
3F8h for COM1 is also mentioned at 3 places in NTLDR.

You don't need to modify any other files except kdcom.dll
#6647diderius6⇗ @Gelip

With d6.img copied bit by bit to USB3 stick I cant boot my compi.
I tried all USB slots.
On USB3.0 it tells: Unable to build a live system
On USB3.1 hangs at sysenter_do_call+0x12/0x28
Dietmar
#6648Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #6647
On USB3.0 it tells: Unable to build a live system
On USB3.1 hangs at sysenter_do_call+0x12/0x28


⇗ @diderius6
Try in the USB 2.0 port and/or disable USB 3.0 in bios. It seems Debian 6 doesn't support USB 3. You need Debian 9:
⇗ live-image-i386.hybrid.iso
#6649diderius6⇗ @Gelip
No USB2 port on this board and no possibility in Bios to set USB3 --> USB2,
so on this board Asrock z370 gaming k6 fatalty d6.img does not work
Dietmar

EDIT: I succeed to boot via USB3 into a initramfs comandline.

There you can see, that only the onboard COM is recogniced

#6650Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6649
There you can see, that only the onboard COM is recogniced


Is the PCIe serial card inserted in PCIe slot?
#6651diderius6⇗ @Gelip
Yeppp;)).
I also tried the other PCI-E Serial slotcard,
exact the same, just not recogniced from Linux Debian on this board
Dietmar

#6652diderius6By the way I noticed,
that when I change in ntldr 03F8h ---> D000h
at its 3 places,
I get message on boot, that ntldr cant be found.
Is there a tool, with which you can rebuild the integrity of ntldr
Dietmar

EDIT: I succeed to hack ntldr 03F8h ---> D000h at 3 places and boot.
But even with now 4 modded files, Windbg does not work with Serial PCI-E card on this board.

EDIT2: With those 4 changed files, the board intern COM port still works. This is really a good survive:)).

Here is normal ntldr and the hacked ntldr from XP SP3 5512

⇗ https://ufile.io/u9mzun6m
#6653Gelip⇗ @diderius6
And if you disable the integrated COM port in bios, then Linux sees ports on the PCIe card?

Try Debian9, link in ¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (444)
#6654diderius6⇗ @Gelip
Can you help me, to build a working USB3 boot from this *.iso?
I try, but then I was told, that I have to give the numbers of heads???
Content of my menu.lst

title Start IBM Lenovo BIOS Update from ISO
  root (hd0,0)
  --heads=0
  map /live-image-i386.hybrid.iso (0xff) || map --mem /live-image-i386.hybrid.iso (0xff)
  map --hook
  root (0xff)
  configfile /grub4dos.lst || chainloader (0xff)
#6655Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #6654
Can you help me, to build a working USB3 boot from this *.iso?
I try, but then I was told, that I have to give the numbers of heads???
Content of my menu.lst


Just write iso to usb with win32diskimager and boot

Of course it can be done like Debian6. You need to extract 3 files from the ISO>live subfolder to the appropriate locations on the flash drive: filesystem.squashfs, initrd.img and vmlinuz
#6656diderius6⇗ @Gelip
This time it works.
micro ) letters on screen, but no problem for cam.
The other PCI-E Serial slot card gives exact the same values.
Dietmar

#6657Gelip⇗ @diderius6
Where are the same ???

ttyS0 is integrated serial port COM1 on motherboard on I/O 0x03F8
ttyS1 COM2 I/O 0xD010 and ttyS2 COM3 I/O 0xD000 is ports on your PCIe card.

You must repalce COM2 or COM3 location in kdcom.dll but not all places only one:
offset C47: ttyS1 (COM2) 0x2F8 (F802) - address 0xD010 (10D0) and use boot.ini COM2
or
offset C3E: ttyS2 (COM3) 0x3E8 (E803) - address 0xD000 (00D0) and use boot.ini COM3

Try this files - first on COM2 and second on COM3:

Gelip has attached files to this post
#6658diderius6⇗ @Gelip
Thanks for help!
I test both files, enable disable COM in Bios, in Device Manager, edit boot.ini .
Serial Windbg with this PCI-E slotcard does not work until now
Dietmar

PS: Now I set up a brandnew XP SP3.
#6659Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6658
@Gelip
Thanks for help!
I test both files, enable disable COM in Bios, in Device Manager, edit boot.ini .
Serial Windbg with this PCI-E slotcard does not work until now
Dietmar

PS: Now I set up a brandnew XP SP3.

I'm not sure if it's an offset C47 for COM2 because F802 is in five offsets. You must check all but one offset at a time.

If you disable the COM port in bios then the port settings on the PCIe card change from COM2, COM3 to COM1,COM2 and you need replace a different location in kdcom.dll. After disable integrated serial you must one more time check settings in Debian dmesg | grep tty

The same as you put the PCIe card in another slot, the settings may change and again you need a different kdcom.dll file.

Stick to one hardware configuration e.g. disabled integrated and only use serial PCIe card and then test kdcom.dll
#6660diderius6⇗ @Gelip
I tried really all,
no success with this PCI-E Serial slotcard for Windbg
Dietmar

 

Page 445

#6661genieautravail⇗ @PPeti66x

I don't have issues with the Intel HD 4000 driver.
I'm just telling that I can only use the specific driver from Dell.
On this laptop, I have only the graphic chip from the processor, there is no discrete graphic card.

On the Dell Latitude E6430 laptop, I have both the Intel HD 4000 and NVIDIA Quadro NVS 5200M graphics solutions.
Fortunately, in the BIOS there is a setting that let me disable the Nvidia Optimus technology.
So, only the NVIDIA Quadro NVS 5200M graphic card is used by the system (and XP).

It's one of the reasons that I love Dell laptops!

Interesting what you are saying, because on the E6430 laptop, I don't have to set this setting in the BIOS at every restart...
It seems that the support for XP is very limited on your laptop.

Regards
#6662Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #6660
I tried really all,
no success with this PCI-E Serial slotcard for Windbg
Dietmar


Impossible, you are making a mistake somewhere.
1. Have you rebuilt the PE header and checksum?
2. Do you replace the kdcom.dll file outside of a working WinXP system?
3. Are you using Windbg 32-bit?
4. Did you uninstall the PCIe COM port drivers in the device manager? You also need to manually remove oemXX.inf files from C:\WINDOWS\Inf because after restart WinXP will install itself again automatically.
5. Did you confuse the COMX port number in boot.ini with what you are editing in kdcom.dll?

I am just checking the port locations in the kdcom.dll file on WinXP 32-bit:
COM1 offset C50 - need change F803 to little endian I/O addres ttyS0 (it definitely works) < boot.ini COM1
COM2 offset C47 - need change F802 to little endian I/O addres ttyS1 (it definitely works) < boot.ini COM2
COM3 offset C3E - need change E803 to little endian I/O addres ttyS2 (not tested but 99%) < boot.ini COM3
COM4 offset C35 - need change E802 to little endian I/O addres ttyS3 (not tested but 99%) < boot.ini COM4

I don't have how to test COM3 and COM4 ports because I have only 2 PCIe hardware ports (one integrated on motherboard SOL and one on ExpressCard)
#6663Gelip⇗ @diderius6

Only one fundamental question: Does WinXP see PCIe ports in device manager as PCI Serial Port in section Other devices when no drivers are installed?
#6664PPeti66x⇗ @genieautravail
XP was not supported at all. Dell never released drivers for it. And in BIOS no correct VGA selection option. Discrete graphics is used by default, CPU graphics can be forced by every restart. It was hard to hunt down XP drivers for all devices. The only Dell-specific driver is for the Realtek Audio. At this time only 3 things have problems: 1.) Intel Graphics (without installing the Intel driver works), 2.) ST Electronic Freefall sensor (probably WDF coinstaller problem, it was killed at expriments with USB3 HCSwith), 3.) USB3 not detecting newly plugged-in devices after sleep mode was used, but otherwise is OK. In other words: it is now usable with XP without major issues or restrictions.
#6665diderius6⇗ @Gelip

I do not think, that I make a mistake.
This PCI-E card is just not compatible with kdcom.dll
Dietmar

"Only one fundamental question: Does WinXP see PCIe ports in device manager as PCI Serial Port in section Other devices when no drivers are installed?" Yes.
#6666infuscomus⇗ @diderius6

I think in XP PCIe ports are shown as "PCI Standard PCI-to-PCI Bridge"
#6667diderius6⇗ @Gelip
Do you have a PCI-E Serial slot card?
Make test with it.
I think, only PCI works
Dietmar
#6668Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6667
Do you have a PCI-E Serial slot card?

Unfortunately I don't, but my ExpressCard is on a PCI Express Root:


And how is your card connected in device manager - View -> Devices by connection?
#6669diderius6⇗ @Gelip
Here it is. I enabled, disabled all. No difference, just no serial Windbg via this PCI-E slotcard
Dietmar

#6670Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #6669
Here it is. I enabled, disabled all. No difference, just no serial Windbg via this PCI-E slotcard

Download pciutils for Windows and make screenshots: lspci -s 03:00.0 -v and lspci 03:00.1 -v Gelip has attached files to this post
#6671diderius6⇗ @Gelip
Here it is
Dietmar

#6672SkorbinWhile preparing for my Win 98 / Win XP Dual build I stumbled over the Win 98 tools from R. Loew, which are available for free now. Not only that, but if I see that right, there are also source codes available.

Now, Windows 98 is not exactly what people try to achieve here, but there is a tool which aims for implementing the trim command under DOS.
Maybe there are interesting parts which can be used for a similar function for Windows XP?
Might be worth to have a look at those sources ....
#6673Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6671
Here it is
Dietmar

Your card has I/O and MMIO addresses and mine has only I/O:

C:\Program Files\pciutils>lspci -s 05:00.0 -v
05:00.0 Serial controller: Oxford Semiconductor Ltd Device c120 (prog-if 02 [16550])
       Subsystem: Oxford Semiconductor Ltd Device c120
       Flags: bus master, fast devsel, latency 0, IRQ 10
       I/O ports at 4000
       Capabilities: [40] Power Management version 3
       Capabilities: [50] MSI: Enable- Count=1/1 Maskable- 64bit+
       Capabilities: [70] Express Legacy Endpoint, MSI 00
#6674diderius6⇗ @Gelip

I look for comments about your Serial card.
And everybody tells, that it is compatible with DOS and nobody told
about problems on any OS.
This I do not hear about my card.
I can change the modus of the chip, which should be "simulated".
Oha, nobody needs this
Dietmar
#6675diderius6⇗ @Gelip
I found this

"The Re-Mapping to legacy addresses will work in systems that have PCI and PCIe expansion slots that are on Bus 0.
Systems have the PCI and PCIe expansion slots behind a Bridge (Bus-1, Bus-2) may not work since legacy address is not recognised by system."

Dietmar

 

Page 446

#6676diderius6⇗ @Gelip
This is a new DOS tool,
which recognices my card under DOS.
It is on BUS 3.
Now I look, if there is any PCI-E slot on my board
with Bus 0
Dietmar

EDIT: No Bus 0 on my board for any PCI-e slot.

⇗ https://ufile.io/hi5b14x2
#6677Gelip⇗ @diderius6
It seems to me that this is about I/O vs MMIO and my hack kdcom.dll will only work on the cards without MMIO. Read this: ⇗ Who Decides Between I/O Mapped and Memory Mapped I/O (x86)

On ⇗ ReacOS debug info i found this:

Zitat
Note: ReactOS does not (yet!) support memory mapped I/O (MMIO) based (modern) serial extension cards.



This is probably why WinXP debugging does not work for you because the card is MMIO.

Check on Debian in CMDLINE if COM port works over I/O or MMIO:
⇗ http://www.chromium.org/chromium-os/how-...s-for-your-UART

try I/O: console=uart8250,io,0xd010,115200n8
try MMIO: console=uart8250,mmio,0xyour_start_addres,115200n8
or MMIO32: console=uart8250,mmio32,0xyour_start_addres,115200n8

Boot PC from my Debian 9 USB and press Tab to edit boot parameter and after space write console=uart8250,io,0xd010,115200n8 and if on Putty you have data this means that card work over I/O
Now reboot PC and write second MMIO setting and check.

#6678Mov AX, 0xDEAD
Zitat von ⇗ gordo999 im Beitrag ¶ #6636

The 0x3F8 address does not come from the card itself, it comes from a serial comm controller which is either on the mobo or on the card itself. If the card is not reporting itself correctly, that's the problem.

Hi gordo999,

PCI devices not connected directly to address translator, if cpu want to read at 0x3F8 port from PCI device, it in most cases will read it from southbridge
So PCI devices declare resource list (in PCI 256 byte header), then bios/OS read this list and reconfigure PCI Host/Bridge to include this ranges to adress decoding.
These serial card supplied with own DOS utils, and if vendor's pictures are not lie, these utils do some magic with PCI bus to enable passthrough very low I/O adresses to PCI device. Port 80 on POST cards is other case, port 80 hardcoded to address decoder by hardware, bios can route it to LPC or PCI/PCIe bus. VGA low I/O ranges also can be forced in PCI bridge to passthrough.
May serial card tell bios to enable passthroug at low I/O ranges by declaring some bits in PCI Config space - i dont know.....

So Gelip & Dietmar choose right way, keep card own i/o adresses, but patch kdcom to work with it
#6679diderius6⇗ @Gelip
I just bought this card Lindy 51187.
It has Oxford 952 chipset, the same as yours but with a PCI-e connector.
It works on all OS, from DOS to win10.
Soon fun will go on
Dietmar

PS: ⇗ @Mov AX, 0xDEAD
Have you tried your Serial card for Windbg?

#6680diderius6⇗ @Gelip
Via USB boot of Debian 9 and typing after hitting Tab and then Space
console=uart8250,io,0xd010,115200n8

I get this output in micro letters )
Dietmar



with reboot, Tab and space
console=uart8250,mmio,0xd010,115200n8

output is in normal letters
Probing EDD (edd=off to disable)... ok
and a blinking cursor at the beginning of next line )

Now after reboot , Tab and space
console=uart8250,mmio32,0xd010,115200n8

exact the same message in normal letters
Probing EDD (edd=off to disable)... ok
and a blinking cursor at the beginning of next line )

EDIT: May be, that the 0xd010 address in the last 2 examples has to be changed against the start 32 bit addresses of the mmio.
So I change 0xd010 => 0xdf403000 for mmio and also in mmio32.
But nothing changed, the message with blinking cursor in the end stays the same.
#6681gordo999
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #6678
So Gelip & Dietmar choose right way, keep card own i/o adresses, but patch kdcom to work with it
⇗ @Mov AX, 0xDEAD ...thanks for info. The problem, as I pointed out, with modding kdcom, is that the mod works only for one external card on one buss address. KDcom expects to see a com port at a traditional address for a serial port, hence the 'com' in kdcom. That means any traditional com device accessed early in the boot stage will be where it's expected to be. Why the manufacturer pf the external serial cards is using a different address in not clear.

As I pointed out to Gelip and Dietmar, the external card driver is not loaded when kdcom is first initialized. Furthermore, the system has been booting in real mode to that point. I am sure BIOS is access initially in real mode. They likely arrange the port addresses low enough so they can be accessed in real mode, as they have always been accessed by DOS in the past.

Someone mentioned that the external cards will work on DOS. So, why are they using such strange port addresses for a com port?
#6682SkorbinHmmm ⇗ @gordo999 ,

if I remember my old DOS times correctly (ISA bus and such), they used to to set add-on serial cards to different adresses by default to avoid collision with onboard ports. But usually you had the ability to change them back by setting jumpers.
#6683Mov AX, 0xDEAD
Zitat von ⇗ gordo999 im Beitrag ¶ #6681

Someone mentioned that the external cards will work on DOS. So, why are they using such strange port addresses for a com port?

i think to avoid confliction with southbridge and bugged bioses if these bioses dont disable default  legacy range routing to southbridge LPC bus
#6684Gelip@dierius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6680
Via USB boot of Debian 9 and typing after hitting Tab and then Space
console=uart8250,io,0xd010,115200n8

But did you connect a second PC with a nullmodem cable and run Putty serial 115200 at that time ?? You have to check if the data is sent via nullmodem cable from PC Debian to the second PC with Putty on e.g. Windows.


You have two port COM on your PCIe Startech card but I just don't know which is which.

One port is: 03:00.0 IO 0xd010 or MMIO df403000 or MMIO df402000
Second port is: 03:00.1 IO 0xd000 or MMIO df401000 or MMIO df400000

During the test, you must have a nullmodem cable connected to the appropriate port.

Connect cable to first port COM and make tests:

console=uart8250,io,0xd010,115200n8
console=uart8250,mmio,0xdf403000,115200n8
console=uart8250,mmio,0xdf402000,115200n8
console=uart8250,mmio32,0xdf403000,115200n8
console=uart8250,mmio32,0xdf402000,115200n8

Connect cable to second port COM and repeat same test.

Make a note of which settings and which COM port data appears in Putty.

P.S. You have the addresses here:
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (446)
but the photo is out of focus so I'm not sure.
#6685jonathan_hzsHDMI sound
VEN_8086&DEV_280B
i7-7700 HD6300
32WINXP
have idea?
#6686jonathan_hzsHDAUDIO\FUNC_01&VEN_8086&DEV_280B HDMI sound
PCI\VEN_8086&DEV_15B8 LAN adapter (2) I219-v


Missing drivers for devices
#6687diderius6⇗ @Gelip

I boot compi with the Startech card with Debian 9, hitting tab and space
console=uart8250,io,0xd010,115200n8

On the other compi, connected via Nullmodem cable, where Putty runs under XP SP3 at COM1 then appears black screen with a line
Debian GNU/Linux 9 debian ttyS1

debian login:
Password:

I tried some, gives always
Login incorrect
Dietmar

PS: I know, why I like XP )
#6688Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #6687
I boot compi with the Startech card with Debian 9, hitting tab and space
console=uart8250,io,0xd010,115200n8


So the card works with I/O 0xd010?

Password: toor
#6689diderius6⇗ @Gelip

This appears with Putty on screen from compi with XP SP3 (needs about 30 sec?!) for to react.
Can I check anything from the XP compi via this comand line about the Serial card and Password:toor
Dietmar

debian login: root
Password:
Linux debian 4.9.0-8-686 #1 SMP Debian 4.9.130-2 (2018-10-27) i686

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.

Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
root@debian:~#
#6690diderius6⇗ @Gelip

"mmio" does not work at all.
Compi with debian 9 hangs always at
Probing EDD (edd=off to disable)... ok
(What a crazy message, nothing is ok, I prefer blue screen Bsod^^)

Dietmar

 

Page 447

#6691Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #6689
Can I check anything from the XP compi via this comand line about the Serial card and Password:toor

Yes, you can also run Debian locally and remotely simultaneously (monitor and Putty). In cmdline write like this:
console=tty0 console=uart8250,io,0xd010,115200n8

or

console=tty0 console=ttyS1,115200n8

ttyX - local console monitor display
ttySX - remote console serial
#6692diderius6⇗ @Gelip

I noticed, that when I disable the internal COM port in Bios on the compi with debian 9 running,
on the remote compi with Putty under XP SP3 changes

ttyS1 => ttyS0
ttyS2 => ttyS1

which means, that now the internal COM port looks like non existant for the Startech PCI-e Serial card
Dietmar
#6693Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #6692
I noticed, that when I disable the internal COM port in Bios on the compi with debian 9 running,
on the remote compi with Putty under XP SP3 changes

ttyS1 => ttyS0
ttyS2 => ttyS1

which means, that now the internal COM port looks like non existant for the Startech PCI-e Serial card


Yes, In Windows, the serial ports are numbered from 1 and the first available port is COM1
On Linux, serial ports are numbered from 0 and the first available port is ttyS0

If you disable COM in bios or if you move the card to another PCI-e slot, the port numbers, I/O addresses and interrupts IRQ will change but:

Always:
COM1 = ttyS0
COM2 = ttyS1
COM3 = ttyS2
COM4 = ttyS3
etc.
#6694diderius6⇗ @infuscomus compiled a real NTLDR_debug.

Waaaooohh;)),
your ntldr_debug works!

For to check this, I renamed boot.ini to booooooooooot.ini .
There is NO /debug switch at all, nowhere.
When I start XP SP3, at once I get message, that ntldr starts a Debug session at COM1 with 115200 baud.
And the via serial cable connected compi, where Windbg runs, starts at once a Windbg session.
Nice.
Now I look, how it is possible to break into Windbg at the earliest possibility.
And then you can check, which drivers are loaded,
should be VERY few
Dietmar

EDIT: Maybe it is possible, to integrate in this NTLDR_debug itself a EBFE endless loop
or CC. This can only work, when this ntldr already started Windbg.
#6695infuscomus⇗ @diderius6

does it matter where I put the endless loop? or do I just put it in at osloader entrypoint?
#6696diderius6⇗ @infuscomus
Very late, when all the work of ntldr is done.
Only important is, that this place with endless loop EBFE is always reached and that Windbg is already started
Dietmar

PS: With the Source Code it may be easier to find the point, when all the work is done from ntldr.
#6697infuscomus⇗ @diderius6

If you can trace ntldr in windbg and find the point where it is done let me know where to add the loop.
#6698diderius6⇗ @infuscomus
I succeed to break very early into ntldr.
Then I build a file osloader.exe, using WinHex looking for MZ in your ntldr_debug.
From this alone standing MZ (inclusive) in Hexeditor until the end of ntldr_debug I build osloader.exe because I want to load Symbols. But then Windbg tells, that no Symbols can be found for osloader.exe .
So, we need osloader.pdb , I think it is not the same as a ntldr_debug.pdb
Dietmar

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Boot Debugger Initialized
BD: osloader.exe base address 00400000
Connected to Windows Boot Debugger 3790 x86 compatible target at (Wed Feb 17 16:46:50.171 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols
Executable search path is: C:\WINDOWS\symbols
Module List address is NULL - debugger not initialized properly.
WARNING: .reload failed, module list may be incomplete
KdDebuggerData.KernBase < SystemRangeStart
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00000000 Loaded module list = 0x00000000
System Uptime: not available
BD: Boot Debugger Initialized
BD: osloader.exe base address 00400000
Break instruction exception - code 80000003 (first chance)
*** WARNING: Unable to verify timestamp for osloader.exe
osloader!BlOsLoader+0x4e1:
004239ec cc              int     3
kd> lm
start    end        module name
00400000 00500000   osloader M (pdb symbols)          c:\windows\symbols\exe\osloader.pdb
kd> !devnode 0 1
No export devnode found
kd> .readmem C:\osloader.exe 0x400000 L01000
Reading 1000 bytes..
kd> .imgscan /l /r 00400000
MZ at 00400000 - size 85000
  Name: osloader.EXE
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for osloader.EXE - 
  Loaded osloader.EXE module
kd> !devnode 0 1
No export devnode found

#6699infuscomus⇗ @diderius6

osloader symbols should be in osloader_dbg.pdb which i sent to you - try renaming to osloader.pdb I'm pretty sure that will work.
#6700diderius6⇗ @infuscomus

Do you have the Symbols for Win2003 32 bit 3790
free and checked versions
Dietmar

PS: May be someone here in the forum has.
#6701infuscomus⇗ @diderius6

I don't think free ntldr will let you debug, only checked version.

just the symbols for osloader? or did you want everything?

I get them whenever I build from source.
#6702infuscomus⇗ @diderius6

did renaming osloader_dbg.pdb to osloader.pdb not work?
#6703diderius6⇗ @infuscomus
The symbols for osloader.exe work.

But still I get message: debugger not initialized properly.

When I type 
kd>!devnode 0 1

No export devnode found

Before this happens to me, when the Symbols where wrong
Dietmar
#6704diderius6⇗ @infuscomus
For sure Windbg works.
Trace shows, that it is even in an early Phase of working NTLDR,
nothing else is loaded, only ntdetect.com.
Cool, via this methode you can also check Bsod 0x7b of a boot device
Dietmar


Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Boot Debugger Initialized
BD: osloader.exe base address 00400000
Connected to Windows Boot Debugger 3790 x86 compatible target at (Wed Feb 17 18:17:01.835 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols2
Executable search path is: C:\WINDOWS\symbols2
Module List address is NULL - debugger not initialized properly.
WARNING: .reload failed, module list may be incomplete
KdDebuggerData.KernBase < SystemRangeStart
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00000000 Loaded module list = 0x00000000
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
*** WARNING: Unable to verify timestamp for osloader.exe
osloader!DbgBreakPoint:
004239ec cc              int     3
kd> lm
start    end        module name
00400000 00500000   osloader M (private pdb symbols)  c:\windows\symbols2\osloader.pdb
kd> !devnode 0 1
No export devnode found
kd> .readmem C:\osloader.exe 0x400000 L0x1000
Reading 1000 bytes..
kd> .imgscan /l /r 00400000
MZ at 00400000 - size 85000
  Name: osloader.EXE
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for osloader.EXE - 
  Loaded osloader.EXE module
kd> lm
start    end        module name
00400000 00485000   osloader   (export symbols)       osloader.EXE
kd> !sym noisy
noisy mode - symbol prompts on
kd> p
osloader!ScsiPortWritePortUchar+0x20473:
004239ed c3              ret
kd> p
osloader!ScsiPortWritePortUchar+0x2517a:
004286f4 c9              leave
kd> p
osloader!ScsiPortWritePortUchar+0x2517b:
004286f5 c20c00          ret     0Ch
kd> p
osloader!ScsiPortWritePortUchar+0x25b9c:
00429116 807dff00        cmp     byte ptr [ebp-1],0
kd> p
osloader!ScsiPortWritePortUchar+0x25ba0:
0042911a 7405            je      osloader!ScsiPortWritePortUchar+0x25ba7 (00429121)
kd> p
osloader!ScsiPortWritePortUchar+0x25ba2:
0042911c e81c40ffff      call    osloader!ScsiPortWritePortUchar+0x19bc3 (0041d13d)
kd> p
osloader!ScsiPortWritePortUchar+0x25ba7:

#6705infuscomus⇗ @diderius6

I PMed you a free ntldr build with symbols

 

Page 448

#6706infuscomus⇗ @diderius6

any luck with the free build symbols?
#6707diderius6⇗ @infuscomus

In the beginning all seems to work nice.
I can see the very early work of loading ntldr and XP SP3 starts with the ntldr_dbg.
But later it always break in the beginning and then crashes.
So tomorrow I will look what changed
Dietmar
#6708diderius6⇗ @infuscomus

I got it work again, in the very beginning of the ntldr_dbg.
You can see this with trace on compi, which is debugged.
No ntoskrnl.exe, no hal.dll is loaded but Windbg started already with work.
But it does not work as good as with normal ntldr and Windbg. It often hangs like in a loop during operating ntldr_dbg.
I think with using Ida Pro and Windbg, you can trace XP in a Virtual machine even when the bootsector is loaded to memory.
But on a real compi the things are other
Dietmar
#6709gordo999
Zitat von ⇗ Skorbin im Beitrag ¶ #6682
if I remember my old DOS times correctly (ISA bus and such), they used to to set add-on serial cards to different adresses by default to avoid collision with onboard ports. But usually you had the ability to change them back by setting jumpers.
⇗ @Skorbin that's right. However, the selectable port addresses were all within the traditional ranges for a serial com ports. I can still do that to a limited extent in the BIOS of my Asus B360M. There was also a major problem with IRQ addresses, which were limited to about 16, with some reserved for the system.

As long as no other device was using a traditional serial/parallel port/IRQ, you could use it. IRQ 5 and 7 were commonly used if you were not running either as an LPT port. That could create major headaches when you tried to install a com port, a parallel port, a mouse...whatever...and something else was using it. If it was a mouse port, the system would freeze.

The problem as I remember was the I/O controller chip, the PIC (Programmable Interrupt Controller) on early IBM-based mobos. They alleviated the problem by introducing a second controller chip which ran off a port on the first chip. The number of IRQ's was still limited and I think that was fixed by the APIC (Advanced Programmable Interrupt Controller).

⇗ https://en.wikipedia.org/wiki/Advanced_P...rupt_Controller
#6710infuscomus⇗ @diderius6

I will try to build an ntldr using XP SP1 source, maybe that might behave better than this server 2003 one.
#6711gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6698
I succeed to break very early into ntldr.
⇗ @diderius6 ...just wondering. Can you trace as far as ntoskrnl being loaded. If so, can you trace ntoskrnl code? A weakness I find with windbg is that it will not trace into kernel code. Wonder if you can with a remote k-mode debugging session via com port.

The sysenter command indicates a process leading to kernel code. With each sysenter a number is loaded into EAX/RAX that represents a function to be called. With the softice debugger, I could trace into those kernel calls at sysenter. My experience with windbg on a single computer is that it skips over the sysenter.

People have asked me why I want to trace into kernel code. The reason is simple. There are times when the system (kernel) will call back into a calling processes and if the sysenter part is jumped over, whatever happened during the call back to the calling code is missed.
#6712Skorbin
Zitat von ⇗ gordo999 im Beitrag ¶ #6709
Zitat von ⇗ Skorbin im Beitrag ¶ #6682
if I remember my old DOS times correctly (ISA bus and such), they used to to set add-on serial cards to different adresses by default to avoid collision with onboard ports. But usually you had the ability to change them back by setting jumpers.
@Skorbin that's right. However, the selectable port addresses were all within the traditional ranges for a serial com ports. I can still do that to a limited extent in the BIOS of my Asus B360M. There was also a major problem with IRQ addresses, which were limited to about 16, with some reserved for the system.

As long as no other device was using a traditional serial/parallel port/IRQ, you could use it. IRQ 5 and 7 were commonly used if you were not running either as an LPT port. That could create major headaches when you tried to install a com port, a parallel port, a mouse...whatever...and something else was using it. If it was a mouse port, the system would freeze.

The problem as I remember was the I/O controller chip, the PIC (Programmable Interrupt Controller) on early IBM-based mobos. They alleviated the problem by introducing a second controller chip which ran off a port on the first chip. The number of IRQ's was still limited and I think that was fixed by the APIC (Advanced Programmable Interrupt Controller).

⇗ https://en.wikipedia.org/wiki/Advanced_P...rupt_Controller


⇗ @gordo999
If my memory serves right, the com ports were typically IRQ 3 and 4, LPT initially at IRQ 5, but later (with the introduction of soundcards with their demand for IRQ 5 and interrupt sharing not always working as intended) often moved to IRQ 7 (?).
#6713infuscomus⇗ @diderius6

OK, I built you an ntldr_dbg from XP SP1 source - check your PMs

let me know if this behaves correctly now.
#6714diderius6⇗ @infuscomus

I make a small joke.
I put only your new NTLDR_dbg and my special ntdetect.com on a 2 Gbyte FAT16 partition.
And voila, Windbg works
Dietmar



#6715infuscomus⇗ @diderius6

cool,
can you try to debug my vhal4xp.dll using this setup?
#6716diderius6⇗ @infuscomus
I just change at 3 places in your nice NTLDR_dbg

3F8h ---> D010h

And Waaaooh,
my Startech Serial PCI-e card works with Windbg,
COM in Bios disabled, oh so much fun )
Dietmar

EDIT: This at 3 places modded ntldr_dbg build from XP SP1 Sources works also on my Startech Serial PCI-e card
for large NTFS harddisks with 2048 Sectors preceding partition 1 .

https://ufile.io/jdjxz4wq



#6717infuscomus⇗ @diderius6

Finally, the source code proves itself useful for us.

I noticed in your first pic your error message is different from mine when I try to load vhal4xp.dll

instead I get "load needed DLLs for kernel."
#6718diderius6⇗ @infuscomus

With your nice ntldr_dbg Windbg works also for your Vista hal.dll.
I remember my experiments with Vista years ago.
For to find all the needed Dlls, you have to check each file with Dependency Walker,
if there is another dependency on a Vista *.dll, hal.dll, ntoskrnl.exe file.
I found about 20 more *.dll from Vista, that are needed for this Vista hal.dll
Dietmar

PS: You can try also Brutforce methode: Copy ALL *.dlls from Vista into the folder Windows\system32 from XP.



#6719infuscomus⇗ @diderius6

I thought I had resolved all the missing imports in vista hal.dll using dependency walker.

I noticed pshed.dll is not listed in the load order, I know vista hal.dll depends on it, is there a way to add pshed.dll to the load order?
#6720diderius6⇗ @infuscomus
Make try with to copy ALL *.dlls from Vista into folder Windows\system32 of XP
and look, what happens. The message of missing DLL for Kernel should be gone
Dietmar

PS: Hard way, to find all the dependencies. May be you find them WITH all the *.dlls from Vista in the XP folder.

 

Page 449

#6721infuscomus⇗ @diderius6

That would probably break the XP install unrecoverably, I would prefer to avoid that.

Does windbg give any info about the cause of "load DLLs for kernel."?
#6722diderius6⇗ @infuscomus
No information.
hal.dll is loaded as you can see.
Because ntoskrnl.exe is from XP,
I think, it will be hard to find out, which *.dll from Vista is missed,
so Brute force
Dietmar
#6723infuscomus⇗ @diderius6

I searched with disassembler in vista hal and managed to find this

mcupdate.dll
#6724diderius6⇗ @infuscomus

As I remember, there are about 20 *.dlls from Vista,
that you need more for to fulfill all dependencies
Dietmar
#6725infuscomus⇗ @diderius6

why doesn't dependency walker tell you what the other dependencies are?
#6726Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6716
I just change at 3 places in your nice NTLDR_dbg 3F8h ---> D010h
And Waaaooh,my Startech Serial PCI-e card works with Windbg,COM in Bios disabled, oh so much fun )


Please check on this hardware config my kdcom.dll file with the original WinXP SP3 ntldr and other original files. Gelip has attached files to this post
#6727diderius6⇗ @infuscomus

For the very first time, that I see, that Dependency Walker did not see all, what is going on,
was with the nvme.sys from OFA.
Kai Schtrom told me, that not all functions and their use are shown by Dependency Walker,
and on this recognicing he rebuild a working nvme.sys from OFA for XP SP3
Dietmar
#6728infuscomus
Zitat von ⇗ diderius6 im Beitrag ¶ #6727
@infuscomus

For the very first time, that I see, that Dependency Walker did not see all, what is going on,
was with the nvme.sys from OFA.
Kai Schtrom told me, that not all functions and their use are shown by Dependency Walker,
and on this recognicing he rebuild a working nvme.sys from OFA for XP SP3
Dietmar


Well, that's annoying. So what is the proper way to find what is missing?
#6729diderius6@infuscoumus

When I understand Kai correct,
he looks for each import and export function and compare, if they are just there or needed
in OFA nvme Source Code and in a lot of versions of storport.sys.
He writes about this search at

⇗ https://sourceforge.net/projects/nvme-fo...Me.txt/download

Dietmar
#6730diderius6⇗ @Gelip
I use the same hardware, all the same as for the ntldr_dbg.
I only change original kdcom.dll against yours and change entry in boot.ini for debug.
But Windbg does not start for the Startech card PCI-e serial. I check all, that the com port on the card is the same,
that COM is disabled in Bios, does not help
Dietmar

EDIT:And in a last step I change on this configuration only ntldr ---> modded ntldr_dbg
and at once Windbg starts on reboot.
#6731Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6730
does not help
Dietmar

EDIT:And in a last step I change on this configuration only ntldr ---> modded ntldr_dbg
and at once Windbg starts on reboot.


Very strange  - I tested on WinXP SP2 32-bit and SP2 64-bit and works.

Maybe there is something different on WinXP SP3???

Yes, NTLDR file in SP2 is other than in SP3 - maybe this is problem?

I test ntldr SP3 in WinXP SP2 and works.
#6732diderius6⇗ @Gelip
I test ntldr SP1, SP2, SP3
not works
Dietmar
#6733Gelip⇗ @diderius6
I am installing fresh WinXP SP3 and checking it - maybe other files differents?
#6734diderius6⇗ @Gelip
I also modd ntldr from XP SP1 on the same 3 places, where I modd
the XP SP1 ntldr_dbg
also not works
Dietmar
#6735Gelip⇗ @diderius6
Where did you copy the modified kdcom.dll file?

 

Page 450

#6736diderius6⇗ @Gelip

I copy the modified kdcom.dll file to Windows\system32 of XP SP3.
Then I disconnect USB box and reconnect it, looking if the your modded kdcom.dll is still there.
Because I notice, that via USB file transaction ALWAYS some mistakes can happen.
By the way, first I noticed this crazy bad behavior of USB on the Raspberry Pi.
This never happens on IDE or Sata connetion.

I just notice, that the ntldr_dbg XP SP1 has some extra scsiport routines integrated.
They are missed complete in XP SP1 ntldr
Dietmar
#6737Gelip⇗ @diderius6
I tested my kdcom.dll mod on WinXP SP3 and working same as on SP2 or 64-bit

This means that it does not depend on the WinXP version.
#6738diderius6⇗ @Gelip

Yes, it depends on the PCI-e Serial Slotcard.
Just arrives my new PCI-e Slotcard and I will report you soon
Dietmar
#6739Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6738
Yes, it depends on the PCI-e Serial Slotcard.
Just arrives my new PCI-e Slotcard and I will report you soon


Thanks. I also ordered a serial port on a PCIe card and an ExpressCard to PCIe EXP GDC adapter and will also test.
#6740diderius6⇗ @Gelip

It has the same addressed 0xD010 and 0xD00 and Oxfordshipset and no MMiO.
Does not work with modded kdcom.dll
works with modded ntldr_dbg
Dietmar

#6741Gelip⇗ @diderius6
Are you 100% sure that you are replacing the kdcom.dll file - you cannot do it normally in a running WinXP because SFC will work and restore the original file.

What is USB box ??????? I change files in WinXP Live.
#6742diderius6⇗ @Gelip
USB box is from ICY, very nice, you can put your harddisk or SSD in
and change all, that you want via other XP.
I am to 100% sure, that I did everything right (not so often you can say this in your life;) )
Dietmar

#6743diderius6⇗ @Gelip
I modded 03F8 ---> D010 for COM1
in XP SP3
at all places in

ntdetect.com
ntldr
hal.dll
ntkrnlpa.exe
kdcom.dll

and double check all this files before and after modd.

XP SP3 still boots with those modded files, but no starting Windbg.
In hal.dll I also found, that maybe for simulating full COM1 IRQ has to be 4, but this is hard to find at all the right places
Dietmar
#6744gordo999
Zitat von ⇗ Skorbin im Beitrag ¶ #6712
If my memory serves right, the com ports were typically IRQ 3 and 4, LPT initially at IRQ 5, but later (with the introduction of soundcards with their demand for IRQ 5 and interrupt sharing not always working as intended) often moved to IRQ 7 (?).
⇗ @Skorbin ....that's the way I remember it.
#6745infuscomus⇗ @diderius6

can you try softice with ntldr_dbg to see if that debugger will let you debug hal.dll?
#6746diderius6⇗ @infuscomus
In the afternoon today I can try.
When for example you delete kdcom.dll,
you get the same message about missing dll for Kernel. So it is not direct a problem of hal.dll.
So you can find out, which dll it is
Dietmar
#6747infuscomus⇗ @diderius6

any luck debugging the HAL using softice?
#6748diderius6⇗ @infuscomus
Do you know, how to get a full version of Softice,
that works under XP SP3
Dietmar
#6749infuscomus⇗ @diderius6

I thought that since SoftICE was old and not maintained it would be easy to find, but I'm having trouble finding a copy.

edit: i think i found it on archive.org
⇗ https://archive.org/search.php?query=softice%20debugger
#6750diderius6⇗ @infuscomus
I get a version SIEX4322.EXE from 17 November 2006, which should work under XP SP2.
This is the official "last" version.
But compi with XP SP3 crashes after reboot.
Also I read, that there is a patch for this version of softice for to work also under XP SP3,
until now I dont find
Dietmar

 

Page 451

#6751infuscomus⇗ @diderius6

does the softice uploaded to archive.org work on SP3?
#6752diderius6⇗ @infuscomus
I dont know, how to find softice at archive.org
Dietmar
#6753infuscomus⇗ @diderius6

This one -
⇗ https://archive.org/details/soft-ice-v-4.2.7-rc-1-for-xp
#6754diderius6⇗ @infuscomus
I think, that it is only a guide for Softice.
And how to unpack *.jp2 files(?!)
Dietmar
#6755infuscomus⇗ @diderius6

In the RAR file on the right of the page there is an EXE inside
#6756XPLives⇗ @Skorbin, ⇗ @gordo999

Zitat von ⇗ gordo999 im Beitrag ¶ #6744
Zitat von ⇗ Skorbin im Beitrag ¶ #6712
If my memory serves right, the com ports were typically IRQ 3 and 4, LPT initially at IRQ 5, but later (with the introduction of soundcards with their demand for IRQ 5 and interrupt sharing not always working as intended) often moved to IRQ 7 (?).
⇗ @Skorbin ....that's the way I remember it.


Actually LPT1 was for Printer Ports using IRQ7 not IR5 as the default.  The original Sound Cards ISA using by Creative Labs Sound Blaster was set at IRQ7 which potentially conflicted with a Printer Port.  However when gaming back then using your sound card it was rare to be able to Print at the same time in DOS so such a conflict did not actually occur since multitasking was not big in DOS.  Windows 3.1 probably could have issues if you were to print a Word Document while playing music or sound in the background simultaneously.  I can see at that point a potential issue could occur if both devices were sharing IRQ7.  Strangely enough IRQ5 was used for LPT2 but it was doubtful people had two printers hooked up to their PC back in the day so this was very rare.

It was because of this issue the later Sound Blaster Pros began to shift to IRQ 5 from the original IRQ 7.  Not the other way around as you stated from IRQ5 to IRQ7.  In the end the IRQ7 restoration of LPT1 is often missed if you had not been there in the early days.  I still prefer my ISA sound cards set on IRQ7 for max compatibility.

For Serial Com Port 1 and 2.  Typically with an I/O ISA expansion card included 2 Serial Ports though some could have up to 4 Serial Ports with some header to expansion bracket.

Serial Com Port 1 was mainly used for a serial mouse.  Com Port 2, 3, and 4 were used for Analog Modems.

Back then Serial Com Port 1 used IRQ 4.  Serial Com Port 2 used IRQ 3 and usually people connected a dial up modem on this.

If people used Serial Com Port 3 it would share with IRQ4.  Serial Com Port 4 would share with IRQ3.

However, I never recalled ever using two serial mice or two serial modems in the same PC back in the day to see what would happen if this conflict could be fatal hanging both devices or not.


[Typical max out setup for a PC 386/486]

Serial Com Port 1 - IRQ 4 - Serial Mouse
Serial Com Port 2 - IRQ 3 - 14,400 Baud External Modem - Used for the old internet days on the telephone line
Sound Card - Sound Blaster ISA - IRQ7
Printer - IRQ5 if using the sound card above

If using Sound Blaster Pro then
Sound Card - Sound Blaster Pro ISA - IRQ5
Printer - IRQ7

However many sound programs targeted IRQ7 as the default IRQ so did not work correctly as a result of the later IRQ5 switching.
Probably could be patched in code to change IRQ.
Many newer sound programs allowed flexibility of IRQ and Address choosing using a setup or install program.
#6757XPLives⇗ @diderius6, ⇗ @gordo999

Zitat von ⇗ gordo999 im Beitrag ¶ #6638
Zitat von ⇗ diderius6 im Beitrag ¶ #6623
I have to rename Himem.sys, because it tests and tests and tests extended memory (32 GByte:)) ).
⇗ @diderius6 ...himemsys is a driver to see memory above the DOS 1 meg limit, but just above it. It cannot see 32 Gigs. Furthermore, DOS is a 16 bit OS that cannot address memory beyond 1 Mb. You can use extended memory, which has a base in the DOS memory range between 640K to 1024K,  but that requires an external card and a lot of headaches. Even at that, it could never see the gigabyte addresses of today's OSs.

You'd need DOS 7 to do that, which is the DOS built into modern systems and used in the CMD window.


You can see up to the 4GB boundary in DOS.  Anything above it DOS does not see directly.  You can  make 2GB Ramdrive which is useful.

R. Loew made a Ramdrive for using memory above 4GB range to 32GB and probably to 2TB.  However, for whatever reason I cannot get his to work properly on my systems.

Renaming himem.sys as you said or trying /TESTMEM:OFF method.

Modifying MSDOS.SYS you could set default to Command Prompt safe mode to bypass loading CONFIG.SYS or use custom MENU method if you need to load specific drivers for different situations.
#6758XPLives⇗ @diderius6, @gelip, ⇗ @gordo999

Zitat von ⇗ diderius6 im Beitrag ¶ #6637
⇗ @gordo999

I hacked also ntdetect.com, changing COM1 port there from 03F8h  => D000h
Crazy, XP boots with this 3 hacked files,
but still none of the crazy Serial PCI-E slot cards will work for Windbg
Dietmar

⇗ https://ufile.io/s4u98ipl


Dietmar, here's a crazy idea to try and patch to work for XP.  Can you replace using LPT1 address to debug XP instead?  Can transfer more information than serial so would have advantages.
A lot of motherboards have parallel port header on board.  But also PCIe Parallel Port card also exists some with 2 LPT ports.  Then can use Serial Port Com1 for hooking up Serial Mouse if motherboard cannot use USB to control mouse.


XPLives
#6759diderius6⇗ @infuscomus
I succeed to install this version of Softice in XP SP3.
But when I start it, I see for a second a screen like in Dos mode and then shuts down
Dietmar
#6760infuscomus⇗ @diderius6

I guess it is not the right version for XP? but then why did they write that it was for XP?
#6761diderius6⇗ @infuscomus
The last original version od Softice crashes under XP SP3.
This not. Also seems the IDE much more comfortable than on the Softice versions
that I know from years ago. Maybe, it is just of not correct connection. I try,
Dietmar
#6762diderius6⇗ @infuscomus

This version seems not to work under XP SP3.

The NTICE.bat with content

net start ntice

does not work
Dietmar

EDIT:
May be it has nothing to do with XP SP3 but just gets no connection to a server from softice,
because this company does not exist any more.
Edit2: No, the file NTice.sys crashes XP SP3
#6763infuscomus⇗ @diderius6

I just noticed, there is a windbg.cpp in the source.
#6764infuscomus⇗ @diderius6

I sent you a windbg built from source - in your PMs.

let me know if this lets you debug the HAL
#6765diderius6⇗ @infuscomus
This compiled windbg works,
but it is just windbg.exe vers 6.1.
The windbg I run is 6.12 or the version 6.3.9600.17200 x86 from ⇗ @Mov AX, 0xDEAD from Win8.1.
So, this will not help, is an interesting discovery,
Dietmar

 

Page 452

#6766infuscomus⇗ @diderius6

I was thinking it might have been a special internal Microsoft version, but if there is nothing special about it then nevermind.
#6767diderius6⇗ @infuscomus
I found this about softice:

"windows update KB885835 (12/14/2004) has changed ntoskrnl.exe to version 5.1.2600.1605(xpsp2.040919-1003) and softice could not hook function MICopyOnWrite, it went to loop EBFE, windows was locked"

So, may be it is possible to run XP SP3 with an old ntoskrnl.exe and Hal.dll from XP SP2, or just to repair the function above
Dietmar

PS: I have NTice.sys version 3.2.1.2560 . This should work with XP SP2.
Is there any newer or modded ntice.sys?

EDIT: Softice seems to run only on a one CPU compi, so may be /onecpu in boot.ini helps.

Output folder: C:\Programme\SoftICE
Created uninstaller: C:\Programme\SoftICE\Uninstall.exe
Installed:  Install Soft-ICE v4.3.21...
Installed:  Install symbols for WinXP SP2 (5.1.2600.2180)...
Installed:  Shortcuts in Start Menu...
#6768gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #6745
can you try softice with ntldr_dbg to see if that debugger will let you debug hal.dll?
⇗ @infuscomus ...if you can get it running on XP without a VM. That's my next project if I can ever get past my current commitments.

Softice has a video driver problem with more modern systems. It has a universal driver which has worked in the past with simpler systems but it won't run on drivers from Nvidia, etc. Can't recall how soon you can begin debugging but I do recall that the Driver Studio package, which includes softice, acts almost like the F6 key when loading driver during a Windows install. A window pops up before Windows loads and offers some options.

One reason softice was so successful was its ability to load Windows on top of its drivers. I'm thinking it must have hooked ntoskrnl very early. Driver Studio has provisions for debugging drivers so it must have some functionality early in the boot stage.
#6769gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6759
I succeed to install this version of Softice in XP SP3.
But when I start it, I see for a second a screen like in Dos mode and then shuts down
Dietmar
⇗ @diderius6 ...Try Ctrl-D to see if the screen returns. Softice uses a DOS-type window. If it doesn't return it's likely a video driver problem.
#6770gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #6760
I guess it is not the right version for XP? but then why did they write that it was for XP?
⇗ @infuscomus ...XP only works on XP x86. I had it running well on SP3 on an older system and on a VM. In fact, it still works for me on a VM running XP x86.

The best version is the Driver Studio version. It can be tough to setup but well worth it for x86 apps if you can get it running. Steep learning curve but it will go through any kernel code. I was working on a DX app and the mouse cursor you see on a DX screen is not the Windows mouse cursor, therefore it won't respond to any normal BP.   Neither do the DX windows belong to Windows. I managed to set a BP on the Windows mouse driver then trace through system code and into the DX code. I have not encountered any other debugger that can do that.
#6771gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6767
I found this about softice:

"windows update KB885835 (12/14/2004) has changed ntoskrnl.exe to version 5.1.2600.1605(xpsp2.040919-1003) and softice could not hook function MICopyOnWrite, it went to loop EBFE, windows was locked"
⇗ @diderius6 ...that's old. The MICopyOnWrite error was always logged on the softice start screen but it did not prevent SI from working. The company who created SI, NuMega, were always updating a file in SI that dealt with changes in the Windows kernel.

If NuMega could do it, I am theorizing that anyone could mod that file to update it to newer versions of XP SP3. I would like to see the video driver issue solved and see SI ported to 64 bit. I think the name of the file was OSInfo.dat, or something like that. The most recent version of Driver Studio also had the most recent versions of that file and that was well past 2004.
#6772gordo999
Zitat von ⇗ XPLives im Beitrag ¶ #6756
Back then Serial Com Port 1 used IRQ 4.  Serial Com Port 2 used IRQ 3 and usually people connected a dial up modem on this.
⇗ @XPLives ...recall Zmodem well, after struggling through long BBS downloads with Xmodem.
#6773diderius6Hi,
is there a tool, which works under DOS,
with which you can build a serial connection on COM port
and where you can set the address of the COM port to 0xD010
Dietmar
#6774infuscomus⇗ @diderius6

I'm not sure any DOS terminal will let you set the COM port to 0xD010
I think you would need to write your own DOS program to do this.
#6775Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6773
is there a tool, which works under DOS,
with which you can build a serial connection on COM port
and where you can set the address of the COM port to 0xD010


Try change serial port I/O with debug.exe at the address 40:0 in MS-DOS 6.22 and maybe use FileMaven 3.5a to test if work:
⇗ Testing ports COM & LPT

P.S. I also found this: ⇗ INPOUT32/X64 Works with SOME PCI cards

⇗ Using DEBUG to Create Program to Swap LPT Ports

To change 03F8 to D010 COM1:


⇗ 22.1 The 8250 Serial Communications Chip
#6776Gelip⇗ @diderius6
It works with my ExpressCard with serial port Host or guest mode FileMaven3 even when the integrated motherboard COM (AMT SOL) port is enabled in the BIOS

but the first connection must be when the host computer in FileMaven must be the second computer baudrate 19200 (not the one where we set the port in debug.exe)
#6777diderius6⇗ @Gelip
This are nice news;))!!
What is the name of your Serial card,
thanks for help a lot
Dietmar

PS: Can you use your original kdcom.dll from XP SP3 now for debugging?
#6778Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #6777
What is the name of your Serial card,
thanks for help a lot
Dietmar

PS: Can you use your original kdcom.dll from XP SP3 now for debugging?


My ExpressCard is: ¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (443)

Yes, (tested WinXP SP2 64-bit) if set I/O in MS-DOS then work with original kdcom.dll

but the computer cannot be restarted. After changing the I/O in MS-DOS, you have to boot GRUB4DOS (grub.exe) and boot WinXP from it.

How to do it:

WinDbg PC:
  • run WinDbg on your port serial at 19200


Debugging PC:
  • we have the original WinXP system installed on the disk
  • if have integrated motherboard COM the use COM2 to debug
  • set debug in boot.ini to COM2 baudrate 19200
  • reboot PC to MS-DOS 6.22 e.g. from USB stick
  • set COM2 to I/O addres your PCIe port COM e.g. my is 0x4000 (little endian 0040)

    debug.exe
    -e 40:2 00 40
    -q
    grub.exe
      map (hd0) (hd1)
      map (hd1) (hd0)
      map --hook
      find --set-root /ntldr
      chainloader /ntldr
      boot



or disable integrated motherboard port COM and set COM1 in boot.ini and MS-DOS for debug:

  • debug.exe
    -e 40:0 00 40


COM1 -> 40:0
COM2 -> 40:2

UPDATE
=====

It also works when the AMT SOL serial port is enabled in the BIOS - probably because SOL has a different I/O 0x50B0 than the one set in MS-DOS 0x4000

debug.exe
-e 40:0 00 40

#6779diderius6⇗ @Gelip

Can you please send to me your installation with GRUB4DOS?
Dietmar
#6780diderius6I do not succeed to get Softice to work with XP SP2.
Without the graphiccard, Softice test for video tells me,
that the test is not successfull,
but when I start Softice, I can see for a short moment some colored lines on the screen.
When I install the Nvida driver for the 980 GTX (with some problems in XP SP2 but get it to work),
the video test from Softice tells, that all is ok,
but when I start Softice, it just hangs in a black window with white cursor. The videocard GT 730 shows same behavior.
I disabled in Bios Hyperthreading, set numbers of CPU=1 and use the ntoskrnl.exe without PAE support.
The switch in boot.ini /NOPAE not works
Dietmar

PS: When I hit direct CTRL D after start of softice, behavior is the same, no error message. With PAE I get there error 31.

 

Page 453

#6781Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6779
Can you please send to me your installation with GRUB4DOS?

Just copy the DEBUG.EXE file to the USB stick created from my msdos.img file and boot WinXP PC from this USB stick Gelip has attached files to this post
#6782diderius6With the X1300 graphic card I get Softice version 4.3.21 to run on XP SP2,
but still no grafik output, the video test from Softice tells me, that no DirectDraw on this card
Dietmar

#6783infuscomus⇗ @diderius6

maybe, try a reinstall of directx?
#6784onuracengiz⇗ DirectX End-User Runtimes (June 2010)
⇗ DirectX 3.0, 5.2, 6.1, 7.0, 8.0, 8.1, and 8.2
⇗ ATI Radeon X1xxx Series Drivers & Support

⇗ sguide_tweak_2k_pppoe.zip Generic patch for Windows XP/2000 and DSL connections using PPPoE. This patch will optimize your TCP/IP Registry settings for high speed Internet connections. It is specifically designed for PPPoE DSL connections. To install, extract the .inf file first, then double-click (or right-click on filename and choose install from the pull-down menu) and reboot for changes to take effect

⇗ winxp_dnscache.zip Patch Windows 2k/XP not to cache failed DNS entries. By default, when a DNS lookup fails (due to temporary DNS problems), Windows still caches the unsuccessful DNS query, and in turn fails to connect to a host regardless of the fact that the DNS server might be able to handle your lookup seconds later. This patch fixes the problem by configuring the DNS client to continue sending queries to an unresponsive network. To install, save to your HD, unzip the .reg file, then double-click the filename

⇗ sg_webtweak_2k.zip Patch increases Web page loading speed, by doubling the number of possible concurrent open connections. For example, imagine a web page has 20 images and some text - in order for your browser to get all these files, it opens 2 or 4 concurrent connections, depending on the Web server. Increasing the number of open connections allows for faster retrieving of the data. Please note that the patch sets some values outside of the HTML specs. If you decide to install it, backup your Registry first. Changes will take effect after you reboot
#6785diderius6⇗ @onuracengiz ⇗ @infuscomus

Thanks for the driver, I installed all new.
But this card X1300 really seems to have no DirectDraw
Dietmar

PS: I have no other PCI-e videocard, that I can test. So it seems, that Softice fails to me because of the videocard.
May be here in the forum is somebody, who knows, which video card works for the last versions of Softice.

EDIT: Strange, on XP SP3 ist DirectDraw activated with the same card X1300 but on XP SP2 not.
#6786Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6785
But this card X1300 really seems to have no DirectDraw

Softice Serial & Troubleshooting.txt from SoftICE 4.05:
Zitat
3) Some cards do not support the direct draw system. The correct
settings
for these in SoftICE Video (in the SoftICE Display Adapter Setup) are
Standard Vga with Universal Video Driver box NOT checked.
#6787diderius6⇗ @Gelip

Thanks, but does not help.
Now I give up on a first with Softice and try
your GRUB4DOS on a fresh installed XP SP3
Dietmar
#6788infuscomus⇗ @diderius6

Try a GT710, they're abundant and cheap.
#6789diderius6⇗ @infuscomus
I tried a GT730,
Softice video test tells, that all is ok,
but isnt
Dietmar
#6790onuracengizCan you add a screenshot from your dxdiag panels
DirectX, and its 2D component DirectDraw, should be enabled by default on most Windows XP computers. If you have reason to believe it is turned off on your computer, open the "Run" dialogue and type "dxdiag." Click the "Display" tab and ensure "DirectX" and "DirectDraw" are both turned on. If not, click their checkboxes to turn them on

⇗ Microsoft DirectX Control Panel 9.0c (use this if you are having trouble with the original)
#6791diderius6Yesssaaa;)) with your help I get it

SoftICE ver.4.3.21 on XP SP3

Dietmar

#6792onuracengizGo nuts :)
#6793infuscomus⇗ @diderius6

nice!
do you think you can debug the HAL using this?
#6794diderius6⇗ @infuscomus

May be. Until now, it is just crazy for me, that it works on XP SP3
Dietmar
#6795Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6791
SoftICE ver.4.3.21 on [b]XP SP3/b]


Cool

P.S. Don't use the camera (or smartfon) to take a WinXP screenshot. Just:
  • press Print Screen key on keyboard (PrtScr) to make full screenshot
  • press Alt+PrtScr to make only active window screenshot
  • open MS Paint, paste clipboard and save file as .PNG format


P.S. If WinXP is set to debug (boot.ini) and WinDbg is running on the other PC then pressing the PrtScr button will cause Break and OS stop responding (need go 'g' to run WinXP on WinDbg) - so it's best to use IrfanView -> Options -> Capture/ScreenShot...

 

Page 454

#6796onuracengiz⇗ FastStone Image Viewer (was my favorite)
⇗ IrfanView
⇗ XnView
#6797diderius6⇗ @Gelip
All (4, all different) of my Serial PCI-e Slot cards show via debug

0040:0000 00 00 00 00 00 00 00 00

Now it looks like a small wonder, that the modded NTLDR_dbg can work with this
Dietmar

PS: With the onboard enabled COM port debug shows

0040:0000 F8 03 00 00 00 00 00 00
#6798diderius6⇗ @Gelip

But now fun is going on;)..

I type debug in USB boot MS-DOS6.22 and then
-e 40:0 10 D0
q

And I download the MS-DOS program Kermit, which I put also on the nice USB stick.
And after typing Kermit in commandline
I type Output otto
Before I open putty on the other serial connected compi with a Baudrate of 9600
and this is the result,
which means, that I just help MS-DOS a little to find its Serial adress and that this card indeed works under MS-DOS.
Now I make a try to change the adress of the Startech PCI-e Serial Slotcard to adress 03 F8
and look, if I can start with normal kdcom.dll Windbg
Dietmar

EDIT:Ok, I cant change port to 03F8. Kermit via test COM1 tells me now, not an 8250 UART at this COM port.
So I still need for Windbg D010 modded kdcom.dll .

EDIT2: Even with for address D010 modded kdcom.dll  Windbg does not start from the Startech PCI-e slotcard
via grub from DOS.

EDIT3: When I look with debug from the via grub so booted XP I see, that the com1 port is set back to 03 F8.

EDIT4: It seems not possible, to redirect COM1 port from address 03F8 ---> D010 or vice versa(!) under XP SP3.

#6799Gelip⇗ @diderius6
Must be 19200 baudrate in boot.ini and in MS-DOS
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (453)

19200 is max baudrate for MS-DOS

Everything works for me and I have two ways to make WinDbg work:

  • modded kdcom.dll and 115200 baud in boot.ini

or

  • MS-DOS set I/O and only 19200 in boot.ini with original kdcom.dll
#6800infuscomus⇗ @diderius6

you know how my patched vista acpi.sys mostly gives a 7B BSOD but also sometimes works?
can you try to debug that?
#6801diderius6⇗ @infuscomus

I think, that the acpi.sys from Vista works sometimes,
because not all (mostly all survives is ram?!) is gone in memory after reboot.
The original acpi.sys from Vista looks for the acpi tables at a wrong place.
Your modded acpi.sys looks at the right place, but the tables are just not loaded up there.
When now in memory the tables still stay, modded acpi.sys from Vista fetch this tables from before boot,
reads and start.
I think, it is nearly impossible to debug this.
You get Bsod, because the tables are not found.
XP starts normal, when the tables are found,
just crazy
Dietmar
#6802diderius6⇗ @Gelip
Today I make a new try.
I put only the files from XP SP3 on the harddisk, that are needed, so that Windbg still starts with the onboard COM1 port.
Then I disable step by step the address 03F8 until Windbg stops to start.
It is vice versa than doing before
Dietmar

PS: There must be a driver, which overwrites in memory the D010 address, build via DOS in memory.
I do not think, that it is Bios, because with disabled COM port in Bios Windbg does not start and Debian 9 use with disabled COM1 port in Bios for the COM port on the slotcard COM1.
#6803Gelip⇗ @diderius6
I don't understand what you want to test - onboard serial port or ports on PCIe card?  - decide what you want to test  I thought you only want to test serial ports on a PCIe card. Why are you turning on the integrated port in the bios again ????

By the way, does WinDbg work on the built-in serial port of the motherboard?
#6804diderius6⇗ @Gelip

Windbg works with the inbuild COM port.
When you do not reach your aim on a normal way,
you just can try something crazy other
Dietmar
#6805AndaluI tried to make a fresh XP installation on a Comet Lake board (GA-H470-HD3) but I got a 7B bsod (0xF7AFC524,0xC034,0x00,0x00).
It seems to be related to the acpi.sys version used. This bsod is bypassed with the acpi2013.sys (SHA-1 726C3B83599A20A2C15CF1FDAAD4F81469A6ED99)
but even in this case I got an error (never seen before) on the text-mode: "Setup cannot copy the file: setupwst.exe".
Skipping this file the text-mode ends normally but the following GUI-mode doesn't start.

Until now to prepare the USB flash I always used the Yumi tool (much faster than others) but for this H470 system it doesn't work: I got a blank screen just after the memory loading and before to enter in the first step of the XP setup. The same happens with RMPrepUSB.
WinSetupFromUSB 1.9 seems to work better but with it I got the error above about the setupwst.exe file.

XP works on my H470 board only by using a disk drive from another XP system (in this case even with the acpi6666 from outer space).
A strange thing: the bios version (F3) installed on my board is not listed on the official gigabyte webpage, maybe it is a buggy version?
#6806diderius6⇗ @Andalu

On my EVGA Dark Z390 (XP friendly Bios) board also no USB install at all works.
And even with CD install and normal harddisk I got always Bsod 0x7B.
I can install XP via CD only, because there is an Asmedia 106 Sata Slot on this board.
The same I hear about the EVGA Dark z490 on
⇗ https://community.hwbot.org/
even they try a lot to optimize USB install via Firadisk
Dietmar

PS: You can try an install to USB harddisk or nvme. With the XP from zone94.com it is possible.
#6807infuscomus⇗ @diderius6

I thought I recalled you saying it was possible to diagnose a 7B BSOD using the ntldr_dbg version I sent you, so I thought it might be possible to find out why my modded vista acpi.sys gives this BSOD.
If I was mistaken and that is not what you said, I'm sorry.
#6808diderius6⇗ @infuscomus
With hard work it may be possible to find out a little bit more, what happens.
With my tests before with Windbg I know, it happens because of the not found acpi tables
Dietmar

PS: Windbg works much less stable with the ntldr_dbg.
So for example it is not always possible to trace a driver,
because it hangs in an endless loop.
#6809Andalu⇗ @diderius6

You're giving me a bad news  I was hoping to install XP without troubles even in that system.

I've never tried installing XP on a USB HD or nvme, I can also attempt but I wouldn't know where to start after selecting the related option in the Patch Integrator.


P.S.: another strange thingh about the XP ISO installation on my H470 system: the usb boot from a nvme to usb3 enclosure (with a M.2 sata drive) doesn't work  
while I never had issue on the Q370 system.
#6810diderius6⇗ @Andalu

I know for sure, that USB install with the nice USB driver from ⇗ @Mov AX, 0xDEAD
works with the XP SP3 from zone94.com

SP3 x86 - Integral Edition 2020.5.5 (Vanilla).iso
WinXP-IE Optional Patch Integrator v2.3.3b14.cmd
Customized Option 1,2,3,4,5,D,S,U,L

Dietmar

 

Page 455

#6811onuracengizgenerally speaking server 2003 is more stable then xp,instead of vista's use 2003's.or even better Xplives's modified ones
⇗ Modded ACPI Drivers Depot 2000 XP 2003 2009
#6812diderius6Here is the minimal list for XP SP3 on a NTFS partition with the iastor driver from fernando
so that serial debug via COM works for Windbg:

In folder C:\

ntldr
ntdetect.com
boot.ini

In C:\WINDOWS

folder
AppPatch with drvmain.sdb in it

folder
Fonts with vga850.fon in it

folder system32 with in it

bootvid.dll
c_850.nls
c_1252.nls
kdcom.dll
l_intl.nls
ntkrnlpa.exe
HAL.DLL

C:\WINDOWS\system32\config
with system in it

and

C:\WINDOWS\system32\drivers
with

acpi.sys
disk.sys
iaStor.sys
isapnp.sys
ksecdd.sys
mountmgr.sys
mssmbios.sys
ntfs.sys
partmgr.sys
pci.sys
pciidex.sys
videoprt.sys

So, away from Bios, there has to be changed address for COM1 port from 03F8 --->D010
for the Startech Serial PCI-e slot card, which works under DOS but DOS did not find their address D010
Dietmar

PS: In DSDT all serial COM ports are listed, for example 0x03F8.
#6813Andalu⇗ @diderius6

XP ISO successfully installed from a USB stick on my Comet Lake H470 system with Easy2Boot:



But it was not easy at all: Easy2Boot only worked correctly twice out of 15 attempts: most of the time the system reboots automatically or Easy2Boot freezes on its first screens. So far I haven't been able to figure out the reason for this malfunctioning, really annoying. Another mandatory requirement for Easy2Boot is an external graphics card: the XP installation doesn't work at all with the internal cpu graphics.
#6814diderius6Hi,
I look at the Source code for XP SP1,
what is different in the normal ntldr compared with the ntldr_dbg.
The problem in the normal ntldr is, that the address for COM1 0xD010 is not transfered
to ntoskrnl.exe when using a PCI-e Serial slotcard.
But using the ntldr_dbg this address is transfered.
So, there is a chance without modding DSDT in Bios, to make an ntldr,
that transfers the address of COM1 to ntoskrnl.exe but still uses after kdcom.dll
Dietmar

PS: I noticed an interesting thing with the ntldr_dbg.
It seems to crash, when first part of load from XP is done.
May be, like in USB, that then the slotcard looses contact with the COM1 port at 0xD010
and so crashes.
#6815BrooonsAfter installation of any driver USB disappears hibernate.
Why?
#6816diderius6⇗ @Brooons

This seems to be a problem of all USB drivers under XP.
The same happens for the pagefile, when you do USB boot.
I do not know, if this problem is solved in the nice win8 USB driver from ⇗ @Mov AX, 0xDEAD
Dietmar
#6817Brooons
Zitat
USB driver from @Mov AX, 0xDEAD
Dietmaк


Where I can see this driver, please.

#6818Gelip⇗ @diderius6
I received a PCIe card with a serial port I ordered - ⇗ Sunrich I-350 PCI-E 1S Serial:

I tested the card in a desktop PC in the PCIe x1 slot and in a laptop with EXP GDC 8.5c ExpressCard external graphics adapter.
Unfortunately this card doesn't use I/O addresses but MMIOs so I can't use it with WinDbg. However, it works very well in the early stages of Linux bootup:

cmdline:

desktop PC: console=uart8250,mmio,0xf7c01000,115200n8
laptop PC: console=uart8250,mmio,0xf0801000,115200n8
#6819diderius6⇗ @Brooons
Dietmar

⇗ https://forums.mydigitallife.net/threads...hardware.81607/
#6820diderius6This is a step in the right direction.
I hack this hacked;) ntldr to work with my Startech card,
now the bootfiles can be debugged careful.
Only disadvantage of this ntldr is,
that it shuts down after first step of XP SP3 load but XP starts to desktop
Dietmar

PS: For the very first time I can debug the whole boot process of XP SP3
without any error message or crazy loops.


⇗ https://ufile.io/zsfm8mqi

#6821infuscomus⇗ @diderius6

even the HAL?
#6822diderius6⇗ @infuscomus
Just send me, what you want to test.
I got soso many files,
that I do not know which where the last and which should work together
Dietmar

PS: Crazy job. After building minimal XP SP3 for debugging I tested 41 different ntldr.
Found this one and modd it, works.
#6823infuscomus⇗ @diderius6

can you try and debug vhal4xp.dll (the most recent one I sent you without missing imports)

do you need me to send it again?
#6824diderius6⇗ @infuscomus

Which files have to stay together with vhal4xp.dll ?
Can it work together with the checked files from XP SP3?
Dietmar
#6825infuscomus⇗ @diderius6

vhal4xp.dll depends on my ntoskrn8.sys (you should still have this right?) kdcom.dll and pshed.dll - put all of these in windows\system32

I think it should work with checked XP SP3, but just doubled check in dependency walker that I haven't missed an import.

 

Page 456

#6826diderius6⇗ @infuscomus
I found the exact place, where hal.dll crashes.
The reason is the value in EAX at this place (see EIP)
Dietmar

BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Mon Feb 22 19:13:39.040 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols2;C:\WINDOWS\symbols
Executable search path is: C:\WINDOWS\symbols2
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> lm
start    end        module name
00400000 0045a000   osloader   (private pdb symbols)  c:\windows\symbols2\osloader.pdb
kd> bc *
kd> bp 0040e723
kd> g
BD: 804BA000 \WINDOWS\system32\ntkrnlpa.exe
BD: 806C8000 \WINDOWS\system32\hal.dll
Breakpoint 0 hit
osloader!NtProcessStartup+0x26a:
0040e723 ff5014          call    dword ptr [eax+14h]
kd> t
osloader!AEReboot:
00402ad3 55              push    ebp
kd> t
osloader!AEReboot+0x1:
00402ad4 8bec            mov     ebp,esp
kd> t
osloader!AEReboot+0x3:
00402ad6 51              push    ecx
kd> t
osloader!AEReboot+0x4:
00402ad7 e815960000      call    osloader!TextGrTerminate (0040c0f1)
kd> t
osloader!TextGrTerminate:
0040c0f1 33c0            xor     eax,eax
kd> t
osloader!TextGrTerminate+0x2:
0040c0f3 390594ed4200    cmp     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0x8:
0040c0f9 7405            je      osloader!TextGrTerminate+0xf (0040c100)
kd> t
osloader!TextGrTerminate+0xa:
0040c0fb a394ed4200      mov     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0xf:
0040c100 38054a304300    cmp     byte ptr [osloader!GraphicsMode (0043304a)],al
kd> t
osloader!TextGrTerminate+0x15:
0040c106 7511            jne     osloader!TextGrTerminate+0x28 (0040c119)
kd> t
osloader!TextGrTerminate+0x17:
0040c108 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> t
osloader!TextGrTerminate+0x1c:
0040c10d 6a03            push    3
kd> t
osloader!TextGrTerminate+0x1e:
0040c10f 6800000080      push    80000000h
kd> t
osloader!TextGrTerminate+0x23:
0040c114 ff5018          call    dword ptr [eax+18h]
kd> t
00020eff 6858000000      push    58h
kd> t
00020f04 680a0f0000      push    0F0Ah
kd> t
00020f09 cb              retf
kd> t
0058:0f0a 6655            push    ebp
16.kd> t
0058:0f0c 6653            push    ebx
16.kd> t
0058:0f0e 6656            push    esi
16.kd> t
0058:0f10 6657            push    edi
16.kd> t
0058:0f12 6689e3          mov     ebx,esp
16.kd> t
0058:0f15 b86000          mov     ax,60h
16.kd> t
0058:0f18 8ed8            mov     ds,ax
16.kd> t
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
osloader!DbgBreakPoint:
0040b0c6 cc              int     3


#6827infuscomus⇗ @diderius6

strange that it fails there

maybe pshed.dll needs a proper service registry entry?

I took this registry from windows 10, it might be different on vista

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\EventLog\System\Microsoft-Windows-Kernel-WHEA]
"ProviderGuid"="{7b563579-53c8-44e7-8236-0f87b9fe6594}"
"EventMessageFile"=hex(2):25,00,53,00,79,00,73,00,74,00,65,00,6d,00,52,00,6f,\
   00,6f,00,74,00,25,00,5c,00,73,00,79,00,73,00,74,00,65,00,6d,00,33,00,32,00,\
   5c,00,50,00,53,00,48,00,45,00,44,00,2e,00,44,00,4c,00,4c,00,00,00

   

edit:
I'm happy to see you've gotten further with debugging at least.
#6828diderius6⇗ @infuscomus
I take a look what happens direct before crash of Hal.dll
Dietmar
Connected to Windows Boot Debugger 3790 x86 compatible target at (Mon Feb 22 20:47:28.708 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols2;C:\WINDOWS\symbols
Executable search path is: C:\WINDOWS\symbols2
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> bc *
kd> bp 0040e71e
kd> g
BD: 804BA000 \WINDOWS\system32\ntkrnlpa.exe
BD: 806C8000 \WINDOWS\system32\hal.dll
Breakpoint 0 hit
osloader!NtProcessStartup+0x265:
0040e71e a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> t
osloader!NtProcessStartup+0x26a:
0040e723 ff5014          call    dword ptr [eax+14h]
kd> t
osloader!AEReboot:
00402ad3 55              push    ebp
kd> t
osloader!AEReboot+0x1:
00402ad4 8bec            mov     ebp,esp
kd> t
osloader!AEReboot+0x3:
00402ad6 51              push    ecx
kd> t
osloader!AEReboot+0x4:
00402ad7 e815960000      call    osloader!TextGrTerminate (0040c0f1)
kd> t
osloader!TextGrTerminate:
0040c0f1 33c0            xor     eax,eax
kd> t
osloader!TextGrTerminate+0x2:
0040c0f3 390594ed4200    cmp     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0x8:
0040c0f9 7405            je      osloader!TextGrTerminate+0xf (0040c100)
kd> t
osloader!TextGrTerminate+0xa:
0040c0fb a394ed4200      mov     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0xf:
0040c100 38054a304300    cmp     byte ptr [osloader!GraphicsMode (0043304a)],al
kd> t
osloader!TextGrTerminate+0x15:
0040c106 7511            jne     osloader!TextGrTerminate+0x28 (0040c119)
kd> t
osloader!TextGrTerminate+0x17:
0040c108 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> t
osloader!TextGrTerminate+0x1c:
0040c10d 6a03            push    3
kd> t
osloader!TextGrTerminate+0x1e:
0040c10f 6800000080      push    80000000h
kd> t
osloader!TextGrTerminate+0x23:
0040c114 ff5018          call    dword ptr [eax+18h]
kd> t
00020eff 6858000000      push    58h
kd> t
00020f04 680a0f0000      push    0F0Ah
kd> t
00020f09 cb              retf
kd> t
0058:0f0a 6655            push    ebp
16.kd> t
0058:0f0c 6653            push    ebx
16.kd> t
0058:0f0e 6656            push    esi
16.kd> t
0058:0f10 6657            push    edi
16.kd> t
0058:0f12 6689e3          mov     ebx,esp
16.kd> t
0058:0f15 b86000          mov     ax,60h
16.kd> t
0058:0f18 8ed8            mov     ds,ax
16.kd> t
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
#6829infuscomus⇗ @diderius6

I see It's already at the BootFailed function by that point. I noticed just before calling BootFailed there is a BlPrint function, does BlPrint give any useful information?
#6830diderius6⇗ @infuscomus
ntldr was put into an endless loop, I found
Dietmar
seg000:000108E7 loc_108E7: ; CODE XREF: seg000:000108DD j
seg000:000108E7                 call    sub_13F2F
seg000:000108EC                 call    sub_4D38
seg000:000108F1                 call    sub_1DDF6
seg000:000108F6                 call    sub_71E0
seg000:000108FB                 push    ebx
seg000:000108FC                 call    sub_FDAA
seg000:00010901                 test    byte ptr ds:42FC2Ch, 1
seg000:00010908                 jz      short loc_10936
seg000:0001090A                 push    4203A4h
seg000:0001090F                 call    sub_EC5F
seg000:00010914                 mov     eax, ds:4222ECh
seg000:00010919                 pop     ecx
seg000:0001091A                 call    dword ptr [eax+54h]
seg000:0001091D                 mov     esi, eax
seg000:0001091F

seg000:0001091F loc_1091F: ; CODE XREF: seg000:0001092C j
seg000:0001091F                 mov     eax, ds:4222ECh
seg000:00010924                 call    dword ptr [eax+54h]
seg000:00010927                 sub     eax, esi
seg000:00010929                 cmp     eax, 5
seg000:0001092C                 jb      short loc_1091F
seg000:0001092E

seg000:0001092E loc_1092E: ; CODE XREF: seg000:0001093F j
seg000:0001092E                 mov     eax, ds:4222ECh
seg000:00010933                 call    dword ptr [eax+14h]
seg000:00010936

seg000:00010936 loc_10936: ; CODE XREF: seg000:00010908 j
seg000:00010936 ;
seg000:0001093D j
seg000:00010936                 call    sub_1E0D1
seg000:0001093B                 test    al, al
seg000:0001093D                 jz      short loc_10936
seg000:0001093F                 jmp     short loc_1092E
seg000:00010941
#6831infuscomus⇗ @diderius6

I can see the loop in graph view -
I think you would need to set a breakpoint before BootFailed gets called to find the cause of this.
#6832diderius6⇗ @infuscomus
Here it is
Dietmar
Connected to Windows Boot Debugger 3790 x86 compatible target at (Mon Feb 22 21:26:52.898 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols2;C:\WINDOWS\symbols
Executable search path is: C:\WINDOWS\symbols2
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> bc *
kd> bp 0040e6f1
kd> g
BD: 804BA000 \WINDOWS\system32\ntkrnlpa.exe
BD: 806C8000 \WINDOWS\system32\hal.dll
Breakpoint 0 hit
osloader!NtProcessStartup+0x238:
0040e6f1 f6052cfc420001  test    byte ptr [osloader!BootFlags (0042fc2c)],1
kd> t
osloader!NtProcessStartup+0x23f:
0040e6f8 742c            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> t
osloader!NtProcessStartup+0x26d:
0040e726 e896d70000      call    osloader!BlTerminalHandleLoaderFailure (0041bec1)
kd> t
osloader!BlTerminalHandleLoaderFailure:
0041bec1 55              push    ebp
kd> t
osloader!BlTerminalHandleLoaderFailure+0x1:
0041bec2 8bec            mov     ebp,esp
kd> t
osloader!BlTerminalHandleLoaderFailure+0x3:
0041bec4 51              push    ecx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x4:
0041bec5 51              push    ecx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x5:
0041bec6 53              push    ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x6:
0041bec7 33db            xor     ebx,ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x8:
0041bec9 381da1704500    cmp     byte ptr [osloader!BlTerminalConnected (004570a1)],bl
kd> t
osloader!BlTerminalHandleLoaderFailure+0xe:
0041becf 7507            jne     osloader!BlTerminalHandleLoaderFailure+0x17 (0041bed8)
kd> t
osloader!BlTerminalHandleLoaderFailure+0x10:
0041bed1 b001            mov     al,1
kd> t
osloader!BlTerminalHandleLoaderFailure+0x12:
0041bed3 e966020000      jmp     osloader!BlTerminalHandleLoaderFailure+0x27d (0041c13e)
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27d:
0041c13e 5b              pop     ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27e:
0041c13f c9              leave
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27f:
0041c140 c3              ret
kd> t
osloader!NtProcessStartup+0x272:
0040e72b 84c0            test    al,al
kd> t
osloader!NtProcessStartup+0x274:
0040e72d 74f7            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> t
osloader!NtProcessStartup+0x276:
0040e72f ebed            jmp     osloader!NtProcessStartup+0x265 (0040e71e)
kd> t
osloader!NtProcessStartup+0x265:
0040e71e a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> t
osloader!NtProcessStartup+0x26a:
0040e723 ff5014          call    dword ptr [eax+14h]
#6833diderius6Here ist the whole package with Source Code for this nice ntldr for debug bootdevices in XP
*.pdb , ntldr for IDA etc.
Dietmar

⇗ https://ufile.io/8c63f15v
#6834infuscomus⇗ @diderius6

The pdb symbols included in your download don't seem to be for the osloader.exe you included.
#6835diderius6⇗ @infuscomus
There are different *.pdb files in this packet.
For this here used ntldr take the *.pdb from the bin folder,
this one works together with ntldr here used
Dietmar
#6836diderius6⇗ @infuscomus
compi hangs after the call of
osloader!CpPutByte+0x3a:
00409e82 e88cfeffff      call    osloader!CpReadLsr (00409d13)  -------->
                                                                                                         
seg000:0000BF23 ; =============== S U B R O U T I N E -------- < =======================================
seg000:0000BF23
seg000:0000BF23
seg000:0000BF23 sub_BF23        
proc near ; CODE XREF: sub_BFD5+27 p
seg000:0000BF23                                         ; sub_BFD5+60 
p ...
seg000:0000BF23
seg000:0000BF23 arg_0           = dword ptr  4
seg000:0000BF23 arg_4           = byte ptr  8
seg000:0000BF23
seg000:0000BF23                 push    ebx
seg000:0000BF24                 push    esi
seg000:0000BF25                 mov     esi, [esp+8+arg_0]
seg000:0000BF29                 mov     eax, [esi]
seg000:0000BF2B                 add     eax, 5
seg000:0000BF2E                 push    eax
seg000:0000BF2F                 call    dword ptr ds:422494h
seg000:0000BF35                 mov     bl, al
seg000:0000BF37                 test    [esp+8+arg_4], bl
seg000:0000BF3B                 jnz     short loc_BF64
seg000:0000BF3D                 mov     eax, [esi]
seg000:0000BF3F                 add     eax, 6
seg000:0000BF42                 push    eax
seg000:0000BF43                 call    dword ptr ds:422494h
seg000:0000BF49                 test    al, 40h
seg000:0000BF4B                 setz    al
seg000:0000BF4E                 inc     al
seg000:0000BF50                 or      ds:42D108h, al
seg000:0000BF56                 cmp     byte ptr ds:42D108h, 3
seg000:0000BF5D                 jnz     short loc_BF64
seg000:0000BF5F                 or      word ptr [esi+8], 2
seg000:0000BF64

seg000:0000BF64 loc_BF64: ; CODE XREF: sub_BF23+18 j
seg000:0000BF64 ; 
sub_BF23+3A j
seg000:0000BF64                 pop     esi
seg000:0000BF65                 mov     al, bl
seg000:0000BF67                 pop     ebx
seg000:0000BF68                 retn    8    <---- Compi never comes back to the place, from where it is called
seg000:0000BF68 sub_BF23        endp
seg000:0000BF68
seg000:0000BF6B
#6837diderius6
UCHAR
CpReadLsr(
      PCPPORT Port,
      UCHAR waiting
  );

    Routine Description:

        Read LSR byte from specified port.  If HAL owns port & display
        it will also cause a debug status to be kept up to date.

        Handles entering & exiting modem control mode for debugger.

    Arguments:

        Port - Address of CPPORT

    Returns:

        Byte read from port
#6838diderius6⇗ @infuscomus
Oh, I just see, that this Bsod can happen because of my hack for the COM1 port address to 10D0 (little endian) everywhere, but only in your hal.dll not, ok tomorrow more )
Dietmar

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows Boot Debugger 3790 x86 compatible target at (Mon Feb 22 23:27:45.367 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols2
Executable search path is: C:\WINDOWS\symbols2
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!CpReadLsr+0x18:
00409d2b 7527            jne     osloader!CpReadLsr+0x41 (00409d54)
kd> g
Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
00000020 ??              ???
kd> g
Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
00000020 ??              ???
kd> g
Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
00000020 ??              ???
kd> !analyze -v
Connected to Windows Boot Debugger 3790 x86 compatible target at (Mon Feb 22 23:29:23.445 2021 (UTC + 1:00)), ptr64 FALSE
Loading Kernel Symbols

Loading User Symbols
Unable to resolve nt!KiBugCheckData
*******************************************************************************
*                                                                             *
*                        Exception Analysis                                   *
*                                                                             *
*******************************************************************************


FAULTING_IP: 
+0
00000020 ??              ???

EXCEPTION_RECORD:  ffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 00000020
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 3
   Parameter[0]: 00000000
   Parameter[1]: 00000020
   Parameter[2]: 00000000
Attempt to read from address 00000020

DEFAULT_BUCKET_ID:  BAD_INSTRUCTION_PTR

ERROR_CODE:
 (NTSTATUS) 0xc0000005 - Die Anweisung in "0x%08lx" verweist auf
Speicher in "0x%08lx". Der Vorgang  "%s" konnte nicht auf dem Speicher
durchgef hrt werden.

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Die
Anweisung in "0x%08lx" verweist auf Speicher in "0x%08lx". Der Vorgang 
"%s" konnte nicht auf dem Speicher durchgef hrt werden.

EXCEPTION_PARAMETER1:  00000000

EXCEPTION_PARAMETER2:  00000020

EXCEPTION_PARAMETER3:  00000000

READ_ADDRESS:  00000020 

FOLLOWUP_IP: 
osloader!Port+0
0042d0d8 10d0            adc     al,dl

FAILED_INSTRUCTION_ADDRESS: 
+1562faf009bdf58
00000020 ??              ???

MOD_LIST: <ANALYSIS/>

FAULTING_THREAD:  00000001

PRIMARY_PROBLEM_CLASS:  BAD_INSTRUCTION_PTR

BUGCHECK_STR:  APPLICATION_FAULT_BAD_INSTRUCTION_PTR_INVALID_POINTER_READ

LAST_CONTROL_TRANSFER:  from 0042d0d8 to 00000020

STACK_TEXT:  
WARNING: Frame IP not in any known module. Following frames may be wrong.
0005c324 0042d0d8 00000030 0040ab93 00000000 0x20
0005c32c 0040ab93 00000000 00000030 0040abb8 osloader!Port
0005c338 0040abb8 00000030 0005c388 0040afad osloader!BdComPutByte+0xf [f:\work\ntldr\source\osloader\dbgcom.cpp @ 71]
0005c344 0040afad 0005c360 00000010 00000000 osloader!BdComSendString+0x10 [f:\work\ntldr\source\osloader\dbgcom.cpp @ 102]
0005c370 0040ed8a 00000002 0005c388 00000000 osloader!BdComSendPacket+0xa8 [f:\work\ntldr\source\osloader\dbgcom.cpp @ 572]
0005c390 0040f484 0005c3ac 0005c3ec 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005c3f8 0040f662 00000007 0005c508 0005c500 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005c510
 0040b63c 0005c564 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005c550 0040b256 0005c564 00000000 0005c5b8 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]
0005c5b0 0040b2be 00000000 00000000 00000000 osloader!BdDispatch+0x61 [f:\work\ntldr\source\osloader\debug.cpp @ 251]
0005c688 0040ed8a 00000002 0005c6a0 00000000 osloader!BdTrap03+0x30 [f:\work\ntldr\source\osloader\debug.cpp @ 319]
0005c6a8 0040f484 0005c6c4 0005c704 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005c710 0040f662 00000007 0005c820 0005c818 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005c828
 0040b63c 0005c87c 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005c868 0040b256 0005c87c 00000000 0005c8d0 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]
0005c8c8 0040b2be 00000000 00000000 00000000 osloader!BdDispatch+0x61 [f:\work\ntldr\source\osloader\debug.cpp @ 251]
0005c9a0 0040ed8a 00000002 0005c9b8 00000000 osloader!BdTrap03+0x30 [f:\work\ntldr\source\osloader\debug.cpp @ 319]
0005c9c0 0040f484 0005c9dc 0005ca1c 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005ca28 0040f662 00000007 0005cb38 0005cb30 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005cb40
 0040b63c 0005cb94 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005cb80 0040b256 0005cb94 00000000 0005cbe8 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]
0005cbe0 0040b2be 00000000 00000000 00000000 osloader!BdDispatch+0x61 [f:\work\ntldr\source\osloader\debug.cpp @ 251]
0005ccb8 0040ed8a 00000002 0005ccd0 00000000 osloader!BdTrap03+0x30 [f:\work\ntldr\source\osloader\debug.cpp @ 319]
0005ccd8 0040f484 0005ccf4 0005cd34 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005cd40 0040f662 00000007 0005ce50 0005ce48 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005ce58
 0040b63c 0005ceac 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005ce98 0040b256 0005ceac 00000000 0005cf00 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]
0005cef8 0040b2be 00000000 00000000 00000000 osloader!BdDispatch+0x61 [f:\work\ntldr\source\osloader\debug.cpp @ 251]
0005cfd0 0040ed8a 00000002 0005cfe8 00000000 osloader!BdTrap03+0x30 [f:\work\ntldr\source\osloader\debug.cpp @ 319]
0005cff0 0040f484 0005d00c 0005d04c 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005d058 0040f662 00000007 0005d168 0005d160 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005d170
 0040b63c 0005d1c4 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005d1b0 0040b256 0005d1c4 00000000 0005d218 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]
0005d210 0040b2be 00000000 00000000 00000000 osloader!BdDispatch+0x61 [f:\work\ntldr\source\osloader\debug.cpp @ 251]
0005d2e8 0040ed8a 00000002 0005d300 00000000 osloader!BdTrap03+0x30 [f:\work\ntldr\source\osloader\debug.cpp @ 319]
0005d308 0040f484 0005d324 0005d364 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005d370 0040f662 00000007 0005d480 0005d478 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005d488
 0040b63c 0005d4dc 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005d4c8 0040b256 0005d4dc 00000000 0005d530 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]
0005d528 0040b2be 00000000 00000000 00000000 osloader!BdDispatch+0x61 [f:\work\ntldr\source\osloader\debug.cpp @ 251]
0005d600 0040ed8a 00000002 0005d618 00000000 osloader!BdTrap03+0x30 [f:\work\ntldr\source\osloader\debug.cpp @ 319]
0005d620 0040f484 0005d63c 0005d67c 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005d688 0040f662 00000007 0005d798 0005d790 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005d7a0
 0040b63c 0005d7f4 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005d7e0 0040b256 0005d7f4 00000000 0005d848 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]
0005d840 0040b2be 00000000 00000000 00000000 osloader!BdDispatch+0x61 [f:\work\ntldr\source\osloader\debug.cpp @ 251]
0005d918 0040ed8a 00000002 0005d930 00000000 osloader!BdTrap03+0x30 [f:\work\ntldr\source\osloader\debug.cpp @ 319]
0005d938 0040f484 0005d954 0005d994 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005d9a0 0040f662 00000007 0005dab0 0005daa8 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005dab8
 0040b63c 0005db0c 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005daf8 0040b256 0005db0c 00000000 0005db60 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]
0005db58 0040b2be 00000000 00000000 00000000 osloader!BdDispatch+0x61 [f:\work\ntldr\source\osloader\debug.cpp @ 251]
0005dc30 0040ed8a 00000002 0005dc48 00000000 osloader!BdTrap03+0x30 [f:\work\ntldr\source\osloader\debug.cpp @ 319]
0005dc50 0040f484 0005dc6c 0005dcac 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005dcb8 0040f662 00000007 0005ddc8 0005ddc0 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005ddd0
 0040b63c 0005de24 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005de10 0040b256 0005de24 00000000 0005de78 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]
0005de70 0040b2be 00000000 00000000 00000000 osloader!BdDispatch+0x61 [f:\work\ntldr\source\osloader\debug.cpp @ 251]
0005df48 0040ed8a 00000002 0005df60 00000000 osloader!BdTrap03+0x30 [f:\work\ntldr\source\osloader\debug.cpp @ 319]
0005df68 0040f484 0005df84 0005dfc4 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005dfd0 0040f662 00000007 0005e0e0 0005e0d8 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005e0e8
 0040b63c 0005e13c 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005e128 0040b256 0005e13c 00000000 0005e190 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]
0005e188 0040b2be 00000000 00000000 00000000 osloader!BdDispatch+0x61 [f:\work\ntldr\source\osloader\debug.cpp @ 251]
0005e260 0040ed8a 00000002 0005e278 00000000 osloader!BdTrap03+0x30 [f:\work\ntldr\source\osloader\debug.cpp @ 319]
0005e280 0040f484 0005e29c 0005e2dc 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005e2e8 0040f662 00000007 0005e3f8 0005e3f0 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005e400
 0040b63c 0005e454 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005e440 0040b256 0005e454 00000000 0005e4a8 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]
0005e4a0 0040b2be 00000000 00000000 00000000 osloader!BdDispatch+0x61 [f:\work\ntldr\source\osloader\debug.cpp @ 251]
0005e578 0040ed8a 00000002 0005e590 00000000 osloader!BdTrap03+0x30 [f:\work\ntldr\source\osloader\debug.cpp @ 319]
0005e598 0040f484 0005e5b4 0005e5f4 0042e13c osloader!BdWriteBreakpoint+0x40 [f:\work\ntldr\source\osloader\kdapi.cpp @ 557]
0005e600 0040f662 00000007 0005e710 0005e708 osloader!BdSendWaitContinue+0xea [f:\work\ntldr\source\osloader\kdapi.cpp @ 1036]
0005e718
 0040b63c 0005e76c 0042e13c 00000000
osloader!BdReportExceptionStateChange+0x6c
[f:\work\ntldr\source\osloader\kdapi.cpp @ 1141]
0005e758 0040b256 0005e76c 00000000 0005e7c0 osloader!BdTrap+0x3e [f:\work\ntldr\source\osloader\debug.cpp @ 601]


STACK_COMMAND:  kb

SYMBOL_STACK_INDEX:  1

SYMBOL_NAME:  osloader!Port+5c32c

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: osloader

IMAGE_NAME:  osloader.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4a102c49

FAILURE_BUCKET_ID:  BAD_INSTRUCTION_PTR_c0000005_osloader.exe!Port

BUCKET_ID:  APPLICATION_FAULT_BAD_INSTRUCTION_PTR_INVALID_POINTER_READ_BAD_IP_osloader!Port+5c32c

Followup: MachineOwner
---------

#6839gordo999⇗ @diderius6 ...something that might interest you.

⇗ http://standa-note.blogspot.com/2014/11/...of-windows.html

⇗ http://bochs.sourceforge.net/
#6840diderius6⇗ @gordo999

Thanks for the links,
have a nice day
Dietmar

PS: "You will see IDA Pro breaks at the very beginning of MBR (0x7c00).." cool

 

Page 457

#6841diderius6⇗ @infuscomus
Funny, the XP hal.dll does not cry, when I change its COM1 port to address 0xD010
but the Vista hal.dll crashes, telling that it cant set up a terminal on this port.
This I can change back easy, I just need to use the for the Com1 port unmodded files
ntdetect.com, ntldr (new nice Master), (kdcom.dll), ntoskrnl.exe and hal.dll (this from Vista)
and use the onboard COM1 with 0x03F8 address
Dietmar
#6842diderius6⇗ @infuscomus

The crazy message about terminal error stays,
even I have now for all files COM1 port at standard address 0x03F8, IRQ 4.
I test, if I can get any more information, why hal.dll from Vista fails on XP SP3
Dietmar

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Tue Feb 23 09:58:06.015 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols2
Executable search path is: C:\WINDOWS\symbols2
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> bc *
kd> bp 0040e6f1
kd> g
BD: 804BA000 \WINDOWS\system32\ntkrnlpa.exe
BD: 806C8000 \WINDOWS\system32\hal.dll
BD: 80700000 \WINDOWS\system32\kdcom.dll
Breakpoint 0 hit
osloader!NtProcessStartup+0x238:
0040e6f1 f6052cfc420001  test    byte ptr [osloader!BootFlags (0042fc2c)],1
kd> t
osloader!NtProcessStartup+0x23f:
0040e6f8 742c            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> t
osloader!NtProcessStartup+0x26d:
0040e726 e896d70000      call    osloader!BlTerminalHandleLoaderFailure (0041bec1)
kd> t
osloader!BlTerminalHandleLoaderFailure:
0041bec1 55              push    ebp
kd> t
osloader!BlTerminalHandleLoaderFailure+0x1:
0041bec2 8bec            mov     ebp,esp
kd> t
osloader!BlTerminalHandleLoaderFailure+0x3:
0041bec4 51              push    ecx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x4:
0041bec5 51              push    ecx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x5:
0041bec6 53              push    ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x6:
0041bec7 33db            xor     ebx,ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x8:
0041bec9 381da1704500    cmp     byte ptr [osloader!BlTerminalConnected (004570a1)],bl
kd> t
osloader!BlTerminalHandleLoaderFailure+0xe:
0041becf 7507            jne     osloader!BlTerminalHandleLoaderFailure+0x17 (0041bed8)
kd> t
osloader!BlTerminalHandleLoaderFailure+0x10:
0041bed1 b001            mov     al,1
kd> t
osloader!BlTerminalHandleLoaderFailure+0x12:
0041bed3 e966020000      jmp     osloader!BlTerminalHandleLoaderFailure+0x27d (0041c13e)
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27d:
0041c13e 5b              pop     ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27e:
0041c13f c9              leave
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27f:
0041c140 c3              ret
kd> t
osloader!NtProcessStartup+0x272:
0040e72b 84c0            test    al,al
kd> t
osloader!NtProcessStartup+0x274:
0040e72d 74f7            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> t
osloader!NtProcessStartup+0x276:
0040e72f ebed            jmp     osloader!NtProcessStartup+0x265 (0040e71e)
kd> t
osloader!NtProcessStartup+0x265:
0040e71e a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> t
osloader!NtProcessStartup+0x26a:
0040e723 ff5014          call    dword ptr [eax+14h]
kd> t
osloader!AEReboot:
00402ad3 55              push    ebp
kd> t
osloader!AEReboot+0x1:
00402ad4 8bec            mov     ebp,esp
kd> t
osloader!AEReboot+0x3:
00402ad6 51              push    ecx
kd> t
osloader!AEReboot+0x4:
00402ad7 e815960000      call    osloader!TextGrTerminate (0040c0f1)
kd> t
osloader!TextGrTerminate:
0040c0f1 33c0            xor     eax,eax
kd> t
osloader!TextGrTerminate+0x2:
0040c0f3 390594ed4200    cmp     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0x8:
0040c0f9 7405            je      osloader!TextGrTerminate+0xf (0040c100)
kd> t
osloader!TextGrTerminate+0xa:
0040c0fb a394ed4200      mov     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0xf:
0040c100 38054a304300    cmp     byte ptr [osloader!GraphicsMode (0043304a)],al
kd> t
osloader!TextGrTerminate+0x15:
0040c106 7511            jne     osloader!TextGrTerminate+0x28 (0040c119)
kd> t
osloader!TextGrTerminate+0x17:
0040c108 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> t
osloader!TextGrTerminate+0x1c:
0040c10d 6a03            push    3
kd> t
osloader!TextGrTerminate+0x1e:
0040c10f 6800000080      push    80000000h
kd> t
osloader!TextGrTerminate+0x23:
0040c114 ff5018          call    dword ptr [eax+18h]
kd> t
00020eff 6858000000      push    58h
kd> t
00020f04 680a0f0000      push    0F0Ah
kd> t
00020f09 cb              retf
kd> t
0058:0f0a 6655            push    ebp
16.kd> t
0058:0f0c 6653            push    ebx
16.kd> t
0058:0f0e 6656            push    esi
16.kd> t
0058:0f10 6657            push    edi
16.kd> t
0058:0f12 6689e3          mov     ebx,esp
16.kd> t
0058:0f15 b86000          mov     ax,60h
16.kd> t
0058:0f18 8ed8            mov     ds,ax
16.kd> t
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
osloader!DbgBreakPoint:
0040b0c6 cc              int     3

#6843infuscomus⇗ @diderius6

BD: 804BA000 \WINDOWS\system32\ntkrnlpa.exe
BD: 806C8000 \WINDOWS\system32\hal.dll
BD: 80700000 \WINDOWS\system32\kdcom.dll
^
do you know of a way to force pshed.dll to load after kdcom.dll? vista hal depends on it and it might be failing if pshed.dll is not loaded.
#6844diderius6⇗ @infuscomus
I think, that the harddisk is not recogniced correct with this hal from Vista.
Not easy to understand this output,
but I think, it shows something like this
Dietmar

osloader!atol+0xbc:
0041c7ac 894dec          mov     dword ptr [ebp-14h],ecx
kd> t
osloader!atol+0xbf:
0041c7af 837dec00        cmp     dword ptr [ebp-14h],0
kd> t
osloader!atol+0xc3:
0041c7b3 7424            je      osloader!atol+0xe9 (0041c7d9)
kd> t
osloader!atol+0xe9:
0041c7d9 837dfc2d        cmp     dword ptr [ebp-4],2Dh
kd> t
osloader!atol+0xed:
0041c7dd 7509            jne     osloader!atol+0xf8 (0041c7e8)
kd> t
osloader!atol+0xf8:
0041c7e8 8b45f8          mov     eax,dword ptr [ebp-8]
kd> t
osloader!atol+0xfb:
0041c7eb 8be5            mov     esp,ebp
kd> t
osloader!atol+0xfd:
0041c7ed 5d              pop     ebp
kd> t
osloader!atol+0xfe:
0041c7ee c3              ret
kd> t
osloader!BlGetPathMnemonicKey+0x84:
00404fc3 59              pop     ecx
kd> t
osloader!BlGetPathMnemonicKey+0x85:
00404fc4 8b4d10          mov     ecx,dword ptr [ebp+10h]
kd> t
osloader!BlGetPathMnemonicKey+0x88:
00404fc7 8901            mov     dword ptr [ecx],eax
kd> t
osloader!BlGetPathMnemonicKey+0x8a:
00404fc9 32c0            xor     al,al
kd> t
osloader!BlGetPathMnemonicKey+0x8c:
00404fcb 5e              pop     esi
kd> t
osloader!BlGetPathMnemonicKey+0x8d:
00404fcc c9              leave
kd> t
osloader!BlGetPathMnemonicKey+0x8e:
00404fcd c20c00          ret     0Ch
kd> t
osloader!BiosPartitionOpen+0x152:
004045eb 84c0            test    al,al
kd> t
osloader!BiosPartitionOpen+0x154:
004045ed 0f85dffeffff    jne     osloader!BiosPartitionOpen+0x39 (004044d2)
kd> t
osloader!BiosPartitionOpen+0x15a:
004045f3 8d4508          lea     eax,[ebp+8]
kd> t
osloader!BiosPartitionOpen+0x15d:
004045f6 50              push    eax
kd> t
osloader!BiosPartitionOpen+0x15e:
004045f7 8b45f8          mov     eax,dword ptr [ebp-8]
kd> t
osloader!BiosPartitionOpen+0x161:
004045fa 53              push    ebx
kd> t
osloader!BiosPartitionOpen+0x162:
004045fb 83e880          sub     eax,0FFFFFF80h
kd> t
osloader!BiosPartitionOpen+0x165:
004045fe 50              push    eax
kd> t
osloader!BiosPartitionOpen+0x166:
004045ff 895d08          mov     dword ptr [ebp+8],ebx
kd> t
osloader!BiosPartitionOpen+0x169:
00404602 e853f4ffff      call    osloader!BiosDiskOpen (00403a5a)
kd> t
osloader!BiosDiskOpen:
00403a5a 55              push    ebp
kd> t
osloader!BiosDiskOpen+0x1:
00403a5b 8bec            mov     ebp,esp
kd> t
osloader!BiosDiskOpen+0x3:
00403a5d 83ec0c          sub     esp,0Ch
kd> t
osloader!BiosDiskOpen+0x6:
00403a60 817d0881000080  cmp     dword ptr [ebp+8],80000081h
kd> t
osloader!BiosDiskOpen+0xd:
00403a67 53              push    ebx
kd> t
osloader!BiosDiskOpen+0xe:
00403a68 0f9745fe        seta    byte ptr [ebp-2]
kd> t
osloader!BiosDiskOpen+0x12:
00403a6c 816508ffffff7f  and     dword ptr [ebp+8],7FFFFFFFh
kd> t
osloader!BiosDiskOpen+0x19:
00403a73 817d0880000000  cmp     dword ptr [ebp+8],80h
kd> t
osloader!BiosDiskOpen+0x20:
00403a7a 56              push    esi
kd> t
osloader!BiosDiskOpen+0x21:
00403a7b 8b3528274200    mov     esi,dword ptr [osloader!FwDiskCache (00422728)]
kd> t
osloader!BiosDiskOpen+0x27:
00403a81 57              push    edi
kd> t
osloader!BiosDiskOpen+0x28:
00403a82 c645ff00        mov     byte ptr [ebp-1],0
kd> t
osloader!BiosDiskOpen+0x2c:
00403a86 7341            jae     osloader!BiosDiskOpen+0x6f (00403ac9)
kd> t
osloader!BiosDiskOpen+0x6f:
00403ac9 33ff            xor     edi,edi
kd> t
osloader!BiosDiskOpen+0x71:
00403acb 807dfe00        cmp     byte ptr [ebp-2],0
kd> t
osloader!BiosDiskOpen+0x75:
00403acf 740b            je      osloader!BiosDiskOpen+0x82 (00403adc)
kd> t
osloader!BiosDiskOpen+0x82:
00403adc 897df8          mov     dword ptr [ebp-8],edi
kd> t
osloader!BiosDiskOpen+0x85:
00403adf a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> t
osloader!BiosDiskOpen+0x8a:
00403ae4 57              push    edi
kd> t
osloader!BiosDiskOpen+0x8b:
00403ae5 57              push    edi
kd> t
osloader!BiosDiskOpen+0x8c:
00403ae6 57              push    edi
kd> t
osloader!BiosDiskOpen+0x8d:
00403ae7 57              push    edi
kd> t
osloader!BiosDiskOpen+0x8e:
00403ae8 57              push    edi
kd> t
osloader!BiosDiskOpen+0x8f:
00403ae9 ff7508          push    dword ptr [ebp+8]
kd> t
osloader!BiosDiskOpen+0x92:
00403aec 897df4          mov     dword ptr [ebp-0Ch],edi
kd> t
osloader!BiosDiskOpen+0x95:
00403aef 6a08            push    8
kd> t
osloader!BiosDiskOpen+0x97:
00403af1 ff5004          call    dword ptr [eax+4]
kd> t
00020b4d 6858000000      push    58h
kd> t
00020b52 68580b0000      push    0B58h
kd> t
00020b57 cb              retf
kd> t
0058:0b58 6655            push    ebp
16.kd> t
0058:0b5a 6653            push    ebx
16.kd> t
0058:0b5c 6656            push    esi
16.kd> t
0058:0b5e 6657            push    edi
16.kd> t
0058:0b60 6689e3          mov     ebx,esp
16.kd> t
0058:0b63 b86000          mov     ax,60h
16.kd> t
0058:0b66 8ed8            mov     ds,ax
16.kd> t
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
#6845diderius6⇗ @infuscomus

Now I try something other.
I set EB FE at the driverentry from your Vista hal.dll and change the 2 Bytes back to their original value 8B FE in memory
Dietmar
#6846diderius6⇗ @infuscomus
Hm, this boot debugger is not as good as the normal Windbg.
I set EB FE and CC, does not help.
In the moment, when the compi reach this driverentry of Hal.dll,
the debugger reboots the compi at once
Dietmar
#6847diderius6⇗ @infuscomus

Always the same happens
after hal.dll is loaded

Dietmar

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Tue Feb 23 11:42:33.109 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols
Executable search path is: C:\WINDOWS\symbols
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> bc *
kd> p
osloader!DbgBreakPoint+0x1:
0040b0c7 c3              ret
kd> p
osloader!BdInitDebugger+0x3c0:
0040bb78 eb05            jmp     osloader!BdInitDebugger+0x3c7 (0040bb7f)
kd> p
osloader!BdInitDebugger+0x3c7:
0040bb7f c9              leave
kd> p
osloader!BdInitDebugger+0x3c8:
0040bb80 c20c00          ret     0Ch
kd> p
osloader!MempCopyGdt+0x254:
0041143c 33c0            xor     eax,eax
kd> p
osloader!MempCopyGdt+0x256:
0041143e 5b              pop     ebx
kd> p
osloader!MempCopyGdt+0x257:
0041143f 5f              pop     edi
kd> p
osloader!MempCopyGdt+0x258:
00411440 5e              pop     esi
kd> p
osloader!MempCopyGdt+0x259:
00411441 59              pop     ecx
kd> p
osloader!MempCopyGdt+0x25a:
00411442 59              pop     ecx
kd> p
osloader!MempCopyGdt+0x25b:
00411443 c3              ret
kd> p
osloader!InitializeMemorySubsystem+0x236:
0041167a 5f              pop     edi
kd> p
osloader!InitializeMemorySubsystem+0x237:
0041167b 5e              pop     esi
kd> p
osloader!InitializeMemorySubsystem+0x238:
0041167c 5b              pop     ebx
kd> p
osloader!InitializeMemorySubsystem+0x239:
0041167d c9              leave
kd> p
osloader!InitializeMemorySubsystem+0x23a:
0041167e c20400          ret     4
kd> p
osloader!DoGlobalInitialization+0x62:
0040e2fd 85c0            test    eax,eax
kd> p
osloader!DoGlobalInitialization+0x64:
0040e2ff 740f            je      osloader!DoGlobalInitialization+0x75 (0040e310)
kd> p
osloader!DoGlobalInitialization+0x75:
0040e310 e86c330000      call    osloader!InitializeMemoryDescriptors (00411681)
kd> p
osloader!DoGlobalInitialization+0x7a:
0040e315 c20400          ret     4
kd> p
osloader!NtProcessStartup+0x15:
0040e4ce 56              push    esi
kd> p
osloader!NtProcessStartup+0x16:
0040e4cf 68b8254200      push    offset osloader!BlSuCmdLine (004225b8)
kd> p
osloader!NtProcessStartup+0x1b:
0040e4d4 e83ffeffff      call    osloader!ParseCommandLine (0040e318)
kd> p
osloader!NtProcessStartup+0x20:
0040e4d9 56              push    esi
kd> p
osloader!NtProcessStartup+0x21:
0040e4da e86c4affff      call    osloader!BlFillInSystemParameters (00402f4b)
kd> p
osloader!NtProcessStartup+0x26:
0040e4df 8b4628          mov     eax,dword ptr [esi+28h]
kd> p
osloader!NtProcessStartup+0x29:
0040e4e2 a32cfc4200      mov     dword ptr [osloader!BootFlags (0042fc2c)],eax
kd> p
osloader!NtProcessStartup+0x2e:
0040e4e7 8b06            mov     eax,dword ptr [esi]
kd> p
osloader!NtProcessStartup+0x30:
0040e4e9 8b00            mov     eax,dword ptr [eax]
kd> p
osloader!NtProcessStartup+0x32:
0040e4eb 25ff000000      and     eax,0FFh
kd> p
osloader!NtProcessStartup+0x37:
0040e4f0 bb48f34200      mov     ebx,offset osloader!BootPartitionName (0042f348)
kd> p
osloader!NtProcessStartup+0x3c:
0040e4f5 0f848c010000    je      osloader!NtProcessStartup+0x1ce (0040e687)
kd> p
osloader!NtProcessStartup+0x42:
0040e4fb 83f801          cmp     eax,1
kd> p
osloader!NtProcessStartup+0x45:
0040e4fe 0f8483010000    je      osloader!NtProcessStartup+0x1ce (0040e687)
kd> p
osloader!NtProcessStartup+0x4b:
0040e504 83f840          cmp     eax,40h
kd> p
osloader!NtProcessStartup+0x4e:
0040e507 751a            jne     osloader!NtProcessStartup+0x6a (0040e523)
kd> p
osloader!NtProcessStartup+0x6a:
0040e523 83f841          cmp     eax,41h
kd> p
osloader!NtProcessStartup+0x6d:
0040e526 7514            jne     osloader!NtProcessStartup+0x83 (0040e53c)
kd> p
osloader!NtProcessStartup+0x83:
0040e53c 50              push    eax
kd> p
osloader!NtProcessStartup+0x84:
0040e53d e82efdffff      call    osloader!BlIsElToritoCDBoot (0040e270)
kd> p
osloader!NtProcessStartup+0x89:
0040e542 84c0            test    al,al
kd> p
osloader!NtProcessStartup+0x8b:
0040e544 8b06            mov     eax,dword ptr [esi]
kd> p
osloader!NtProcessStartup+0x8d:
0040e546 741e            je      osloader!NtProcessStartup+0xad (0040e566)
kd> p
osloader!NtProcessStartup+0xad:
0040e566 0fb64801        movzx   ecx,byte ptr [eax+1]
kd> p
osloader!NtProcessStartup+0xb1:
0040e56a 0fb600          movzx   eax,byte ptr [eax]
kd> p
osloader!NtProcessStartup+0xb4:
0040e56d 51              push    ecx
kd> p
osloader!NtProcessStartup+0xb5:
0040e56e 50              push    eax
kd> p
osloader!NtProcessStartup+0xb6:
0040e56f 53              push    ebx
kd> p
osloader!NtProcessStartup+0xb7:
0040e570 e842fcffff      call    osloader!BlGetActivePartition (0040e1b7)
kd> p
osloader!NtProcessStartup+0xbc:
0040e575 6a4f            push    4Fh
kd> p
osloader!NtProcessStartup+0xbe:
0040e577 33ff            xor     edi,edi
kd> p
osloader!NtProcessStartup+0xc0:
0040e579 8d45a5          lea     eax,[ebp-5Bh]
kd> p
osloader!NtProcessStartup+0xc3:
0040e57c 57              push    edi
kd> p
osloader!NtProcessStartup+0xc4:
0040e57d 50              push    eax
kd> p
osloader!NtProcessStartup+0xc5:
0040e57e c645a400        mov     byte ptr [ebp-5Ch],0
kd> p
osloader!NtProcessStartup+0xc9:
0040e582 e825dd0000      call    osloader!memset (0041c2ac)
kd> p
osloader!NtProcessStartup+0xce:
0040e587 8b06            mov     eax,dword ptr [esi]
kd> p
osloader!NtProcessStartup+0xd0:
0040e589 897d08          mov     dword ptr [ebp+8],edi
kd> p
osloader!NtProcessStartup+0xd3:
0040e58c 8b00            mov     eax,dword ptr [eax]
kd> p
osloader!NtProcessStartup+0xd5:
0040e58e 83e07f          and     eax,7Fh
kd> p
osloader!NtProcessStartup+0xd8:
0040e591 50              push    eax
kd> p
osloader!NtProcessStartup+0xd9:
0040e592 8d45a4          lea     eax,[ebp-5Ch]
kd> p
osloader!NtProcessStartup+0xdc:
0040e595 6834054200      push    offset osloader!`string' (00420534)
kd> p
osloader!NtProcessStartup+0xe1:
0040e59a 50              push    eax
kd> p
osloader!NtProcessStartup+0xe2:
0040e59b e8b0db0000      call    osloader!sprintf (0041c150)
kd> p
osloader!NtProcessStartup+0xe7:
0040e5a0 83c418          add     esp,18h
kd> p
osloader!NtProcessStartup+0xea:
0040e5a3 8d4508          lea     eax,[ebp+8]
kd> p
osloader!NtProcessStartup+0xed:
0040e5a6 50              push    eax
kd> p
osloader!NtProcessStartup+0xee:
0040e5a7 6a02            push    2
kd> p
osloader!NtProcessStartup+0xf0:
0040e5a9 8d45a4          lea     eax,[ebp-5Ch]
kd> p
osloader!NtProcessStartup+0xf3:
0040e5ac 50              push    eax
kd> p
osloader!NtProcessStartup+0xf4:
0040e5ad a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!NtProcessStartup+0xf9:
0040e5b2 ff505c          call    dword ptr [eax+5Ch]
kd> p
osloader!NtProcessStartup+0xfc:
0040e5b5 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0xfe:
0040e5b7 0f85bd000000    jne     osloader!NtProcessStartup+0x1c1 (0040e67a)
kd> p
osloader!NtProcessStartup+0x104:
0040e5bd 57              push    edi
kd> p
osloader!NtProcessStartup+0x105:
0040e5be 8d45f8          lea     eax,[ebp-8]
kd> p
osloader!NtProcessStartup+0x108:
0040e5c1 50              push    eax
kd> p
osloader!NtProcessStartup+0x109:
0040e5c2 ff7508          push    dword ptr [ebp+8]
kd> p
osloader!NtProcessStartup+0x10c:
0040e5c5 a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!NtProcessStartup+0x111:
0040e5ca 897df8          mov     dword ptr [ebp-8],edi
kd> p
osloader!NtProcessStartup+0x114:
0040e5cd 897dfc          mov     dword ptr [ebp-4],edi
kd> p
osloader!NtProcessStartup+0x117:
0040e5d0 ff5070          call    dword ptr [eax+70h]
kd> p
osloader!NtProcessStartup+0x11a:
0040e5d3 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x11c:
0040e5d5 0f858a000000    jne     osloader!NtProcessStartup+0x1ac (0040e665)
kd> p
osloader!NtProcessStartup+0x122:
0040e5db 8d45f4          lea     eax,[ebp-0Ch]
kd> p
osloader!NtProcessStartup+0x125:
0040e5de 50              push    eax
kd> p
osloader!NtProcessStartup+0x126:
0040e5df bf00020000      mov     edi,200h
kd> p
osloader!NtProcessStartup+0x12b:
0040e5e4 57              push    edi
kd> p
osloader!NtProcessStartup+0x12c:
0040e5e5 8d85a4fdffff    lea     eax,[ebp-25Ch]
kd> p
osloader!NtProcessStartup+0x132:
0040e5eb 50              push    eax
kd> p
osloader!NtProcessStartup+0x133:
0040e5ec ff7508          push    dword ptr [ebp+8]
kd> p
osloader!NtProcessStartup+0x136:
0040e5ef a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!NtProcessStartup+0x13b:
0040e5f4 ff5064          call    dword ptr [eax+64h]
kd> p
osloader!NtProcessStartup+0x13e:
0040e5f7 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x140:
0040e5f9 7563            jne     osloader!NtProcessStartup+0x1a5 (0040e65e)
kd> p
osloader!NtProcessStartup+0x142:
0040e5fb 39855cffffff    cmp     dword ptr [ebp-0A4h],eax
kd> p
osloader!NtProcessStartup+0x148:
0040e601 756d            jne     osloader!NtProcessStartup+0x1b7 (0040e670)
kd> p
osloader!NtProcessStartup+0x1b7:
0040e670 ff7508          push    dword ptr [ebp+8]
kd> p
osloader!NtProcessStartup+0x1ba:
0040e673 e89b69ffff      call    osloader!ArcCacheClose (00405013)
kd> p
osloader!NtProcessStartup+0x1bf:
0040e678 eb2d            jmp     osloader!NtProcessStartup+0x1ee (0040e6a7)
kd> p
osloader!NtProcessStartup+0x1ee:
0040e6a7 6a02            push    2
kd> p
osloader!NtProcessStartup+0x1f0:
0040e6a9 e848260000      call    osloader!FwAllocateHeapPermanent (00410cf6)
kd> p
osloader!NtProcessStartup+0x1f5:
0040e6ae a38c304300      mov     dword ptr [osloader!PcrBasePage (0043308c)],eax
kd> p
osloader!NtProcessStartup+0x1fa:
0040e6b3 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x1fc:
0040e6b5 7408            je      osloader!NtProcessStartup+0x206 (0040e6bf)
kd> p
osloader!NtProcessStartup+0x1fe:
0040e6b7 c1e80c          shr     eax,0Ch
kd> p
osloader!NtProcessStartup+0x201:
0040e6ba a38c304300      mov     dword ptr [osloader!PcrBasePage (0043308c)],eax
kd> p
osloader!NtProcessStartup+0x206:
0040e6bf 6a03            push    3
kd> p
osloader!NtProcessStartup+0x208:
0040e6c1 e830260000      call    osloader!FwAllocateHeapPermanent (00410cf6)
kd> p
osloader!NtProcessStartup+0x20d:
0040e6c6 a390304300      mov     dword ptr [osloader!TssBasePage (00433090)],eax
kd> p
osloader!NtProcessStartup+0x212:
0040e6cb 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x214:
0040e6cd 7408            je      osloader!NtProcessStartup+0x21e (0040e6d7)
kd> p
osloader!NtProcessStartup+0x216:
0040e6cf c1e80c          shr     eax,0Ch
kd> p
osloader!NtProcessStartup+0x219:
0040e6d2 a390304300      mov     dword ptr [osloader!TssBasePage (00433090)],eax
kd> p
osloader!NtProcessStartup+0x21e:
0040e6d7 e843360000      call    osloader!BlMemoryInitialize (00411d1f)
kd> p
osloader!NtProcessStartup+0x223:
0040e6dc e84744ffff      call    osloader!AEInitializeStall (00402b28)
kd> p
osloader!NtProcessStartup+0x228:
0040e6e1 e800d50000      call    osloader!BlInitializeHeadlessPort (0041bbe6)
kd> p
osloader!NtProcessStartup+0x22d:
0040e6e6 e8e568ffff      call    osloader!BlIoInitialize (00404fd0)
kd> p
osloader!NtProcessStartup+0x232:
0040e6eb 53              push    ebx
kd> p
osloader!NtProcessStartup+0x233:
0040e6ec e8a9f4ffff      call    osloader!BlStartup (0040db9a)
kd> p
BD: 80A02000 \WINDOWS\system32\ntkrnlpa.exe
BD: 80100000 \WINDOWS\system32\hal.dll
BD: 80010000 \WINDOWS\system32\kdcom.dll
osloader!NtProcessStartup+0x238:
0040e6f1 f6052cfc420001  test    byte ptr [osloader!BootFlags (0042fc2c)],1
kd> t
osloader!NtProcessStartup+0x23f:
0040e6f8 742c            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> t
osloader!NtProcessStartup+0x26d:
0040e726 e896d70000      call    osloader!BlTerminalHandleLoaderFailure (0041bec1)
kd> t
osloader!BlTerminalHandleLoaderFailure:
0041bec1 55              push    ebp
kd> t
osloader!BlTerminalHandleLoaderFailure+0x1:
0041bec2 8bec            mov     ebp,esp
kd> t
osloader!BlTerminalHandleLoaderFailure+0x3:
0041bec4 51              push    ecx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x4:
0041bec5 51              push    ecx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x5:
0041bec6 53              push    ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x6:
0041bec7 33db            xor     ebx,ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x8:
0041bec9 381da1704500    cmp     byte ptr [osloader!BlTerminalConnected (004570a1)],bl
kd> t
osloader!BlTerminalHandleLoaderFailure+0xe:
0041becf 7507            jne     osloader!BlTerminalHandleLoaderFailure+0x17 (0041bed8)
kd> t
osloader!BlTerminalHandleLoaderFailure+0x10:
0041bed1 b001            mov     al,1
kd> t
osloader!BlTerminalHandleLoaderFailure+0x12:
0041bed3 e966020000      jmp     osloader!BlTerminalHandleLoaderFailure+0x27d (0041c13e)
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27d:
0041c13e 5b              pop     ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27e:
0041c13f c9              leave
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27f:
0041c140 c3              ret
kd> t
osloader!NtProcessStartup+0x272:
0040e72b 84c0            test    al,al
kd> t
osloader!NtProcessStartup+0x274:
0040e72d 74f7            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> t
osloader!NtProcessStartup+0x276:
0040e72f ebed            jmp     osloader!NtProcessStartup+0x265 (0040e71e)
kd> t
osloader!NtProcessStartup+0x265:
0040e71e a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> t
osloader!NtProcessStartup+0x26a:
0040e723 ff5014          call    dword ptr [eax+14h]
kd> t
osloader!AEReboot:
00402ad3 55              push    ebp
kd> t
osloader!AEReboot+0x1:
00402ad4 8bec            mov     ebp,esp
kd> t
osloader!AEReboot+0x3:
00402ad6 51              push    ecx
kd> t
osloader!AEReboot+0x4:
00402ad7 e815960000      call    osloader!TextGrTerminate (0040c0f1)
kd> t
osloader!TextGrTerminate:
0040c0f1 33c0            xor     eax,eax
kd> t
osloader!TextGrTerminate+0x2:
0040c0f3 390594ed4200    cmp     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0x8:
0040c0f9 7405            je      osloader!TextGrTerminate+0xf (0040c100)
kd> t
osloader!TextGrTerminate+0xa:
0040c0fb a394ed4200      mov     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0xf:
0040c100 38054a304300    cmp     byte ptr [osloader!GraphicsMode (0043304a)],al
kd> t
osloader!TextGrTerminate+0x15:
0040c106 7511            jne     osloader!TextGrTerminate+0x28 (0040c119)
kd> t
osloader!TextGrTerminate+0x17:
0040c108 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> t
osloader!TextGrTerminate+0x1c:
0040c10d 6a03            push    3
kd> t
osloader!TextGrTerminate+0x1e:
0040c10f 6800000080      push    80000000h
kd> t
osloader!TextGrTerminate+0x23:
0040c114 ff5018          call    dword ptr [eax+18h]
kd> t
00020eff 6858000000      push    58h
kd> t
00020f04 680a0f0000      push    0F0Ah
kd> t
00020f09 cb              retf
kd> t
0058:0f0a 6655            push    ebp
16.kd> t
0058:0f0c 6653            push    ebx
16.kd> t
0058:0f0e 6656            push    esi
16.kd> t
0058:0f10 6657            push    edi
16.kd> t
0058:0f12 6689e3          mov     ebx,esp
16.kd> t
0058:0f15 b86000          mov     ax,60h
16.kd> t
0058:0f18 8ed8            mov     ds,ax
16.kd> t
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
#6848infuscomus⇗ @diderius6

maybe using kdcom.dll of vista RTM might give more information?
#6849diderius6⇗ @infuscomus
kdcom.dll is not used because all debugging is done by this new ntldr.
I test this, just renaming kdcom.dll
Dietmar
#6850infuscomus⇗ @diderius6

do you get these same results with the other ntldr_dbg builds?
#6851diderius6⇗ @infuscomus
with your ntldr_dbg from XP SP1 I succeed to break after the load of ntkrnlpa.exe and before hal.dll.
But the result is the same. And to set a breakpoint in hal.dll itself also does not work, here this breakpoint is just ignored.

osloader!BlInsertDescriptor+0x5e:
00407d02 7523            jne     osloader!BlInsertDescriptor+0x83 (00407d27)
kd> t
osloader!BlInsertDescriptor+0x60:
00407d04 8b7d08          mov     edi,dword ptr [ebp+8]
kd> t
osloader!BlInsertDescriptor+0x63:
00407d07 8b5f10          mov     ebx,dword ptr [edi+10h]
kd> t
osloader!BlInsertDescriptor+0x66:
00407d0a 8b7f0c          mov     edi,dword ptr [edi+0Ch]
kd> t
osloader!BlInsertDescriptor+0x69:
00407d0d 03fb            add     edi,ebx
kd> t
osloader!BlInsertDescriptor+0x6b:
00407d0f 3b780c          cmp     edi,dword ptr [eax+0Ch]
kd> t
osloader!BlInsertDescriptor+0x6e:
00407d12 7510            jne     osloader!BlInsertDescriptor+0x80 (00407d24)
kd> t
osloader!BlInsertDescriptor+0x70:
00407d14 8b5010          mov     edx,dword ptr [eax+10h]
kd> t
osloader!BlInsertDescriptor+0x73:
00407d17 8b4508          mov     eax,dword ptr [ebp+8]
kd> t
osloader!BlInsertDescriptor+0x76:
00407d1a 03d3            add     edx,ebx
kd> t
osloader!BlInsertDescriptor+0x78:
00407d1c 8b5dfc          mov     ebx,dword ptr [ebp-4]
kd> t
osloader!BlInsertDescriptor+0x7b:
00407d1f 895010          mov     dword ptr [eax+10h],edx
kd> t
osloader!BlInsertDescriptor+0x7e:
00407d22 eb0f            jmp     osloader!BlInsertDescriptor+0x8f (00407d33)
kd> t
osloader!BlInsertDescriptor+0x8f:
00407d33 3bf3            cmp     esi,ebx
kd> t
osloader!BlInsertDescriptor+0x91:
00407d35 7432            je      osloader!BlInsertDescriptor+0xc5 (00407d69)
kd> t
osloader!BlInsertDescriptor+0x93:
00407d37 8b5108          mov     edx,dword ptr [ecx+8]
kd> t
osloader!BlInsertDescriptor+0x96:
00407d3a 83fa02          cmp     edx,2
kd> t
osloader!BlInsertDescriptor+0x99:
00407d3d 7405            je      osloader!BlInsertDescriptor+0xa0 (00407d44)
kd> t
osloader!BlInsertDescriptor+0x9b:
00407d3f 83fa18          cmp     edx,18h
kd> t
osloader!BlInsertDescriptor+0x9e:
00407d42 7525            jne     osloader!BlInsertDescriptor+0xc5 (00407d69)
kd> t
osloader!BlInsertDescriptor+0xa0:
00407d44 8b5010          mov     edx,dword ptr [eax+10h]
kd> t
osloader!BlInsertDescriptor+0xa3:
00407d47 8b700c          mov     esi,dword ptr [eax+0Ch]
kd> t
osloader!BlInsertDescriptor+0xa6:
00407d4a 03f2            add     esi,edx
kd> t
osloader!BlInsertDescriptor+0xa8:
00407d4c 3b710c          cmp     esi,dword ptr [ecx+0Ch]
kd> t
osloader!BlInsertDescriptor+0xab:
00407d4f 7518            jne     osloader!BlInsertDescriptor+0xc5 (00407d69)
kd> t
osloader!BlInsertDescriptor+0xad:
00407d51 8b7110          mov     esi,dword ptr [ecx+10h]
kd> t
osloader!BlInsertDescriptor+0xb0:
00407d54 03f2            add     esi,edx
kd> t
osloader!BlInsertDescriptor+0xb2:
00407d56 897010          mov     dword ptr [eax+10h],esi
kd> t
osloader!BlInsertDescriptor+0xb5:
00407d59 8b5108          mov     edx,dword ptr [ecx+8]
kd> t
osloader!BlInsertDescriptor+0xb8:
00407d5c 895008          mov     dword ptr [eax+8],edx
kd> t
osloader!BlInsertDescriptor+0xbb:
00407d5f 8b01            mov     eax,dword ptr [ecx]
kd> t
osloader!BlInsertDescriptor+0xbd:
00407d61 8b4904          mov     ecx,dword ptr [ecx+4]
kd> t
osloader!BlInsertDescriptor+0xc0:
00407d64 8901            mov     dword ptr [ecx],eax
kd> t
osloader!BlInsertDescriptor+0xc2:
00407d66 894804          mov     dword ptr [eax+4],ecx
kd> t
osloader!BlInsertDescriptor+0xc5:
00407d69 5f              pop     edi
kd> t
osloader!BlInsertDescriptor+0xc6:
00407d6a 5e              pop     esi
kd> t
osloader!BlInsertDescriptor+0xc7:
00407d6b 5b              pop     ebx
kd> t
osloader!BlInsertDescriptor+0xc8:
00407d6c c9              leave
kd> t
osloader!BlInsertDescriptor+0xc9:
00407d6d c20400          ret     4
kd> t
osloader!BlFreeDescriptor+0x62:
00407dd2 33c0            xor     eax,eax
kd> t
osloader!BlFreeDescriptor+0x64:
00407dd4 5d              pop     ebp
kd> t
osloader!BlFreeDescriptor+0x65:
00407dd5 c20400          ret     4
kd> t
osloader!BlImageFreeCache+0x1c:
00415a05 83661400        and     dword ptr [esi+14h],0
kd> t
osloader!BlImageFreeCache+0x20:
00415a09 83661000        and     dword ptr [esi+10h],0
kd> t
osloader!BlImageFreeCache+0x24:
00415a0d 5e              pop     esi
kd> t
osloader!BlImageFreeCache+0x25:
00415a0e 5d              pop     ebp
kd> t
osloader!BlImageFreeCache+0x26:
00415a0f c20800          ret     8
kd> t
osloader!BlLoadImageEx+0x45d:
00415e6f ff75f8          push    dword ptr [ebp-8]
kd> t
osloader!BlLoadImageEx+0x460:
00415e72 e846f2feff      call    osloader!BlClose (004050bd)
kd> t
osloader!BlClose:
004050bd 55              push    ebp
kd> t
osloader!BlClose+0x1:
004050be 8bec            mov     ebp,esp
kd> t
osloader!BlClose+0x3:
004050c0 8b4508          mov     eax,dword ptr [ebp+8]
kd> t
osloader!BlClose+0x6:
004050c3 6bc068          imul    eax,eax,68h
kd> t
osloader!BlClose+0x9:
004050c6 f68080bd460001  test    byte ptr osloader!BlFileTable (0046bd80)[eax],1
kd> t
osloader!BlClose+0x10:
004050cd 7409            je      osloader!BlClose+0x1b (004050d8)
kd> t
osloader!BlClose+0x12:
004050cf 8b8094bd4600    mov     eax,dword ptr osloader!BlFileTable+0x14 (0046bd94)[eax]
kd> t
osloader!BlClose+0x18:
004050d5 5d              pop     ebp
kd> t
osloader!BlClose+0x19:
004050d6 ff20            jmp     dword ptr [eax]
kd> t
osloader!ScsiDiskClose:
004089b0 55              push    ebp
kd> t
osloader!ScsiDiskClose+0x1:
004089b1 8bec            mov     ebp,esp
kd> t
osloader!ScsiDiskClose+0x3:
004089b3 8b4508          mov     eax,dword ptr [ebp+8]
kd> t
osloader!ScsiDiskClose+0x6:
004089b6 6bc068          imul    eax,eax,68h
kd> t
osloader!ScsiDiskClose+0x9:
004089b9 8d8080bd4600    lea     eax,osloader!BlFileTable (0046bd80)[eax]
kd> t
osloader!ScsiDiskClose+0xf:
004089bf 8320fe          and     dword ptr [eax],0FFFFFFFEh
kd> t
osloader!ScsiDiskClose+0x12:
004089c2 33c0            xor     eax,eax
kd> t
osloader!ScsiDiskClose+0x14:
004089c4 5d              pop     ebp
kd> t
osloader!ScsiDiskClose+0x15:
004089c5 c20400          ret     4
kd> t
osloader!BlLoadImageEx+0x465:
00415e77 8b4508          mov     eax,dword ptr [ebp+8]
kd> t
osloader!BlLoadImageEx+0x468:
00415e7a 5f              pop     edi
kd> t
osloader!BlLoadImageEx+0x469:
00415e7b 5e              pop     esi
kd> t
osloader!BlLoadImageEx+0x46a:
00415e7c c9              leave
kd> t
osloader!BlLoadImageEx+0x46b:
00415e7d c21c00          ret     1Ch
kd> t
osloader!BlOsLoader+0xaba:
004226e8 8bf0            mov     esi,eax
kd> t
osloader!BlOsLoader+0xabc:
004226ea 83fe10          cmp     esi,10h
kd> t
osloader!BlOsLoader+0xabf:
004226ed 74bd            je      osloader!BlOsLoader+0xa7e (004226ac)
kd> t
osloader!BlOsLoader+0xac1:
004226ef 3bf7            cmp     esi,edi
kd> t
osloader!BlOsLoader+0xac3:
004226f1 0f8532060000    jne     osloader!BlOsLoader+0x10fb (00422d29)
kd> t
osloader!BlOsLoader+0xac9:
004226f7 e84543ffff      call    osloader!BlUpdateBootStatus (00416a41)
kd> t
osloader!BlUpdateBootStatus:
00416a41 ff0528db4300    inc     dword ptr [osloader!BlNumFilesLoaded (0043db28)]
kd> t
osloader!BlUpdateBootStatus+0x6:
00416a47 803d35db430000  cmp     byte ptr [osloader!BlShowProgressBar (0043db35)],0
kd> t
osloader!BlUpdateBootStatus+0xd:
00416a4e 7406            je      osloader!BlUpdateBootStatus+0x15 (00416a56)
kd> t
osloader!BlUpdateBootStatus+0x15:
00416a56 e9b9feffff      jmp     osloader!BlRedrawProgressBar (00416914)
kd> t
osloader!BlRedrawProgressBar:
00416914 803d35db430000  cmp     byte ptr [osloader!BlShowProgressBar (0043db35)],0
kd> t
osloader!BlRedrawProgressBar+0x7:
0041691b 7552            jne     osloader!BlRedrawProgressBar+0x5b (0041696f)
kd> t
osloader!BlRedrawProgressBar+0x9:
0041691d a170904300      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (00439070)]
kd> t
osloader!BlRedrawProgressBar+0xe:
00416922 ff5054          call    dword ptr [eax+54h]
kd> t
osloader!AEGetRelativeTime:
0040691b a170d94600      mov     eax,dword ptr [osloader!ExternalServicesTable (0046d970)]
kd> t
osloader!AEGetRelativeTime+0x5:
00406920 ff500c          call    dword ptr [eax+0Ch]
kd> t
00022e90 6858000000      push    58h
kd> t
00022e95 68b4070000      push    7B4h
kd> t
00022e9a cb              retf
kd> t
0058:07b4 6655            push    ebp
16.kd> t
0058:07b6 6653            push    ebx
16.kd> t
0058:07b8 6656            push    esi
16.kd> t
0058:07ba 6657            push    edi
16.kd> t
0058:07bc 668bdc          mov     ebx,esp
16.kd> t
0058:07bf b86000          mov     ax,60h
16.kd> t
0058:07c2 8ed8            mov     ds,ax
16.kd> t
BD: Boot Debugger Initialized
BD: osloader.exe base address 00400000
*** WARNING: Unable to verify timestamp for osloader.exe
BD: \WINDOWS\system32\ntkrnlpa.exe base address 80A02000
osloader!RtlpBreakWithStatusInstruction:
0041cf70 cc              int     3

   

When I let Windbg run, I get on the debugged compi the known message about missing DLLs for Kernel.
The compi, where the program Windbg runs, breaks at
BD: \WINDOWS\system32\hal.dll base address 80100000
Break

But when I trace back with Disassembly (works as long as there is no jmp or call or retn) the last operations
are the same as in spoiler before.
#6852infuscomus⇗ @diderius6

It's getting up to

osloader!BlLoadImageEx+0x460:
then goes to BlClose

I'm thinking my modifications to the vista hal.dll export table might be preventing this from working correctly. That or it doesn't like XP ntoskrnl.
#6853diderius6⇗ @infuscomus
I can make a try with SoftIce.
SoftICE is a one machine Debugger, which means, that the Host and the Target are one and the same compi.

The problem in this is, that the only compi on which Softice runs under XP SP3
is not my daily compi and I have to safe the content of everything from this compi.
Many partitions, so it will be not easy. On this compi, SoftICE runs stable under XP SP3.
I thought about to make via Winhex an identical copy to an USB harddisk of partition C:\ ,
where SoftICE just now works and to boot from this USB harddisk.
Dont know, what Softice will say to this, but it is worth a try
Dietmar
#6854infuscomus⇗ @diderius6

If you're doing anything take might break an OS install just remember to make an image of the drive before you do anything.
I quite like Paragon Hard Disk Manager and its Recovery Media and always use it for my backups.
#6855diderius6⇗ @infuscomus
I have had one case, where the Paragon program fails.
Because I want to avoid any risk,
I will make a one by one bit copy of the harddisk with Winhex.
But this is crazy slow, needs more than a day on large harddisks,
but until now never fails
Dietmar

PS: On any other compi I would just take harddisk out and install XP new.
But because the crazy way to get SoftICE to work on this compi under XP SP3,
never change a running system ).
You for yourself can do any easy test: Copy ALL *.dlls from Vista into Windows\system32 folder of XP and look what happens.
The message about missing dlls for Kernel is gone then (I think).
Via this way you can also find out, which dlls are missed.

 

Page 458

#6856infuscomus⇗ @diderius6

I recall that Paragon does have a RAW copy mode that should do the same thing (it'd be slow, like you said)
I'm not sure where it is in the most recent version, but it should still be there.

⇗ https://kb.paragon-software.com/article/133
^
this article mentions -  HDD raw copy to copy the hard disk in the sector-by-sector mode, thus ignoring its information structure
#6857diderius6⇗ @infuscomus
I just read,
that SoftICE works also over serial connection or even lan
Dietmar

⇗ https://community.osr.com/discussion/726...ng-with-softice

EDIT: BOOT modus works in SoftICE on XP SP3 but not early BOOT.
#6858BrooonsDisk C: -  windows XP
Disk D: -  windows XP
Both windows alike identical absolutely
ACPI.SYS alike identical absolutely
SATA alike identical absolutely
Disk C:  -  start well
Disk D: -- start BSOD 0x00000050
Why?
#6859diderius6⇗ @Brooons
This depends, on how you install XP.
When you install it with only one harddisk at a time connected,
XP will install on C:\.
This you can repeat for the other harddisk also (as single harddisk) and boot later
from each as you wish.
Sometimes it helps to delete whole key in registry
HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices .
It is build new from XP during reboot. This trick works only in XP
Dietmar
#6860Brooons
Zitat von ⇗ diderius6 im Beitrag ¶ #6859
@Brooons
This depends, on how you install XP.
Dietmar

Both windows I carry with other computer, has conducted through Paragon P2P OS.
Disk C very well, Disk D - start BSOD
though all actions alike absolutely
#6861diderius6⇗ @Brooons

When you use Paragon together with an other harddisk at the compi in the same time,
the "intelligence" of the program "repairs" the bootsector
Dietmar
#6862BrooonsBoot sector good, windows do start, boot, cursor picture and BSOD
#6863Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #6631
I found out, that the IO address is 0xD000 and 0xD010 for both cards.


Zitat von ⇗ diderius6 im Beitrag ¶ #6671
@Gelip
Here it is
Dietmar

⇗ [img]https://i.ibb.co/XS2xxNf/lspci.png[/img]



Zitat von ⇗ diderius6 im Beitrag ¶ #6669
@Gelip
Here it is. I enabled, disabled all. No difference, just no serial Windbg via this PCI-E slotcard
Dietmar

⇗ [img]https://i.ibb.co/Mk7S2sp/20210216-193823.jpg[/img]


Your PEX2S553 Startech card have I/O and MMIO addressing:
lspci -s 03:00.0 -vv (I/O port at d010 and Memory at df403000)

Please show screenshot is your port 03:00.0 is BusMaster+

lspci -s 03:00.0 -vv

Disable integrated port COM, uninstall WinXP drivers Startech port if installed and boot PC from MS-DOS USB stick then disable MMIO access:

setpci -s 03:00.0 command=1     this set I/O+ Mem-

or

setpci -s 03:00.0 command=5     this set I/O+ Mem- BusMaster+

and

debug.exe
-e 40:0 10 D0
-q
grub.exe and boot WinXP

or use modded kdcom.dll with repalced COM1 03f8 to d010 in offset C50 and boot.ini COM1

P.S. In setpci command:

+ means option enabled
- means option disabled
#6864gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6853
I can make a try with SoftIce.
SoftICE is a one machine Debugger, which means, that the Host and the Target are one and the same compi.
⇗ @diderius6 ...SI can be run as a remote debugger if you use the Driver Studio version. An article on that.

⇗ http://driverentry.com.br/en/blog/?p=141
#6865infuscomus⇗ @diderius6

I sent you a PM, can you test and debug it?
#6866diderius6⇗ @infuscomus
Soon I will test.
I think, that you have to rename

vkrnl4xp.exe  ---> ntoskrnl.exe

Also I will make the idea from ⇗ @gordo999 come true,
to set up a virtual debugger with Bochs and Ida Pro 6.
This may be just for fun,
but who knows
Dietmar
#6867diderius6⇗ @infuscomus

With the normal ntldr I get the same message about missing dlls for Kernel.
With the Master-ntldr now I get the bootfiles loaded,
but the crash happens in Windbg at the same place as before
Dietmar

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Thu Feb 25 10:31:23.904 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols
Executable search path is: C:\WINDOWS\symbols
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> g
BD: 80A02000 \WINDOWS\system32\ntoskrnl.exe
BD: 80100000 \WINDOWS\system32\hal.dll
BD: 80010000 \WINDOWS\system32\kdcom.dll
BD: 80001000 \WINDOWS\system32\PSHED.dll
BD: 8000A000 \WINDOWS\system32\BOOTVID.dll
BD: 80138000 \WINDOWS\system32\CLFS.SYS
BD: 80173000 \WINDOWS\system32\CI.dll
Shutdown occurred at (Thu Feb 25 10:32:11.357 2021 (UTC + 1:00))...unloading all symbol tables.
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized


osloader!NtProcessStartup+0x21e:
0040e6d7 e843360000      call    osloader!BlMemoryInitialize (00411d1f)
kd> 
osloader!NtProcessStartup+0x223:
0040e6dc e84744ffff      call    osloader!AEInitializeStall (00402b28)
kd> 
osloader!NtProcessStartup+0x228:
0040e6e1 e800d50000      call    osloader!BlInitializeHeadlessPort (0041bbe6)
kd> 
osloader!NtProcessStartup+0x22d:
0040e6e6 e8e568ffff      call    osloader!BlIoInitialize (00404fd0)
kd> 
osloader!NtProcessStartup+0x232:
0040e6eb 53              push    ebx
kd> 
osloader!NtProcessStartup+0x233:
0040e6ec e8a9f4ffff      call    osloader!BlStartup (0040db9a)
kd> 
BD: 80A02000 \WINDOWS\system32\ntoskrnl.exe
BD: 80100000 \WINDOWS\system32\hal.dll
BD: 80010000 \WINDOWS\system32\kdcom.dll
BD: 80001000 \WINDOWS\system32\PSHED.dll
BD: 8000A000 \WINDOWS\system32\BOOTVID.dll
BD: 80138000 \WINDOWS\system32\CLFS.SYS
BD: 80173000 \WINDOWS\system32\CI.dll
osloader!NtProcessStartup+0x238:
0040e6f1 f6052cfc420001  test    byte ptr [osloader!BootFlags (0042fc2c)],1
kd> t
osloader!NtProcessStartup+0x23f:
0040e6f8 742c            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> t
osloader!NtProcessStartup+0x26d:
0040e726 e896d70000      call    osloader!BlTerminalHandleLoaderFailure (0041bec1)
kd> t
osloader!BlTerminalHandleLoaderFailure:
0041bec1 55              push    ebp
kd> t
osloader!BlTerminalHandleLoaderFailure+0x1:
0041bec2 8bec            mov     ebp,esp
kd> t
osloader!BlTerminalHandleLoaderFailure+0x3:
0041bec4 51              push    ecx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x4:
0041bec5 51              push    ecx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x5:
0041bec6 53              push    ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x6:
0041bec7 33db            xor     ebx,ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x8:
0041bec9 381da1704500    cmp     byte ptr [osloader!BlTerminalConnected (004570a1)],bl
kd> t
osloader!BlTerminalHandleLoaderFailure+0xe:
0041becf 7507            jne     osloader!BlTerminalHandleLoaderFailure+0x17 (0041bed8)
kd> t
osloader!BlTerminalHandleLoaderFailure+0x10:
0041bed1 b001            mov     al,1
kd> t
osloader!BlTerminalHandleLoaderFailure+0x12:
0041bed3 e966020000      jmp     osloader!BlTerminalHandleLoaderFailure+0x27d (0041c13e)
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27d:
0041c13e 5b              pop     ebx
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27e:
0041c13f c9              leave
kd> t
osloader!BlTerminalHandleLoaderFailure+0x27f:
0041c140 c3              ret
kd> t
osloader!NtProcessStartup+0x272:
0040e72b 84c0            test    al,al
kd> t
osloader!NtProcessStartup+0x274:
0040e72d 74f7            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> t
osloader!NtProcessStartup+0x276:
0040e72f ebed            jmp     osloader!NtProcessStartup+0x265 (0040e71e)
kd> t
osloader!NtProcessStartup+0x265:
0040e71e a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> t
osloader!NtProcessStartup+0x26a:
0040e723 ff5014          call    dword ptr [eax+14h]
kd> t
osloader!AEReboot:
00402ad3 55              push    ebp
kd> t
osloader!AEReboot+0x1:
00402ad4 8bec            mov     ebp,esp
kd> t
osloader!AEReboot+0x3:
00402ad6 51              push    ecx
kd> t
osloader!AEReboot+0x4:
00402ad7 e815960000      call    osloader!TextGrTerminate (0040c0f1)
kd> t
osloader!TextGrTerminate:
0040c0f1 33c0            xor     eax,eax
kd> t
osloader!TextGrTerminate+0x2:
0040c0f3 390594ed4200    cmp     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0x8:
0040c0f9 7405            je      osloader!TextGrTerminate+0xf (0040c100)
kd> t
osloader!TextGrTerminate+0xa:
0040c0fb a394ed4200      mov     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0xf:
0040c100 38054a304300    cmp     byte ptr [osloader!GraphicsMode (0043304a)],al
kd> t
osloader!TextGrTerminate+0x15:
0040c106 7511            jne     osloader!TextGrTerminate+0x28 (0040c119)
kd> t
osloader!TextGrTerminate+0x17:
0040c108 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> t
osloader!TextGrTerminate+0x1c:
0040c10d 6a03            push    3
kd> t
osloader!TextGrTerminate+0x1e:
0040c10f 6800000080      push    80000000h
kd> t
osloader!TextGrTerminate+0x23:
0040c114 ff5018          call    dword ptr [eax+18h]
kd> t
00020eff 6858000000      push    58h
kd> t
00020f04 680a0f0000      push    0F0Ah
kd> t
00020f09 cb              retf
kd> t
0058:0f0a 6655            push    ebp
16.kd> t
0058:0f0c 6653            push    ebx
16.kd> t
0058:0f0e 6656            push    esi
16.kd> t
0058:0f10 6657            push    edi
16.kd> t
0058:0f12 6689e3          mov     ebx,esp
16.kd> t
0058:0f15 b86000          mov     ax,60h
16.kd> t
0058:0f18 8ed8            mov     ds,ax
16.kd> t
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
#6868infuscomus⇗ @diderius6

can you try to do a jump over BlTerminalHandleLoaderFailure?
#6869diderius6⇗ @infuscomus
I find the place, from where this call happens in Master-ntldr

seg000:000108E7 loc_108E7: ; CODE XREF: seg000:000108DD j
seg000:000108E7                 call    sub_13F2F
seg000:000108EC                 call    sub_4D38
seg000:000108F1                 call    sub_1DDF6
seg000:000108F6                 call    sub_71E0
seg000:000108FB                 push    ebx
seg000:000108FC                 call    sub_FDAA
seg000:00010901                 test    byte ptr ds:42FC2Ch, 1
seg000:00010908                 jz      short loc_10936  <----- if ZERO, jump to BlTerminalHandleLoaderFailure
seg000:0001090A                 push    4203A4h
seg000:0001090F                 call    sub_EC5F
seg000:00010914                 mov     eax, ds:4222ECh
seg000:00010919                 pop     ecx
seg000:0001091A                 call    dword ptr [eax+54h]
seg000:0001091D                 mov     esi, eax
#6870infuscomus⇗ @diderius6

if you change to jnz, what happens?

 

Page 459

#6871diderius6⇗ @infuscomus
I just change to NOP NOP
now I test
Dietmar

PS: Hack works. debugger still running..
kd> 
osloader!NtProcessStartup+0x22d:
0040e6e6 e8e568ffff      call    osloader!BlIoInitialize (00404fd0)
kd> 
osloader!NtProcessStartup+0x232:
0040e6eb 53              push    ebx
kd> 
osloader!NtProcessStartup+0x233:
0040e6ec e8a9f4ffff      call    osloader!BlStartup (0040db9a)
kd> 
BD: 80A02000 \WINDOWS\system32\ntoskrnl.exe
BD: 80100000 \WINDOWS\system32\hal.dll
BD: 80010000 \WINDOWS\system32\kdcom.dll
BD: 80001000 \WINDOWS\system32\PSHED.dll
BD: 8000A000 \WINDOWS\system32\BOOTVID.dll
BD: 80138000 \WINDOWS\system32\CLFS.SYS
BD: 80173000 \WINDOWS\system32\CI.dll
osloader!NtProcessStartup+0x238:
0040e6f1 f6052cfc420001  test    byte ptr [osloader!BootFlags (0042fc2c)],1
kd> t
osloader!NtProcessStartup+0x23f:
0040e6f8 90              nop
kd> t
osloader!NtProcessStartup+0x240:
0040e6f9 90              nop
kd> t
osloader!NtProcessStartup+0x241:
0040e6fa 68a4034200      push    offset osloader!`string' (004203a4)
kd> t
osloader!NtProcessStartup+0x246:
0040e6ff e84be3ffff      call    osloader!BlPrint (0040ca4f)
kd> t
osloader!BlPrint:
0040ca4f 55              push    ebp
kd> t
osloader!BlPrint+0x1:
0040ca50 8bec            mov     ebp,esp
kd> t
osloader!BlPrint+0x3:
0040ca52 83ec10          sub     esp,10h
kd> t
osloader!BlPrint+0x6:
0040ca55 a1a8244200      mov     eax,dword ptr [osloader!BlConsoleOutDeviceId (004224a8)]
kd> t
#6872diderius6⇗ @infuscomus
But does not help much
Dietmar

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Thu Feb 25 12:01:53.325 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols
Executable search path is: C:\WINDOWS\symbols
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> bc *
kd> bp 0040e6f1
kd> g
BD: 80A02000 \WINDOWS\system32\ntoskrnl.exe
BD: 80100000 \WINDOWS\system32\hal.dll
BD: 80010000 \WINDOWS\system32\kdcom.dll
BD: 80001000 \WINDOWS\system32\PSHED.dll
BD: 8000A000 \WINDOWS\system32\BOOTVID.dll
BD: 80138000 \WINDOWS\system32\CLFS.SYS
BD: 80173000 \WINDOWS\system32\CI.dll
Breakpoint 0 hit
osloader!NtProcessStartup+0x238:
0040e6f1 f6052cfc420001  test    byte ptr [osloader!BootFlags (0042fc2c)],1
kd> p
osloader!NtProcessStartup+0x23f:
0040e6f8 90              nop
kd> 
osloader!NtProcessStartup+0x240:
0040e6f9 90              nop
kd> 
osloader!NtProcessStartup+0x241:
0040e6fa 68a4034200      push    offset osloader!`string' (004203a4)
kd> 
osloader!NtProcessStartup+0x246:
0040e6ff e84be3ffff      call    osloader!BlPrint (0040ca4f)
kd> 
osloader!NtProcessStartup+0x24b:
0040e704 a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x250:
0040e709 59              pop     ecx
kd> 
osloader!NtProcessStartup+0x251:
0040e70a ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x254:
0040e70d 8bf0            mov     esi,eax
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x256:
0040e70f a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x25b:
0040e714 ff5054          call    dword ptr [eax+54h]
kd> 
osloader!NtProcessStartup+0x25e:
0040e717 2bc6            sub     eax,esi
kd> 
osloader!NtProcessStartup+0x260:
0040e719 83f805          cmp     eax,5
kd> 
osloader!NtProcessStartup+0x263:
0040e71c 72f1            jb      osloader!NtProcessStartup+0x256 (0040e70f)
kd> 
osloader!NtProcessStartup+0x265:
0040e71e a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x26a:
0040e723 ff5014          call    dword ptr [eax+14h]
kd> 
Shutdown occurred at (Thu Feb 25 12:04:31.529 2021 (UTC + 1:00))...unloading all symbol tables.
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Thu Feb 25 12:04:42.607 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols;C:\WINDOWS\symbols2
Executable search path is: C:\WINDOWS\symbols
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
#6873infuscomus⇗ @diderius6

infinite loop?

also, what was the message the xpsp1 ntldr_dbg displayed?
#6874diderius6⇗ @infuscomus
No, it just gets comand to reboot
BD: 80A02000 \WINDOWS\system32\ntoskrnl.exe
BD: 80100000 \WINDOWS\system32\hal.dll
BD: 80010000 \WINDOWS\system32\kdcom.dll
BD: 80001000 \WINDOWS\system32\PSHED.dll
BD: 8000A000 \WINDOWS\system32\BOOTVID.dll
BD: 80138000 \WINDOWS\system32\CLFS.SYS
BD: 80173000 \WINDOWS\system32\CI.dll
Breakpoint 0 hit
osloader!NtProcessStartup+0x26a:
0040e723 ff5014          call    dword ptr [eax+14h]
kd> t
osloader!AEReboot:
00402ad3 55              push    ebp
kd> t
osloader!AEReboot+0x1:
00402ad4 8bec            mov     ebp,esp
kd> t
osloader!AEReboot+0x3:
00402ad6 51              push    ecx
kd> t
osloader!AEReboot+0x4:
00402ad7 e815960000      call    osloader!TextGrTerminate (0040c0f1)
kd> t
osloader!TextGrTerminate:
0040c0f1 33c0            xor     eax,eax
kd> t
osloader!TextGrTerminate+0x2:
0040c0f3 390594ed4200    cmp     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0x8:
0040c0f9 7405            je      osloader!TextGrTerminate+0xf (0040c100)
kd> t
osloader!TextGrTerminate+0xa:
0040c0fb a394ed4200      mov     dword ptr [osloader!DbcsLangId (0042ed94)],eax
kd> t
osloader!TextGrTerminate+0xf:
0040c100 38054a304300    cmp     byte ptr [osloader!GraphicsMode (0043304a)],al
kd> t
osloader!TextGrTerminate+0x15:
0040c106 7511            jne     osloader!TextGrTerminate+0x28 (0040c119)
kd> t
osloader!TextGrTerminate+0x17:
0040c108 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> t
osloader!TextGrTerminate+0x1c:
0040c10d 6a03            push    3
kd> t
osloader!TextGrTerminate+0x1e:
0040c10f 6800000080      push    80000000h
kd> t
osloader!TextGrTerminate+0x23:
0040c114 ff5018          call    dword ptr [eax+18h]
kd> t
00020eff 6858000000      push    58h
kd> t
00020f04 680a0f0000      push    0F0Ah
kd> t
00020f09 cb              retf
kd> t
0058:0f0a 6655            push    ebp
16.kd> t
0058:0f0c 6653            push    ebx
16.kd> t
0058:0f0e 6656            push    esi
16.kd> t
0058:0f10 6657            push    edi
16.kd> t
0058:0f12 6689e3          mov     ebx,esp
16.kd> t
0058:0f15 b86000          mov     ax,60h
16.kd> t
0058:0f18 8ed8            mov     ds,ax
16.kd> t
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
#6875infuscomus⇗ @diderius6

I think vistas ntoskrnl and hal might depend on winload.exe to work

I recall ⇗ @Gelip managed to get winload.exe of vista beta 5219 to work with XP (and I think that winload.exe build still supports boot.ini) over on betaarchive.

edit: It wasn't Gelip, but still someone got it working
⇗ https://www.betaarchive.com/forum/viewto...=433345#p433345
#6876diderius6⇗ @infuscomus
With the ntldr_dbg from XP SP1
XP boot runs much further, Hal is asked for PCI
Dietmar

PS: In the end comes message, that dlls for Kernel cant be found.

⇗ https://ufile.io/q8vpkb5y

EDIT: It seems to hang at MempSetupPaging.
#6877infuscomus⇗ @diderius6

I made an ntldr out of vista beta 5219 loader, maybe this might work - try it

make a backup because this is probably going to not be bootable

infuscomus has attached files to this post
#6878diderius6⇗ @infuscomus
Interesting ) picture,
means, this ntldr does not work with XP
Dietmar

#6879infuscomus⇗ @diderius6

never seen that before

anything output from the debugger? or completely dead?
#6880diderius6⇗ @infuscomus
The 3 files ntdetect.com, boot.ini and this ntldr do not work together,
no Windbg output, just funny pic
Dietmar
#6881diderius6I just notice,
that the newest Bochs version 2.6.11
does not run under XP SP3.
The version before, Bochs version 2.6.10 works under XP SP3
Dietmar

EDIT: The Bochs version 2.6.10 crashes for me with the settings from Tutorial of IDA Pro debug via Bochs
⇗ http://standa-note.blogspot.com/2014/11/...of-windows.html
So I use like in this article Bochs version 2.6.6.
First I thought, that it crashes also, but then I noticed it is only SOSO slow, installing XP SP3:))..
So, just now fun is going on. I want to debug the load of the bootsector(!).
The clock is really running faast in Bochs XP.
As faster the clock, the slower the install ), XP SP3 still installs..
#6882infuscomus⇗ @Gelip

Can you show how to switch XP from using NTLDR bootloader to using bootmgr/winload loader? or otherwise have a prepatched XP VM?

I would like to test to see if my patched vista ntoskrnl/hal needs the new loader to work.
#6883diderius6You can really debug with Bochs single(!) step by step the bootprocess of XP SP3.
It is shown with an Pentium4 cpu at 300 MHZ, 1 Gb ram and acpi and USB,
Dietmar

PS: The debugger work together with Ida Pro 6 I try tomorrow.

#6884diderius6⇗ @infuscomus
I make small joke:
With vdk.exe I first make a copy of c.img file from Bochs, then open this copy as /rw the c.img file and delete there everything,
only boot.ini and ntdetect.com stay.
Then I copy your ntldr from Vista into this file,
type vdk stop
and start Bochs debugger.
Here is the result, not easy to understand but here you can see the crash of this ntldr
Dietmar

PS: Seems to be an endless loop at add byte ptr ds:[eax], al
Strange, this code isnt in this ntldr. Some garbage in memory, translated from stupid debugger to "Source Code" ?!

#6885Gelip⇗ @infuscomus

Zitat von ⇗ infuscomus im Beitrag ¶ #6882
Can you show how to switch XP from using NTLDR bootloader to using bootmgr/winload loader?

  • rename ntldr to ntldr.bak
  • copy bootmgr vista 5219 32-bit to C:
  • copy winload.exe vista 5219 32-bit to C:\WINDOWS\system32
  • add to boot.ini switch /usenewloader
  • boot PC from a newer version Windows e.g. DVD Win7 setup, Shift+F10 to CMD, bootrec /fixboot


⇗ How to switch XP over to wibload bootloader?

 

Page 460

#6886ruthanHow big victory is Bochs debugging? I mean:
- you probably not fix Intel GPU or any gpu boot problems..
- you probably cant fix there that Intel 219 lan driver problems..
- if im not wrong has not also EFI mode to fix EFI boot problem..
 So?
#6887gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6867

BD: 80173000 \WINDOWS\system32\CI.dll
⇗ @diderius6 ...one thing that stands out is the file CI.dll which seems to have been the last file processed before the faults began. CI.dll is a file verification process. CI = code integrity.

⇗ https://www.cybereason.com/blog/code-int...look-into-cidll
#6888gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6884
PS: Seems to be an endless loop at add byte ptr ds:[eax], al
Strange, this code isnt in this ntldr. Some garbage in memory, translated from stupid debugger to "Source Code" ?!
⇗ @diderius6 ...whenever you see that code in a disassembly, it usually means the disassembler cannot disassemble the bytes correctly. If you analyze the opcodes where the code exists, it may give you a clue.

For some reason, some apps include data bytes within the executable code. The bytes mean something to the code flow in the proper context, but taken out of context, they are meaningless. That's why IDA is called an 'interactive' disassembler, it depends on the user to help it figure out byte sequences. On many occasions, I've had to mark a sequence of bytes as code or data to help it interpret the section of bytes.
#6889gordo999Anybody found XP drivers for a GT 1030 Nvidia card. Apparently the 900-series could be made to work on XP.
#6890infuscomus
Zitat von ⇗ gordo999 im Beitrag ¶ #6887
Zitat von ⇗ diderius6 im Beitrag ¶ #6867

BD: 80173000 \WINDOWS\system32\CI.dll
⇗ @diderius6 ...one thing that stands out is the file CI.dll which seems to have been the last file processed before the faults began. CI.dll is a file verification process. CI = code integrity.

⇗ https://www.cybereason.com/blog/code-int...look-into-cidll



⇗ @diderius6

I think ⇗ @gordo999 is right, I just switched over to vista beta 5219 bootmgr/winload.exe - thanks ⇗ @Gelip - and after I confirmed that it could boot vanilla XP I tested my modded kernel and I got an error referring to CI.dll being missing or corrupt, I confirmed the file is there and I have not modified it in any way.

⇗ @diderius6
Do you think you could hack CI.dll to skip the check? I can send you my XP VM if you want.
#6891infuscomus
Zitat von ⇗ gordo999 im Beitrag ¶ #6889
Anybody found XP drivers for a GT 1030 Nvidia card. Apparently the 900-series could be made to work on XP.


⇗ @gordo999

There are none that I know of anyway,
but if my modded vista ntoskrnl/hal can be made to boot XP then it should work.
#6892diderius6⇗ @infuscomus
"to vista beta 5219 bootmgr/winload.exe"
on most real newer compis this does not work for XP,
as you can see here by post from ⇗ @skullteria .
And it is a hard way to overcome any check for signature or something like this.
acpi.sys from Vista does not need the file CI.dll, as I tested.
I think, ntoskrnl.exe from Vista looks for it and so the modd should happen there
Dietmar

PS: Always the question is, what you want to reach. A file, working in XP or in Vista.
For to make a 1030 Nvidia card to work with XP, I think the only way is to enable the new driver model for graphik from Vista for XP. This is, what ⇗ @skullteria is working on.
#6893infuscomus⇗ @diderius6

Zitat
PS: Always the question is, what you want to reach.



basically boot XP using ntoskrnl/hal - a very difficult goal to reach.

can you mod my ntoskrnl or ci.dll to skip the integrity check? I'm not sure how to do it myself.

P.S If we can get vista ntoskrnl/hal to boot XP then we could also switch to vista RTM bootmgr/winload too, so we wont necessarily need the vista beta boot loader.

#6894diderius6⇗ @infuscomus
From my tests long time ago I know,
that for a XP boot with vista ntoskrnl/hal you need a lot more dlls,
for which ntoskrnl.exe asks.
In the end, it is Vista.
For to overcome the check in PE header, you can use ResourceHacker.exe
⇗ http://www.angusj.com/resourcehacker/#download
just open the modded file and store it again
Dietmar
#6895infuscomus
Zitat von ⇗ diderius6 im Beitrag ¶ #6894
For to overcome the check in PE header, you can use ResourceHacker.⇗ exehttp://www.angusj.com/resourcehacker/#downloadjust open the modded file and store it againDietmar


⇗ @diderius6

what do you mean by open the file and store it again?
#6896diderius6⇗ @infuscomus

Click on ResourceHacker.exe and open the wished file.
Then save it again. Nothing more. Nice program.
It works for modded *.exe files, *.dlls but not for *.com or ntldr
Dietmar
#6897infuscomus⇗ @diderius6

how will doing this help with the integrity check problem though?

I think what is happening (from what I read in the blog linked to) CI.dll is looking for the Microsoft certificate at the end of the ntoskrnl.exe file, which I took out to add in my removed XP code, so since the certificate isn't there it complains.

I think I'm going to need to learn how to make a BCD and use the vista RTM bootloader since it allows DISABLE_INTEGRITY_CHECKS
#6898diderius6⇗ @infuscomus
Make try with ResourceHacker.exe
Dietmar
#6899skullteriaI think winload/bootmgr from Longhorn 5048 until Vista 5308 not work on Real Computer Since First generation of Core i (3,5 and 7). On core 2 Duo or lower works
#6900infuscomus⇗ @diderius6

no change, still error about CI.dll

 

Page 461

#6901infuscomus⇗ @Gelip

I want to make a BCD for use with vista RTM bootmgr/winload.exe since I now want to use DISABLE_INTEGRITY_CHECKS option - I recall you saying BOOTICE was a good option to make one from scratch, it doesn't have a vista option though, only windows 7, would this still work?
#6902Gelip⇗ @infuscomus
Try BCD and bootmgr+winload.exe from Vista SP2, but for me have BSOD 4E on MS VPC 2007:


You need fix ApplicationDevice and OSDevice path in BCD file e.g. with BootICE and boot PC pressing F8 to select Disable Driver Signature Enforcement from menu Advanced Boot Options

Gelip has attached files to this post
#6903infuscomusI got a message saying

\windows\system32\ntkrnlpa.exe

Windows could not verify the signature for this file

I enabled testsigning, nointegritychecks and DDISABLE_INTEGRITY_CHECKS in the BCD but none of them helped - there must be another check somewhere

EDIT:
I got the same error message with both original XP ntoskrnl/ntkrnlpa.exe and my modded vista ntoskrnl/ntkrnlpa.exe
#6904diderius6⇗ @infuscomus

When you enable Debug modus with bootice,
this message is gone
Dietmar
#6905infuscomus⇗ @diderius6

where is the debug mode option in bootice?
#6906diderius6⇗ @infuscomus
BC EDit, professional mode,
right click in table "new entry"
Dietmar
#6907infuscomus⇗ @diderius6

I tried this but the message persists
I've attached my BCD

infuscomus has attached files to this post
#6908gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #6891
There are none that I know of anyway,
but if my modded vista ntoskrnl/hal can be made to boot XP then it should work.
⇗ @infuscomus .....I wish you luck in your project. Wish I could contribute more...I'd like to...but I'm up to my butt in alligators at the moment.
#6909gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6892
For to make a 1030 Nvidia card to work with XP, I think the only way is to enable the new driver model for graphik from Vista for XP. This is, what @skullteria is working on.
⇗ @diderius6 ...thanks for info. I am surprised that XP works on the GT 1030 at all but it's stable in a super-VGA mode. Good enough to work with XP if I don't want 3-D graphics.
#6910gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #6897
I think what is happening (from what I read in the blog linked to) CI.dll is looking for the Microsoft certificate at the end of the ntoskrnl.exe file, which I took out to add in my removed XP code, so since the certificate isn't there it complains.
⇗ @diderius6 ....Microsoft may have made the certificate check difficult to bypass but they may also have made it a simple yes/no check. That would come down to a test or compare followed by a conditional jump.
#6911Gelip⇗ @infuscomus
Try files from beta Longhorn Server 2008 6.0.6001.16497 32-bit and Disable Driver Signature Enforcement. It works for me :-)

P.S. To enable kernel debugger add these options in BootICE:

Gelip has attached files to this post
#6912diderius6⇗ @gordo999
"they may also have made it a simple yes/no check. "
Can you please tell the exact place, where this check happens,
have a nice day
Dietmar
#6913diderius6⇗ @infuscomus
How to set up this virtual machine?
Until now, I have had only one *.img file for to boot in Qemu or Bochs
Dietmar
#6914infuscomus⇗ @diderius6

VMWare player

⇗ https://www.vmware.com/us/products/works...evaluation.html
#6915diderius6⇗ @infuscomus
I just notice, that the VMware-player-16.1
needs at least Win8 for to be installed.
Because I have had no working Win8.1 install, I am just doing this.
Question will be, how to debug a VM with XP. May be, it can be done from Win8.1 OS surrounding
Dietmar

EDIT: VMware-player-16.1 also does not run on win8.1 32 bit, brrr..

 

Page 462

#6916infuscomus⇗ @diderius6

I can make a .vhd of this VM using paragon, then you should be able to boot it directly - should I make a vhd?
#6917jonathan_hzs
?
#6918diderius6⇗ @infuscomus
Yes, make a vhd from it and send to me. For to debug, this will give more correct results.
Can I just use the Paragon program, for to install this vhd direct to harddisk?
Question is, if this VM works on real compi
Dietmar

PS: Anyway I just set up a brandnew Win8.1. So I can test all.
Now I have normal Startmenu back, so that I can work with win8.1.

#6919infuscomus⇗ @diderius6

I PMed you the VHD that you can also restore with paragon.
#6920diderius6⇗ @infuscomus
I download your vhd file.
In the end of the installation of win8.1
it tells me: Ordinal 907 can't be found in the dynamic link library mshtml.dll
and I cant run Windows Update, even it is my original DVD with key.
What a garbage
Dietmar

EDIT: I think, this happens because I upgraded from Win8.
Ok, format harddisk new. Then I set direct up the win8.1.iso from Microsoft with my key.
Now I am ready with all drivers and updates for win8.1 32 bit.
#6921infuscomus⇗ @diderius6

This might be blasphemy here, but try windows 10, you don't lose much leaving it unactivated.
#6922infuscomus⇗ @diderius6

bootice might have broken the BCD in the VHD I sent you when I first tried to enable debugging - if you get a winload.exe error this should fix it.

infuscomus has attached files to this post
#6923galagun
Zitat von ⇗ infuscomus im Beitrag ¶ #6893

P.S If we can get vista ntoskrnl/hal to boot XP then we could also switch to vista RTM bootmgr/winload too, so we wont necessarily need the vista beta boot loader.


If you read the posts in betaarchive thread about XP in UEFI, has been already stated Bootmgr/Winload from WinVista RTM actually can load XP SP3 and Win2003 SP2. But back them was deemed useless, as WinVista RTM only has *.efi loader files for 64bit uefi firmware flavors (they wanted to boot xp32 and 2003-32 in uefi, that was the goal after all). Only Beta versions of longhorn have 32bit versions of uefi loader, and then it gets removed and doesn't come back until Win8 and some longhorn server betas.

Also, Vista RTM Bootmgr/Winload PCAT versions (exe files), and the UEFI64 efi files included, are the last ones which can load XP and Win2003 with no modifications (from released product, no betas here). SP1 can't anymore. It hangs in very early Kernel init stages (before windbg kernel debugger gets up), and causes exceptions in Virtual Machines.
#6924infuscomus⇗ @galagun

I was able to boot XP with vista beta 5219 files, but I have not succeeded with vista RTM files as of yet.
#6925galagun⇗ @infuscomus

Right now I don't have time... But tomorrow may share my BCD database so it can be tested by you guys. But I state again... It works, I have seen it functional and working. I can't say the same from SP1 Vista files.
#6926infuscomus⇗ @galagun

Can you PM this to me when you are able? I'm trying to get this to work right now without much luck.
#6927galagun⇗ @infuscomus

Sure. I hope tomorrow having plenty of time... I also want to get this up to new levels.
#6928infuscomus
Zitat von ⇗ Gelip im Beitrag ¶ #6911
@infuscomus
Try files from beta Longhorn Server 2008 6.0.6001.16497 32-bit and Disable Driver Signature Enforcement. It works for me :-)

P.S. To enable kernel debugger add these options in BootICE:


⇗ @Gelip

Thanks,

I got a bit further with this - but still stuck at "Starting Windows Vista" so my install might be borked - I'll reinstall and try again.
#6929YuriyCNWindows XP mod 2021 - system build for the modern PC (edition 27.02.2021)

The information doesn't fit into a forum post for a long time - so download the text file and read it in Notepad. Always use the latest version of the methodology, as the information is constantly changing and the methodology is supplemented.

TXT-file (84kB, ENGLISH) - ⇗ https://yadi.sk/d/kCpA2FbTmqZMLA
TXT-file (87kB, RUSSIAN) - ⇗ https://yadi.sk/d/cUNXHjS1OvL4og
#6930infuscomus
Zitat
files from beta Longhorn Server 2008 6.0.6001.16497 32-bit and Disable Driver Signature Enforcement.



⇗ @Gelip

So, I tried these files you suggested on a fresh install - 7E BSOD

any tips?

 

Page 463

#6931Gelip⇗ @infuscomus

Zitat von ⇗ infuscomus im Beitrag ¶ #6928
but still stuck at "Starting Windows Vista" so my install might be borked - I'll reinstall and try again.

Turn on debug and check in WinDbg - I bet it's a problem with your graphics card driver.
#6932Gelip⇗ @infuscomus

Zitat von ⇗ infuscomus im Beitrag ¶ #6930
So, I tried these files you suggested on a fresh install - 7E BSOD

any tips?


⇗ https://www.betaarchive.com/forum/viewto...=446113#p446113
#6933infuscomus⇗ @Gelip

So, if I'm reading this right, I should take vgapnp.sys from vista?
#6934Gelip⇗ @infuscomus

Zitat von ⇗ infuscomus im Beitrag ¶ #6933
So, if I'm reading this right, I should take vgapnp.sys from vista?

No.

I had this 7E error when I tried to install the Longhorn beta.

You only use a few Longhorn files in WinXP and you also get this 7E error.

I do not know what it depends on. This is what the WinDbg log looks like when I tried to install Longhorn x86 on ASUS P8H61-M LE R2 -> ⇗ Link
Probably caused by : ntkrpamp.exe ( nt!TmInitSystem+4bda )
#6935infuscomus⇗ @Gelip

what do I do if I get a black screen?
#6936Gelip⇗ @infuscomus

Zitat von ⇗ infuscomus im Beitrag ¶ #6935
what do I do if I get a black screen?


I don't know.

I had a black screen but with a white bar on the Vista 5384 loaders - ⇗ Link
#6937infuscomus⇗ @Gelip

I removed bootdebug and nointegritychecks from my BCD, now black screen is gone and 7E BSOD is back
this 7E BSOD is with XP ntoskrnl/hal.
#6938diderius6⇗ @infuscomus
I test your vhd file.
First I change the BCD like you told.
Then I get Bsod 0xC000000E
and the message, that winload is defect.
Winload is there, I looked. And Windbg does not start.
So the Bsod happens very early or the settings in Serial Debug, kernel debug, port1, baudrate=115200
are not correct in BCD.
Before with my own tries I tested, that this Vista files together with XP SP3 can be debugged with Windbg
Dietmar

PS: I edit your BCD for debugging and now Windbg 
Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 6001 x86 compatible target at (Sun Feb 28 00:42:28.750 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols
Executable search path is: C:\WINDOWS\symbols
*** ERROR: Module load completed but symbols could not be loaded for bootmgr
Windows Boot Debugger Kernel Version 6001 UP Free x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x00502258
System Uptime: not available
MUI: \Boot\en-US\bootmgr.EXE.MUI checksum does not match primary file checksum

An error occurred (c000000e) while attempting to load the boot application \Windows\system32\winload.exe

*** Fatal Error 0x00000001 :
                (0x00000002, 0x001B4A84, 0xC000000E, 0x00000000)

Break instruction exception - code 80000003 (first chance)
*** ERROR: Module load completed but symbols could not be loaded for bootmgr
bootmgr+0x2ab48:
0042ab48 cc              int     3
kd> !analyze -v
Connected to Windows Boot Debugger 6001 x86 compatible target at (Sun Feb 28 00:42:43.859 2021 (UTC + 1:00)), ptr64 FALSE
*** ERROR: Module load completed but symbols could not be loaded for bootmgr
Loading Kernel Symbols

Loading User Symbols
Unable to resolve nt!KiBugCheckData
*******************************************************************************
*                                                                             *
*                        Exception Analysis                                   *
*                                                                             *
*******************************************************************************


FAULTING_IP: 
bootmgr+2ab48
0042ab48 cc              int     3

EXCEPTION_RECORD:  ffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 0042ab48 (bootmgr+0x0002ab48)
   ExceptionCode: 80000003 (Break instruction exception)
  ExceptionFlags: 00000000
NumberParameters: 1
   Parameter[0]: 00000000

DEFAULT_BUCKET_ID:  STATUS_BREAKPOINT

ERROR_CODE: (NTSTATUS) 0x80000003 - {AUSNAHME}  Haltepunkt  Im Quellprogramm wurde ein Haltepunkt erreicht.

EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - Mindestens ein Argument ist ung ltig.

EXCEPTION_PARAMETER1:  00000000

MOD_LIST: <ANALYSIS/>

FAULTING_THREAD:  00000001

PRIMARY_PROBLEM_CLASS:  STATUS_BREAKPOINT

BUGCHECK_STR:  APPLICATION_FAULT_STATUS_BREAKPOINT

LAST_CONTROL_TRANSFER:  from 00401f7e to 0042ab48

STACK_TEXT:  
WARNING: Stack unwind information not available. Following frames may be wrong.
00061ec8 00401f7e 00000002 c000000e 0016ab80 bootmgr+0x2ab48
00061f34 00401a14 001b4a84 00000000 00061f6b bootmgr+0x1f7e
00061f6c 004012aa 0016ab80 00000000 00000001 bootmgr+0x1a14
00061ff0 00020a9a 00025338 448bc0c3 f1eb04c7 bootmgr+0x12aa
00000000 f000eef3 f000e2c3 f000eef3 f000eef3 0x20a9a
00000000 00000000 f000e2c3 f000eef3 f000eef3 0xf000eef3


STACK_COMMAND:  kb

FOLLOWUP_IP: 
bootmgr+2ab48
0042ab48 cc              int     3

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  bootmgr+2ab48

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: bootmgr

IMAGE_NAME:  bootmgr

DEBUG_FLR_IMAGE_TIMESTAMP:  460dce46

FAILURE_BUCKET_ID:  STATUS_BREAKPOINT_80000003_bootmgr!Unknown

BUCKET_ID:  APPLICATION_FAULT_STATUS_BREAKPOINT_bootmgr+2ab48

Followup: MachineOwner
---------


EDIT: I break very early into
and this is the result

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 6001 x86 compatible target at (Sun Feb 28 00:51:11.906 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols
Executable search path is: C:\WINDOWS\symbols
*** ERROR: Module load completed but symbols could not be loaded for bootmgr
Windows Boot Debugger Kernel Version 6001 UP Free x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x00502258
System Uptime: not available
User requested boot debugger break!
Break instruction exception - code 80000003 (first chance)
*** ERROR: Module load completed but symbols could not be loaded for bootmgr
bootmgr+0x2ab48:
0042ab48 cc              int     3
kd> p
bootmgr+0x2ab49:
0042ab49 c3              ret
kd> 
bootmgr+0x59a3:
004059a3 84db            test    bl,bl
kd> 
bootmgr+0x59a5:
004059a5 7408            je      bootmgr+0x59af (004059af)
kd> 
bootmgr+0x59a7:
004059a7 ff75fc          push    dword ptr [ebp-4]
kd> 
bootmgr+0x59aa:
004059aa e881100200      call    bootmgr+0x26a30 (00426a30)
kd> 
bootmgr+0x59af:
004059af 5e              pop     esi
kd> 
bootmgr+0x59b0:
004059b0 5b              pop     ebx
kd> 
bootmgr+0x59b1:
004059b1 c9              leave
kd> 
bootmgr+0x59b2:
004059b2 c3              ret
kd> 
bootmgr+0x5b3f:
00405b3f eb23            jmp     bootmgr+0x5b64 (00405b64)
kd> 
bootmgr+0x5b64:
00405b64 5f              pop     edi
kd> 
bootmgr+0x5b65:
00405b65 5e              pop     esi
kd> 
bootmgr+0x5b66:
00405b66 8bc3            mov     eax,ebx
kd> 
bootmgr+0x5b68:
00405b68 5b              pop     ebx
kd> 
bootmgr+0x5b69:
00405b69 c9              leave
kd> 
bootmgr+0x5b6a:
00405b6a c3              ret
kd> 
bootmgr+0x1d89a:
0041d89a e820860000      call    bootmgr+0x25ebf (00425ebf)
kd> 
bootmgr+0x1d89f:
0041d89f 53              push    ebx
kd> 
bootmgr+0x1d8a0:
0041d8a0 e8b249ffff      call    bootmgr+0x12257 (00412257)
kd> 
bootmgr+0x1d8a5:
0041d8a5 e8ef390000      call    bootmgr+0x21299 (00421299)
kd> 
MUI: \Boot\en-US\bootmgr.EXE.MUI checksum does not match primary file checksum
bootmgr+0x1d8aa:
0041d8aa 33c0            xor     eax,eax
kd> 
bootmgr+0x1d8ac:
0041d8ac eb09            jmp     bootmgr+0x1d8b7 (0041d8b7)
kd> 
bootmgr+0x1d8b7:
0041d8b7 5f              pop     edi
kd> 
bootmgr+0x1d8b8:
0041d8b8 5e              pop     esi
kd> 
bootmgr+0x1d8b9:
0041d8b9 5b              pop     ebx
kd> 
bootmgr+0x1d8ba:
0041d8ba 5d              pop     ebp
kd> 
bootmgr+0x1d8bb:
0041d8bb c20400          ret     4
kd> 
bootmgr+0x1143:
00401143 85c0            test    eax,eax
kd> 
bootmgr+0x1145:
00401145 7d0b            jge     bootmgr+0x1152 (00401152)
kd> 
bootmgr+0x1152:
00401152 e8290e0000      call    bootmgr+0x1f80 (00401f80)
kd> 
bootmgr+0x1157:
00401157 e834020200      call    bootmgr+0x21390 (00421390)
kd> 
bootmgr+0x115c:
0040115c 85c0            test    eax,eax
kd> 
bootmgr+0x115e:
0040115e 7517            jne     bootmgr+0x1177 (00401177)
kd> 
bootmgr+0x1177:
00401177 50              push    eax
kd> 
bootmgr+0x1178:
00401178 e867c10200      call    bootmgr+0x2d2e4 (0042d2e4)
kd> 
bootmgr+0x117d:
0040117d 8bd8            mov     ebx,eax
kd> 
bootmgr+0x117f:
0040117f 85db            test    ebx,ebx
kd> 
bootmgr+0x1181:
00401181 7d12            jge     bootmgr+0x1195 (00401195)
kd> 
bootmgr+0x1195:
00401195 8b5c241c        mov     ebx,dword ptr [esp+1Ch]
kd> 
bootmgr+0x1199:
00401199 85db            test    ebx,ebx
kd> 
bootmgr+0x119b:
0040119b c644241201      mov     byte ptr [esp+12h],1
kd> 
bootmgr+0x11a0:
004011a0 0f8c1c020000    jl      bootmgr+0x13c2 (004013c2)
kd> 
bootmgr+0x11a6:
004011a6 8d442413        lea     eax,[esp+13h]
kd> 
bootmgr+0x11aa:
004011aa 50              push    eax
kd> 
bootmgr+0x11ab:
004011ab 8d442414        lea     eax,[esp+14h]
kd> 
bootmgr+0x11af:
004011af 50              push    eax
kd> 
bootmgr+0x11b0:
004011b0 b8c00f4800      mov     eax,offset bootmgr+0x80fc0 (00480fc0)
kd> 
bootmgr+0x11b5:
004011b5 c70534cd4700b62a4000 mov dword ptr [bootmgr+0x7cd34 (0047cd34)],offset bootmgr+0x2ab6 (00402ab6)
kd> 
bootmgr+0x11bf:
004011bf c70540cd470002304000 mov dword ptr [bootmgr+0x7cd40 (0047cd40)],offset bootmgr+0x3002 (00403002)
kd> 
bootmgr+0x11c9:
004011c9 c70544cd4700af314000 mov dword ptr [bootmgr+0x7cd44 (0047cd44)],offset bootmgr+0x31af (004031af)
kd> 
bootmgr+0x11d3:
004011d3 c70548cd47001d324000 mov dword ptr [bootmgr+0x7cd48 (0047cd48)],offset bootmgr+0x321d (0040321d)
kd> 
bootmgr+0x11dd:
004011dd e8baf90100      call    bootmgr+0x20b9c (00420b9c)
kd> 
bootmgr+0x11e2:
004011e2 807c241000      cmp     byte ptr [esp+10h],0
kd> 
bootmgr+0x11e7:
004011e7 750f            jne     bootmgr+0x11f8 (004011f8)
kd> 
bootmgr+0x11f8:
004011f8 8d442414        lea     eax,[esp+14h]
kd> 
bootmgr+0x11fc:
004011fc e82f200000      call    bootmgr+0x3230 (00403230)
kd> 
bootmgr+0x1201:
00401201 8bd8            mov     ebx,eax
kd> 
bootmgr+0x1203:
00401203 85db            test    ebx,ebx
kd> 
bootmgr+0x1205:
00401205 0f8cb7010000    jl      bootmgr+0x13c2 (004013c2)
kd> 
bootmgr+0x120b:
0040120b e89dec0100      call    bootmgr+0x1fead (0041fead)
kd> 
bootmgr+0x1210:
00401210 6840364500      push    offset bootmgr+0x53640 (00453640)
kd> 
bootmgr+0x1215:
00401215 e812c30200      call    bootmgr+0x2d52c (0042d52c)
kd> 
bootmgr+0x121a:
0040121a c605b024500000  mov     byte ptr [bootmgr+0x1024b0 (005024b0)],0
kd> 
bootmgr+0x1221:
00401221 33c0            xor     eax,eax
kd> 
bootmgr+0x1223:
00401223 bf02000024      mov     edi,24000002h
kd> 
bootmgr+0x1228:
00401228 eb04            jmp     bootmgr+0x122e (0040122e)
kd> 
bootmgr+0x122e:
0040122e 33f6            xor     esi,esi
kd> 
bootmgr+0x1230:
00401230 39742418        cmp     dword ptr [esp+18h],esi
kd> 
bootmgr+0x1234:
00401234 8974241c        mov     dword ptr [esp+1Ch],esi
kd> 
bootmgr+0x1238:
00401238 c644241000      mov     byte ptr [esp+10h],0
kd> 
bootmgr+0x123d:
0040123d 0f85e6000000    jne     bootmgr+0x1329 (00401329)
kd> 
bootmgr+0x1243:
00401243 8d442430        lea     eax,[esp+30h]
kd> 
bootmgr+0x1247:
00401247 50              push    eax
kd> 
bootmgr+0x1248:
00401248 8d44242c        lea     eax,[esp+2Ch]
kd> 
bootmgr+0x124c:
0040124c 50              push    eax
kd> 
bootmgr+0x124d:
0040124d 57              push    edi
kd> 
bootmgr+0x124e:
0040124e ff35d40f4800    push    dword ptr [bootmgr+0x80fd4 (00480fd4)]
kd> 
bootmgr+0x1254:
00401254 8974243c        mov     dword ptr [esp+3Ch],esi
kd> 
bootmgr+0x1258:
00401258 e84dc90100      call    bootmgr+0x1dbaa (0041dbaa)
kd> 
bootmgr+0x125d:
0040125d 85c0            test    eax,eax
kd> 
bootmgr+0x125f:
0040125f 7d6b            jge     bootmgr+0x12cc (004012cc)
kd> 
bootmgr+0x1261:
00401261 89742418        mov     dword ptr [esp+18h],esi
kd> 
bootmgr+0x1265:
00401265 8d442413        lea     eax,[esp+13h]
kd> 
bootmgr+0x1269:
00401269 50              push    eax
kd> 
bootmgr+0x126a:
0040126a 8d442420        lea     eax,[esp+20h]
kd> 
bootmgr+0x126e:
0040126e 50              push    eax
kd> 
bootmgr+0x126f:
0040126f ff74241c        push    dword ptr [esp+1Ch]
kd> 
bootmgr+0x1273:
00401273 e85e040000      call    bootmgr+0x16d6 (004016d6)
kd> 
bootmgr+0x1278:
00401278 8bd8            mov     ebx,eax
kd> 
bootmgr+0x127a:
0040127a 3bde            cmp     ebx,esi
kd> 
bootmgr+0x127c:
0040127c 0f8c1b010000    jl      bootmgr+0x139d (0040139d)
kd> 
bootmgr+0x1282:
00401282 807c241300      cmp     byte ptr [esp+13h],0
kd> 
bootmgr+0x1287:
00401287 0f8510010000    jne     bootmgr+0x139d (0040139d)
kd> 
bootmgr+0x128d:
0040128d 8b442414        mov     eax,dword ptr [esp+14h]
kd> 
bootmgr+0x1291:
00401291 3bc6            cmp     eax,esi
kd> 
bootmgr+0x1293:
00401293 7409            je      bootmgr+0x129e (0040129e)
kd> 
bootmgr+0x1295:
00401295 e8aa2d0000      call    bootmgr+0x4044 (00404044)
kd> 
bootmgr+0x129a:
0040129a 89742414        mov     dword ptr [esp+14h],esi
kd> 
bootmgr+0x129e:
0040129e 6a01            push    1
kd> 
bootmgr+0x12a0:
004012a0 56              push    esi
kd> 
bootmgr+0x12a1:
004012a1 ff742424        push    dword ptr [esp+24h]
kd> 
bootmgr+0x12a5:
004012a5 e8bf060000      call    bootmgr+0x1969 (00401969)
kd> 

An error occurred (c000000e) while attempting to load the boot application \Windows\system32\winload.exe

*** Fatal Error 0x00000001 :
                (0x00000002, 0x001B4A84, 0xC000000E, 0x00000000)



After this I set a breakpoint at 004012a5

Then soon comes an endless loop.
#6939diderius6⇗ @infuscomus

I take a look at the Bsod c000000e .
This can happen, when you changed the boot partition.
Then winload.exe cant be found.

Because of those crazy problems, I work always with a real and only one harddisk at the compi, which should be debugged.

Dietmar
#6940gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6912
Can you please tell the exact place, where this check happens,
have a nice dayDietmar
⇗ @diderius6 ...apparently XP does not use integrity checks using CI.dll. I don't have the Vista ntoskrnl but in the W7 ntoskrl (6.1.7601.24387), CI.dll is called from address:
00000001'403B13F3    call CIInitialize
Someone with the Vista ntoskrnl should look to see if CIInitialize is listed as an import in Vista ntoskrnl. That's how ntoskrnl calls CI.dll and apparently it is the only static linking for CI.dll.

Apparently, if the option during boot at F8 is set to disable security checks is set, it bypasses CI.dll. Or, if debug mode is set it bypasses it, also, during a remote kernel debug session. The problem seems to be that XP does not have that option because it doesn't need it. I am wondering if the option could be added in the XP boot loading system.

If you look back in the W7 ntoskrnl a few steps, you see it checking if DISABLE_INTEGRITY_CHECKS at 1'403B13AC  call SepIsOptionPresent. If you trace into that call you see a 'call strstr'. It seems to be comparing the DISABLE_INTEGRITY_CHECKS string to the same string stored elsewhere. I presume that when security checks are disabled, the DISABLE_INTEGRITY_CHECKS string is stored somewhere.

If the strings compare, it moves 1 to ebx at 1'403A2E9D and returns. However, it does more before returning, it MOVs values to rsi, eax,and rbx. Then it adjusts the stack by 0x20 and pops rdi. Then it does the same with the string 'TESTSIGNING'.

Keep in mind that the last call to SepIsOptionPresent set eax = 1. It will still be set to 1. There is a cmp eax to ebx before the second call, and I have no way of knowing without tracing the code what is stored in ebx, It seems to be important because the same comparison is made following the call.

I am thinking that if you can set the code so that it is always seeing DISABLE_INTEGRITY_CHECKS that may solve your problem, even though it calls CIInitialize at 1'403B13F3. Don't know how to do that exactly without tracing the code. Note at 1'403B13C6, after the first integrity check call, that a compare is made between eax and ebx. That is followed by cmovnz edi, ebx. That is a condional MOV which depends on the state of the compare. It says move if not zero which is the same as move if not equal. So, if ebx does not equal eax, it moves ebx to edi.

There is good information here:

⇗ https://j00ru.vexillium.org/2010/06/insi...re-enforcement/

Here's an example of how a kernel rootkit bypassed it. People who do online banking should be aware that a kernel rootkit can hide itself from any user mode protection. The rootkit, in the form of a keylogger, can read keyboard keystrokes and even read the screen input. My bank had no idea such a rootkit existed.

⇗ https://www.sekoia.fr/blog/windows-drive...ass-by-derusbi/

Another very good article on CL.dll:

⇗ https://www.cybereason.com/blog/code-int...look-into-cidll
#6941Gelip⇗ @infuscomus

Zitat von ⇗ infuscomus im Beitrag ¶ #6937
I removed bootdebug and nointegritychecks from my BCD, now black screen is gone and 7E BSOD is back
this 7E BSOD is with XP ntoskrnl/hal.

7E depends on the hardware, but I don't know what exactly does not fit. WinXP 32-bit works on Longhorn Server 2008 16497 32-bit files, but on old hardware - I tested Celeron-S 1.2GHz, NB Intel i815E

P.S. WinXP 64-bit works fine on UEFI 64-bit with .efi files from Longhorn Server 2008 16497 64-bit

WinXP 32-bit starts fine under UEFI 32-bit with Vista 5219 files (tested virtual machine and ⇗ UEFI DUET 32-bit on real old hardware)
Today computers mostly have UEFI 64-bit. Probably to run WinXP 32-bit under UEFI 64-bit you need UEFI OS loader compiled as EBC - EFI Byte Code:


EBC application works on UEFI 32-bit and UEFI 64-bit. Some UEFI bios may not have the EBC implemented - this can be checked using the ⇗ checkebc.efi utility. If the bios doesn't have the EBC you can load the EBC driver ⇗ EBCx64.efi:
#6942infuscomus⇗ @diderius6

This is the fix I use for winload.exe not found - check your GUID ID

1. Boot Win7 x86 ISO
2. Shift+F10 for command prompt
3. type C:
4. type cd boot
5. type bcdedit /set {whatever-GUID-it-is-using} device partition=C:
6. type bcdedit /set {whatever-GUID-it-is-using} osdevice partition=C:
7. exit

winload.exe not found should be gone now.
#6943Gelip⇗ @infuscomus

Zitat von ⇗ infuscomus im Beitrag ¶ #6942
This is the fix I use for winload.exe not found - check your GUID ID

1. Boot Win7 x86 ISO
2. Shift+F10 for command prompt
3. type C:
4. type cd boot
5. type bcdedit /set {whatever-GUID-it-is-using} device partition=C:
6. type bcdedit /set {whatever-GUID-it-is-using} osdevice partition=C:
7. exit

winload.exe not found should be gone now.


In BootICE you can do it easier:
#6944diderius6⇗ @infuscomus
After I repaired BCD,
now I get message, that the digital signature of ntkrnlpa.exe cannot be verified,
even it runs with debug and this test disabled in BCD
Dietmar
#6945infuscomus⇗ @diderius6

This is the same point I got up to, I couldn't get my modded vista kernel to boot.
With unmodded XP kernel I get 7E BSOD with this boot loader.

 

Page 464

#6946diderius6⇗ @infuscomus

I just try something, what ⇗ @gordo999 tells about ci.dll .

In a first try, I nop nop nop nop nop the call of
PAGE:0067EF7A                 call    CiInitialize
in ntkrnlpa.exe
This hacked ntkrnlpa.exe I then open and store again with resource Hacker
Dietmar
PAGE:0067EF78                 push    ecx
PAGE:0067EF79                 push    ebx
PAGE:0067EF7A                 nop
PAGE:0067EF7B                 nop
PAGE:0067EF7C                 nop
PAGE:0067EF7D                 nop
PAGE:0067EF7E                 nop
PAGE:0067EF7F                 pop     edi
PAGE:0067EF80                 pop     esi
PAGE:0067EF81                 pop     ebx
PAGE:0067EF82

PAGE:0067EF82 locret_67EF82: ; CODE XREF: sub_67EF03+13 j
PAGE:0067EF82                 retn
#6947diderius6⇗ @infuscomus

The message changed now to
0xc000000f
Windows failed to load because the kernel is missing or corrupt
ntkrnlpa.exe

Dietmar
#6948infuscomus⇗ @diderius6

I'm wondering if my usage of kernelex to automate patch of missing code into the file has corrupted it somehow.

Unfortunately I'm not skilled enough to do this patching manually, I think only ⇗ @Mov AX, 0xDEAD or maybe ⇗ @daniel_k would know how to do this kind of patching manually.
#6949diderius6⇗ @infuscomus
We can hack ci.dll
oh, soso much fun
Dietmar
#6950diderius6⇗ @infuscomus
I jumped over all 0xc000000f and 0xc0000428 and nop out the call of CiInitialize
in ntkrnlpa.exe .
Strange enough, then happens the error 0xc0000428 again,
which is in ci.dll .
This means, that ci.dll is also called from other place
Dietmar

PS: I set an breakpoint CC direct before of the call of
PAGE:0067EF7A call CiInitialize
in ntkrnlpa.exe
Again I get message 0xc0000428 about missed signature check. The CC breakpoint there does not stop compi.
This is strange, because with the CC the call of CiInitialize cant happen. So, this 0xc0000428 must happen before the call.
This 0xc0000428 error is at many places in ci.dll .

EDIT: Maybe, that this behavior can be traced in Bochs debugger.
EDIT2: I just copy this into c.img file from Bochs. There it gives "ntldr not found".
This I understand, because the MBR from Bochs is still the MBR looking for XP with ntldr.
I also changed the MBR direct. But this is not enough, for this we need to build a new Vista-XP in Bochs.
#6951infuscomus⇗ @diderius6

If you removed the call to CiInitialize in ntoskrnl.exe try also removing the import too.

also, in that VHD I was lazy with ntkrnlpa.exe and just made a duplicate of ntoskrnl.exe and renamed it - if we aren't using PAE will this still cause problems?
#6952diderius6⇗ @infuscomus
The only thing, that makes all this problems, is ci.dll , first introduced in Vista.
Here is my try to hack ntkrnlpa.exe
and I dont know how to disable the import of ci.dll there.
I look a little bit about ci.dll in Internet, but do not find somebody who succeeds with hack of ci.dll,
so as if ci.dll just not exists. The root kit works other:
The original(!) ntkrnlpa.exe and ci.dll are loaded to ram.
And then, a signed(!) driver just set (changes) the test of ci.dll in Ram to always true, cool
Dietmar

⇗ https://ufile.io/ca24f9lq
#6953infuscomus⇗ @diderius6

If you need PDB symbols for CI.dll I have them
#6954diderius6⇗ @infuscomus
Yes, send to me
Dietmar
#6955infuscomus⇗ @diderius6

here

also, I noticed there is a CI.dll string in winload.exe, maybe nop that too?

infuscomus has attached files to this post
#6956iyutos⇗ http://www.stackprinter.com/export?quest...g.stackexchange

⇗ https://web.archive.org/web/201605262234...ot-process.html

"The kernel checks the digital signatures of all of the image files from which it loads device drivers, using routines exported from ci.dll, the kernel-mode DLL that provides a set of "code integrity" library functions. (Much of the content of ci.dll is exactly the same cryptographic code that is statically linked into winload.exe, including the 8 hardwired Root Certification Authorities.)"

"WINLOAD will halt if one of a small fixed set of image files (winload.exe, ntoskrnl.exe, hal.dll, bootvid.dll, tpm.sys, ksecdd.sys, clfs.sys, ci.dll, kdcom.dll, kdusb.dll, kd1394.dll, and spldr.sys) fails the check."
#6957galagunHere my BCD and Bootmgr (PCAT/UEFI) files. For 32Bit XP and 2003 loading.
- UEFI files come from the last beta which I had available which can boot XP/2003 (no rtm uefi 32bit files available up to win8) (not the same as ⇗ @Gelip ones, which come from some longhorn server beta I don't have).
- PCAT files come from WinVista RTM.

⇗ https://ufile.io/u0k77j1e
#6958gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #6946
I just try something, what @gordo999 tells about ci.dll . In a first try, I nop nop nop nop nop the call of
PAGE:0067EF7A                 call    CiInitialize     in ntkrnlpa.exe
⇗ @diderius6 ....it's too drastic to NOP an entire function without knowning what it does or what values it returns. If I remember correctly, the call to CIInitialze sets up a table of callbacks which are likely pointers to functions that are exported by CI.dll. Those functions may serve other purposes that testing code integrity, like verifying the PE header, etc.

I was focussed more on the code preceding the call to CIinitialize. There are two parameters tested DISABLE_INTEGRITY_CHECKS and TESTSIGNING. The first is obviously set during boot at F8 where the option is presented to turn off integrity checks. The second is a parameter that can be used in BCD, and as part of boot.ini, to tell a 32-bit Vista or W7 OS that a TESTSIGNING is in progress and to ignore integrity checks.

If you follow the code for DISABLE_INTEGRITY_CHECKS, it runs through a call to strstr, which compares strings. the LEA command points to the address where that string should be found. You'll notice that the code following strstr has a conditional jump that either jumps ahead 2 code steps to 67EF4C orlets the following xor zero out ebx. No matter what, the code flow must go through the next code section.

In that section, the TESTSIGNING string is compared in strstr. AFter that function you have an option: either the conditional jump at 67EF67 is taken to 67EF6C or it falls through that jump and ebx is ORed with 8. That is a bit-wise test where each bit in ebx is ORed with 00001000 = 0x8. Don't know till I see what is in ebx what they are testing.

Anyway, I would play with that conditional jump at 67EF67. Try changing the code to EB 03, which will force a jump, or NOP it, which will force the code through the OR statement. Note that the ebx register, after being ORed with 0x8, is PUSHed to CIInitialize as a parameter, right before the call there is a PUSH ebx. The contents of ecx and esi are also passed as parameters with the function call. You may be able to manipulate CIInitialize by finding what its parameters are and seeing what they do. One of them may have a bit that turns off code checking.

Just checked and the first parameter passed (PUSH EBX) is the CiOptions parameter. If it is set right, the integrity chacks should be ignored.
#6959Gelip⇗ @galagun

Zitat von ⇗ galagun im Beitrag ¶ #6957
Here my BCD and Bootmgr (PCAT/UEFI) files. For 32Bit XP and 2003 loading.
- UEFI files come from the last beta which I had available which can boot XP/2003 (no rtm uefi 32bit files available up to win8) (not the same as @Gelip ones, which come from some longhorn server beta I don't have).
- PCAT files come from WinVista RTM.

⇗ https://ufile.io/u0k77j1e

Your .efi files are identical to mine on the Longhorn 2008 5384.4 beta:
#6960jonathan_hzs

 

Page 465

#6961BrooonsMe start XP, all work good.
But, i do not install Kernel-mode Framework 1.1
Explain me, why he needs, please?
#6962Gelip⇗ @jonathan_hzs
Yes, 5384.4 .efi files 32 and 64-bit cause black screen with white bar or two bars on real hardware, Qemu or Oracle VirtualBox. They only work in VMware - I tested 64-bit files in WinXP SP2 64-bit on Workstation 8:
⇗ https://www.betaarchive.com/forum/viewto...=433717#p433717
⇗ https://www.betaarchive.com/forum/viewto...=434155#p434155
#6963infuscomus⇗ @Brooons

KMDF 1.11 is a requirement for the backported windows 8 USB 3 driver.
#6964infuscomus⇗ @gordo999 ⇗ @diderius6

I found this - hope it helps

⇗ https://j00ru.vexillium.org/2010/06/insi...re-enforcement/

Checks, whether nt!g_CiEnabled is set to TRUE

   If so, compares the nt!g_CiCallbacks[0] pointer to NULL
       If not empty, calls the nt!g_CiCallbacks[0] function and quits,
       Otherwise, returns 0xc0000428.
   Otherwise:
       Allocates one byte on the Paged Pools,
       Puts the resulting address into memory pointed to by the first argument,
       Returns STATUS_SUCCESS (or whatever zero means here).
#6965jonathan_hzsI use it now
Can't get rid of the dependence of boot.ini
Also, there is no EFI32 HDD or SSD device
Only EFI32 EMMC devices
just Test with virtual machines

⇗ https://ws28.cn/f/4tzepajanm4
#6966infuscomus⇗ @jonathan_hzs

Try experimenting with more recent vista beta boot loaders.
#6967infuscomus⇗ @diderius6

I think modify SepInitializeCodeIntegrity

change

   jz code_0x140806

to
   jmp code_0x140806

I think this should disable code integrity check in ntoskrnl

edit:
did the mod, try it

infuscomus has attached files to this post
#6968diderius6⇗ @infuscomus

I just test.
The error message 0xc0000428 about cannot verify the digital signature from ntkrnlpa.exe is the same as before.
I understand this, because in other case the normal driver check disable via F8 and/or the connect and start of Windbg would help
Dietmar

PS: Hard job to overcome ci.dll . This file ci.dll gets from the US gouvernment the highest possible safety standard medal for OS.
It does not check one value of the bootfiles, just about 7.

EDIT: So the only chance I think is, to delete all traces, Import and Export functions from or to ci.dll from the bootfiles.
#6969infuscomus⇗ @diderius6

I think I will try to apply a patch to actual ntkrnlpa.exe instead of just duplicating ntoskrnl.exe to see if that makes a difference.
#6970diderius6⇗ @infuscomus

I think, that it makes no difference. Better would be (if possible), to eliminate all traces of ci.dll in the bootfiles
Dietmar
#6971infuscomus⇗ @diderius6

are you able boot into a vista checked build to debug CI.dll to identify and remove it's checks?
#6972diderius6⇗ @infuscomus

First try in ci.dll would be, to jump over all 0xc0000428 .
Yes, with the Bochs debugger it is possible, crazy hard work.

Maybe it is easier, to kick this file ci.dll out of the bootfiles
Dietmar
#6973IxeonHello everyone, I have installed a Windows XP SP3 on my Ryzen 5 1600 PC, but I can't get USB drivers to work. In this thread, few drivers were provided and they partially installed and still it is not enough, I tried to use etron usb drivers and only 2 devices of 4 were identified
[img]https://fastpic.ru/view/114/2021/0302/_c92a18a78b46b91ae31a2007518526f0.png[/img]

Could someone help me, how to proceed with the installation of usb drivers? Thanks
#6974infuscomus⇗ @Ixeon

There is a backported Windows 8 USB 3.0 driver that is universal and much more reliable.

available here - ⇗ https://forums.mydigitallife.net/threads...hardware.81607/
#6975infuscomus⇗ @diderius6

I've patched vista RTM ntkrnlpa.exe and I also spotted a mistake I made in ntoskrnl.exe

please replace these and test if persistent signature error is gone.

infuscomus has attached files to this post

 

Page 466

#6976gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #6964
Checks, whether nt!g_CiEnabled is set to TRUE
⇗ @infuscomus ...don't think that part is relevant since the reference   nt!g_CiEnabled checks whether WinPE mode is enabled. If you read further, it states, "CiOptions is initialized accordingly to the system boot options, and finally passed to the CiInitialize routine, together with a pointer to KeLoaderBlock...". The critical item is CiOptions.

Look at bottom of pseudo-code, it gives the full function call:

CiInitialize(CiOptions,(KeLoaderBlock+32),&g_CiCallbacks);

That would give an assembly pseudo-code of:

push &CiCallbacks .... a pointer to an array
push KeLoaderBlock+32 ....an address within KeLoaderBlock
pushCiOptions ...whether integrity checks is on/off ot whether TESTSIGNING is on/off
Call CIInitialize

A bit earlier in the pseudo-code you have:

{
     if(SepIsOptionPresent((KeLoaderBlock+84),L"DISABLE_INTEGRITY_CHECKS"))
       CiOptions = 0;
     if(SepIsOptionPresent((KeLoaderBlock+84),L"TESTSIGNING"))
       CiOptions |= 8;
   }

This tells you, if DISABLE_INTEGRITY_CHECKS is present at the KeLoaderBlock at base+ 0x84 then set
CIOptions = 0

if TESTSIGNING is present at that address, set CiOptions to 0x8.

If you look in the ntoskrnl code just before the call to CiInitiialize at 67EF7A, you can see the value returned from the code testing for TESTSIGNING, testing the value in ebx with an OR 8. After the check for DISABLE_INTEGRITY_CHECKS, it XORs the value to 0 if a condition was false.

I would try changing the final PUSH just before the call to CiInitialize to PUSH 0. That should tell the CI.dll that the system is set to disable integrity checks. Easier said than done. It's not easy to change the PUSH ebx at 67EF79 to PUSH 0 since that would require two opcode bytes. The easiest way would be to make sure ebx = 0 at that point.

I have already suggested a way to try that, but maybe we can amend that.

At 67EF67 the opcode is 74 03 and the command is jz 67Ef6C. That jump would bypass the test of ebx by the following OR command that ORs ebx with 8. That's what you see in the pseudo-code referred to above"

if(SepIsOptionPresent((KeLoaderBlock+84),L"TESTSIGNING"))
       CiOptions |= 8;

It's saying that if the TESTSIGNING option has been inserted in boot.ini then ebx should be 0x8. By ORing 0x8 with 0x8, the result will be 0x8, therefore ebx will be unchanged. That means ebx will be passed as the TESTSIGNING option to CIInitialize.

What we could do is NOP the 74 03 and change the opcode following it from 83 CB 08 to 83 CB 00. If I am reading that correctly the command should now read, OR ebx, 0. That should ensure that ebx is 0 when it is PUSHed to CIInitialize.

However, if you are tracing, which I can't because I'm not set up for it, when you trace to 67EF67 and ebx = 0, just leave it and change the opcode at 67EF67 to EB 03.

I'm not sure what the code does between 67EF6C and 67EF76. It may be significant. It's hard to do this without tracing it to see what's going on.
#6977diderius6⇗ @infuscomus

I just test your new ntoskrnl from Vista.
The message about cannot verify the digital signature of ntkrnlpa.exe
is the same as before 0xc0000428
Dietmar
#6978infuscomus⇗ @diderius6

damn,
any luck jumping over 0xc0000428?

⇗ @Mov AX, 0xDEAD
can you help to bypass CI.dll checks?
#6979BrooonsIt is possible?
Patch driver Win7 Integrated Graphics Processor for work on XP?
#6980infuscomus⇗ @Brooons

not at the moment
#6981diderius6⇗ @infuscomus
According to this

⇗ https://vx-underground.org/archive/Syman...-mode-06-en.pdf

the check of the integrity of the boot files in Vista happens in

winload.exe .

"The  most  straight  forward  way  to  evade  driver  signing  restrictions  is  to  simply  patch  the  on-disk  executable  files  and  disable   the   checks   entirely.   To   load  unsigned   drivers   at   runtime,   NTOSKRNL.EXE   needs   to   be   patched.   However,   patching    NTOSKRNL.EXE  will  invalidate  its  digital  signature,  so  that   WINLOAD.EXE  will  refuse  to  load  it.  Therefore,  WINLOAD.EXE will also need to be patched.   "

Dietmar

⇗ http://lib.21h.io/library/PRCMJA2V/downl...20libgen.lc.pdf
#6982diderius6⇗ @infuscomus
Do you have the *.pdb for winload.exe
Dietmar
#6983infuscomus⇗ @diderius6

which version of winload.exe?
#6984diderius6⇗ @infuscomus
The one, which you send to me with last XP with Vista ntkrnlpa.exe, which gives always the error message 0xc0000428
about cannot verify the digital signature
Dietmar

winload.exe  6.0.6001.16497 (longhorn_beta3.070330-1720)
#6985infuscomus⇗ @diderius6

Unfortunately I do not have the symbols for this exact version

I do have pdb symbols for vista RTM winload.exe - I hope these are useful

try booting with vista RTM bootmgr/winload.exe

infuscomus has attached files to this post
#6986diderius6⇗ @infuscomus

I still cant find the place, in which file,
the message

"cannot verify the digital signature"

is generated
Dietmar
#6987infuscomus⇗ @diderius6

there is a reference in ImgpFilterValidationFailure inside winload.exe
#6988diderius6⇗ @infuscomus

The message comes from other place, because the word "digital" is missed.

I make a try to jump over the message in winload.exe
but still the same message "cannot verify the digital signature"
Dietmar

EDIT: By the way I noticed, that all the hacks go to ci.dll.
For to boot with a modded ntkrnlpa.exe I think it is the wrong place,
the error is generated only in a work together via winload.exe and ntkrnlpa.exe . 
.text:00422B7A                 mov     ebp, esp
.text:00422B7C                 cmp     ecx, 0C0000428h
.text:00422B82                 jnz     short loc_422BA9
.text:00422B84                 test    [ebp+arg_4], 20h
.text:00422B88                 jz      short loc_422BA9
.text:00422B8A                 call    _BlBdDebuggerEnabled@0 ; BlBdDebuggerEnabled()
.text:00422B8F                 test    al, al
.text:00422B91                                                 jz      short loc_422BA9 <--- here I jmp, does not help
.text:00422B93                 push    [ebp+arg_0]
.text:00422B96                 push    offset aWindowsIsUnabl ; "*** Windows is unable to verify the sig"...
.text:00422B9B                 call    _BlStatusPrint
.text:00422BA0                 pop     ecx
.text:00422BA1                 pop     ecx
.text:00422BA2                 call    _DbgBreakPoint@0 ; DbgBreakPoint()
.text:00422BA7                 xor     ecx, ecx
#6989infuscomus⇗ @diderius6

There is an identical string in bootmgr, I don't know if jumping over both in bootmgr and winload will help.
#6990infuscomus⇗ @diderius6

I somehow got past the signature error after making these files - but now another message saying kernel is corrupt.

infuscomus has attached files to this post

 

Page 467

#6991diderius6⇗ @infuscomus

This gives error 0xc0000098 kernel is missing, or corrupt .

This hexnumber appears at 11 places in winload.exe (I think, there it happens)
and at 5 places in ntkrnlpa.exe
and not in ci.dll

Dietmar
#6992infuscomus⇗ @diderius6

did you want checked vista RTM bootmgr and winload.exe with pdb symbols for debugging?
#6993diderius6⇗ @infuscomus
Yes, send all.
I try to debug, when I have time
Dietmar
#6994infuscomus⇗ @diderius6

here are vista RTM checked bootmgr and winload with PDB symbols

infuscomus has attached files to this post
#6995genieautravail⇗ @daniel_k

About WinXPPAE 3.5:

Is there a difference between the parameters /M:ALL and /M:128GB ?

Best regards
#6996Gelip⇗ @diderius6
Still have a Lenovo Flex10 laptop with UEFI 32-bit bios? If so, check if you can boot WinXP 32-bit with UefiSeven 32-bit:

  • prepare WinXP 32-bit on a disk on one NTFS partition in MBR style (not GPT)
  • extract archive u7_UEFI32.zip to USB FAT32 flash drive (EFI and u7 on root USB)
  • copy winload.efi from Vista 5219 to WINDOWS\system32
  • create boot.ini on root USB stick:

    [boot loader]
    timeout=30
    default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
    [operating systems]
    multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="WinXP UEFI boot.ini" /noexecute=optin /fastdetect /usenewloader
  • boot PC from this USB flash drive - UEFI Shell should start
  • go to u7 folder fs0: and cd u7
  • run uefiseven

It works with UEFI DUET32 and in QEMU with OVMF-pure-efi.fd bios (fake VESA does not work, but WinXP starts)

Does force fake VESA work for you? After starting WinXP, do you have in memory at C0000 UefiSeven fake INT10?
<-- this screenshot is from WinXP 64-bit when UefiSeven 64-bit force fake INT10 works Gelip has attached files to this post
#6997jonathan_hzs

 
[boot loader]
default=multi(0)disk(1)rdisk(0)partition(1)\WINDOWS
timeout=30
NOBCD
[operating systems]
multi(0)disk(1)rdisk(0)partition(1)\WINDOWS="partition1(&#20998;&#21306;1) Nt5"
/noexecute=optin /fastdetect /usenewloader
multi(0)disk(1)rdisk(0)partition(2)\WINDOWS="partition2(&#20998;&#21306;2) Nt5"
/noexecute=optin /fastdetect /usenewloader
multi(0)disk(1)rdisk(0)partition(3)\WINDOWS="partition3(&#20998;&#21306;3) Nt5"
/noexecute=optin /fastdetect /usenewloader
#6998jonathan_hzsThe real machine is a black screen reboot
#6999Gelip⇗ @jonathan_hzs

Zitat von ⇗ jonathan_hzs im Beitrag ¶ #6998
The real machine is a black screen reboot

This is the answer to my posts? Do you have a UEFI32 bit computer?

P.S. At the beginning, mark whoever you are writing to, starting post with @user_name
#7000jonathan_hzsanother mbr disk boot gpt partions xp
#7001jonathan_hzsefi32 computer is z3735 pad
IT is emmc disk.
#7002Gelip⇗ @jonathan_hzs ⇗ @diderius6

Zitat von ⇗ jonathan_hzs im Beitrag ¶ #6998
The real machine is a black screen reboot

Sorry, but I forgot about boot.ini on USB stick - I edited post: ¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (468)
#7003jonathan_hzs⇗ http://bbs.wuyou.net/forum.php?mod=viewt...extra=page%3D10
If you are interested, you can try this modified version
Same mirror 24 hours fast link
⇗ https://ws28.cn/f/4v2jam6cbzc
I think uefiseven cannot bring anny help
#7004AmirInstalling Windows XP on... UEFI.https://m.youtube.com/watch?v=kqq87j2jJZY&amp;t=207s
#7005Gelip⇗ @jonathan_hzs
But this winXP_SP2_2003.wim is probably only legacy and not UEFI - they write something about bootmgr and VMware but nothing about UEFI.

UefiSeven is based on VgaShim: ⇗ https://github.com/manatails/uefiseven

Zitat
Credits

   Original VgaShim project


VgaShim is based on OVMF VbeShim: ⇗ https://github.com/davidcie/VgaShim

Zitat
Credits

   This solution is based on a VBE shim prepared by the OVMF project (QemuVideoDxe/VbeShim).


⇗ https://github.com/tianocore/edk2/blob/m...eoDxe/VbeShim.c

Virtual machines do not need UefiSeven 32 or 64-bit because they have their own fake INT10 code. VMware has its own code but VBox and Qemu use OVMF UEFI 32-bit and UEFI 64-bit bios OVMF-pure-efi.fd and OVMF-with-csm.fd which has a fake INT10 VbeShim in QemuVideoDxe.efi driver:



Real UEFI 32-bit or UEFI 64-bit computers do not have fake INT10 in bios only:

UEFI + CSM + legacy ROM graphics card

or

pure UEFI class 3 + GOP ROM graphics card

GOP is only supported since Win8

Win7 64-bit UEFI or WinXP 64-bit UEFI with Vista beta .efi files not support GOP ROM but support fake INT10 which is possible with UefiSeven.

Therefore, you should only test UefiSeven on real computers with a graphics card that has a GOP ROM !!!

 

Page 468

#7006jonathan_hzsno interest on winxp64.
i know it Win7 64-bit UEFI or WinXP 64-bit UEFI with Vista beta .efi files not support GOP ROM but support fake INT10 which is possible with UefiSeven.
#7007jonathan_hzsI don't feel that uefiseven is helpful for 32xp
#7008Gelip
Zitat von ⇗ jonathan_hzs im Beitrag ¶ #7007
I don't feel that uefiseven is helpful for 32xp


I asked manatails to compile a UefiSeven 32-bit and he did it but i don't have a real UEFI32 computer to test it.
To check this you have to test UefiSeven 32-bit on a real UEFI 32-bit computer without CSM or when you disable CSM in bios.

There were such computers, for example, Lenovo Flex10 UEFI32 - that's why I wrote to ⇗ @diderius6 to test UefiSeven 32-bit

In VMware UEFI32 WinXP 32-bit boot OK with Vista beta 5219 files but thanks to fake INT10 not GOP.
#7009diderius6⇗ @Gelip
Now I try uefiseven compiled for 32bit on the Lenovo Flex 10 notebook.
For this, first I have to flash back the Bios to the pure 32 Bit version without any CSM, because I edited the DSDT in its Bios as much as possible for to enable XP SP3 on it on a ntfs partition and Sata harddisk.
This works only with EEpromer.
Until now I have a working XP SP3 on it with all drivers,
only not graphic driver, because I tried in vain to build a Baytrail driver for XP in my last holidays.
When all went ok, the first test will be, that now my XP SP3 does not start on it (because no UEFI).
And the same for Win7 and Win8. Win8.1 should work, because there is a 32 bit Uefi version of it.
Then I do everything as you describe in your post for uefi boot of XP SP3 on this notebook without any CSM
Dietmar


EDIT: I do not succeed to flash the pure 32 UEFI Bios. I get only black screen. I doublecheck Bios flash with EEpromer.
I remember this behavior from last year, there suddently the screen comes back but just until now not.

Edit2: I succeed to tell the Lenovo Flex 10 to be 32 bit. Realy funny: Now it has the date of the Bios before, but whole Bios body is 32 bit, oh soso much fun.
Now it shows "No boot device" with the before working XP, and pure UEFI boot can only be choosen.





As you can see, Bios changed from 64 Bit ---> 32 Bit, CSM is gone.
#7010diderius6⇗ @Gelip
The hook to the harddisk does not work until now for uefiseven.
Status:0xc0000098. Info:The Windows Boot Configuration file does not contain a valid OS entry. (here boot.ini)
But when I copy the whole XP SP3 to the USB stick with the UEFI boot files, it starts from there.
After first boot stage it crashes, because the USB boot files are not correct from normal XP for to boot via USB.

But anyway this works, first time XP SP3 boots from pur UEFI on real compi,
nice:))

Dietmar

boot.ini on USB stick with content

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
[operating systems]
C:\WINDOWS="XP SP3 on pur UEFI" /noexecute=optin /fastdetect /usenewloader
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usenewloader
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usenewloader



#7011infuscomus⇗ @Gelip

I got XP to boot using the server 2008 beta bootmgr/winload.exe files - through testing I think WinXPPAE is not compatible with this loader - it says that the HAL is corrupt.

⇗ @daniel_k

have you tested you WinXPPAE with the server 2008 beta bootmgr/winload.exe files?
#7012THE_FISTIs there any new acpi.sys for z590? My z490 XP OS does not work on z590...appreciate the help
#7013infuscomus⇗ @THE_FIST

post a pic of the A5 BSOD you get
#7014daniel_k
Zitat von ⇗ infuscomus im Beitrag ¶ #7011
@daniel_k

have you tested you WinXPPAE with the server 2008 beta bootmgr/winload.exe files?

Sorry, not interested on these things.
#7015infuscomus⇗ @Gelip

Since I confirmed that XP could be booted using this server 2008 beta bootloader I thought I'd try replacing ntoskrnl/hal and dependencies with the files from the 2008 beta - I got a BSOD 12A - MUI_NO_VALID_SYSTEM_LANGUAGE

I'll try grabbing the MUI files and see if that makes a difference

edit: didn't seem to work
#7016diderius6⇗ @Gelip

I think, that the hook to the harddisk not works,
because there are just no drivers for the Sata harddisk
Dietmar
#7017jonathan_hzsreply #7023
usbxp Set limits for 24 hours ldownload ink
⇗ https://ws28.cn/f/4ve2ih3ykyw
It can boot from a USB device,old usb2
#7018jonathan_hzsThe modified XP system cannot be implemented
PAE 3.5+ RAM Unlock and fix128v48
You're going to have a blue screen, here
#7019Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7010
The hook to the harddisk does not work until now for uefiseven.
Status:0xc0000098. Info:The Windows Boot Configuration file does not contain a valid OS entry. (here boot.ini)
But when I copy the whole XP SP3 to the USB stick with the UEFI boot files, it starts from there.


Error 98 means the loader doesn't know where the WinXP system is. WinXP 32-bit should be on the disk on the NTFS partition and boot.ini on the USB flash drive and should look like this:
[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(1)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(1)partition(1)\WINDOWS="WinXP UEFI boot.ini" /noexecute=optin /fastdetect /usenewloader
If you still get error 98 then try changing rdisk(x) in boot.ini on USB
#7020Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7009
only not graphic driver, because I tried in vain to build a Baytrail driver for XP in my last holidays.

To test WinXP 32-bit under UEFI 32-bit use the vbemp graphics driver:
⇗ https://www.betaarchive.com/forum/viewto...=434999#p434999

vbempk\VBE30\XP2003\PNP from ⇗ vbempk.zip 2015.01.01

 

Page 469

#7021diderius6⇗ @Gelip
I tried this. nothing changed. Always the same error 0xc0000098 .
There is no driver for the Sata disk I think for XP SP3 32 bit,
because via USB harddisk XP SP3 pure UEFI works
Dietmar
#7022Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7021
@Gelip
I tried this. nothing changed. Always the same error 0xc0000098 .
There is no driver for the Sata disk I think for XP SP3 32 bit,
because via USB harddisk XP SP3 pure UEFI works
Dietmar

Yeah, you are right - error 98 is also when there is no disk driver and when the partition is in GPT mode. Vista 5219 32-bit loader not support GPT:
⇗ https://www.betaarchive.com/forum/viewto...=450810#p450810
#7023Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7021
because via USB harddisk XP SP3 pure UEFI works

Please make screenshot when UefiSeven locks C0000 memory.
#7024diderius6⇗ @Gelip

I flashed back the original 64 bit Bios on the Flex10.
Then I setup there a working XP SP3 on a fat32 partition on a harddisk in an USB box,
which I test, that it can boot from USB3. I copy all the UEFI files and folders there at their place.
Then I flash back 32 bit Bios.
When I now start direct from this USB harddisk,
first step of XP boot works, but then hangs again,
meaning the reason for hanging is not only the Sata drivers because now is on USB3
Dietmar

#7025jonathan_hzsefi64 boot xp32 from usb3?
efi32 didn't boot xp32 from usb?
#7026diderius6⇗ @infuscomus

First I get Bsod 0x7b.
So I integrate by hand the iastor 1006 driver from fernando.
Then the legacy XP boots.
The XP (with EMS enabled?) hangs very late in the boot process.
I run a Windbg session but no Bsod can be seen there, just running.
I can break and restart with "g".
The same is in Safe Mode and with VGA
Dietmar

PS: May be for tests it is better to make a minimal XP SP3, with only the absolut necessary drivers.

EDIT: After some minutes I get an endless printout from Windbg with always the same lines

I just find, that this is a bug in .net 4.0

*** HR originated: -2147024774
***   Source File: d:\iso_whid\x86fre\base\isolation\com\copyout.cpp, line 1391


*** HR propagated: -2147024774
***   Source File: d:\iso_whid\x86fre\base\isolation\com\identityauthority.cpp, line 278


*** HR originated: -2147024774
***   Source File: d:\iso_whid\x86fre\base\isolation\com\copyout.cpp, line 1391


*** HR propagated: -2147024774
***   Source File: d:\iso_whid\x86fre\base\isolation\com\identityauthority.cpp, line 278

and now

*** HR propagated: -2147024774
***   Source File: d:\iso_whid\x86fre\base\isolation\com\enumidentityattribute.cpp, line 144
#7027diderius6⇗ @jonathan_hzs

On 64 bit Bios I use normal CSM legacy boot on the Lenovo Flex10 for the XP SP3, which boots from USB3, sitting on a Fat32 partition.
When I flash Bios back to 32 Bit pure UEFI (wothout any CSM) XP SP3 starts, but after mup.sys in next boot stage it hangs
Dietmar
#7028infuscomus⇗ @diderius6

what were you debugging here? my modded kernel?
#7029diderius6⇗ @infuscomus

The whole *.vhd XP, that you send to me.
I put it on an normal harddisk and boot from it.
Legacy XP SP3 starts but this one with EMS enabled hangs.
Most drivers are loaded, I can see in Windbg. So, may be it hangs because of a driver
Dietmar
#7030infuscomus⇗ @diderius6

VMWare additions maybe? I installed them in this image so maybe that is why?

Maybe it will only work from a new install - I'm going to send you a beta ISO of ⇗ @George King 's XP2ESD program as that is how I made this image
#7031George King
Zitat von ⇗ infuscomus im Beitrag ¶ #7030
@diderius6

VMWare additions maybe? I installed them in this image so maybe that is why?

Maybe it will only work from a new install - I'm going to send you a beta ISO of @George King 's XP2ESD program as that is how I made this image


You both got same testing ISO created using unreleased XP2ESD v1.5 beta3. I will add some fixes and build beta4 with included winload.exe v6.0.6001.16497 (longhorn_beta3.070330-1720). Good is system can be booted without NTLDR and boot.ini. Will see if it can detect HAL too. [TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7032Gelip⇗ @diderius6
The photo you placed shows that UefiSeven cannot lock the C0000 memory. Earlier you wrote that you boot WinXP from USB (after copy Windows to USB) without CSM with UefiSeven? Could you repeat that and then take a screenshot if UefiSeven is blocking C0000 or not?

EDIT: How UefiSeven works when you delete a file UefiSeven.force_fakevesa ?

⇗ @diderius6
EDIT2: Please delete or rename boot.ini on USB, run UefiSeven and after back to UEFI Shell type:

mem c0000 100

Then what is under C0000 - the video card ROM, empty 00 00 00 or UefiSeven fake INT10?
#7033diderius6⇗ @Gelip
Here is my screenshot from the Lenovo Flex10.
It seems, that the fake vesa for INT10 is at the right place loaded to memory.
So, the reason why XP SP3 hangs after first boot stage (ending with mup.sys),
is at another place
Dietmar

#7034Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7033
So, the reason why XP SP3 hangs after first boot stage (ending with mup.sys),

I understand you are using winload.efi 5219?
#7035diderius6⇗ @Gelip
Yes, from your files here
Dietmar

 

Page 470

#7036Gelip⇗ @diderius6
Have you installed the vbemp graphics driver? WinXP is best to deploy or restore to disk from image (e.g. installed on VMware): ⇗ How to deploy WinXP 64-bit on a UEFI (without CSM) in AHCI << this is for WinXP 64-bit but same can be done for WinXP 32-bit

⇗ @diderius6
or Remote Desktop and disable services vga & vgasave: ⇗ https://www.betaarchive.com/forum/viewto...=434653#p434653
#7037Gelip⇗ @diderius6
You use WinXP HAL ACPI or not ACPI?
#7038diderius6⇗ @Gelip
XP SP3 with acpi.sys from outerspace ),
works also for USB3 boot under 64bit Bios with CSM on the Lenovo Flex10
Dietmar

PS: Remote Desktop I tested for UEFI boot for XP 64 (SP1and SP2) without CSM on the Asrock board with 64 bit Bios, works.
But without working Video on the Asrock board, this has not so much sense.
#7039diderius6⇗ @George King ⇗ @infuscomus

I test the winload.exe,
which comes with the last Beta3 version.
Normal XP SP3 boot works,
but with the winload.exe it hangs in ntkrnlpa.exe
Dietmar

Edit: I found this place in ntkrnlpa.exe from original XP SP3 5512 version
It is an endless loop

IDA Pro
.text:0046ED54 loc_46ED54: ; CODE XREF: KiIdleLoop()+19 j
.text:0046ED54                 cmp     dword ptr [ebx+128h], 0  ----------------------------> endless loop
.text:0046ED5B                 jz      short loc_46ED34  ---------------------------------------------->    endless loop
.text:0046ED5D                 mov     ecx, 1Ch
.text:0046ED62                 call    ds:__imp_@KfRaiseIrql@4 ; KfRaiseIrql(x)

Windbg
nt!KiDispatchInterrupt+0x38a:
8106ed3a ff11            call    dword ptr [ecx]
6: kd> 
nt!KiDispatchInterrupt+0x38c:
8106ed3c f390            pause
6: kd> 
nt!KiDispatchInterrupt+0x38e:
8106ed3e fb              sti
6: kd> 
nt!KiDispatchInterrupt+0x38f:
8106ed3f 90              nop
6: kd> 
nt!KiDispatchInterrupt+0x390:
8106ed40 90              nop
6: kd> 
nt!KiDispatchInterrupt+0x391:
8106ed41 fa              cli
6: kd> 
nt!KiDispatchInterrupt+0x392:
8106ed42 3b6d00          cmp     ebp,dword ptr [ebp]
6: kd> 
nt!KiDispatchInterrupt+0x395:
8106ed45 740d            je      nt!KiDispatchInterrupt+0x3a4 (8106ed54)
6: kd> 
nt!KiDispatchInterrupt+0x3a4:
8106ed54 83bb2801000000  cmp     dword ptr [ebx+128h],0
6: kd> 
nt!KiDispatchInterrupt+0x3ab:
8106ed5b 74d7            je      nt!KiDispatchInterrupt+0x384 (8106ed34)
6: kd> 
nt!KiDispatchInterrupt+0x384:
8106ed34 8d8b500c0000    lea     ecx,[ebx+0C50h]
6: kd> 
nt!KiDispatchInterrupt+0x38a:
8106ed3a ff11            call    dword ptr [ecx]
6: kd> 
nt!KiDispatchInterrupt+0x38c:
8106ed3c f390            pause
6: kd> 
nt!KiDispatchInterrupt+0x38e:
8106ed3e fb              sti
6: kd> 
nt!KiDispatchInterrupt+0x38f:
8106ed3f 90              nop
6: kd> 
nt!KiDispatchInterrupt+0x390:
8106ed40 90              nop
6: kd> 
nt!KiDispatchInterrupt+0x391:
8106ed41 fa              cli
6: kd> 
nt!KiDispatchInterrupt+0x392:
8106ed42 3b6d00          cmp     ebp,dword ptr [ebp]
6: kd> 
nt!KiDispatchInterrupt+0x395:
8106ed45 740d            je      nt!KiDispatchInterrupt+0x3a4 (8106ed54)
6: kd> 
nt!KiDispatchInterrupt+0x3a4:
8106ed54 83bb2801000000  cmp     dword ptr [ebx+128h],0
#7040infuscomus⇗ @diderius6

Try pressing F8 and then entering Safe Mode
#7041diderius6⇗ @infuscomus
I tried F8 also,
result is the same
Dietmar
#7042infuscomus⇗ @diderius6

does it give a BSOD?
#7043diderius6⇗ @infuscomus
No Bsod,
it hangs in this endless loop as I show above.
I has something to do, how the memory is paged and used an newer Intel CPU
Dietmar
#7044George KingIn Generic AHCI driver storahci.inf was discovered bug. See more here.

 
https://forums.mydigitallife.net/threads/drivers-and-tools-to-run-windows-xp-on-newer-hardware.81607/page-9#post-1648546



For upcoming XP2ESD v1.5 I fixed it.
⇗ @diderius6 ⇗ @infuscomus This fix will be included in beta4 for testing

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7045diderius6I wrote here,
that sometimes after Bios flash with EEpromer I get a black screen on the Flex10,
even I doublecheck always the content of the Bios Chips with its original file.
Now I understand, why this happens.
I can reproduce this behavior, just for fun for about 10 times.
It seems, that some parts of this notebook motherboard desolder from themselfs,
for example the Bios chip.
So it is not the Bios flash, just the manual handling with this motherboard.
I have this crazy phaenomen on 2(!) different Flex10 boards,
what a crazy bad solder quality by Lenovo on the Flex10 motherboard
Dietmar

PS: One of those Flex10 notebooks is brandnew.
It even could be, that some components are only glued in, not soldered at all.
For to test this, I make the ultimative test for the Bios chip.
I can remove by hand the whole "soldered" Bios chip from the brandnew Flex10,
so the original Bios chip is only glued in. The "solder" points under the Bios chip do not show the smallest damage,
just the Bios chip is outside.
#7046Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #7045
I can remove by hand the whole "soldered" Bios chip from the brandnew Flex10

Not soldered  it sucks.
#7047diderius6⇗ @Gelip

I solder the Bios chip back into the brandnew Flex10 by hand.
Now, the black screen often seen after Bios update is gone )
Dietmar

#7048Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7047
I solder the Bios chip back into the brandnew Flex10 by hand.

You tried to program the chip with the SOIC 8 clip without desoldering? Apparently Lenovo X220 can be done, so maybe Flex10 too:
⇗ https://tylercipriani.com/blog/2016/11/1...a-raspberry-pi/
#7049infuscomus⇗ @Gelip

If I understood ⇗ @diderius6 correctly, the chip was never actually soldered in the first place.
#7050diderius6⇗ @infuscomus ⇗ @Gelip
Yes, I put the Bios chip out only with hand, brrr..
But now it is soldered by hand for the first time solid rock on the Flex10 motherboard
Dietmar


⇗ @infuscomus
I debug your last 12A setup.
The legacy XP does not start, just hangs from beginning.

And the XP (with EMS) gives Bsod 0x12A, because no information about the language pack is stored in registry.
I found via Ida Pro the place in ntkrnlpa.exe where this Bsod happens

PAGE:0069332D                 mov     _MUIRegistryInfo, eax
PAGE:00693332                 mov     eax, [ebp+var_74]
PAGE:00693335                 mov     _MUIRegistryInfoSize, eax
PAGE:0069333A                 cmp     [ebp+var_70], ebx
PAGE:0069333D                 jnz     short loc_69334A
PAGE:0069333F                 push    8002h           ; BugCheckParameter2
PAGE:00693344

PAGE:00693344 loc_693344: ; CODE XREF: NtGetMUIRegistryInfo(x,x,x)+1DD j
PAGE:00693344                 call    _MUIBugCheck@4  ; MUIBugCheck(x)
PAGE:00693344 ; ---------------------------------------------------------------------------
PAGE:00693349                 align 2
PAGE:0069334A

PAGE:0069334A loc_69334A: ; CODE XREF: NtGetMUIRegistryInfo(x,x,x)+1BE j
PAGE:0069334A                 cmp     [ebp+var_68], ebx
PAGE:0069334D                 jnz     short loc_693363
PAGE:0069334F                 cmp     ds:_PsUILanguageComitted, ebx
PAGE:00693355                 jz      short loc_69335E  -------> gives BSOD 0x12A, when not ZERO
PAGE:00693357                 push    8001h
PAGE:0069335C                 jmp     short loc_693344
PAGE:0069335E ; ---------------------------------------------------------------------------
PAGE:0069335E

PAGE:0069335E loc_69335E: ; CODE XREF: NtGetMUIRegistryInfo(x,x,x)+1D6 j
PAGE:0069335E                 call    _MigrateOOBELanguageToInstallationLanguage@0 ; MigrateOOBELanguageToInstallationLanguage()
PAGE:00693363



And the XP (with EMS) shows via Windbg

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows Vista 6000 x86 compatible target at (Tue Mar  9 12:56:17.380 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\WINDOWS\symbols
Executable search path is: C:\WINDOWS\symbols
Windows Vista Kernel Version 6000 (Service Pack 3) MP (1 procs) Free x86 compatible
Built by: 6000.16386.x86fre.vista_rtm.061101-2205
Machine Name:
Kernel base = 0x81400000 PsLoadedModuleList = 0x81511db0
System Uptime: not available
Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows Vista 6000 x86 compatible target at (Tue Mar  9 12:56:19.458 2021 (UTC + 1:00)), ptr64 FALSE
Loading Kernel Symbols
..........................................
Loading User Symbols

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 12A, {1, 46, 0, 0}

Probably caused by : ntkrpamp.exe ( nt!CmGetSystemControlValues+57 )

Followup: MachineOwner
---------

nt!RtlpBreakWithStatusInstruction:
81481760 cc              int     3
kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MUI_NO_VALID_SYSTEM_LANGUAGE (12a)
Windows did not find any installed, licensed language packs for the system default UI language.
Arguments:
Arg1: 00000001, Windows did not find any installed language packs during
	phase I initialization.
Arg2: 00000046, NT status code that describes the reason of failure.
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


DEFAULT_BUCKET_ID:  VISTA_DRIVER_FAULT

BUGCHECK_STR:  0x12A

CURRENT_IRQL:  1

LAST_CONTROL_TRANSFER:  from 814d873f to 81481760

STACK_TEXT:  
814f16e4 814d873f 00000003 814fac74 00000000 nt!RtlpBreakWithStatusInstruction
814f1734 814d91ac 00000003 00000001 00000046 nt!KiBugCheckDebugBreak+0x1c
814f1ae0 814d85c9 0000012a 00000001 00000046 nt!KeBugCheck2+0x5f4
814f1b04 8173fc58 0000012a 00000001 00000046 nt!KeBugCheckEx+0x1e
814f1b48 8173a596 00000000 814f8300 814f4820 nt!CmGetSystemControlValues+0x57
814f1cdc 816b901e 808076b0 814f1d3c 816babf9 nt!InitBootProcessor+0x257
814f1ce8 816babf9 00000000 808076b0 814fa67c nt!ExpInitializeExecutive+0x13
814f1d3c 814e6319 814f8740 814f8300 814f2000 nt!KiInitializeKernel+0x656
00000000 f000eef3 f000e2c3 f000eef3 f000eef3 nt!KiSystemStartup+0x319
WARNING: Frame IP not in any known module. Following frames may be wrong.
00000000 00000000 f000e2c3 f000eef3 f000eef3 0xf000eef3


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!CmGetSystemControlValues+57
8173fc58 cc              int     3

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  nt!CmGetSystemControlValues+57

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4549ae00

FAILURE_BUCKET_ID:  0x12A_nt!CmGetSystemControlValues+57

BUCKET_ID:  0x12A_nt!CmGetSystemControlValues+57

Followup: MachineOwner
---------

kd> lm
start    end        module name
81252000 81253100   WMILIB     (deferred)             
81274000 8127c000   kdcom      (deferred)             
8127c000 81285000   PSHED      (deferred)             
81285000 8128d000   BOOTVID    (deferred)             
8128d000 812c8000   CLFS       (deferred)             
812c8000 812f7d80   ACPI       (deferred)             
812f8000 81308a80   pci        (deferred)             
81309000 81312180   isapnp     (deferred)             
81313000 81315800   compbatt   (deferred)             
81316000 81319780   BATTC      (deferred)             
8131a000 8131b580   intelide   (deferred)             
8131c000 81322180   PCIIDEX    (deferred)             
81323000 8132d700   MountMgr   (deferred)             
8132e000 8132f700   dmload     (deferred)             
81330000 81334d00   PartMgr    (deferred)             
81335000 81339700   storpor8   (deferred)             
81400000 817a1000   nt         (pdb symbols)          c:\windows\symbols\ntkrpamp.pdb
817a1000 817d5000   hal        (deferred)             
81c00000 81ce1000   CI         (deferred)             
81ce1000 81db4000   sptd       (deferred)             
81db4000 81dd2880   ftdisk     (deferred)             
81dd3000 81df8700   dmio       (deferred)             
81df9000 81e08c80   vmci       (deferred)             
81e09000 81e15c80   VolSnap    (deferred)             
81e16000 81e23d00   vsock      (deferred)             
81e24000 81e3b900   atapi      (deferred)             
81e3c000 81e56b00   symmpi     (deferred)             
81e57000 81e6e880   SCSIPORT   (deferred)             
81e6f000 81e82000   storahci   (deferred)             
81e82000 81ecb000   storport   (deferred)             
81ecb000 81eed680   ntoskrn8   (deferred)             
81eee000 81f0b000   lsi_sas2   (deferred)             
81f0b000 81f13e00   disk       (deferred)             
81f14000 81f20180   CLASSPNP   (deferred)             
81f21000 81f40b00   fltMgr     (deferred)             
81f41000 81f52f00   sr         (deferred)             
81f53000 81f69b80   KSecDD     (deferred)             
81f6a000 81ff6d00   Ntfs       (deferred)             
81ff7000 82023a80   NDIS       (deferred)             
82024000 820a6000   wdf01000   (deferred)             
820a6000 820b4000   WDFLDR     (deferred)             
820b4000 820cde80   Mup        (deferred)             
820ce000 820d8580   agp440     (deferred)

 

Page 471

#7051infuscomus⇗ @diderius6

I wonder how Vista is designed to detect which system language is installed? It is obviously different from how XP detects language since this was a working XP install and I just swapped ntoskrnl/hal.
#7052infuscomus⇗ @diderius6

do you think copying every registry key with MUI in it from an existing vista install would be enough to get past this BSOD?
#7053George King
Zitat von ⇗ infuscomus im Beitrag ¶ #7052
@diderius6

do you think copying every registry key with MUI in it from an existing vista install would be enough to get past this BSOD?


I don't think it will be related to MUI registry key. I will scan LP installing process in Windows 7 RTM, where are no LPs. These locations should be same. But it can be also caused by file scan, as language pack package should be placed in correct place in packages directory.
Also it can be related to this registry as I cannot uninstall LP until it was modded
 
https://forums.mydigitallife.net/threads/how-remove-default-thin-pc-language-pack.81205/



I will try to do this LP scan in few days

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7054infuscomus⇗ @George King

Do you think it is possible to integrate a Vista language pack into an XP install?
#7055gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7045
I can remove by hand the whole "soldered" Bios chip from the brandnew Flex10,
so the original Bios chip is only glued in. The "solder" points under the Bios chip do not show the smallest damage, just the Bios chip is outside.
diderius6 ...normally, that kind of chip with the pads underneath is connected by a hot air flow. They may have developed some kind of conductive glue but I am guessing the batch from which your motherboard came did not have the airflow at the proper temperature to melt the solder.

Can you post a photo of the BIOS chip on the mobo and maybe photos of the mobo and chip when they are off? It's hard to visualize solder pads with no visible sign of solder.

When removing and replacing chips on a mobo or any board, it's better to have a good solder flux. I have a Zhaoxin 858D rework station which is a hot air device with different sized funnels to direct the hot air.

Sorry...saw your photo later. Pretty weird that you could remove the chip without de-soldering. Poor quality control. It appears from your photo that you may not have used soldering flux. The solder did not flow very well, especially on the lower pins on the left pin.

It's very tough to do, I am not being critical. You need the right temperature, a very fine point on the soldering iron, the right solder and flux. I have an adjustable heat soldering station with different tips which is a lot better than using my trusty old 25 watt iron. There is not very much space on modern mobos and I sometimes use an overhead microscope and amplify the board 100x.

The hot air station is very good as well once you get used to it. It's pretty well essential for surface mount technology.
#7056George KingNo It's impossible, but I hope I can reproduce same error on Windows 7, then find certain reg key or package file location.
Can you send me your files, so I can reproduce it on XP too?

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7057infuscomus⇗ @George King

I sent you a PM with my files.
#7058diderius6⇗ @gordo999

You are right, this time I do not use any solder flux.
The reason for this is:
On the solder pads on the motherboard itself was a lot of solder,
like small, high round hill on each pad.
No solder at all at the legs of the Bios chip.
So, any more solder or even flux can make those "hills" melt and connect pins to each other.
I use my 30 Watt iron, press the Bios chip as heavy as I could with fingers on the pad,
and the iron on them. So, the "hills" got melted and the Bios chip legs just sink into it
Dietmar

PS: On my older Flex 10 I removed the Bios chip with a HOT airgun from China.
Problem in this airgun is, that the temperature is about 500 degrees and it has too much power.
At once the Bios chip flies away ). On this older Flex 10 board after airgun I cleaned pins on motherboard and on the Bios chip from all solder, then use flux and the Bios chip sits perfect on the pads. To solder this was easy, because I can use much less solder than it is original on the new flex 10 board.
Yes, a good microscop lense would be very helpful, I just use glasses.
#7059gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7058
On the solder pads on the motherboard itself was a lot of solder, like small, high round hill on each pad. No solder at all at the legs of the Bios chip.
diderius6 ...Dietmar, the reason I use flux on old solder is that the old stuff gets hard to melt. A bit of flux makes it flow better. If there is too much and it flows across the pins you can 'wick' if off using braided copper which is designed for that. Or, use a suction device when the solder is melted.

The biggest problem, as you know is too much heat. That can destroy the chips, or cause the 'lands' to which the chip is attached to lift off the board. I use a very light (small diameter) solder (60/40) which melts fast and I add a small amount to the iron tip as I touch it on the chip lead to get it flowing. I try not to leave the tip on more than a second or two.

In the old days we'd use a heat sink of some sort on transistor leads to draw the heat away (small alligator clip). You could wedge the end of a long piece of 22 gauge copper wire between the chip leads, above where you are working, to suck some of the heat away.

With the hot air guns, I use tweezers to hold the chip in place, after tinning both the pad and the chip lead.  With the iron, I hold the chip with the tweezers while I attach one lead (after tinning the pad and lead). Then I go to another lead on the other side of the chip so I don't get too much heat in one area. Once a couple of leads are soldered it's easier to do the rest.

Zitat von ⇗ diderius6 im Beitrag ¶ #7058
Problem in this airgun is, that the temperature is about 500 degrees and it has too much power.
Know what you mean. For me, it's trying to find the right distance and using a funnel attachment that is about 3/16" diameter, to focus the heat.

Zitat von ⇗ diderius6 im Beitrag ¶ #7058
Yes, a good microscop lense would be very helpful, I just just glasses.
I was doing extensive work on a mobo, changing mosfets, and needed to trace the circuit. Could hardly see the traces. Bought a stereoscope microscope like the one at the link. It gives you 9" clearance between the lower lens and the work piece.

⇗ https://www.amscope.com/stereo-microscop...neck-light.html
#7060diderius6⇗ @gordo999

Thanks for the link. I like a lot the microscops there!

For a good stereoscope microscope 3 things must be fulfilled:

1.) Big distance between lense and object, at which you look
2.) Also possible low magnification
3.) Good light, this may be the most important

Dietmar
#7061gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7060
3.) Good light, this may be the most important...
diderius6 ...the unit at the link comes with an LED lamp on a goose neck holder for placing the light. You can see it on the example, it's the long, black attachment and you can bend the holder to shine directly onto the work. The base of the unit is quite heavy, for stability.
#7062infuscomus⇗ @George King

any updates on XP2ESD?
#7063George King
Zitat von ⇗ infuscomus im Beitrag ¶ #7062
@George King

any updates on XP2ESD?


Yes, I was working on method how to create fully localized shortcut with strings from EXE/MUI. So I finished it now. My goal is to add Snipping Tool app as it's really usefull component. Using Alky for application is possible patch Vista beta 2 with MUI from RTM. I tried to prepatch files to make it easy, but I realized it doesn't work at the end. It's needed to patch it in installed Windows at the end.

But I'm lost in automated patching way. Do you have idea how to reproduce it? If you install Alky for applications (best is to grab installer from Windows Sidebar addon by Ricktendo64), you get new right click context menu options. I found these options in registry, but there is no command only UUID. Do you have idea how to reproduce this patching from cmd?


EDIT: I also managed to use Windows 8.0 setup engine instead of Windows 10, so both can be now used without problem. My goal with Windows 8.0 setup engine is to be able use "upgrade" install. Will see today if I can really manage it. Windows 8.0 is latest possible engine (setup.exe) that can run under XP/Vista. My plan is deploy script, that can create perfect multiboot setup with multiple boot options, to boot into XP (XP2ESD modded boot.wim) / 7 / 10 setup engine with ability to use Recovery option and with only one install.esd. I hope this upgrade can be done, if yes setup transformation for XP will be perfect :) [TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7064infuscomus
Zitat von ⇗ George King im Beitrag ¶ #7063
Yes, I was working on method how to create fully localized shortcut with strings from EXE/MUI. So I finished it now. My goal is to add Snipping Tool app as it's really usefull component. Using Alky for application is possible patch Vista beta 2 with MUI from RTM. I tried to prepatch files to make it easy, but I realized it doesn't work at the end. It's needed to patch it in installed Windows at the end.

But I'm lost in automated patching way. Do you have idea how to reproduce it? If you install Alky for applications (best is to grab installer from Windows Sidebar addon by Ricktendo64), you get new right click context menu options. I found these options in registry, but there is no command only UUID. Do you have idea how to reproduce this patching from cmd?


⇗ @George King

Resource editor maybe? I'm not sure.
#7065xiaox
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #4

Windows XP/2003 32-Bit on Modern Intel Hardware

...


@Mov AX, 0xDEAD

hello sir, can i ask where i can download the "3) StorAHCI by skulltera/OneCore (storahci.sys), compiled from Microsoft Windows 8.x DDK Samples, (require storport.sys from Windows 2003)"?

and you says "Add PCI\VEN_8086&CC_0106 to *.inf as universal DEV_ID for any Intel AHCI Sata Controller", it's this right?(ie i add it in "7) StorAhci for Windows 2003, based on Microsoft Windows 8.x DDK Samples source code, ⇗ https://sourceforge.net/projects/storahc...dows-2003/";)

[Models]
%ADAPTERNAME% = storahci, "PCI\CC_010601" ; Standard SATA AHCI Controller
%ADAPTERNAME% = storahci," PCI\VEN_8086&CC_0106" ; Standard SATA AHCI Controller

[Models.NTx86]
%ADAPTERNAME% = storahci, "PCI\CC_010601" ; Standard SATA AHCI Controller
%ADAPTERNAME% = storahci, "PCI\VEN_8086&CC_0106" ; Standard SATA AHCI Controller

[Models.NTamd64]
%ADAPTERNAME% = storahci, "PCI\CC_010601" ; Standard SATA AHCI Controller
%ADAPTERNAME% = storahci, "PCI\VEN_8086&CC_0106" ; Standard SATA AHCI Controller


if it's right, how to add "amd's AHCI Sata Controllers" to those "Standard SATA AHCI drivers"?

 

Page 472

#7066klovaaxel1000Hello, I am new to this forum so hope it's ok to ask in this thread.

I need to move a windows XP machine to a newer PC I did manage to move it from the original one which was in sata IDE Mode to my main Z97 PC in ACHI mode by updating the IDE/ATA controllers driver to the DEV_8C83.

However the new PC (lenovoThincentre m710e) says its a 200 series z370 with a i3 7100 but none of the drivers labeled 100, 200/300 or 300 series work for me. just end up the the 0x000000A5 stop code.

Does anyone have any tips on how to get the drivers working for me?
#7067Fernando⇗ @klovaaxel1000
Welcome to the Win-RAID Forum!
Since the modern Intel RST drivers do not support Windows XP, I have moved your request into this thread where you may get help from usern, who know much more than me about how to get XP working on a PC with modern hardware.
By the way: The 0x000000A5 stop code has been caused by the not compatible XP in-box MS driver named acpi.sys and has nothing to do with the Intel SATA AHCI driver.
Good luck!
Dieter (alias Fernando)
#7068infuscomus⇗ @klovaaxel1000

To get past A5 BSOD you need to replace acpi.sys in system32\drivers with a patched acpi.sys
#7069infuscomus⇗ @George King

If you find out which registry key(s) that cause a 12A BSOD on windows7 let me know.
#7070klovaaxel1000⇗ @infuscomus

Thanks for your response I have however solved the issue by booting the xp OS on my old pc and Replaced the acpi drivers with standard pc in control panel, it booted fine however all the USB controllers where Intel usb3 so I decided to run this machine in a vm and pass through the USB an network
#7071BrooonsHiren's BootCD, MiniXP.
USB drivers to load by Txtsetup.sif
All work fine, but name USB device don't show from menagement device.
Why?
"USB 3.1 Root Hub", "USB Hub"- the inscription is not present....
From *.inf set driver - ok title
Through Txtsetup.sif - incorrect title
#7072diderius6⇗ @Gelip
I make a try,
if I can install original Win8.1 32 bit in pure UEFI mode (without any CSM) on the Flex10 with 32 bit bios.
Installation starts, but then the harddisk is not recogniced.
So, there may be a difference in original 32 bit Flex10 compis compared with 64 bit Flex 10 notebooks (as mine).
Because XP SP3 starts until mup.sys under pur UEFI on this compi using USB3,
I think, that the 32 bit Uefiseven works.
We just dont have a compi with real 32 Bit pur UEFI Bios
Dietmar

PS: Maybe, that pure UEFI boot is not supported for 32 bit Win8.1.
Pure UEFI boot also not works from original DVD with win8.0 in 32 bit on the Flex10.
#7073Gelip⇗ @diderius6
In my opinion, there were only few computers with UEFI 32-bit. Mostly they are UEFI 64-bit and have CSM. If there is CSM then you can use WinXP32/64 - there is only problem with ACPI, SATA and USB. To get around these problems the best way to use WinXP on a modern computer is a QEMU/KVM (virt-manager) virtual machine on Linux with PCI passthrough (CPU and bios must support).
I tested it and it works very well: ⇗ PCI passthrough karty graficznej na Debian 9 64-bit

  • virtual legacy bios - >no ACPI and storage (SATA & USB) problems<
  • native GPU and any PCIe or USB device


WinXP works like a dream
Of course we use PCIe devices with official WinXP drivers
#7074gordo999
Zitat von ⇗ Brooons im Beitrag ¶ #7071
Hiren's BootCD, MiniXP. USB drivers to load by Txtsetup.sif All work fine, but name USB device don't show from menagement device. Why? e
⇗ @Brooons ...I am interested in getting Hirens to run with mini XP on a newer Asus B360M mobo. Can you supply more information about what you are doing?
#7075Brooons⇗ @gordo999 Integration Sata by means of Txtsetup.sif
Replace Acpi.sys
For set USB  to need edit Txtsetup.sif like this:

 
[HardwareIdsDatabase]
AMDUSB30\ROOT_HUB30="amdhub30"
AMDHUB30="amdhub30"
AMDUSB30\CLASS_09&SUBCLASS_00&PROT_03="amdhub30"
PCI\VEN_8086&DEV_A2AF&CC_0C03="amdxhc"
 
[InputDevicesSupport]
amdxhc="USB bla bla HUB",files.amdxhc,amdxhc
 
[HwIdsDatabase]
AMDUSB30\ROOT_HUB30="amdhub30"
AMDHUB30="amdhub30"
AMDUSB30\CLASS_09&SUBCLASS_00&PROT_03="amdhub30"
PCI\VEN_8086&DEV_A2AF&CC_0C03="amdxhc"
 
[InputDevicesSupport.Load]
amdhub30=amdhub30.sys
amdxhc=amdxhc.sys
 
[files.amdhub30]
amdhub30.sys,4
 
[files.amdxhc]
amdxhc.sys,4

in detail for edit Txtsetup.sif: ⇗ http://www.oszone.net/user_img/050224181558/sata_guide.zip
⇗ http://www.oszone.net/2782

This worked, but, correct name Usb Hub is not displayed in the device menager
",,Bla bla,,," replaced another words

#7076infuscomus⇗ @Brooons

use the backported windows 8.0 driver instead.
#7077gordo999
Zitat von ⇗ Brooons im Beitrag ¶ #7075
Integration Sata by means of Txtsetup.sif
Replace Acpi.sys
For set USB  to need edit Txtsetup.sif like this:
⇗ @Brooons ...thanks for advice. On the Hirens 15.2 disk I found an XP.wim file in HBCD\XP folder. There is a txtsetup.sif file in the i386 folder of the wim file Is that the file you mean?

I am going to replace acpi.sys with acpi.sys from outer space and I have the installation file for SATA from Fernando. I am comparing my XP installation registry entries, that work well, with the entries in the Hirens sif file. I need some time to figure it out.

Meanwhile, thanks for the link. I will read the file. I have done slipstreaming using nlite, also adding drivers, but I don't see how that would work with Hirens. Looks like I need to edit the sif file directly and add the acpi.sys driver as well as Fernando's SATA drivers. I am still using ⇗ @daniel_k AMD drivers for USB 3 and I'll add those as well. I have PS/2 ports so may just use them at first.
#7078gordo999
Zitat von ⇗ gordo999 im Beitrag ¶ #7077
[quote=Brooons|p7075]
Integration Sata by means of Txtsetup.sif
Replace Acpi.sys
For set USB  to need edit Txtsetup.sif like this:
⇗ @Brooons ...thanks for advice. On the Hirens 15.2 disk I found an XP.wim file in HBCD\XP folder. There is a txtsetup.sif file in the i386 folder of the wim file Is that the file you mean?

I am going to replace acpi.sys with acpi.sys from outer space and I have the installation file for SATA from Fernando. I am comparing my XP installation registry entries, that work well, with the entries in the Hirens sif file. I need some time to figure it out.

If you need USB info from a working XP installation registry, let me know.

Meanwhile, thanks for the link. I will read the file. I have done slipstreaming using nlite, also adding drivers, but I don't see how that would work with Hirens. Looks like I need to edit the sif file directly and add the acpi.sys driver as well as Fernando's SATA drivers. I am still using ⇗ @daniel_k AMD drivers for USB 3 and I'll add those as well. I have PS/2 ports so may just use them at first.

ps. according to the file at your link I should make entries in the txtsetup.sif file for adding drivers under the heading [SourceDiskFiles] with a 1,,,,,,3_,4,1. It also says to create a folder in the install disk for the drivers but the only folder I see on Hirens is in the XP.wim file in the i386 folder under system32\drivers. Sound right??? Or should I create a $OEM$\$1\drivers directory somewhere and put each driver in its own folder? Hirens does not have the $OEM$ folder.
#7079Brooons
Zitat von ⇗ gordo999 im Beitrag ¶ #7077
On the Hirens 15.2 disk I found an XP.wim file in HBCD\XP folder. There is a txtsetup.sif file in the i386 folder of the wim file Is that the file you mean?

Yes
See on worker Txtsetup.sif ⇗ https://transfiles.ru/foo19
Zitat
$OEM$\$1\drivers directory somewhere and put each driver in its own folder? Hirens does not have the $OEM$ folder.


No need
system32\driver folder only

#7080Brooons⇗ @gordo999  ⇗ https://transfiles.ru/yushu
Ready XP.wim, for test it

(Intel B250 Prime work fine)

 

Page 473

#7081diderius6⇗ @Gelip
I just find an full 8Mbyte original UEFI 32bit Bios (via EEpromer readout) for the Lenovo Flex 10.
So, soon we will know, if it is possible to boot XP SP3 via pure UEFI
Dietmar

PS: Oh, soso much fun..)

Just flashed and double checked with this 32 bit Bios



⇗ https://ufile.io/tuixb2mu

EDIT: My 64 bit Lenovo Flex 10 does not start with this 32 bit Bios.
#7082gordo999
Zitat von ⇗ Brooons im Beitrag ¶ #7079
No need....system32\driver folder only
⇗ @Brooons ...thanks for help, advice, and link to sif file.
#7083galagun
Zitat von ⇗ diderius6 im Beitrag ¶ #7081

EDIT: My 64 bit Lenovo Flex 10 does not start with this 32 bit Bios.


Maybe it is hitting SEC phase due mismatch between security eeprom keys and UEFI32 routines, or mismatch between MEI chipset core and the routines found in the capsule. Nowadays the diverse components which compose machine's firmware boot are spread across motherboard eeprom's and chips built-in flash space. Isn't as easy as just replace main firmware volume as it was with older x86 desktop boards (actually, never has been easy in laptops, specially brand ones like HPs, Dells, Lenovo's, Apples, Toshibas, etc... but now with security signatures and checks, has become harder than ever).

This may need debugging via JTAG to see where it actually fails.

EDIT:
⇗ https://forums.mydigitallife.net/threads...te-issue.56669/
Basically, and according this, you need an older board with older processor to run UEFI32. Newer boards with UEFI64 and newer SoC can't be switched to 32bit older firmware, and older ones can't be switched to UEFI64. Mismatch between Capsule core and the EC firmware stored in the ITE chip prevent that.
#7084Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7081
I just find an full 8Mbyte original UEFI 32bit Bios (via EEpromer readout) for the Lenovo Flex 10.

I do not understand you
Earlier you wrote:
Zitat von ⇗ diderius6 im Beitrag ¶ #7024
When I now start direct from this USB harddisk,
first step of XP boot works

that you checked that UefiSeven 32 works
Do you have two Flex10 laptops?
#7085Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #7081
https://ufile.io/tuixb2mu

This bios is not pure UEFI because it has no GOP. UEFITool shows many errors:
<- H2OEZE-W

The original 32-bit Flex10 bios has GOP: ⇗ 93cn19ww(v5.2&v3.7).exe
<- H2OEZE-W

Original 32-bit bios: ⇗ 93cn19ww
Original 64-bit bios: ⇗ 93cn52ww Gelip has attached files to this post
#7086diderius6⇗ @Gelip

I have 5 Flex 10 ), 4 of them absolut identic for 64 bit.

Thanks a lot for the new Bios.
I only noticed, that the Bios for 32 Bit, that I found in Internet,
does not work.
Today in the afternoon I will flash yours and test,
have a nice day
Dietmar
#7087Gelip⇗ @diderius6
32-bit bios have only UEFI+GOP 32-bit firmware
64-bit bios have UEFI+GOP 64-bit & CSM+Oprom 16-bit
#7088diderius6⇗ @Gelip

Also with your 32 bit Bios, the 64 bit Flex 10 does not start.
I check everything 3 times, so ⇗ @galagun is right
Dietmar
#7089Brooons
Zitat von ⇗ infuscomus im Beitrag ¶ #7076
@Brooons

use the backported windows 8.0 driver instead.

⇗ success, press here
#7090infuscomus⇗ @Brooons

nice!
#7091Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7088
Also with your 32 bit Bios, the 64 bit Flex 10 does not start.I check everything 3 times, so @galagun is rightDietmar

Yes, you probably need to do ME cleanup. 32-bit bios have ME 1.0.2.1060 but 64-bit bios have ME 1.1.0.1089
#7092thetesterI have a Gigabyte H310M S2P motherboard.. I want to use the COM and LPT ports too. But when i try to install the Windows XP, i get a Blue Screen. ACPI error and SATA AHCI driver errors.
Wha i need to INTEGRATE with nLite to install?! Thank you! TT
#7093Gelip⇗ @diderius6
Try reprogram also EC.

EC is in file .fd after string "$_IFLASH_EC_IMG_"+8 bytes and have 64Kb (10000h) size. It starts with HEX 02 00

Original 32-bit bios: 93cn19ww -> offset 82C218
Original 64-bit bios: 93cn52ww -> offset 830D30

Gelip has attached files to this post
#7094diderius6⇗ @Gelip

I flash your 32 bit Bios on another 64 Bit Flex 10 notebook. From hardware it is identic to first one.
This time, the screen stays not black(?!). Strange, because flash methode and check of Bios chip content is fulfilled on both.
First try without modded EC. Now the result is exact the same as for my own build 32 bit Bios
(see post before)
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (469)

The Bios version and the EC in Bios is shown from the 64 bit version before, but now as 32 bit.
The harddisk is not recogniced and error is shown for the serial number Lenovo SN
Dietmar

PS: May be, that the Bios cant detect a harddisk with MBR. But for a GPT harddisk I think the UEFI files from Vista Longhorn do not work.

#7095Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7094
PS: May be, that the Bios cant detect a harddisk with MBR. But for a GPT harddisk I think the UEFI files from Vista Longhorn do not work.

I don't know, make a GPT partition and check but UEFI should support both MBR and GPT - at least for me WinXP 64-bit boots from MBR disk on pure UEFI (same WinXP 32-bit under DUET32 from MBR disk).

P.S. When you update the bios with the .exe file under Windows, the BIOS and EC are programmed:

Zitat
⇗ Install the package in Windows

Before Flash, plugin AC and battery capacity need over 30%.

   Locate the file 93cn59ww(v9.9&v3.8).exe that has been downloaded.
   Double click the 93cn59ww(v9.9&v3.8).exe icon.
   Click OK, the computer will automatically reboot to start flashing BIOS and EC. During the process, please do not turn off the computer.
   After the update finished, the computer will automatically reboot for the changes to take effect.



⇗ @diderius6
UPDATE!!!
Yes. EFI Longhorn 5219 32-bit files not support GPT ----> ⇗ https://www.betaarchive.com/forum/viewto...=450771#p450771

but it has nothing to do with the bios.

I think that the EC must be programmed compatible.

 

Page 474

#7096diderius6⇗ @Gelip

You cant use the flashprogram for to change between 64 and 32 bit, only EEpromer.
I think for to flash a 32 bit Bios with the flashprogram, a partition on the UEFI harddisk is build,
from which after reboot the Bios chip is written. So this does not work without an UEFI partition on harddisk
Dietmar

PS: Do you know, how to program the EC and the ME? Because I use your full 8Mbyte bios with its own EC and ME via EEpromer.
So this is stored at another place, not in Bios chip. But EC and ME can be updated so in princip it should be possible to change them by hand, but where and how?

PPS: Your 32 bit Bios has ME 1.0.2.1060 version and it is complete flashed to the Bios chip also.
How can I check on the Flex 10, which version of ME is now working there? And why is the Bios version and the EC the same as before (from 64 bit Bios)?
I can operate only from USB device on the Flex 10, because no harddisk is recogniced.
#7097Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7096
You cant use the flashprogram for to change between 64 and 32 bit, only EEpromer.

Yes, I know - but new (other) bios is programmed with EC.

Zitat von ⇗ diderius6 im Beitrag ¶ #7096
PS: Do you know, how to program the EC and the ME? Because I use your full 8Mbyte bios with its own EC and ME via EEpromer.

8MB file contains only bios and ME regions. EC region is in .fd file - did you read it -> ¶ t4035f45-Windows-XP-Bit-and-Server-Bit-on-Modern-Hardware-473.html#7093 ???

Maybe it is enough to replace the EC region in the 32-bit or 64-bit .fd file and program it with force EC only - see platform.ini settings:
[UpdateEC]
Flag=1
EC_Dialog=0
BIOS_Only=0
EC_Only=0
EC_Path=
EC_Compare=0
EC_Verify=0
EC_VerifyErrorRetry=3
;Flag                               (w)
;                  default : 0.
;                        0 : Don't flash EC by BIOS.
;                        1 : Flash EC by BIOS.
;EC_Dialog                          (w)
;                  default : 0.
;                        0 : Don't display confirm dialog when begin to update EC.
;                        1 : Show confirm dialog.
;BIOS_Only                          (w)
;                  default : 0.
;                        0 : Flash EC and BIOS file.
;                        1 : Only flash BIOS part of the merge file.
;EC_Only                            (w)
;                  default : 0.
;                        0 : Flash EC and BIOS file.
;                        1 : Flash only EC binary file.
;EC_Path                            (w)
;                  default : empty.
;                   String : EC file name.
;EC_Compare                         (w)
;                  default : 0.
;                        0 : Don't do compare before writing. Just do write action directly.
;                        1 : Read EC and compare difference before writing.
;                            If the read data is the same as the data we want to write,
;                              it will not do the write action.
;EC_Verify                          (w)
;                  default : 0.
;                        0 : Don't verify EC.
;                        1 : Verify EC after writing.
;EC_VerifyErrorRetry                (w)
;                  default : 3.
;                  Integer : Retry times.
;                            If the value is not zero means enable verify retry, and will retry setted times.
;                            0 for disable verify retry.

; Supports on WIN flash.
#7098Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #7096
How can I check on the Flex 10, which version of ME is now working there?


To check ME version use MeInfo for yor platform e.g. under UEFI Shell 32-bit from pendrive  TXEInfo.efi from Intel TXE System Tools v1 r4 -> ⇗ Intel Trusted Execution Engine: Drivers, Firmware & System Tools
#7099diderius6⇗ @Gelip
I format the intern harddisk from the Lenovo Flex 10 with GPT and FAT32,
but harddisk is still not recogniced from Bios.

Now I download Intel TXE System Tools v1 r4,
but I have no idea how to make a bootable USB stick from this, so that I can use all tools.
There are a lot of other tools also, with which I think you can change nearly everything.

May be others can help here also, to change the Lenovo Flex 10 Bit 64 ---> Bit 32 machine
Dietmar
#7100Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #7099
Now I download Intel TXE System Tools v1 r4,
but I have no idea how to make a bootable USB stick from this, so that I can use all tools.

For UEFI 32-bit bios:
  • format USB as FAT32
  • make folder EFI\Boot\
  • copy TXEInfo.efi from EFI32 System Tools archive to USB anywhere e.g. root
  • copy bootia32.efi (UEFI Shell) to \EFI\Boot
  • boot PC from this USB in UEFI mode
  • go to your USB - probably fs0: (check run map -r)
  • dir
  • txeinfo -page
Gelip has attached files to this post
#7101diderius6⇗ @Gelip

I get this for the Lenovo Flex 10 with 32 Bit Bios after typing TXEInfo.efi
Dietmar

#7102Gelip⇗ @diderius6
You have ME 1.0.2.1060
#7103galagunUEFI32 lenovo firmware for the Flex10 was meant to work with the N2805 and N3510 SoC family, while the UEFI64 image is meant to work with the posterior N2806 and N3520 ones. Maybe there is a difference between the SATA controllers built with these old and new SoCs which makes the built in EFI SATA AHCI driver to fail working with them (yes, UEFI uses drivers to expose these)?
#7104galagun
Zitat von ⇗ diderius6 im Beitrag ¶ #7101
@Gelip

I get this for the Lenovo Flex 10 with 32 Bit Bios after typing TXEInfo.efi
Dietmar



I can see this firmware can't decrypt the security info on your security eeprom, so the UUID and the OEM tags aren't available. Some firmware setups enter in manufacturing mode if them can't do that (can't read the "sealed" tag) and disable functions in the motherboard... Although never have seen firmware disabling sata controllers in manufacturing mode...
#7105Gelip⇗ @diderius6
Boot Flex10 from USB under UEFI32 Shell and check what about the hard drive:

devtree -b

Check SATA (AHCI) Ctrl number (in example is 91), then dh 91 -d
the pictures show examples from QEMU UEFI:


What does map -r show? Example from QEMU:
#7106George King
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #5440

0xDEADBEEF is error of ntoskrnl_extender, it means it found some error when someone called it (ported usb3 driver), second code can tell more, i numerated it as 0,1,2,3 to define what procedure inside sources generated it


Hi ⇗ @Mov AX, 0xDEAD, I encountered this BSOD with Server 2003 SP2. All ported drivers are included in this system.
With Windows XP is works as expected.

Any idea whats going wrong?

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7107infuscomus⇗ @George King

This happens because of this code in wrk2003.c

Zitat
//////////////////////////////////////////////////////   
//  KeAlertThread
gTramp_KeAlertThread = (PFN_BOOLEAN_PKTHREAD_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeAlertThread_magic1,
sizeof(KeAlertThread_magic1), KeAlertThread_magic1mask);
if (!gTramp_KeAlertThread)
gTramp_KeAlertThread = (PFN_BOOLEAN_PKTHREAD_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeAlertThread_magic2,
sizeof(KeAlertThread_magic2), KeAlertThread_magic2mask);
    if (!gTramp_KeAlertThread)
gTramp_KeAlertThread = (PFN_BOOLEAN_PKTHREAD_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeAlertThread_magic1chk,
sizeof(KeAlertThread_magic1chk), KeAlertThread_magic1chkmask);
        if (!gTramp_KeAlertThread)
            KeBugCheckEx(0xDEADBEEFL, 5, 0, 0, 3);
//////////////////////////////////////////////////////



I don't know why the hex check is necessary, ⇗ @Mov AX, 0xDEAD has a better understanding of why its there.

#7108infuscomus⇗ @George King

have you had any luck in finding the registry key that causes a 12A BSOD in windows7?
#7109George King
Zitat von ⇗ infuscomus im Beitrag ¶ #7108
@George King

have you had any luck in finding the registry key that causes a 12A BSOD in windows7?


I still don't touch it, I hope to have a look on it at weekend [TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7110thetesteris there any way to use Windows XP on this motherboard?! Thank you!

 

Page 475

#7111diderius6⇗ @Gelip

As you can see, no SATA driver at all, only USB.
Is there an generic Sata 32 bit UEFI driver for Bios,
which can be integrated with UEFI tool into the 32 bit Bios of the Flex 10
or can the SATA driver from the Flex 64 bit Bios been used also for 32 bit Bios
Dietmar

#7112Gelip⇗ @diderius6
Show command result:
pci -b
drivers -b
#7113diderius6⇗ @Gelip
Here it is
Dietmar



#7114infuscomus
Zitat von ⇗ thetester im Beitrag ¶ #7092
I have a Gigabyte H310M S2P motherboard.. I want to use the COM and LPT ports too. But when i try to install the Windows XP, i get a Blue Screen. ACPI error and SATA AHCI driver errors.
Wha i need to INTEGRATE with nLite to install?! Thank you! TT


⇗ @thetester

For a motherboard that recent it's easiest just to use the XP integral Edition with the optional patch integrator.

⇗ https://www.zone94.com/downloads/softwar...ntegral-edition

use options 1,4,6 and 7 for everything to work.
#7115Gelip⇗ @diderius6
SATA controller device is PCI 00 13 00
SATA driver is present in bios but not connected to SATA controller device - see #C column is -

Try connect driver SATA (EC) to device SATA controller (127):

connect 127 ec
map -r
#7116diderius6⇗ @Gelip

After typing

connect 127 ec
map -r

still only the USB device is shown
Dietmar

PS: Setup from original Win10 Usb installationsstick also tells: No harddisk found.
#7117Gelip⇗ @diderius6
I think you need to match UEFI32 EC and ME bios.

I have an idea but I don't know if it will work.

- now you have 32-bit bios writed by external programmer
- try update bios in with 32-bit from extracted (7-zip) file 93cn19ww.exe with insydeflash.exe

It should update the bios, ME and EC. If not, try again changing options in platform.ini
#7118diderius6⇗ @Gelip

Question is, how to run 93cn19ww.exe .
Frome the UEFI-shell it is not possible.
There has been Bios files from Lenovo in *.iso ,
but this I do not find.
May be, that there is an bootable Win8 32 bit USB stick image,
so that this can be used
Dietmar
#7119Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #7118
May be, that there is an bootable Win8 32 bit USB stick image,
so that this can be used


Yes, try WinPE 8 or 10 32-bit from USB
#7120diderius6⇗ @Gelip

Do you have a bootable winpe.img, I think best would be win8.0 32 bit
that starts under pur 32 Bit Uefi?
The winpe.img that you send to me,
does not boot on the Flex 10 with Uefi 32bit Bios
Dietmar
#7121Gelip⇗ @diderius6
Try update from UEFI32 USB Shell - copy two files to USB:
- FwUpdLcl.efi from FWUpdate\EFI32 folder from Intel TXE System Tools v1 r4
- Win01BTIL52_37_19.fd from extracted 93cn19ww.exe (rename to bios.fd)
- boot from USB in UEFI and:

⇗ @diderius6
EDITED

fwupdlcl bios.fd

or

fwupdlcl -f bios.fd

FwUpdLcl utility is only for ME region update
#7122diderius6⇗ @Gelip

using
fwupdlcl -f bios.fd

I got message
Error 8771: Invalid File

Dietmar
#7123infuscomus⇗ @diderius6

windows 8.0 32bit here - ⇗ https://the-eye.eu/public/MSDN/Windows%2..._dvd_915479.iso
#7124diderius6⇗ @Gelip ⇗ @infuscomus
I boot the Flex 10 with the win8.0 *.iso written to DVD, booting for Setup of Win8 from USB DVD device.
Together I connect an USB stick with the full 32 bit Bios 93cn19ww.exe on it.
Then on boot from Win8 setup I chose computer repair, commandline.
There I change drive letter to C: (USB stick) and type 93cn19ww.exe there.
Waaoh, Bios is updated(!).
Then on next reboot after about loong 5 min,
I can "see", how the Bios chip is flashed.
Now in Bios can be seen the real name and EC of 93cn19ww,
but still no harddisk.
So, the UEFI 32 bit driver from this Bios just does not work together with the real SATA connector in the 64 bit Flex 10
Dietmar

#7125Gelip⇗ @diderius6
I make WinPE 5 (Win 8.1) 32-bit. Use Rufus to prepare USB - FAT32
⇗ winpe81x86.iso

 

Page 476

#7126Pill Monster
Zitat von ⇗ George King im Beitrag ¶ #7106
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #5440

0xDEADBEEF is error of ntoskrnl_extender, it means it found some error when someone called it (ported usb3 driver), second code can tell more, i numerated it as 0,1,2,3 to define what procedure inside sources generated it


Hi @Mov AX, 0xDEAD, I encountered this BSOD with Server 2003 SP2. All ported drivers are included in this system.
With Windows XP is works as expected.

Any idea whats going wrong?



DEAD BEEF - hilarious! :D
#7127Gelip⇗ @diderius6
Run now txeinfo.efi -page
#7128Gelip⇗ @diderius6
Try Debian_32UEFI from USB. Write image ISO to USB with Win32diskimager, boot from it, press e to edit boot option, replace *586 to 4.9.0-8-686 and boot Debian pressing F10


⇗ live-image-i386.hybrid.iso

Show what gives the commands:
fdisk -l
cat /proc/devices
cat /proc/partitions
lspci -s 00:13.0 -v
#7129thetesteris there any way to use Windows XP on this motherboard?! Thank you!

Thank you, i'll try it!
#7130diderius6⇗ @Gelip

After your steps on reboot Debian hangs,
looking in vain for the Sata device
Dietmar

#7131diderius6I just compare the SataController DXE driver in 32 and in 64 bit UEFI Bios.
They are different, at least is one for x86 and the other is for x64

Section_PE32_image_SataController_SataController_body.efi

Dietmar
#7132galagun⇗ @diderius6
Check if you can see a clue as ven&dev pciids or cc_xxxx pnp ids.
#7133diderius6⇗ @galagun

I look, but I found only word Sata, 686 via Winhex txt extract and nothing about ven&dev.
Also I am not sure, that this driver is the only thing, which belongs to Sata,
because it is only about 3kB small body file
Dietmar
#7134Mov AX, 0xDEADHi ⇗ @Pill Monster

Zitat von ⇗ Pill Monster im Beitrag ¶ #7106
[quote=George King|p7106]
Hi @Mov AX, 0xDEAD, I encountered this BSOD with Server 2003 SP2. All ported drivers are included in this system.
With Windows XP is works as expected.

 
//  KeAlertThread
gTramp_KeAlertThread = (PFN_BOOLEAN_PKTHREAD_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeAlertThread_magic1,
sizeof(KeAlertThread_magic1), KeAlertThread_magic1mask);
...
            KeBugCheckEx(0xDEADBEEFL, 5, 0, 0, 3);


this mean KeAlertThread() not found inside w2003 sp2 ntoskrnl.exe as hex pattern

// 2003 SP2 MP:
// 55 8B EC 83 EC 0C 53 56 8B 75 08 57 8D 4E 44 8D 55 F4 FF 15 xx xx xx xx 64 8B 0D 20 00 00 00 BF 18 04 00 00
// 55 8B EC 83 EC 0C 53 56 8B 75 08 80 3E 06 57 74 16 6A 00 chk builds

// 2003 SP2 UP:
// 55 8B EC 83 EC 0C 53 56 8B 75 08 8D 4E 44 8D 55 F4 FF 15 xx xx xx xx 8A 4D 0C 0F BE C1 8D 44 30 5E
// 55 8B EC 83 EC 0C 53 56 8B 75 08 80 3E 06 57 74 16 6A 00 chk builds
#7135thetesterDear  infuscomus

I tried to create with Rufus (latest), but unsuccessfull.
I tried YUMI (latest), but stlii unsuccessfull (load, but halt after count memory..)
I tried WinSetupFromUSB 0-2-3, started the install, but the second stage is unsuccessfull..

Can you help me, which program, and which settings to write the CREATED Windows XP SP3 1,4,6,7 ISO to FLASH Drive (8 Gb)

Thank you!
The Tester'
#7136George King
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7134

 
//  KeAlertThread
gTramp_KeAlertThread = (PFN_BOOLEAN_PKTHREAD_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeAlertThread_magic1,
sizeof(KeAlertThread_magic1), KeAlertThread_magic1mask);
...
            KeBugCheckEx(0xDEADBEEFL, 5, 0, 0, 3);


this mean KeAlertThread() not found inside w2003 sp2 ntoskrnl.exe as hex pattern

// 2003 SP2 MP:
// 55 8B EC 83 EC 0C 53 56 8B 75 08 57 8D 4E 44 8D 55 F4 FF 15 xx xx xx xx 64 8B 0D 20 00 00 00 BF 18 04 00 00
// 55 8B EC 83 EC 0C 53 56 8B 75 08 80 3E 06 57 74 16 6A 00 chk builds

// 2003 SP2 UP:
// 55 8B EC 83 EC 0C 53 56 8B 75 08 8D 4E 44 8D 55 F4 FF 15 xx xx xx xx 8A 4D 0C 0F BE C1 8D 44 30 5E
// 55 8B EC 83 EC 0C 53 56 8B 75 08 80 3E 06 57 74 16 6A 00 chk builds


Yes, it doesn't exist in latest kernels. Here are kernels v5.2.3790.5583. I'm using fully updated setup with OnePiece Post SP2 UpdatePack for Server 2003.
 
https://www.mediafire.com/file/j3uhwhf85y6uu4b/2k3_kernels_5.2.3790.5583.7z/file



Is here a solution or this mean Extender needs to be adapted?

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7137infuscomus⇗ @thetester

The easiest solution for this would be to burn it to a CD.

If that is not an option then I suggest using Easy2boot to make the USB drive - it even has a specific option for phase2 of XP setup.

Note: For your hardware choose the one without DPMS - The backported windows8 AHCI driver is the better solution anyway.

⇗ https://www.easy2boot.com/download/
#7138Pill Monster
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7134
Hi @Pill Monster
Zitat von ⇗ Pill Monster im Beitrag ¶ #7106
[quote=George King|p7106]
Hi @Mov AX, 0xDEAD, I encountered this BSOD with Server 2003 SP2. All ported drivers are included in this system.
With Windows XP is works as expected.

 
//  KeAlertThread
gTramp_KeAlertThread
 = (PFN_BOOLEAN_PKTHREAD_KPROCESSOR_MODE) ModuleHexSearch(MODULE_NTOSKRNL, KeAlertThread_magic1,
sizeof(KeAlertThread_magic1), KeAlertThread_magic1mask);
...
            KeBugCheckEx(0xDEADBEEFL, 5, 0, 0, 3);


this mean KeAlertThread() not found inside w2003 sp2 ntoskrnl.exe as hex pattern

// 2003 SP2 MP:
// 55 8B EC 83 EC 0C 53 56 8B 75 08 57 8D 4E 44 8D 55 F4 FF 15 xx xx xx xx 64 8B 0D 20 00 00 00 BF 18 04 00 00
// 55 8B EC 83 EC 0C 53 56 8B 75 08 80 3E 06 57 74 16 6A 00 chk builds

// 2003 SP2 UP:
// 55 8B EC 83 EC 0C 53 56 8B 75 08 8D 4E 44 8D 55 F4 FF 15 xx xx xx xx 8A 4D 0C 0F BE C1 8D 44 30 5E
// 55 8B EC 83 EC 0C 53 56 8B 75 08 80 3E 06 57 74 16 6A 00 chk builds


Thanks, I hadn't seen that one before. :)
#7139Mov AX, 0xDEAD
Zitat von ⇗ George King im Beitrag ¶ #7138

this mean KeAlertThread() not found inside w2003 sp2 ntoskrnl.exe as hex pattern
// 2003 SP2 MP:
// 55 8B EC 83 EC 0C 53 56 8B 75 08 57 8D 4E 44 8D 55 F4 FF 15 xx xx xx xx 64 8B 0D 20 00 00 00 BF 18 04 00 00
// 55 8B EC 83 EC 0C 53 56 8B 75 08 80 3E 06 57 74 16 6A 00 chk builds

// 2003 SP2 UP:
// 55 8B EC 83 EC 0C 53 56 8B 75 08 8D 4E 44 8D 55 F4 FF 15 xx xx xx xx 8A 4D 0C 0F BE C1 8D 44 30 5E
// 55 8B EC 83 EC 0C 53 56 8B 75 08 80 3E 06 57 74 16 6A 00 chk builds
Yes, it doesn't exist in latest kernels. Here are kernels v5.2.3790.5583. I'm using fully updated setup with OnePiece Post SP2 UpdatePack for Server 2003.
Is here a solution or this mean Extender needs to be adapted?

⇗ @George King:
all 4 kernels from v5.2.3790.5583 still contain same patterns, i was able to start w2003 sp2 (Virtualbox VM) with these kernels(all 4 variants) without bsod, so
1) check ntoskrn8.sys version, last 5.1.2600.10
2) recheck actual kernel in installed w2003 versus 5.2.3790.5583 archive (ntkrnlmp.exe,size=2503168, ...)
#7140diderius6⇗ @Gelip
I extract the whole SataController
File_DXE_driver_SataController_SataController.ffs
from the 32 Bit Bios of the Packard Bell EasyNote ME69BMP
which runs on a N2806 with integrated chipset,
the same as on the Flex 10.
Then I change with UEFITOOL this Satacontroller in the Flex 10 Bios and flash.
Now the Satacontroller is listed on the Flex 10 with full correct name VEN_8086&DEV_0F23
, but still no harddisk
Dietmar

PS: There must be another Bios driver, which does not work, may be AHCIbus.
I dont find information comparing the chipset of the N2806 with the N2805.
With the 32bit Bios from the Packard Bell we should be able to integrate in the 32 bit Bios of the Flex 10  everything what is missed, step by step.

 

Page 477

#7141diderius6Should all the drivers with a questionmark "?" been replaced in Bios?
Any help is welcome
Dietmar

#7142thetesterWhere can I find, or how can i modify the drivers to work on Windows XP?!

No drirvers:
Unknown      ACPI\INT3450\3&11583659&0
PCI Data Acq VEN_8086&DEV_A379&SUBSYS_88881458&REV_10\3&11583659&0&90
PCI Device   VEN_8086&DEV_A324&SUBSYS_72708086&REV_10\3&11583659&0&FD
PCI simple   VEN_8086&DEV_A360&SUBSYS_1C3A1458&REV_10\3&11583659&0&B0
SM BUS       VEN_8086&DEV_A323&SUBSYS_50011458&REV_10\3&11583659&0&FC
VGA          VEN_8086&DEV_3E92&SUBSYS_D0001458&REV_00\3&11583659&0&10

Audio Device FUNC_01&VEN_8086&DEV_280B&SUBSYS_80860101&REV_1000\4&2E415D45&0&0201


Thank you,
TT'
#7143infuscomus⇗ @thetester

VGA VEN_8086&DEV_3E92&SUBSYS_D0001458&REV_00\3&11583659&0&10

no 3D driver for this device
there is a 2D driver though - ⇗ https://bearwindows.zcm.com.au/vbemp.htm
#7144Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7141
Should all the drivers with a questionmark "?" been replaced in Bios?

No, you don't !

The question mark is not the problem. UEFI Shell does not know what type of BUS (B) or DEVICE (D) driver is. I checked two UEFI computers and a UEFI virtual machine and there are question marks everywhere:
#7145diderius6⇗ @Gelip
Hm, I see, that at the driver for AHCI Bus is not a questionmark at you.
So, may be it is a hint for a not correct working, important driver in Uefi BIos
Dietmar
#7146Pill Monster
Zitat von ⇗ thetester im Beitrag ¶ #7135
Dear  infuscomus
Can you help me, which program, and which settings to write the CREATED Windows XP SP3 1,4,6,7 ISO to FLASH Drive (8 Gb)
I use ⇗ Rufus

Edit - I see you already tried Rufus but didn't work? Strange..  Another one I've used without issue is ⇗ WinToFlash
#7147thetesterThank you, it slill work! ;)
Now XP on my Machine!!!!! :)

But need theese drivers:
Unknown ACPI\INT3450\3&11583659&0
PCI Data Acq VEN_8086&DEV_A379&SUBSYS_88881458&REV_10\3&11583659&0&90
PCI Device VEN_8086&DEV_A324&SUBSYS_72708086&REV_10\3&11583659&0&FD
PCI simple VEN_8086&DEV_A360&SUBSYS_1C3A1458&REV_10\3&11583659&0&B0
SM BUS VEN_8086&DEV_A323&SUBSYS_50011458&REV_10\3&11583659&0&FC
VGA VEN_8086&DEV_3E92&SUBSYS_D0001458&REV_00\3&11583659&0&10
Audio Device FUNC_01&VEN_8086&DEV_280B&SUBSYS_80860101&REV_1000\4&2E415D45&0&0201

Now i try the VGA what  infuscomus what sayed..

Thank you
TT
#7148infuscomus⇗ @George King

any ETA on the next XP2ESD release?
also, any luck on finding the source of a 12A BSOD?
#7149George King
Zitat von ⇗ infuscomus im Beitrag ¶ #7148
@George King
any ETA on the next XP2ESD release?
also, any luck on finding the source of a 12A BSOD?
XP2ESD is close to release. Next beta ISO can be in few days. Including all XP and Server 2003 editions. Server still need figure whats wrong in event log, but now all 5.1 and 5.2 32bit setup can be automatically converted into modern installer method with UpdatePacks. Some small polishing in few days and I hope it can be ready

EDIT: I'm thinking about ACPI.sys replacing on the fly during setup, same as PAE patching. As this can be very usefull on USB installs. Also base image will be untouched. Only standard and ported drivers are integrated.

EDIT2: I also would like to see XP2ESD 1.5 to run without problems on 5.1 or newer too, Now is needed to perform build from Windows 8+ [TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7150infuscomus⇗ @George King

have you had the time to find the cause of a 12A BSOD?
#7151YuriyCNWindows XP mod 2021 - system build for the modern PC (edition 27.03.2021)

The information doesn't fit into a forum post for a long time - so download the text file and read it in Notepad. Always use the latest version of the methodology, as the information is constantly changing and the methodology is supplemented.

TXT file (84kB, ENGLISH) - ⇗ https://yadi.sk/d/w7ps2MxYETTrNw
TXT file (94kB, RUSSIAN) - ⇗ https://yadi.sk/d/DW6NIfqVymZNDg
#7152gordo999⇗ @YuriyCN ...thanks for good work on info files. Might be an error in the English version in section under 'Recommended drivers individually':

With reference to:

storroprop.dll = 100,,,,,,,,3,3

in this section:

"2) Edit file DOSNET.INF, look for line d1,scsiport.sys and put d1,storport.sys
below this line. There will be 2 such places, so let's do it 2 times, it will
be like this:

d1,scsiport.sys
d1,storport.sys

3) Edit file TXTSETUP.SIF, look for line storprop.dll and after not
storport.sys = 1,,,,,,3_,4,0,0,,1,4 it should look like this:
storroprop.dll = 100,,,,,,,,3,3
storport.sys = 1,,,,,,3_,4,0,0,,1,4"

Is that a typo for storroprop.dll?  Should it be storprop.dll?
#7153YuriyCNFixed and updated
Windows XP mod 2021 - system build for the modern PC (edition 28.03.2021)

TXT file (85kB, ENGLISH) - ⇗ https://www.upload.ee/files/13002216/Win..._3_ENU.txt.html
TXT file (95kB, RUSSIAN) - ⇗ https://www.upload.ee/files/13002217/Win..._3_RUS.txt.html
#7154George King
Zitat von ⇗ gordo999 im Beitrag ¶ #7152
@YuriyCN ...thanks for good work on info files. Might be an error in the English version in section under 'Recommended drivers individually':

With reference to:

storroprop.dll = 100,,,,,,,,3,3

in this section:

"2) Edit file DOSNET.INF, look for line d1,scsiport.sys and put d1,storport.sys
below this line. There will be 2 such places, so let's do it 2 times, it will
be like this:
d1,scsiport.sys
d1,storport.sys

3) Edit file TXTSETUP.SIF, look for line storprop.dll and after not
storport.sys = 1,,,,,,3_,4,0,0,,1,4 it should look like this:
storroprop.dll = 100,,,,,,,,3,3
storport.sys = 1,,,,,,3_,4,0,0,,1,4"

Is that a typo for storroprop.dll?  Should it be storprop.dll?






You can always use nLite addon to add needed new files for ported drivers, I posted it on MDL. If you add this addon you can safely integrate ported drivers too with them.

⇗ https://forums.mydigitallife.net/threads...-9#post-1649999 [TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7155gordo999
Zitat von ⇗ George King im Beitrag ¶ #7154
You can always use nLite addon to add needed new files for ported drivers, I posted it on MDL. If you add this addon you can safely integrate ported drivers too with them.
⇗ @George King ...George...I have used nlite on Win XP but I tried recently to mod the xp.wim file in Hiren's mini XP version with nlite and it doesn't seem to like wim files that are not from a windows installation. Neither does DISM, although I can mount the Hiren's 15.2 xp.wim with DISM (W10) and mod it from there.

⇗ @Brooons ...I got Hiren's 15.2 running to the boot phase without ACPI or SATA driver problems, but if I select Mini XP, the horizontal bar runs across the bottom and I get a blank screen after it completes. Seem to have a video problem. I recently upgraded my video card to Nvidia GT 1030 but my XP installation on disk will run on it in super VGA mode. Not sure which driver I should install on Hiren's.

Thanks for your help and your sample wim file. Helped a lot. So did ⇗ @YuriyCN 's text file for installing XP.

 

Page 478

#7156George King
Zitat von ⇗ gordo999 im Beitrag ¶ #7155
Zitat von ⇗ George King im Beitrag ¶ #7154
You can always use nLite addon to add needed new files for ported drivers, I posted it on MDL. If you add this addon you can safely integrate ported drivers too with them.
@George King  ...George...I have used nlite on Win XP but I tried recently to mod the xp.wim file in Hiren's mini XP version with nlite and it doesn't seem to like wim files that are not from a windows installation. Neither does DISM, although I can mount the Hiren's 15.2 xp.wim with DISM (W10) and mod it from there.



Yes, there is no tool for XP editing inside WIM. I didn't see you are working with live edition. Interesting idea. Will investigate Bart PE later in future to see if it can be included in XP2ESD image [TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7157gordo999
Zitat von ⇗ George King im Beitrag ¶ #7156
Yes, there is no tool for XP editing inside WIM. I didn't see you are working with live edition. Interesting idea. Will investigate Bart PE later in future to see if it can be included in XP2ESD image
⇗ @George King ...would be interesting to see something incorporated so your device booted like Hiren's or BartPE and the drivers could be inserted offline....maybe using nlite as part of the process.

I found a while back that the registry of another Windows OS can be edited offline by using a live regedit then loading the required hive from the offline hive. Of course, you don't want to go too crazy or you could be spending the rest of your life doing this. That's why I want to get Hiren's 15.2 running on my 300 series chipset (Intel B360M). It has a lot of goodies that can help troubleshoot problems on the offline OS.

Any ideas on a basic SVGA driver to use for Hiren's? In the txtsetup.sif file, under 'Display', it only lists vga=vga,sys. That driver is apparently too primitive for the newer nvidia GT 1030 card. However, I have noticed that a full XP OS will run in SVGA mode using some kind of driver with the same card.

I'm guessing it is running off an older nvidia nv4_disp driver in a very basic mode. I think that driver may have been loaded for the GT 730 driver which ran fine with XP on games like Myst.

Don't know if you are including the modded intelppm/hal mod for XP. It fixed up problems I had with games and the Firefox browser. Before inserting the modded files, games would not start, nor would the browser run efficiently.
#7158diderius6Hi,
on my EVGA z390 Dark board (XP friendly),
there is an onboard soundcard similar to  Sound Blaster Recon3Di VEN_1102&DEV_0011,

chip CA0132-4AN

But I found only a driver for Vista 32 bit for this Soundcard.

A look with Dependency Walker shows unfulfilled dependencies from this Vista 32 bit driver to ntoskrnl.exe to XP SP3

KeEnterGuardedRegion
KeLeaveGuardedRegion

What do you think:
Make a try for to enable this soundcard with Extender for Ntoskrnl.exe under XP SP3
or just use another soundcard, working under XP
Dietmar

EDIT: There is hope, because I think, that this 2 files from Vista are not needed
ieshims.dll
wer.dll

#7159gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7158
What do you think:
⇗ @diderius6 ...⇗ @daniel_k is the resident expert on Creative sound cards. He might already have a driver.
#7160Gelip
Zitat von ⇗ George King im Beitrag ¶ #7156
Yes, there is no tool for XP editing inside WIM.

I use imagex.exe + GUI (gimagex) for editing WIM. On WinXP 32-bit I used 32-bit imagex.exe 3.1.0.0 + GUI

Now on WinXP 64-bit I use 64-bit imagex.exe 6.1.7600.16385 + GUI:
#7161gordo999
Zitat von ⇗ Gelip im Beitrag ¶ #7160
I use imagex.exe + GUI (gimagex) for editing WIM.
⇗ @Gelip ....George and I were talking about the xp.wim file on Hiren's 15.2 boot disk. I have used dism to mount the Hiren's xp.wim file then I could edit it in a file manager. For some reason W10 would not let me delete any files in the mounted wim file unless I used shift-delete, which is normally used for permanent deletion.

Hiren's 15.2 would not run on the newer mobo's. I managed to edit the wim file which has a txtsetup.sif file and a system32/drivers folder. I edited the sif file and added modded XP drivers. Now it boots but I seem to be lacking a video driver that will work with the nvidia GT 1030 card. Oddly, my XP installation will run with the card in SVGA mode. It was running fine with a GT 730 so I am trying to figure out which drivers allow XP to run on the GT 1030 in SVGA mode. That's all I should need for Hirens.
#7162infuscomus⇗ @gordo999

There is no driver for the GT 1030 for XP, so it would be defaulting the the basic SVGA driver XP ships with.
There is a driver for the GT 730 for XP though so I assume that hirens XP.wim uses that.
#7163gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #7162
There is no driver for the GT 1030 for XP, so it would be defaulting the the basic SVGA driver XP ships with. There is a driver for the GT 730 for XP though so I assume that hirens XP.wim uses that.
⇗ @infuscomus ...thanks for reply. I am trying to figure out which stock XP driver is being used on my XP drive to make the GT 1030 work in SVGA mode. In the XP drivers folder, on both my hard drive and Hiren's boot CD, all I can see is vga.sys. It's obviously not working, either that or something else is wrong. I am wondering if there is a more advanced VGA driver that will do SVGA, or maybe vga.sys can do SVGA.

On my XP hard drive I have nvidia drivers left over from GT 730 and maybe it is running in SVGA from one of those drivers. I might try figuring out which drivers the GT 730 ran on, like the nv4_disp driver and see if I can load that in Hiren's.

I also have a lot of driver packs from the unofficial SP4 update. There may be a driver in there that will work. When I loaded the SP4 update, it made a few things work that were not working before. I could try the mobo video drivers but I don't want to keep switching if possible.
#7164daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7158
What do you think:
Make a try for to enable this soundcard with Extender for Ntoskrnl.exe under XP SP3
or just use another soundcard, working under XP

I've tried with SBZ (has nearly the same drivers), but it didn't work.

The driver does load, but no mixer inputs/outputs are exposed, so it's useless.
Also had to use (or port) portcls.sys from Vista.

One needs to learn about the changes in Vista+ in order to fix this.
#7165George King
Zitat von ⇗ Gelip im Beitrag ¶ #7160
Zitat von ⇗ George King im Beitrag ¶ #7156
Yes, there is no tool for XP editing inside WIM.

I use imagex.exe + GUI (gimagex) for editing WIM. On WinXP 32-bit I used 32-bit imagex.exe 3.1.0.0 + GUI

Now on WinXP 64-bit I use 64-bit imagex.exe 6.1.7600.16385 + GUI:


This was mean for NTLite equivalent app, which works with already deployed images. You can also use Windows 8.0 DISM on XP. I still not released XP2ESD v1.5 where is integrated completely, in public v1.4 is used Windows 7 DISM. [TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7166gordo999
Zitat von ⇗ George King im Beitrag ¶ #7165
You can also use Windows 8.0 DISM on XP... in public v1.4 is used Windows 7 DISM.
⇗ @George King ...I found that W7 dism lacks some of the features of W10 dism. I have not tried W7 dism recently. I had no problem mounting an XP wim file, as you point out, for Hirens, using W10 dism and editing it in file manager.
#7167YuriyCNwith 1 apr ))

#7168diderius6Hi,
after crazy fight with Microsoft download servers I succeed to start Updates for XP SP3 and Posready 2009 again.
I use the posready reg hack, and before I updated with external Service Pack until April 2014.
I do not install any updates for XP,
because problem with the XP validating tool can happen
Dietmar

#7169George King
Zitat von ⇗ diderius6 im Beitrag ¶ #7168
Hi,
after crazy fight with Microsoft download servers I succeed to start Updates for XP SP3 and Posready 2009 again.
I use the posready reg hack, and before I updated with external Service Pack until April 2014.
I do not install any updates for XP,
because problem with the XP validating tool can happen
Dietmar




Why not use integrated setup with all updates? [TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7170ruthan⇗ @YuriyCN: You forgot alternative operating systems.

 

Page 479

#7171diderius6⇗ @George King
It is from my german XP SP1 CD.
I build with your nice files a complete XP SP3 setup DVD, 788 Mbyte, with all updates for XP SP3 and also for all posready 2009 updates.
Then, also a brandnew XP validate tool starts.
The problem in this is, that the Windows Validate tool gives problem. And via my methode I can chose, which files I want and which not
Dietmar
#7172George KingMy tool XP2ESD is updated to v1.5!

This is most important update!
Setup from USB3.x with NVMe is no longer problem!
Deyploed system have correct HALs and kernels.
Automated HALs and kernel patching when 4GB+ RAM detected during setup on end machine.
Dynamic input ISOs processing, no more defining Windows XP file names ISOs.
Windows 8 DISM due VHD mounting and image capturing
Windows Server 2003 support
..and many more changes.

Please see changelog for all details.

 
03.04.2021 - v1.5 - Fixed generating tag file and image flag in Professional N Volume edition
                  - Fixed typos in Professional images naming
                  - Fixed MassStorage drivers integration before capturing
                  - Fixed registry bug in storahci.inf
                  - Removed bad driver iaNvStor.INF as iaNvStor.sys was broken somehow
                  - Updated AutoSysprep.cmd to dynamicaly process Repository folder
                  - Changed VHD mounting from DiskPart to DISM
                  - Changed "drivers" folder to "driverpacks" for future merging with Windows 7 / 10 setup to get perfect AIO
                  - Changed WinPE ScratchSpace from 32MB to 64MB (needed for sp3.cab repacking after PAE patching)
                  - Improved "System reserved" partition removal. New
method remove partition on target disk, which have size listed in MBs,
so 50/100/350/500 partition is automatically removed.
                  - Updated "Auto-Sysprep" scripts and deleted some unneeded files
                  - Updated DISM to latest version 6.2.9200.16384 that runs under XP - this adds also VHD mounting feature!
                  - Updated bcdedit.exe to latest version 6.2.9200.16384 that runs under XP
                  - Updated Longhorn NTLDR to look for standard ntoskrnl.exe
                  - Updated Snappy driver Installer to latest version v1.21.2.2102
                  - Updated MSSTMake to latest version 21.3.13.1
                  - Added Windows Server 2003 processing support, now
can be all XP and Server 2003 ISO processed to build one perfect
install.esd with all editions                
                  - Added default system tweaks - Disable missing antivirus warning, Set
Windows update as enabled to avoid unneeded settings prompt as WU is
down, Show My documents and Computer on desktop
                  - Added setup.exe patching for Windows 8.0 source, now can be used Windows 8.0 and Windows 10 setup engine
                  - Added temporary and log files removal before capturing image
                  - Added Serpent, Palemoon, Firefox browser SFX
installers, see more information about when you open them in WinRAR
                 - Added NTOSKRNL_Emu files into "Auto-Sysprep" as it's
needed for included ported drivers (Generic AHCI, Generic NVMe, Generic
USB3.x, Samsung NVMe, Intel IRST, AMD AHCI)
                  - Added bootsect.exe + bcdboot.exe v6.2.9200.16384
                  - Added winload.exe v6.0.6001.16497 - This one can
successfully boot XP/2003. If you want use this boot option, just
remember one important thing - This option can be used to boot after you
 finish OOBE otherwise you broke system
                  - Added makecab.exe extracted from Windows 7 image into WinPE setup image, need to repacking CABs
                  - Added sigcheck.exe into WinPE setup image, needed for detectinf file versions
                  - Added unneeded HALs and kernels removal before second reboot
                  - Added Windows XP bootlogo WinPE to get perfect XP look
                  - Added automated    HALs and kernel patching using WinXPPAE when more then 4000MB RAM detected during setup

                  - Added WinPE MassStorage integration steps -
including NVMe and USB3.x generic drivers. You can perform setup from
USB3 drive without problem!



 
https://www.mediafire.com/file/1r8b5pfxuesh9n5/XP2ESD_v1.5.7z/file




I also added into first post (Maybe need more update, but it's enough for now) Silent Software Pack example package. I hope you will find it useful for your own build. Expand it into setup folder and all of them will be applied at the end of setup before OOBE.
Included are latest XP browsers repacks, thanks for idea @Shortyportuguese, WinRAR, 7z, CCleaner, VirtualBox etc..

 
https://www.mediafire.com/file/0sbhqsgcc9r7f6c/SilentSetupSoftwarePack_Example_2021-04-03.7z/file
[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7173George King⇗ @infuscomus ⇗ @diderius6

If you want to build ISO with winload.exe, set USEWINLOAD=Yes in config.ini

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7174infuscomus⇗ @George King - nice work!
If you have the time now, can you try to find the cause of a 12A BSOD in windows 7?
#7175George King
Zitat von ⇗ infuscomus im Beitrag ¶ #7174
@George King - nice work!
If you have the time now, can you try to find the cause of a 12A BSOD in windows 7?
Yes, it's on my radar now! I'm going to use Windows 7 Ultimate E RTM, uninstall English language pack and commit changes, then install Czech language packs and compare both images, will send you all registry changes. I hope we can find needed placeholder soon :) [TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7176diderius6Hi, today I make some speed tests with the dark z390 board under XP SP3 with all updates and also all posready.
CPU 9900k, 32Gbyte memory.

In Mathematica 5

25 sec for 2700000! with Western Digital black harddisk 2 TB and 4 Gbyte Memory
43 sec for 2700000! with nvme Optane 905P 960 GB and the 32 Gbyte patch

Cpu load only 6% in both cases(?!).


On Youtube and the Nvidia GT730 graphiccard

4k Video Peru without any stoppers with Western Digital black harddisk 2 TB and 4 Gbyte Memory
4k Video Peru with small stoppers with nvme Optane 905P 960 GB and the 32 Gbyte patch and 32 Gbyte Memory

Boottime to full desktop 13 sec with Western Digital black harddisk 2 TB and 4 Gbyte Memory
Boottime to full desktop 20 sec with nvme Optane 905P 960 GB and the 32 Gbyte patch


Dietmar
#7177ruthanWell 100 / 16 (8 core + 8 virtual ones(HT)) threads is ~6%, maybe its running on single core..
#7178CixertAs much as I search, I cannot find where to download WinXPPAE 2.0 by ⇗ @daniel_k
I do not understand...
#7179George King
Zitat von ⇗ Cixert im Beitrag ¶ #7178
As much as I search, I cannot find where to download WinXPPAE 2.0 by @daniel_k
I do not understand...


There is latest 3.5 version [TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7180Mov AX, 0xDEADHi !

Let's make another dirty hack :)

This time is AVX/AVX2 Enabler for Windows XP (x32 only)
Again as Proof-of-Concept, only ntkrpamp.exe (MultiCPU+PAE) is done (still BETA v1), v5.1.2600.7581 (KB4463103 update, 2029056 bytes)

Do it yourself (you need change kernel file on disk, remember about Microsoft's EULA):
1) xdelta3.exe -v -f -d -s ntkrpamp.exe ntkrpamp.delta ntkrpamp_avx.exe
2) put ntkrpamp_avx.exe as new ntkrnlpa.exe in /system32 folder, ntkrnlpa.exe will be selected by bootloader only if windows was installed as MultiCPU+PAE. Also you can force exact filename in boot.ini: add /kernel=ntkrnlpa.exe

Links:
ntkrpamp.delta v1 - ⇗ http://www.unibytes.com/facSy3u_83gLqw-Us4P3UgBB / ⇗ https://www.mediafire.com/file/a692j6ymc..._delta.zip/file
ASM sources (FASM format) v1 - ⇗ https://pastebin.com/CbBFd5tM
xdelta3.exe - ⇗ https://github.com/MovAX0xDEAD/KDNET/raw/master/xdelta3.exe


P.S. Some test/diag utils fail with AVX detection due wrong coding, but proper projects like Prime95 do it right

P.S. WinXP x64 kernel has different FPU context format, but i think it is possible to do same trick, but i'm not interested

P.S.S Don't ask for AVX512, there is no free space in FPU context to store additional 16*AVX512_H(256bit) regs. WinXP x32 kernel allocates only 520 bytes(see _FXSAVE_FORMAT struct) for store all (2*ControlWords(128bit) + 8*FPU/MMX(128bit) + 8*SSE(128bit) + 8*AVX_H(128bit)) regs, this "520" harcoded to structs and code :(
#7181diderius6⇗ @Mov AX, 0xDEAD

I take a look, which CPU is first in offering AVX (Registers with 256 Bit) : Sandy Bridge
AVX2: Haswell
Via Microsoft, only from Win7 SP1 AVX is used.

I just build ntkrpamp_avx.exe

⇗ https://ufile.io/in92dj79

Dietmar

"By default, newer Prime95  >=  v.27 automatically selects the newest instruction set extension, such as AVX, AVX2, or even AVX-512." yepp, confirmed.
Hihi, this will be a real burning hardware test for any compi now, using Prime95 with AVX enabled under XP SP3 with last Posready ntkrpamp.exe.
Einstein@Home, looking for Gravitional Waves, also uses AVX.

EDIT: I just check Prime95 with and without AVX. AVX works.
Prime95 is about 4 times(!) as fast as without AVX.


CPU 9900k on the EVGA Dark board z390 reaches 100 degrees on all cores,
225 Watt without any overclocking.
The EVGA dark z390 board is stable under this extreme conditions but I think,
that this test will crash a lot of compis.
#7182iyutos⇗ @Mov AX, 0xDEAD

To add a new CPU instruction into XP kernel - it's hard to imagine, I admire your skills.

What about patching Explorer.exe so that when deleting NTFS Junction through Shift+Delete, it will not delete target files.
Also to add an ability to understand NTFS symlinks natively (though there is a symlink driver for Windows XP by Masatoshi Kimura).
To remove 255 characters limit in Explorer.exe for files and folders...
#7183diderius6Would be very interesting,
to compile some programs new, allowing the compiler to make use of AVX2 instructions.
Nothing needs to be changed in original code. The compiler do it for you.
Not only the registers are now 256 bit, also the integer operations.
Mathematica or Chess-programs do not use it until now
Dietmar
#7184Outbreaker⇗ @Mov AX, 0xDEAD
Will the AVX/AVX2 Enabler also work with the PAE RAM Patcher together?
#7185diderius6⇗ @Outbreaker

I put the AVX patch from ⇗ @Mov AX, 0xDEAD  together with the Mem patch from ⇗ @daniel_k

Needs intensive testing,
for me it works
Dietmar

⇗ https://ufile.io/9cqs6h78

EDIT: With AVX and mempatch, now Prime95 is about 430% faster as without.
CPU-Z tells, that now the CPU is 1200% faster..

 

Page 480

#7186Outbreaker⇗ @diderius6
I see. I had to apply the AVX Patch first before applying the RAM Patch.
#7187ruthanI was searching to my stuff, so found memory bios areas explanation from one super micro manual.. It probably help to understand, why PAE patch is needed for to gain reasonable ammount of rams on some MBs..
It seams at least for some MBs, this design is sucks and its done by wrong way..


 Source Super micro MBD-C7X99-OCE-F manual
⇗ https://www.supermicro.com/en/products/m...ard/C7X99-OCE-F // here is download link
#7188jonathan_hzshalplusntosAVXplusMempatch.7z
shutdown and reboot error
usb become unknow
#7189diderius6⇗ @jonathan_hzs

Do you use usbport.sys from win2003

Dietmar

⇗ https://ufile.io/r75opqts

EDIT: May be, that the other files from the USB stack should also be used from win2003, because they work under large memory,
usbd.sys and usbstor.sys .
#7190diderius6⇗ @jonathan_hzs

With halplusntosAVXplusMempatch.7z
and only usbport.sys from Win2003
I noticed some random crashes,
when connecting a new USB device (USB driver is the win8 ported).

I dont know, which is the last usbd.sys and usbstor.sys from win2003.

But USB3 boot for example works, EWF works (gives 83524 Mbyte/sec ^^),
all on the Evga Dark z390 board.
Until now, all other seems to be stable. Prime95 runs stable for 90min, cooking compi )
Dietmar
#7191daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7190
With halplusntosAVXplusMempatch.7z
and only usbport.sys from Win2003
I noticed some random crashes,
when connecting a new USB device (USB driver is the win8 ported).

I dont know, which is the last usbd.sys and usbstor.sys from win2003.

Hi Dietmar,

usbport.sys is only used by USB 1.1 / 2.0 host drivers, so the crashes have nothing to do with it.
#7192diderius6⇗ @daniel_k

I changed

usbport.sys
usbstor.sys
usbd.sys

against their version from win2003

Now, the random crashes are gone for
halplusntosAVXplusMempatch.7z

Dietmar

⇗ https://ufile.io/apynpcsd
#7193Outbreaker
Zitat von ⇗ YuriyCN im Beitrag ¶ #5876
Zitat von ⇗ schreiberstein im Beitrag ¶ #5856
New report:

After testing out the Sapphire AMD Radeon 7970 graphics card for a while now, I fount its performance to be lackluster on my Z490 platform:

Neg:
- Performance feels dated when playing games at 1440p
- Windows XP 2D performance is very slow (~1900 pts in Tom 2D Benchmark)
---> Regardless of the blazing fast 10 core CPU, the UI feels very sluggish like an old Intel Centrino notebook from 2005.
---> Performance degraded even further when using the PAE memory patch to enable more than ~900 MB of RAM (~1900 pts to ~400 pts on Tom 2D Benchmark) = UNUSABLE PERFORMANCE!
---> Scrolling in web browser felt slow
- Catalyst Control Center buggy on Windows XP


1. To increase 2D performance on RADEON video cards in 2-3 times, you need to replace the videoprt.sys file with a file with WinXP SP2.
⇗ https://www.upload.ee/files/12489589/videoprt_files.zip.html

2. Good Catalyst Control Center for Windows XP
⇗ https://www.upload.ee/files/12377846/AMD...-Pack3.zip.html

3. Scrolling in web browser felt slow - it is observed with PAE only. Without PAE - scrolling in web browser works fast.
Replace the file c:\WINDOWS\system32\drivers\videoprt.sys - and the scroll will work fine!


@ALL
Is this problem still the case?
And is the file videoprt.sys also from WinXP SP2?
#7194YuriyCNSituation with videoprt.sys + PAE RAM patch

It was noticed that using videoprt.sys taken from "WinXP SP2" AMD Radeon drivers have much better 2D performance (up to 200-250%) than the file with SP3. NVidia users answered that they do not see any difference between SP2 and SP3 - that is why the ready builds #2 and #3 include the file with SP2 as a more productive one. Checked file should be copied to c:WINDOWS\system32\drivers\videoprt.sys replacing the original one and reboot your PC. After the restart make sure that the file protection system does not give back the old version.

Measure the 2D performance with Tom2D_Ru (2D GDI Benchmark) and videoprt.sys (versions from SP1, SP2, SP3) - ⇗ https://www.upload.ee/files/13039545/Vid...D_Test.zip.html
#7195OutbreakerWell that's interesting and strange.
If there is no side-effect for the Intel/NVidia users then it thing it would be the best to simply use the WinXP-SP2 videoprt.sys file as the default one for Windows XP.

EDIT:
Is the web browser Scrolling slower with the SP2 videoprt.sys file or without the SP3 videoprt.sys file?
#7196diderius6Hi,
there is a z590 motherboard, that supports XP
Dietmar

⇗ https://www.overclock.net/threads/asrock...thread.1778037/
#7197daniel_k⇗ @YuriyCN

I don't have time to test right now.
Can you please test these SP2 hotfixes to see the performance?

5.1.2600.3512 (latest version)
⇗ http://thehotfixshare.net/board/index.ph...921-x86-enuexe/

5.1.2600.2911
⇗ http://thehotfixshare.net/board/index.ph...332-x86-enuexe/
#7198YuriyCNThe effect is manifested with "Radeon video cards + PAE patch" only.
videoprt.sys (with SP2) - normal scrolling and good 2D performance
videoprt.sys (with SP3) - slower scrolling and low 2D performance

Zitat
I don't have time to test right now.
Can you please test these SP2 hotfixes to see the performance?

5.1.2600.3512 (latest version)
⇗ http://thehotfixshare.net/board/index.ph...921-x86-enuexe/

5.1.2600.2911
⇗ http://thehotfixshare.net/board/index.ph...332-x86-enuexe/



Okay. The result will be later.

#7199PPeti66xTest on my machine: ASRock Z77 Fatal1ty Professional, CPU Intel I7 3770 (non-K variant, overclocked to 4.00 GHz); VGA: AMD Radeon R9 280x, Driver Date 29.08.2013, Driver Version: 9.0.100.0
Sorry, but I missed the "copy to clipboard" - because cyrillic text codepage was not converted to my system codepage - so only screenshots are available in RAR archive.

PPeti66x has attached files to this post
#7200OutbreakerStrange that the ⇗ KB96092 HotFix that supposedly only fixes an LCD bug is causing this Radeon slow down Vs the ⇗ KB917332 HotFix.

 

Page 481

#7201daniel_k⇗ @PPeti66x

Thanks for your results, just realized that I couldn't test anyway, as I don't have any Radeon cards here.
#7202YuriyCNVideocard - Radeon R7 360 2GB
OS - Windows XP Pro SP3 RUS

2D performance with videoprt.sys (SP2):


2D performance with videoprt.sys (SP3):


These updates are not installed on my PC.
Please upload ready-made, unpacked files videoprt.sys.



#7203Outbreaker⇗ @YuriyCN
Here you go.
⇗ https://www.mediafire.com/file/77u09ddvh...ookies.zip/file
You can also extract the WinXP HotFix files with command '/x' like "KBXXXXXX.exe /x"
#7204YuriyCNVideocard - Radeon R7 360 2GB



WindowsXP-KB917332-x86-ENU\SP2QFE\videoprt.sys



WindowsXP-KB960921-x86-ENU\SP2QFE\videoprt.sys



WindowsXP-KB960921-x86-ENU\SP3QFE\videoprt.sys
#7205ruthanCould you share Tom2D benchmark tool pleas? It seems that old download links are dead.
#7206PPeti66xv1.04 english: ⇗ https://www.overclockers.com/forums/atta...27&d=1323748287
v1.05 russian: ⇗ http://www.thg.ru/graphic/2d_acceleratio...es/Tom2D_Ru.rar
#7207daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7190
With halplusntosAVXplusMempatch.7z
and only usbport.sys from Win2003
I noticed some random crashes,
when connecting a new USB device (USB driver is the win8 ported).

Those random crashes happened only when booting from USB?
#7208Lenovo_brokey:/
#7209diderius6⇗ @daniel_k

Before, the crashes with 32 Gbyte sometimes happen, when I connect an USB stick
or sometimes, when I shut down the compi.
But now, with the Win2003 usb files,
I have not seen any crash.
For me it is rockstable. All programs work. Other question is, if XP uses any of the memory >4Gb, until now I see no difference to 4 Gb.
I succeed with USB boot from USB stick (with EWF filter and cfa.sys for to show any USB stick as harddisk, it is most fast XP in world ), also harddisk in USB box.

By the way I noticed, that your USB driver AMDXHCI_XP_FINAL_V3 is best for USB boot, only not for Asmedia ports

Dietmar
#7210Andalu
Zitat von ⇗ diderius6 im Beitrag ¶ #7209
I succeed with USB boot from USB stick (with EWF filter and cfa.sys for to show any USB stick as harddisk, it is most fast XP in world ), also harddisk in USB box

Could you please write a short guide about it?
#7211YuriyCNTom2D_Ru 1.05 + videoprt.sys (versions from SP1, SP2, SP3)
⇗ https://www.upload.ee/files/13039545/Vid...D_Test.zip.html
#7212diderius6⇗ @Andalu

Ok, I write Tutorial. Because it means a lot of work for me,
I continue this Tutorial day by day, when I have mood ) and time for.
All needed files I offer for download. During writing this Tutorial I do all the steps by hand,
so that I do not miss something.

You do everything for yourself.
I am not responsible for any damage.


Tutorial How to build a write protected USB stick for any motherboard and boot XP from it


14 April 2021 dietmar.stoelting@t-online.de

1.)  Format a harddisk with Fat32.
NTFS can be used also, but it is not possible to boot a mechanical write protected XP via NTFS.
     Put this harddisk in an USB box and format this harddisk with RMPrepUSB  v.2.1.739.
     In RMPrepUSB choose on top "Settings" List large devices > 128 GiB.
     Set mark in XP/BartPE bootable [NTLDR], FAT32, Force use of LBA calls . No other mark.
Click on the drive, so that it becomes blue.
Click left down on "6 Laufwerk bereitstellen". Click "ok", "ok", "ok", wait few seconds and then hit right down "Beenden".

RMPrepUSB  v.2.1.739  
⇗ https://ufile.io/aq0gleox

2.) Take this harddisk with Fat32 out of the USB box and install XP on it. Best is to install XP via original CD.
When during setup XP asks you about this harddisk, use "let partition unchanged".
You can install every driver and program, that you want. I would install only the most needed drivers and programs,
because later to copy it to an USB stick becomes very slow, when a lot needs to be copied.

3.) Before you install any USB device, go to Windows\inf folder usbstor.inf
Change there in
[USBSTOR.AddService]

StartType      = 3     --->  StartType      = 0

and add the line below ServiceBinary  = %12%\USBSTOR.SYS

LoadOrderGroup = System Reserved

close usbstor.inf and store.

When you have already an USB driver or device installed, you have to do this step also,
but also change this value in registry [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\usbstor]

Start = 3 ---> Start = 0

and add extra key with content

Group System Reserved

4.) Download the USB driver from ⇗ @daniel_k . Other USB driver can work also, but this is the most easy way.
I edit this USB driver so that nothing needs to be changed.
Copy this USB driver to your harddisk.
Install this USB driver via device manager.
First click on amdxhc.inf and later, when XP asks, amdhub30.inf.

DanielUSBV3mod
⇗ https://ufile.io/6r80m7ix

5.) Connect your USB device, from where you want to boot XP. It can be any device, even flashcard.
 Here I tell the procedure for the Kanguru SS3 USB-Stick. This is an USB3 stick with size 16, 64, or 128 Gbyte.
Expensive and slow, but it is one of the very few USB sticks on the market, which have a mechanical write protection.
This mechanical write protection is a true protection. I compare the content bit by bit before and after boot, no change.
Later with the EWF filter it builds the fastest XP on earth with this stick.

Before connecting your wished USB device, format it with FAT32 RMPrepUSB as written before.
This is an important step. Even later for to copy you may delete this partition on the USB device,
it has to be formatted before as I wrote.

The USB3 port has to be not from Asmedia.
USB boot via the Asmedia port is possible, but you have to use the original Asmedia USB3 files v.54 for this and modd its *.inf.
USB boot is also possible with the nice ported Win8 driver from ⇗ @Mov AX, 0xDEAD .
But also does not work for Asmedia USB ports and also not for to boot from an USB stick, but USB boot from harddisk in an USB box works.

6.) Disable the pagefile via "System" and boot XP new.

7.) Install the Cfa.sys filter driver to the USB stick. This step is only necessary, when your USB device is shown as "removable".
 If you have success you will see, when the USB stick suddently appears as harddisk.
For this copy the CFA folder to the harddisk. Go to Device Manager, look for your USB device.
There you can see the driver disk.sys and partmgr.sys.
Choose driver update and click on cfadisk.inf. Install this driver even message appears,
that this driver is not for this device.

CFA filter driver
⇗ https://ufile.io/a6lgu2bv

7.2) Type regedit in "run" and delete whole key Mounted Devices.
[HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices]
After deleting this key, shut XP down and go to 8.) Do not start this XP again,
before you copy it to the USB stick, because with each reboot, this key Mounted Devices is build new from XP.

8.) Now you have to make a copy of your XP on the harddisk to the USB stick.
I prefer to copy the files one by one from an outstanding XP via copy and paste.
This copy and paste let all files continous and allows the maximal possible short boottime for XP.
Begin with NTLDR, then ntdetect.com, then boot.ini then whole "Windows" folder, then "Documents and settings",
then "programs" then the rest. Always NTLDR has to be copied first and alone!
"Recycled" and "System Volume Information" copy not.

Now you may have a bootable USB stick. Depending on the device, there are possibilities to make any USB device bootable.
Most common is Bsod 0x7B or 0x21. Against 0x21 helps to start one time in Safe mode or to start with the connected original harddisk. And you may get a windows, which starts, but you see not the Desktop.
In this case you have to delete the whole key "Mounted Devices" on the USB stick from an outstanding XP.
On reboot, XP builds this key new.
[HKEY_LOCAL_MACHINE\SYSTEM\MountedDevices]

Exact this happens to me, when I follow step by step this my own Tutorial. Because of this, I put 7.2) here, there it is easy to delete the key
"Mounted Devices".
After deleting key MountedDevices on my USB stick, XP boots to Desktop via this USB stick, nothing other connected.

Now I describe, how to install the EWF filter, so that you have an XP from USB stick, which can boot write protected and is ultrafast.

9.) Download and extract the folder EWF to your bootable USB device

EWF
⇗ https://ufile.io/edismzsa

Copy from the folder EWF the file ewfmgr.exe to Windows\System32
and the file ewf.sys to Windows\System32\drivers

Type regedit in "run"
Go in registry to [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet]
Click right on this key and choose "Permissions".
On the second (or last) entry (something like user) set all marks in "Allow".
When you do not find "user", click on each other and select always "allow".
Then click on "Advanced".
Then set mark in "Replace Permissions.."
click "Apply" "Yes" "ok" "ok".

Then doubleclick in the folder EWF on ewf.reg.
When you set the permissions correct in registry, a message appears,
that the changes have been put to registry.

10) Type again regedit in "run".
Go to
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ewf\Parameters\Protected\Volume0]
and change there on the right side "enabled" from 0 ---> 1
This Bit changes the whole USB device partition(!) to write protect.
Close registry and shut compi down.

After(!) next boot XP starts write protected. My boottime is 4 sec.
When you have an USB stick, which can be set manually write protect you will see,
that XP still boots. Only on a FAT32 partition XP does not write again and again to the USB device.
This prolonges the life of your USB stick from 1 day to years.

A test, if everything is ok you can do also:

Type in commandline ewfmgr c:

And when all is ok, you see message RAM <REG> enabled
and at bottom, how many bytes are used now for the Ram overlay. It can be under XP 650 Mbyte.
Nice hack would be, to enlarge this to 2 Gbyte as on win7.

When you want to stop write protect (first switch mechanical switch to write enable), write in commandline
ewfmgr c: -commitanddisable -live
and all your changes are written to your USB device. This is very comfortable and fast for new programs.
In registry you can see, that in
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ewf\Parameters\Protected\Volume0
"enabled" from 1 ---> 0
Set this bit back to 1 and after(!) next reboot your USB device is write protected again.


Good luck, tell me if you have success

Dietmar

PS: I add hal.dll and intelppm.sys from post
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (197)
for to overcome the timer problem on newer Intel boards.

diderius6 has attached files to this post
#7213Andalu⇗ @diderius6

It worked on the first try ......really awesome!!!

Thank you soooooo much for the very detailed and meticulous guide, a true gem!


Edit: added the following image:

#7214gordo999⇗ @diderius6 ...yeah...thanks Dietmar. Don't have time at the moment but I wonder if this might work with my Hirens 15.2 which uses mini XP. I managed to load it on a USB thumb drive with a grub/DOS bootloader and it loads fine until XP's GUI starts. Then I get a blank screen. Confirmed that it's not the video driver. The text portion is fine and I get the menu for selecting mini XP.

There are ideas in your tutorial that might work. My mobo uses an Intel-based B360C/CSM chipset.
#7215juk777Это на Radeon R7 360 2GB такие жиденькие результаты?Вот, ради интереса, прогнал на своей "затычке" GT 710:

 

Page 482

#7216ruthanWhat about gaming is Steam still working on XP somehow?
#7217infuscomus⇗ @ruthan

there is an old steam version on archive.org that still works for XP.
#7218YuriyCNDownload archive and unpack it to the root of your drive
File SteamDreamXP.7z (57 MB) - ⇗ https://www.upload.ee/files/13002672/SteamDreamXP.7z.html
Windows XP STEAM reconnect fix ⇗ https://yadi.sk/d/CX7-7GeClqeNfA
This version of STEAM perfectly works on XP and store and library, in short full functionality.

========================

Windows XP 2021 - system build for the modern PC (edition 17-APR-2021)

TXT (86kB, ENGLISH) - ⇗ https://yadi.sk/d/RYoBsl5rqcXXAQ
TXT (96kB, RUSSIAN) - ⇗ https://yadi.sk/d/Yl5ZxgRRa1CwRg
#7219gordo999
Zitat von ⇗ ruthan im Beitrag ¶ #7216
What about gaming is Steam still working on XP somehow?
⇗ @ruthan ...most Steam games I have seen are hacked. Steam not required. To get games running on XP I found the intelppm and Hal mods are required. Otherwise, games won't start, or run erratically. I have been able to run much of the Myst series with Riven on XP. The intelppm/Hal mods also help Firefox run up to a certain version.
#7220genieautravailA question to everyone!

Is there an XP driver for Intel Iris Pro 5200 graphics solutions?

I find on the internet a lot of links for a driver for XP but concretely does anyone use a PC with XP and this graphic solution?

Thank you in advance
#7221xingyou12
Zitat von ⇗ diderius6 im Beitrag ¶ #1145
May be we need WDFLDR.SYS (from Vista-Longhorn5048, Vista, Win7) all 32 bit
for XP for Intel USB
Dietmar

PS:Intel USB 3 drivers need WDFLDR.SYS (Kernel Mode Driver Framework LOADER) which doesn't exist on XP.
XP drivers require coinstaller WdfCoInstaller01009.dll (included with driver, it installs wdfldr.sys and wdf01000.sys) and separate usbd.sys.
I install the Microsoft Kernel Mode Driver Framework runtime 'Microsoft Kernel-Mode Driver Framework Install-v1.9-Win2k-WinXP-Win2k3.exe' extracted from WdfCoinstaller01009.dll which is the co-installer for KMDF 1.9.
This drivers here have all only dependecies for XP!

EDIT: This brings me to the idea, to install the very first USB driver from NEC on Longhorn 5048 for Intel chipset USB3.0.


Excuse me, do you have the 64bit Version of Microsoft Kernel Mode Driver Framework runtime 'Microsoft Kernel-Mode Driver Framework Install-v1.9-Win2k-WinXP-Win2k3.exe'(KB970158) ? I need it for my PC to run XP/Server 2003 x64, I spend a lont time for searching it but can't find it in the Internet. And another hotfix I need is the x64 version of KB971286(WinUSB version 1.9 update) if you have. Thank you very much.
#7222Mov AX, 0xDEAD
Zitat von ⇗ xingyou12 im Beitrag ¶ #7221

Excuse me, do you have the 64bit Version of Microsoft Kernel Mode Driver Framework runtime 'Microsoft Kernel-Mode Driver Framework Install-v1.9-Win2k-WinXP-Win2k3.exe'(KB970158) ?

try:
 
rundll.exe WdfCoInstaller01009.dll,WdfCoInstaller


WdfCoInstaller01009.dll can be found on many drivers like VIA USB3.0 Driver Package, x64 subfolder

#7223xingyou12
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7222
Zitat von ⇗ xingyou12 im Beitrag ¶ #7221

Excuse me, do you have the 64bit Version of Microsoft Kernel Mode Driver Framework runtime 'Microsoft Kernel-Mode Driver Framework Install-v1.9-Win2k-WinXP-Win2k3.exe'(KB970158) ?

try:
 
rundll.exe WdfCoInstaller01009.dll,WdfCoInstaller


WdfCoInstaller01009.dll can be found on many drivers like VIA USB3.0 Driver Package, x64 subfolder


Thanks, I have gotten the file 64bit version of Microsoft Kernel-Mode Driver Framework Install-v1.9-Win2k-WinXP-Win2k3.exe from extracting WdfCoinstaller01009.dll, and than installed it successfully! xingyou12 has attached files to this post
#7224BrooonsXP SP3,  PRIME B250-PLUS,  graphic card NVidia GV-NX66256DP , 5 browsers.
4 browsers not work, freeze.
Opera work fine.
DirectX9 run dxdiag all test fine, but browsers freeze
Rebooting this machine on Win_7, fine work browser for Win_7
Rebooting on XP, then not work browsers for XP, again, but except Opera, which work fine.
Why browsers freeze?
#7225diderius6⇗ @Brooons

Do you use the halplusintelppm patch from post

¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (197)

The symptoms can be related to a not correct working timer
Dietmar
#7226Brooons⇗ @diderius6

Wow !!!!
It's work! Thank you!

#7227Outbreaker
Zitat von ⇗ diderius6 im Beitrag ¶ #6435
I succeed to enable the very last ewf.sys from win 7.1 bit32 Version 1.0.1533.0 (win7sp1_ldr.160325-0600)
with XP SP3.
No matter, if you use Vista boot with winload.exe or classic ntldr,
the limit of ram overlay is always about 719 MByte.
But this new ewf.sys seems to be more stable than the ewf.sys from XP embedded.
And this ewf.sys from win7 Bit32 still works together with ewfmgr.exe from XP Embedded.

For to make it work under XP SP3, you have to build a new ewf.reg
and you need to put in your correct "DiskSignature" and "PartitionOffset".
The old ewf.reg from XP Embedded does not work any longer. Because now the disksignature and the partitionsoffset
have to be given. I have no idea how this can work any longer with floppy or other changeable media without those values.
The old ewf.sys from XP Embedded can(!) work with changeable medium.

For to start, you have to change "Enabled"=dword:00000000 ---> "Enabled"=dword:00000001

Dietmar

⇗ https://ufile.io/jx84ajtd
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
"UpperFilters"="Ewf"
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ewf]
"ErrorControl"=dword:00000001
"Group"="System Bus Extender"
"Start"=dword:00000000
"Type"=dword:00000001

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ewf\Parameters]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ewf\Parameters\Protected]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ewf\Parameters\Protected\Volume0]
"Type"=dword:00000001
"ArcName"="multi(0)disk(0)rdisk(0)partition(1)"
"Enabled"=dword:00000000
"CompareBeforeAlloc"=dword:00000000
"DiskSignature"=dword:db4c1922
"PartitionOffset"=dword:00100000

What about the FBWF (File Based Write Filter) would that not be a better option to add?
#7228diderius6⇗ @Outbreaker

The only way to build a complete write protected XP is to use EWF,
have a nice day
Dietmar
#7229Outbreaker
Zitat von ⇗ diderius6 im Beitrag ¶ #7228
@Outbreaker

The only way to build a complete write protected XP is to use EWF,
have a nice day
Dietmar

They say that EWF protects the whole volume and that the FBWF can protect the whole volume or you can setup write-throughs for files and folders.
⇗ https://www.itprotoday.com/server-virtua...ile-based-write
#7230diderius6⇗ @Outbreaker

FBWF operates at the file level while EWF operates at the sector level.
So, any virus has no chance. And a mechanical write protection then protects also MBR, just all on the boot device.
This can be done only with FAT32, because NTFS wants to make real writes to the boot device during boottime and check them.
When you work on the file level, it is possible for a virus, to put itself anywhere, outside of the files, because no real write protection.
With working on the sector level real write protection is possible, because all operations on the whole partition work in ram.
And with FBWF  you cannot commit changes to the disk for all files at one time, only for selected file.
This is clear, because XP does not understand, what is written in a sector.
When all of all sectors of a partition are write protected (only in EWF), a virus has zero chance,
how good it ever may be written and you also protect it mechanical, so that no changes in the MBR or elsewhere outside of the partition can happen. Not a single bit changes, as you can test from an outstanding XP with Winhex.
By the way you can see, that also only reading from an USB stick lets the USB stick age, so reading alone limits the life time of any USB stick and there are BIG quality differences how quick this USB stick produces errors even nothing is written to, only readings.
With time, such an USB stick gets slower during read
Dietmar

"Bei dem FBWF kann es unter Umständen zu Seiteneffekten kommen, die den Schutz des jeweiligen Mediums nicht mehr gewährleisten."

"In case of a power failure FBWF can make your system unbootable."

 

Page 483

#7231infuscomus⇗ @diderius6

you could have a mostly write protected XP install by making a bootable ESD image, sure with the right tools it can be modified but I think for most cases it should suffice.
#7232Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7228
@Outbreaker
The only way to build a complete write protected XP is to use EWF

There are other ways e.g.:
  • sanboot (iSCSI or AoE in Read Only mode) - the size of the partition is practically irrelevant, works best over Ethernet 1000
  • mapping RAW disk image to RAM with GRUB4DOS (map --mem). Of course, provided that the WinXP disk (partition) image will fit in RAM, but with today's RAM sizes of 8 GB and more, it is probably not a problem, e.g. 5GB disk image
#7233diderius6⇗ @Gelip

Is it possible,
to boot a mechanical write protected USB stick with an partitionsize of 5Gbyte with working XP on it to ram?
Interesting if yes and very much I would like a Tutorial for it,
because the main problem of EWF is its ram overlay size of about 650Mbyte maximal.
But the partition, from where XP via EWF starts, has NO size limit at all.
EWF has a lot of advantages: You can write all ram back to the disk,
you load to ram only the needed files which makes it fast as much as possible.
Because EWF is sectorbased, you can compress or whatever you can do with a partition
Dietmar
#7234Gelip
Zitat von ⇗ diderius6 im Beitrag ¶ #7233
Is it possible,
to boot a mechanical write protected USB stick with an partitionsize of 5Gbyte with working XP on it to ram?

I don't know but WinXP can, for example, be run from a server on Linux - NetzoneSoft NxD - after restart WinXP, the changes are not saved. I tested it almost 9 years ago with WinXP SP2: ⇗ https://www.elektroda.pl/rtvforum/topic2324204.html
#7235Gelip⇗ @diderius6
Also try iSCSI Cake server (runs on WinXP)
#7236Andalu
Zitat von ⇗ Gelip im Beitrag ¶ #7232
mapping RAW disk image to RAM with GRUB4DOS (map --mem). Of course, provided that the WinXP disk (partition) image will fit in RAM, but with today's RAM sizes of 8 GB and more, it is probably not a problem, e.g. 5GB disk image

Very interesting!
Could you please give me a link to some guide about it?
#7237NT5 forever
Zitat von ⇗ diderius6 im Beitrag ¶ #7246
Is it possible,
to boot a mechanical write protected USB stick with an partitionsize of 5Gbyte with working XP on it to ram?
Interesting if yes and very much I would like a Tutorial for it,
because the main problem of EWF is its ram overlay size of about 650Mbyte maximal.


⇗ http://reboot.pro/index.php?showtopic=9830

Here you are. Enjoy!
#7238NT5 foreverI have been using XP in RAM disk mode since 2009 and can't even imagine running XP the regular way because it is way too scary with all the malware floating around the net.
RAM disks are a pain to set up, but once you get everything running it is stable as a rock.

I use Grub4DOS bootloader/menu, and it has the option to run XP both in file disk mode and in RAM disk mode.
When I want to install new software or hardware I use filedisk and set everything up the way I like it.
Changes are persistent after reboot, just like a regular XP installation on hard disk.
Once everything is configured correctly I reboot my machine and use RAM disk mode.
Changes made to the C drive will be flushed during a reboot.

I'm not using any realtime antivirus software and do everything, including browsing the web using the Administrator account.
Internet facing programs are sandboxed using Sandboxie freeware, and I use an anti executable: bouncer.
EWF is used to protect my data partitions.

I have never had any malware problem since I use this setup.
RAM disks are very easy to set up with the IMG-XP software package.

You can also use Microsoft's ramdisk.sys driver, but your RAM disk size will be limited to 500 MB.
It's not a big issue because most of my XP installations are smaller than that.
The advantage of the Microsoft driver is its compatibility with TrueCrypt pre-boot authentication.
This allows you to create a RAM disk image file nested inside an encrypted partition.
Before you will be allowed to boot the image into RAM TrueCrypt will ask for a password at the boot screen.

Once you get to the desktop and look in explorer you will see your C drive, but it won't appear in disk management!
The encrypted partition containing the RAM disk image is inaccessible, so malware will not be able to infect it.
The downside of this method is the longer boot time, because of the decryption process.
#7239diderius6Hi,
is there somebody, who uses SVBus_V1.2_20200428
from Kai Schtrom for Ram Boot of XP
Dietmar
#7240gordo999
Zitat von ⇗ NT5 forever im Beitrag ¶ #7238
I have been using XP in RAM disk mode since 2009...
⇗ @NT5 forever ...just pointing out that this thread is aimed more at XP on newer motherboards (Modern Hardware). How does your installation work on say a B360C/CSM Intel chipset which is a 300 series chipset?

I'm asking because I am trying to convert the Hiren's 15.2 utility disk, which boots in mini XP, to run on this modern chipset. I have tried on a CDROM and a USB stick. You would need to d/l Hiren's 15.2 to see what I mean but it uses the Grub4DOS bootloader and that works fine through the text mode part of the boot. I can get to the opening menu, select the mini-XP mode and it starts to load fine, with a horizontal bar indicating its loading progress.

After the horizontal bar completes, it should indicate that XP is starting but it never reaches that stage. All I get is a blank screen. Normally, trying to boot normal XP without the modded SATA driver, would produce a BSOD at this stage. But there is no BSOD, just a blank screen. I have verified it is not a video driver problem.

Any ideas from your experience since 2009?  Is Mini-XP very different from standard XP?
#7241Brooons
Zitat von ⇗ gordo999 im Beitrag ¶ #7240
Is Mini-XP very different from standard XP?
XP boot from HDD, but MiniXP boot from memory, after download ISO in memory.
My MiniXP work fine on PRIME B250-PLUS, but necessarily download ISO in memory, through Grub map memory.
#7242diderius6I succeed with ramboot of a 7Gbyte xp.img file

using svbus vers. 1.2 from Kai Schtrom,

RMPrebUSB vers. 2.1.739,

grub4dos-0.4.5c-2016-01-18

xp.img is the pur copy of the first 14844060 sectors via Winhex of my Western Digital NTFS 2 TB harddisk,
it is first partition with MBR and 2048 sectors before partition.

I install the svbus via its setup file to this WD 2TB and defrag this HD, before I make from it xp.img .
I install grub4dos to an USB stick via RMPrebUSB, and copy after the whole content of grub4dos-0.4.5c-2016-01-18
on root of this stick.

And I add a menu.lst with content

title Windows XP - RAMDISK
 find --set-root --ignore-floppies /xp.img
 map --mem /xp.img (hd0)
 map --hook
 root (hd0,0)
 chainloader /ntldr

Then I copy xp.img (7Gbyte) to the root of this stick,
voila )
Dietmar

PS: After, you can disconnect your USB stick, this is even better than any mechanical write protection.
It is stable. The chainloading via grub4dos allows you, to set the USB stick mechanical write protected, even NTFS.

#7243BrooonsI installed a new copy of XP, ntfs.
Everything is set up, everything works fine.
Then I copied the XP folders, copy-paste, to another hard drive and attached that hard drive on that machine.
I get a loop of the desktop startup sound, but I can't see the desktop.
I've never seen this before
A constant loop of the Windows startup sound, endlessly.
Why?
#7244diderius6⇗ @Brooons

Not easy to get a working XP via copy and paste.
Better is to use the tool AOMEI Partition Assistant Standard Edition 7.0

Dietmar
#7245Brooons⇗ @diderius6
AOMEI will delete partition, this is not possible, there are the necessary files
XP copy-paste never had any problems before for me.
It's amazing to see this for the first time... Loop sound, very strange.

 

Page 484

#7246gordo999
Zitat von ⇗ Brooons im Beitrag ¶ #7241
XP boot from HDD, but MiniXP boot from memory, after download ISO in memory.
⇗ @Brooons ...thanks. Seems I am having problems after mini-XP is loaded into the RAM disk. I'll check that out. It seems to load OK since the horizontal bar finishes before the blank screen appears. However, it may not be loading correctly.
#7247Brooons
Zitat von ⇗ gordo999 im Beitrag ¶ #7246
[quote=Brooons|
Seems I am having problems after mini-XP is loaded into the RAM disk.

Folder XP on ISO, file X, read him with notepad:  
BootDevice="ramdisk(0)"
BootPath="\i386\System32"
OsLoadOptions="/fastdetect
 /minint /rdimageoffset=8192 /rdimagelength=3161088
/rdpath=\HBCD\XP\XP.wim /iso=\ISO\Hiren'sBootCD.iso"


Do you have such a path "\ISO\Hiren'sBootCD.iso"?
ISO virtual or real ?

del-18YuriyCN
Баг RTC таймера - уход времени "вперёд" на мультипроцессорном ядре Windows XP


Описание:
При использовании Windows XP на современных ПК обнаружился глюк - системное время (RTC часы) уходит вперёд, причем степень ухода зависит от активности работы ПК и может составлять до 5 минут в день. Проблема проявляется только в Windows XP. На выключенном ПК, под UEFI/BIOS или в Windows 7 - время идет правильно. Часовая микросхема RTC должна быть независимой частью, но на современных материнских платах это не так. Исследование показало, что уход часов "вперед" происходит при постоянном переключении периода системного таймера 16 мс (15.625 мс) в 1 мс (0.977 мс) и обратно. В Windows XP (по умолчанию) этот таймер работает с периодом 16 мс и если на ПК не проявлять активности - то он продолжит работать с периодом 16 мс. Но при запуске Хрома или мультимедиа приложений, таймер переключается в режим работы с периодом 1 мс и может возвращаться на 16 мс. При жестко установленном периоде 16 мс (или 1 мс) время идет точно, но при постоянном переключении таймера 16 мс - 1 мс - 16 мс - 1 мс происходит сбой в работе часов реального времени RTC.


Решение проблемы:
Решение проблемы - утилита Timer_Fix.exe (с исходным кодом, написанная на Visual Studio 6.0). Программа не имеет интерфейса, после запуска она переведет системный таймер на период 1 мс и оставит его неизменным. Программа постоянно висит в процессах до перезагрузки ОС. Для завершения работы (в случае необходимости) нужно просто прибить процесс Timer_Fix.exe через "Диспетчер задач". Для удобства лучше положить Timer_Fix.exe в "Автозагрузку" и забыть о проблеме с уходом времени. В целом, данный фикс можно считать "костыльным", но ничего лучшего на данный момент нет.



Программа для демонстрации проблемы (программа для накрутки времени):

RTC_bug_demonstrations\Timer_v10\Timer_src_BCB6.0 - исходные коды программы
RTC_bug_demonstrations\Timer_v10\timeBeginPeriod.exe
RTC_bug_demonstrations\Timer_v10\timer.exe

Разработчик программы - женщина-программист Xenia. Огромное ей спасибо!

Данная программа служит для наглядной демонстрации проблемы с RTC таймером. Она устанавливает период системного таймера 1 мс (0.977 мс) выдерживает 0.2 секунды, устанавливает 16 мс (15.625 мс) выдерживает 0.2 секунды и далее продолжает переключать системный таймер с заданными длительностями. Программа состоит из 2-х частей:
1. timeBeginPeriod.exe - консольная программа для установки режима таймера. Заданный режим (период и длительность) передаётся в параметрах командной строки. Программа представлена с исходным кодом на Borland C++ Builder 6.0.
2. timer.exe - это GUI интерфейс для timeBeginPeriod.exe. В графическом режиме можно задать период 1, длительность 1 и период 2, длительность 2 работы системного таймера. Программа представлена с исходным кодом на Borland C++ Builder 6.0.
Для корректной работы timeBeginPeriod.exe и timer.exe должны находиться рядом, в одной директории.



Проверка RTC-bug:
1. Проверку производим на свежезагруженной системе, без выполняющихся фоновых задач. Все фоновые процессы должны быть закрыты, поскольку они могут удерживать таймер на 1 мс, что помешает работе демонстрационной программы.
2. Запускаем Clockres - программу для контроля периода системного таймера. Измеренный период должен = 15.625 мс
3. Запускаем CPU-Z, переходим на закладку About, нажимаем кнопку Timers и кнопку Start, чтобы контроллировать частоты системных таймеров
4. Запускаем timer.exe. Устанавливаем режимы Период 1 = 1 мс, Длительность 1 = 0,2 секунды, Период 2 = 16 мс, Длительность 2 = 0,2 секунды и нажимаем кнопку Start. Эти режимы заданы режимами по-умолчанию.
5. В установленном режиме (по-умолчанию) будет происходить "накрутка" времени RTC таймера приблизительно +2 секунды за 1 минуту работы программы. При Длительности = 0.1 секунда, накрутка времени будет составлять +4 секунды за 1 минуту.

Выводы:
1. Не смотря на то, что существует решение - программа Timer_Fix.exe, я предлагаю специалистам подробно изучить данную проблему с использованием нового инструмента - программы для накрутки времени Timer_v10
2. Может патчем файлов зафиксировать работу таймера на периоде 1 мс (0.977 мс), как это сделано в Windows 7

Состав архива:
Clockres - программа для контроля периода системного таймера
CPU-Z - в закладке About, кнопка Timers можно контроллировать частоты системных таймеров
Neutron 1.07 - программа для контроля и синхронизации времени через интернет
Timer_Fix (с исходным кодом) - фикс проблемы с уходом времени вперед (устанавливает таймер на 1мс)
Timer_v10 (с исходным кодом) - программа накрутки времени, для демонстрации проблемы

Скачать (2 МБ) - ⇗ https://www.upload.ee/files/13095203/RTC...ations.zip.html
#7248gordo999
Zitat von ⇗ Brooons im Beitrag ¶ #7247
Do you have such a path "\ISO\Hiren'sBootCD.iso"?
ISO virtual or real ?
⇗ @Brooons ...thanks for pointing out that 'X' file. I do have such a file and it has the same data you posted. I do not have a folder called \ISO with a Hiren's ISO in it. I created a folder on my C:\ drive and named it ISO and I made an ISO from my USB flash drive, naming it Hiren'sBootCD.iso but it made no difference.

It's not clear what /rdpath=\HBCD\XP\XP.wim /iso=\ISO\Hiren'sBootCD.iso means. I understand that rdpath is pointing to a path to the Hiren's files found in the XP.wim file but /iso=\ISO\Hiren'sBootCD.iso makes no sense. I think there may be a confusion here been the Unix language and the Windows language.

Clearly that path applies to the original CD so why would they need a reference to an ISO, unless they have created an ISO in the ramdisk, in folder /iso? It seems that line is aimed at the ramdisk since the reference is 'rdpath', where rd means ramdisk.

I am going to try changing the path to /iso=c:\ISO\Hiren'sBootCD.iso. Unfortunately, when ramdisks are created, they don't always use the same drive letters. I may have to guess which drive letter to use.
#7249NT5 forever@Gordo999

The advantage of using RAM disks is that it's very unlikely that you will get a blue screen because of missing/incompatible storage drivers.
You will just end up with only a C: drive in My Computer.
If the C: drive contains driverpacks, it will often be possible to install the correct driver manually from within the running OS.
After that, you can create a bootable disk image of the running system using the IMG_XP utilities package.
This new image will now contain the correct storage drivers and all the required registry settings in order to boot correctly in file disk mode.

Is there any particular reason you want to use Hiren's bootdisk?
Most of the programs on the disk are very outdated and this disk is just another flavour of BartPE AFAIK.
Running a PE has many limitations compared to regular XP.

Most programs on Hiren's disk are available for download on the net if you really must use them.
It would be much better to make your own mini XP using the free IMG_XP package.
The mini XP option reduces the size of your regular XP (not PE) to about 100 MB, and the image file it creates will be bootable in RAM disk and file disk mode.
In file disk mode you can install all the programs you need, and as long as you install all the right drivers you should be able to have access to your SATA drives.
I haven't tried to do this on modern hardware yet.
My latest XP compatible motherboard is from 2014.

Being stuck on the blank screen after booting might be a PE specific problem.
Maybe regular XP will boot just fine in RAM disk mode.
Dietmar made a tiny, tiny 10 MB XP a few years back.
Maybe you should test if it boots on your machine.
#7250gordo999
Zitat von ⇗ NT5 forever im Beitrag ¶ #7249
The advantage of using RAM disks is that it's very unlikely that you will get a blue screen because of missing/incompatible storage drivers.
⇗ @NT5 forever ...thanks for pointing that out. I am using the same storage driver, signed by Fernando, that I am using on my XP installation and it boots fine. However, that is the loading section where the driver is likely to be a problem.

On the Hiren's 15.2 disk there is a file called XP.bin. I am decompiling it in IDA and I have to use 16-bit decompilation. Even at that, IDA won't decompile it completely so I am doing the interactive part of IDA and marking code sections and text. As I decipher the text I have noticed the file's real name is setupldr.exe, version 5.2.3790.1830. It seems that is the XP loader file.

There are a few references to entries in the txtsetup.sif file, especially to acpi. I did not pay too much attention to that while modding the txtsetup file so maybe there are issues with my BIOS being too new for this older setup. Also, I may have made some errors while modding parts related to storage, ACPI, and USB. I'll take a closer look to see if I need to give the sif file more info. Also, the processors may be a problem. Mine has 6 cores.

The reason I want to use the older Hiren's is that it has many apps that are not on the newer version. I won't go into the reasons. I get what you mean about the other apps being available on the Net but I did not want to get too deeply into creating my own mini-XP disk. It's just handy to have all those apps on a boot disk, especially with W10 and its paranoid security system. I have used the newer Hirens for that, the 64-bit version.

Zitat von ⇗ NT5 forever im Beitrag ¶ #7249
You will just end up with only a C: drive in My Computer. If the C: drive contains driverpacks, it will often be possible to install the correct driver manually from within the running OS.
After that, you can create a bootable disk image of the running system using the IMG_XP utilities package.
This new image will now contain the correct storage drivers and all the required registry settings in order to boot correctly in file disk mode.
Thanks for that info and the info about IMG_XP. Very helpful.
#7251diderius6I just build an XP in ram,
which loads a 15000 Mbyte XP to ram in 6 sec
Dietmar
#7252NT5 forever
Zitat von ⇗ diderius6 im Beitrag ¶ #7251
I just build an XP in ram,
which loads a 15000 Mbyte XP to ram in 6 sec
Dietmar

Wow! That's huge.

I always try to keep my images a lot smaller, ideally under 500 MB.
This way it will only take a few seconds to load the image.
I don't see the need for a big C: drive.
I only use my C: drive to store a stripped down version of XP.
My programs and data reside on seperate partitions, protected by EWF of course.

How did you manage to load a 15 gig image in only 6 seconds?
#7253NT5 forever
Zitat von ⇗ gordo999 im Beitrag ¶ #7250
I get what you mean about the other apps being available on the Net but I did not want to get too deeply into creating my own mini-XP disk.

Sometimes it's easier to slightly modify an existing product in order to make it boot on your specific hardware than to build your own solution.
I'm too much of a stubborn perfectionist to do that.
When I see something nice, I always want to improve and customise it.
The biggest drawbacks of a PE disk are speed and the difficulty to add new apps to it.
All the PE disks I played with felt sluggish. I used to make my own custom BartPE ISO's for a while, but it was just too annoying to have to rebuild the ISO file every time you add a program or customise some settings.
In 2009 I discovered RAM booting with regular XP.
After that I never touched PE again.

You might be lucky and get Hiren's disk working spending only a few hours finding and fixing the problem.
It's also possible that you will spend days or weeks trying, without ever solving the issue.
Making a rescue image based on regular XP might be much faster and easier.
However, I applaud you for your efforts and determination to get Hiren's disk to boot on your machine.
#7254Brooons⇗ @gordo999
Any attempt to help for you is crashed by the inability hear from you out which way(method) you are launching XP.wim
#7255diderius6⇗ @NT5 forever

I make some tests and now I really have the ultimative boot design for XP in ram.

First I install a 4 Gbyte XP SP3 with wished drivers and programs on a black Western Digital 2TB with NTFS.
The partitionssize of this 4Gbyte XP is 15 Gbyte. I think, it can be 255 Gbyte, depending on your ram size.
I disable the pagefile.
Then I install the svbus driver from Kai Schtrom on this 4Gbyte XP
⇗ https://sourceforge.net/projects/svbus/f...28.rar/download

Then I download the nvme driver Samsung from ⇗ @daniel_k
⇗ http://www.mediafire.com/file/7b74v4i1s5..._XP_x86.7z/file
copy its storport.sys to windows\system32\drivers

Then compi shut down and connect my nvme device, no matter which one, because the nice Samsung nvme driver
recognices everything.
I install the Samsung nvme driver on my 4Gbyte XP, so that the nvme device appears.
With Aomei PAssist_Std vers 7.0 I format the whole nvme device with NTFS.
Then I delete(!) the partition on this nvme device.
Then I copy the 4Gbyte XP to this nvme device with Aomei. Compi needs restart for to copy.
Not so easy, to succed with boot via nvme on next time after copying.
You have to let your harddisk connected but boot from the nvme device via bootmenu.

Then, in registry you delete the key Mounted Devices.
If all is ok, after disconnecting the harddisk, you boot XP from the nvme device alone.

(A short remark, that gives me hope that in future you can boot any XP via nvme to ram without any Bios support.
Today I use the Samsung 950 with own Bios for this, but mostly all newer compis can boot legacy from nvme.)

Now I downloaded the special nvme grub4dos from Kai Schtrom
⇗ https://sourceforge.net/projects/grub4do...27.rar/download

and copy only its grldr to the root of the nvme device,
rename ntldr on the nvme device to ntldrORI
and rename grldr to ntldr.
Then I put an menu.lst on the root of the nvme device with content

title Windows XP - RAMDISK
nvme --set-drive=0x80 --set-controller=0 --showselected
find --set-root --ignore-floppies /xp.img
map --mem /xp.img (hd0)
map --hook
nvme --uninit
root (hd0,0)
chainloader /ntldr

After this, I make an xp.img from the 4Gbyte XP and copy it to the nvme device.
Thats all. The XP loads to ram (with a speed about 4gbyte/sec, depending on your compi and the nvme device).

The procedure is a little bit difficult,
but I hope, that some test it and have success also
Dietmar

PS: Some steps here can be done more easy but not easy to write a Tutorial, that works on any compi.
read/write speed on this XP in ram is about 20Gbyte/sec (!).
Oh soso much fun ))).. The xp.img itself does not need an nvme driver, no USB, no Sata.
xp.img can be make really universal, so that it boots on any compi.
#7256diderius6During my tests with Windbg in winter I noticed,
that even long time after compi shuts down,
complete parts in ram stay(!) as before (even it is ddr4).
Later I use this methode for to load tables for acpi.sys to ram, survives reboot.
I do not find a tool, with which I can reset all ram.
So I come to the idea, to use memtest86-usb .
⇗ https://www.memtest86.com/

This version does not work for XP, but there is an memtest86-usb.img in it,
which I put under XP ) via Winhex to an USB stick.
And voila, connect this USB stick to your compi and ram is freshed up
Dietmar
#7257Andalu⇗ @diderius6
thanks for your helpful guides ;)
but I have still a question: could you please tell me what is the best way to get XP.img?
#7258diderius6⇗ @Andalu

For me, the best way for to get xp.img is,
to make a copy of the first partition of a harddisk with Winhex with MBR and the 2048 sectors before partition.
I copy all the sectors to a file and name it xp.img .
There are other ways like vhd files.
With my way to build xp.img, this xp.img works with any tool, because for XP it is real harddisk,
you can even find and edit everything in ram

Dietmar
#7259Andalu⇗ @diderius6

thanks, I'll give it a try tomorrow .
This way is also easier because I was not able to find a valid link for downloading the IMG-XP utility package.
#7260NT5 foreverIMG_XP download link:

⇗ https://drive.google.com/file/d/1sXSypHt...ew?usp=drivesdk

 

Page 485

#7261Gelip⇗ @Andalu ⇗ @diderius6

Zitat von ⇗ Andalu im Beitrag ¶ #7236
Very interesting!
Could you please give me a link to some guide about it?


Zitat von ⇗ diderius6 im Beitrag ¶ #7239
Hi,
is there somebody, who uses SVBus_V1.2_20200428
from Kai Schtrom for Ram Boot of XP
Dietmar


Instead of the Kai driver, you can use WinVBlock RAM driver. Here you have the x86 and x64 versions for WinXP that I have fixed: ⇗ http://reboot.pro/index.php?showtopic=81...23&#entry193676
There are drivers in the archives on the floppy images that can be used to install WinXP from RAM-ISO. There are also menu.lst files for GRUB4DOS.

⇗ Install WinXP from ISO image using WinVBlock
⇗ Install WinXP from ISO image to dummy.img diskimage

Have a nice day
Gelip (aka reboot12)
#7262gordo999
Zitat von ⇗ Brooons im Beitrag ¶ #7254
Any attempt to help for you is crashed by the inability hear from you out which way(method) you are launching XP.wim
⇗ @Brooons ...sorry...have not ignored you, I am have been very busy with other matters. I have only a few minutes to post about Hiren's.

I am launching xp.wim from the standard CDROM after replacing with modded drivers. Also, I am using a USB flash drive which I created based on the Hirens site recommendation.

Hiren's loads OK through the text mode. That is, I get the menu and I can select mini-XP mode. Then the horizontal bar moves across the screen but only goes about 7/8ths of the way before a blank screen appears.
#7263Gelip⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #7258
For me, the best way for to get xp.img is,
to make a copy of the first partition of a harddisk with Winhex with MBR and the 2048 sectors before partition.


WinXP image is best done under Linux Live using the fdisk and dd command e.g. in Debian 6. You need make disk image from the beginning of the disk to the end of the partition cylinder:


The image file can be copied to a USB flash drive, and even better, the image can be made directly via LAN to the mapped Windows drive e.g. D$ (in the example: Windows User=Adam, password=1234)

mount.cifs //192.168.0.3/D$ /mnt/images -o user=Adam 1234
dd if=/dev/sda of=/mnt/images/xp.img bs=4128768 count=390

⇗ @diderius6
P.S. Use my Debian 6 live that I sent you recently

#7264Brooons⇗ @gordo999

Test it my iso ⇗ Hirens_miniXP_Sata.iso
Don't change anything in it
Work fine on my PRIME B250-PLUS
CRC32: D65F2EEC
#7265daniel_k⇗ @Mov AX, 0xDEAD

Regarding ⇗ @YuriyCN's post:
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (485)

What if we patch kernel to set 1ms as default timer resolution and make it ignore when "someone" tries to change it?
I'm not too familiar with timers, but are there any apps/games that expect higher timer resolutions (16ms)?
#7266iyutosIf to hardcode the timer resolution to 1ms, PC will consume more electicity unreasonably.
⇗ https://randomascii.wordpress.com/2013/0...gawatts-wasted/

it will consume as MS-DOS in idle, without resident programs like: idle.com, dpakbd.com, dosidle.exe, tamedos.com, vdos.exe
Better let's try to understand what happens with YuriyCN's PC.
#7267 YuriyCN
Zitat von ⇗ daniel_k im Beitrag ¶ #7265
@Mov AX, 0xDEAD

Regarding @YuriyCN's post:
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (485)

What if we patch kernel to set 1ms as default timer resolution and make it ignore when "someone" tries to change it?
I'm not too familiar with timers, but are there any apps/games that expect higher timer resolutions (16ms)?


[RUS]
Я не знаю приложения, которые требовали исключительно 16 мс и не работали бы при периоде 1 мс. При использовании Timer_Fix.exe с принудительным переводом на 1 мс, в используемых мной программах проблем не наблюдалось. Насколько известно, в Виндовс 7 этот таймер постоянно установлен в режиме 1 мс.

[ENG]
I do not know the applications that demanded 16 ms only and would not work with a period of 1 ms. When using a Timer_Fix.exe with a forced period 1 ms, in the applications used by me, problems were not observed. As far as is known, in Windows 7, this timer is constantly set in 1 ms.
#7268daniel_k⇗ @iyutos
Nice article, thanks for sharing it.

I have an APC UPS with monitoring, will do some tests when I have more time.
#7269iyutosI contrary, resisted to 1 ms acceleration by greedy programs with Nobuzz: ⇗ https://github.com/rustyx/nobuzz.
This program (works only on Win7) shows which program increases the timer: ⇗ https://kbench.com/software/?q=node/51328
I have a patched version, which somehow works on XP, but most counters are not displayed, (because the program was written for Vista and above).
⇗ https://www.upload.ee/files/13102725/BlaUnpack.rar.html
#7270 Andalu⇗ @diderius6

as I feared the most difficult part for me is to create the XP.img file. I have tried both WinHex (free version) and HxD without success. Could you please tell me how to proceed?

One step of your guide that didn't work in my case was copying the partition from the HD to the NVMe drive with Aomei Partition Assistant Standard Edition 7.0 which, strangely enough, didn't allow the above operation, even clicking on the "Next" button nothing happened.
I tried another tool (QILING Disk Master bootable stick) and it worked: XP started correctly with only the samsung 950pro connected to the board.

Edit: another little note: I didn't need to delete the 'Mounted Devices' key.


⇗ @NT5 forever  ⇗ @Gelip

thanks a lot for the links, as soon as I can better understand how to proceed I'll try the alternatives that you have kindly indicated ;)
#7271Gelip⇗ @Andalu

Zitat von ⇗ Andalu im Beitrag ¶ #7270
as I feared the most difficult part for me is to create the XP.img file. I have tried both WinHex (free version) and HxD without success.


You read it? ¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (486)
#7272diderius6⇗ @Andalu

Run Winhex.
Open tools
open disk
Physical media
harddisk 0
click right above "Access"
Partition
Partiontable (template)

Write down the number of "Sectors in partion 1"
add to this value the number of "Sectors preceeding partition"

Close window
go to "Position"
got to sector
and type there the added number.

At the place direct before the cursor went, you see HEX 55 AA
click right on this Hex value AA "end of block"
EDIT
copy block
Into New File

Save as xp.img

Good luck
Dietmar
#7273gordo999
Zitat von ⇗ Brooons im Beitrag ¶ #7264
Test it my iso ⇗ Hirens_miniXP_Sata.iso
@Broons ...thanks for trying to download ISO. The transfiles.ru site is down for technical problems. (... спасибо за попытку скачать ISO. Сайт transfiles.ru не работает из-за технических проблем. )

Error message...Уважаемы посетители! В данный момент на рынке сайте идут техни ческие работы. Приносим извинения за неудобст

My translation... Dear visitors! The site is currently undergoing technical work on the market. We are sorry for the inconvenience.
#7274gordo999
Zitat von ⇗ Andalu im Beitrag ¶ #7270
...One step of your guide that didn't work in my case was copying the partition from the HD to the NVMe drive with Aomei Partition Assistant Standard Edition
⇗ @Andalu ...try this editor....Active@ Disk Editor...it's designed to give you a visual image of partitions, MBRs, etc. I used it once to edit the MFT table in Windows.

⇗ https://www.disk-editor.org/index.html
#7275gordo999
Zitat von ⇗ iyutos im Beitrag ¶ #7266
If to hardcode the timer resolution to 1ms, PC will consume more electicity unreasonably.
⇗ @iyutos ...a quote from the article. "One is that if your software is on average running on 33 million machines (a conservative bet for something like Chrome) then increasing the timer frequency could be wasting about ten MW of power".

This presumes all 33 million computers are running at the same time and off the same power grid. If the power grid is fed from hydro power, the power is instantly renewable. If it's fed from coal-fired power sources, the 33 million would have to be running off the same generator. Highly unlikely.

I think this article is nit-picking. They don't seem to understand that the real time clock is a quartz crystal running at a constant frequency and powered by a battery when the power is turned off. Those batteries last for years, indicating the low power draw of an RTC. The ms divisions they are talking about are digital divisions of the RTC crystal timebase. This is a highly technical problem related to digital electronics and although Microsoft pays lip service to environmental issues, they know there is nothing that can be done about it.

The power meter they reference in the article is not measuring the power draw of the RTC, it is measuring the power draw elsewhere. If the RTC drew 0.3 watts, the battery, typically a 2032, would drain overnight. The 0.3 watt measurement is a measure of the power draw of circuits driven by the different RTC frequency divisions.

You cannot change the basic timer frequency if it is a crystal oscillator, all you can do is sub-divided the frequency it is generating. They use crystals due to their stability; using a multivibrator created from semiconductor components, even if it is locked to the power line frequency would tend to drift in frequency. Also, it could be prone to noise on the power line. When you change frequency from 16 ms to 1 ms, you are not changing the frequency of the RTC oscillator, you are changing the sub-divisions created by a digital divider network. That's why you can switch them. You could not switch frequency on a quartz-based oscillator without changing crystals.

If Microsoft could have done it that easily, they'd have done it by now. Besides, this has nothing to do with Microsoft. The Windows OS cannot control the internal workings of the CPU or the hardware in general, all they can do is use software to control features in the hardware. Hardware, including the RTC, are designed by manufacturers like Intel. Microsoft can suggest to Intel that they change their chip designs but I am sure they are already on top of that.

 

Page 486

#7276iyutos⇗ @gordo999

My deep respect, you are very knowledgeable in microelectronics, I only quoted the results of another specialist.
But the point of the article was not so much about power grid or environment, but about PC's performance.
#7277gordo999
Zitat von ⇗ iyutos im Beitrag ¶ #7276
My deep respect, you are very knowledgeable in microelectronics, I only quoted the results of another specialist. But the point of the article was not so much about power grid or environment, but about PC's performance.
⇗ @iyutos ...I understand, I meant no disrespect to you. I was referencing the article's author.

Microsoft have hidden the hardware from the user. They make it appear as if Windows is running applications when in fact it is the hardware processing the data. Programmers use registers while programming, like the EAX register (32-bit), without realizing this is a real, physical register in a processor. It holds voltages to represent 1s and 0s.

The frequency in an RTC refers to the number of times per second a voltage changes direction. My background is in hardware and it bothers me sometimes that the hardware is often ignored, or obfuscated as an 'object', and that you cannot access it directly without using kernel-mode drivers.  

This forum is based on the fact that the hardware has changed so much that XP, or even Windows 7, can no longer run on it natively. I needed to get a modded USB driver from ⇗ @canonkong to get W7 running on my new hardware. Till I got the driver, I was forced to use a PS/2 mouse and keyboard.
#7278Brooons⇗ @gordo999
Second attempt ⇗ Hiren_MiniXP_ISO
del-19YuriyCN

Насколько я понимаю RTC bug.
Существует часовой опорный RTC генератор 32768 Гц. Его частота стабильная и определяется кварцевым резонатором установленном на материнской плате. Далее, после кварца, частота подается на делитель  частоты 1:64, 1:128, 1:256, 1:512.



При использовании делителя 1:512 получаем частоту 64 Гц (период 15.625 мс) - эта частота по-умолчанию. Разные мульти-медиа приложения могут требовать более высокую частоту опроса, тогда делитель частоты переключается на 1:32 и получаем частоту 1024 Гц (период 0.977 мс). Временная ошибка возникает, когда при ПРОГРАММНОМ переключении счетчик таймера думает, что он работает в режиме коэффициента деления 1:512 (на 64 Гц), но АППАРАТНО тактовые импульсы уже идут гораздо чаще, как при 1:32 (с частотой 1 кГц). Вообщем, за те микросекунды пока программно регистр счетчика переконфигурируется в новый режим, он получает "лишние" импульсы, которые вызывают набег времени вперед. И чем чаще будет переключаться режим "16мс - 1 мс" - тем больше временной набег.

#7279Mov AX, 0xDEAD
Zitat von ⇗ YuriyCN im Beitrag ¶ #del-19
Насколько я понимаю RTC bug.
При использовании делителя 1:512 получаем частоту 64 Гц (период 15.625 мс) - эта частота по-умолчанию. Разные мульти-медиа приложения могут требовать более высокую частоту опроса, тогда делитель частоты переключается на 1:32 и получаем частоту 1024 Гц (период 0.977 мс)

Windows use different hardware timer with basic frequency 14,31Mhz, it can divde it to many constants to get final requested frequency for interrupts. RTC timer (32768Hz) used only for calibrating first timer at init stages.
Problem with timer is 1)failed calibrating 2)skipped interrupts 3) some else (imho)
del-20YuriyCN
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7279
Windows use different hardware timer with basic frequency 14,31Mhz, it can divde it to many constants to get final requested frequency for interrupts. RTC timer (32768Hz) used only for calibrating first timer at init stages.
Problem with timer is 1)failed calibrating 2)skipped interrupts 3) some else (imho)




Программа CPU-Z четко фиксирует разницу хода таймеров. Если прерывания идут от базовой частоты 14,31 МГц, то почему их частоты в точности кратные базовой частоте 32768 Гц, например 32768 / 32 = 1024 (=0.977 мс). Причем промежуточные значения установить невозможно - допустимо значение 0.977 мс, а потом сразу 1.953 мс, но промежуточных значений (например 1,5 мс) этот таймер не принимает. Если бы бралось базовое значение 14,31 МГц - то кол-во принимаемых значений было больше. Кстати, если период установлен на 0.977 мс (частота 1024 Гц), то пока данное приложение не закончит свою работу, на более низкую частоту (например 64 Гц) таймер не переведется. Программно можно переключать длительность периода только в направлении 16 мс -> 8 мс -> 4 мс -> 2 мс -> 1 мс. В обратном - только завершая процесс. Посмотрите программу "накрутки времени Timer_v10" - я недавно выкладывал с исходниками на BCB 6.0.
#7280gordo999
Zitat von ⇗ Brooons im Beitrag ¶ #7264
Test it my iso ⇗ Hirens_miniXP_Sata.iso
Don't change anything in it
⇗ @Brooons ...downloaded the iso and wrote it to a CD disk. It boots OK but I have no mouse or keyboard. Managed to get a PS/2 keyboard to work but not the mouse. My PS/2 connector may be damaged.

Thanks. I will check it out more to see the difference between your iso and mine.

*****

скачал iso и записал его на CD-диск. Он загружается нормально, но у меня нет ни мыши, ни клавиатуры. Удалось заставить работать клавиатуру PS / 2, но не мышь. Мой разъем PS / 2 может быть поврежден.

Спасибо. Я проверю его подробнее, чтобы увидеть разницу между вашим iso и моим.
#7281Brooons⇗ @gordo999
Folder /Inf to place for driver USB inf-file for you USB-port
*.SYS files to place folder /drivers
XpCustomize.cmd -- write string AUTO LAUNCH force install all drivers, two time, two string identically, (link him on desktop)
But, for me, Intel G4400, B250, all work fine without change, keybord, mouse, Sata hdd, it works properly.
With MiniXP, my life is full of breath.
#7282diderius6Hi,
I just noticed, that for fast ram boot
you only need the grldr from Kai Schtrom,
renamed to ntldr and the menu.lst in the root of the nvme device and xp.img.
xp.img boots to ram from the nvme device root, without any nvme driver
Dietmar

PS: Before, you have to make with RMPrepUSB your nvme device bootable.
#7283Andalu⇗ @diderius6

I restarted the procedure from scratch but on the boot from ramdrive I got this message:

0) NVMe Controller VendorID#144D, DeviceID#A802, Base Address#51010000
Bus#4, Device#0, Function#0
Samsung SSD 950 PRO 256GB (serial number + firmware version)

(hd0,0)
map --mem /xp.img (hd0)
Error 13: Invalid or unsupported executable format

Here an image of the two testing systems (HD+NVMe):



The changes I made from your original guide:
- restored an image from an XP system (B250 chipset) to the base system (H470 chipset).
- used a bootable media from Aomei Partition Assistant Pro 8.6 and its partition cloning operation. Copy partition doesn't make the drive bootable.
#7284Andalu
Zitat von ⇗ Gelip im Beitrag ¶ #7271
You read it? ¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (486)

I read that post but I can't try your method if I don't first solve the other procedure of @diderius6.
Then, at the moment, I don't have a linux distribution to use and I can't download it because my internet connection has a fault, at moment I'm surfing at 320KBps.
#7285YuriyCN

1. Windows XP mod 2021 - system build for the modern PC (edition 01.05.2021)

The information doesn't fit into a forum post for a long time - so download the text file and read it in Notepad.

TXT file (87kB, ENGLISH) - ⇗ https://yadi.sk/d/pJ1mLT8f0iwOfw
TXT file (98kB, RUSSIAN) - ⇗ https://yadi.sk/d/1t0PuYOFVAr15w

2. Archive of all existing 33 versions "WinXP-IE Optional Patch Integrator" from May 2020 to April 2021 (420 MB) - ⇗ http://file.sampo.ru/5863f7
or (Password: 123) - ⇗ https://yadi.sk/d/gpXO90qyxoPIoQ
#7286Gelip⇗ @Andalu

Zitat von ⇗ Andalu im Beitrag ¶ #7284
Then, at the moment, I don't have a linux distribution to use and I can't download it because my internet connection has a fault, at moment I'm surfing at 320KBps.

Write the ⇗ d6.img image to a USB flash drive using Win32 Disk Imager and boot PC from it.
#7287Mov AX, 0xDEAD
Zitat von ⇗ YuriyCN im Beitrag ¶ #del-20
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7279
Windows use different hardware timer with basic frequency 14,31Mhz, it can divde it to many constants to get final requested frequency for interrupts. RTC timer (32768Hz) used only for calibrating first timer at init stages.
Problem with timer is 1)failed calibrating 2)skipped interrupts 3) some else (imho)

Программа CPU-Z четко фиксирует разницу хода таймеров.

yes, it show something, but not full true :)
acpi - fake, acpi hardware timer is disabled on skylake+, cpu-z probably reads acpi memspace in cycle, every  3.5 secs acpi time counter is overflowing, cpu-z handle this software way, any windows can't do same.
qpc - is not timer, it is cpu counter, qpc depends on cpu bus freq, cpu bus freq is 100Mhz, 100Mhz generated from 14,31Mhz
rtc - clock chip with 32768Hz
cpu-z can't show important thing - interrupt counter, this counter is base of all windows timers

You're using overclocked cpu bus freq, so qpc is shifted, this is not problem if bus freq is really constant without fluctuations
#7288diderius6⇗ @Andalu

your xp.img contains only the Hex Value AA,
as I can see on the pic.
All is ok, but you forget to click right on this AA and click "end of block".
Then you will see, that not only the AA becomes selected, but also the whole partition with MBR from before,
and the size of the xp.img grows enormous
Dietmar
#7289iyutos⇗ @gordo999

Hello, I have not meant any subtext, I really expressed that I respect you as a specialist, you wrote a clever post.
English is a foreign language to me, perhaps I was misunderstood.
#7290Andalu⇗ @diderius6
so the 16GB file I had already obtained was the right one? I'll try again soon.


⇗ @Gelip
thanks for the suggestions. The download of the d6.img file will end in over 2 hours

 

Page 487

del-21YuriyCN
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7287

yes, it show something, but not full true :)
acpi - fake, acpi hardware timer is disabled on skylake+, cpu-z probably reads acpi memspace in cycle, every  3.5 secs acpi time counter is overflowing, cpu-z handle this software way, any windows can't do same.
qpc - is not timer, it is cpu counter, qpc depends on cpu bus freq, cpu bus freq is 100Mhz, 100Mhz generated from 14,31Mhz
rtc - clock chip with 32768Hz
cpu-z can't show important thing - interrupt counter, this counter is base of all windows timers

You're using overclocked cpu bus freq, so qpc is shifted, this is not problem if bus freq is really constant without fluctuations


Факт в том, что счет времени в таймерах ACPI и QPC одинаковый - время идет точно и одинаково. Максимальная разбежность составляет 0.1 секунду за 20-30 минут проверки. А вот показания таймера RTC резко разнится от ACPI и QPC если использовать программу накрутки времени Timer_v10. При частоте переключений таймеров 0.2 секунды, RTC-таймер накручивает лишние +2 секунды за 1 минуту накрутки. При 0.1 секунды мы получаем уже +4 секунды в минуту. В итоге, при постоянной работе программы Timer_v10 можно накрутить время 4-5 минут вперед за час!!! Конечно это очень жесткий режим. С реальными приложениями такого сильного ухода времени не наблюдается, но все таки +1..2 минуты за рабочий день - это очень плохой показатель точности системных часов.

Никакого разгона у меня нет, все режимы по частотам CPU в BIOS|UEFI выбраны по-умолчанию. Процессор Intel i5-6500 (4 core @ 3200 MHz), поэтому QPC показывает 3,192 GHz, так как рабочая частота 3,200 GHz.

Проведите накрутку времени, используя Timer_v10 по методике изложенной в ¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (485) я уверен, что результат накрутки на вашем ПК будет такой-же, при условии, что не запущено какое-либо приложение, которое принудительно удерживает таймер на периоде меньшем стандартных 16 мс...
#7291Brooons⇗ @gordo999
Very maybe PS\2 disabled in the bios.
Me also had this situation, PS\2 settings are very deeply hidden.
#7292Andalu⇗ @diderius6

now my challenge has become to find the exact partition size on the NVMe drive to overcome "error 28: Selected item cannot fit into memory" obtained as a result of the "Warning: total sectors calculated from partition table (3907024065) is greater than the number of sectors in the whole disk image (32194260)".
The XP.img file is 16.097.130KB. What should be the exact size of the partition on the NVMe?
#7293diderius6⇗ @Andalu

From your pic I see, that the partition size together with MBR is 3D67DA800 = 16483461120 Byte.
So you need Ram > 16 Gbyte
Dietmar
#7294Andalu⇗ @diderius6

I always get the same error even if the ram is 32GB
#7295diderius6⇗ @Andalu

The error seems to be, that your xp.img has 32194260 sectors,
but you try to load 2TB to ram
Dietmar

PS: Write me step by step, how you build your xp.img.
#7296Andalu
Zitat von ⇗ diderius6 im Beitrag ¶ #7295
Write me step by step, how you build your xp.img.

Here the images:

   


The base hard drive is 2TB while the NVMe is 256GB
#7297diderius6⇗ @Andalu

I have only 1 Partition on my 2TB harddisk.
And I delete in registry Mounted Devices on the original XP before I shut compi down and make xp.img from it.
So, XP does not know, how large its harddisk is, just looks what is offered and build this key new
Dietmar
#7298Andalu⇗ @diderius6

just tried: nothing changes even deleting the Mounted Devices key from the registry. I connected the base HD on another system to prevent the creating of that key on the booting from the same disk drive.
#7299Andalu
Zitat von ⇗ Gelip im Beitrag ¶ #7286
Write the ⇗ d6.img image to a USB flash drive using Win32 Disk Imager and boot PC from it.

d6.img file copied into a new USB stick with Win32 Disk Imager 0.9 (that seems to be the last version XP compatible). On the boot from that usb stick I got the following message:
"Boot failed! - Unable to find a medium containing a live file system".


Edit: I re-applied Win32 Disk Imager after formatting the usb stick but at startup still an error that repeats endlessly:
"cat: can't open '/sys/block/*/removable': No such file or directory"
#7300diderius6⇗ @Andalu

When you prepare your 2TB harddisk with RMPrebUSB,
do you set the mark in "Force use of LBA calls"
Dietmar
#7301gordo999
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7287
qpc - is not timer, it is cpu counter
⇗ @Mov AX, 0xDEAD ...as we say in English, when we have insight, a light goes on in the mind. It has been a long time since I studied digital theory especially related to computers.

The clock on the XP desktop that ⇗ @YuriyCN talks about losing time is a counter, not a time source. It counts pulses, or ticks, generated by another time base. However, it must know how long a second is in ticks therefore it is dependent on the source of the ticks being accurate. I think ⇗ @YuriyCN 's work on this is important, however. All I am trying to do is explain some theory about clocks, and not very well because my brain is so rusty.

It's like an atomic clock which knows nothing about time. It generates a very accurate frequency due to natural atomic vibrations between electrons and protons in a Cesium nucleus. The second we use is derived from the rotation of the Earth. The period of that rotation is divided into 24 hours as represented by the distance between lines of longitude at the Equator. Each hour is divided into 60 minutes then 60 seconds. The resultant second is the one we use as the basis of time in physics and it equals 1/86,400th of one Earth rotation on its axis. Please note that the second also equals a distance.

So, the frequency generated by an atomic clock is very large compared to our second. It must be divided by digital dividers till it reaches the smaller size of 1 second. But how does the divider circuitry know the length of 1 second? A common method is to use the 60 hz power frequency which is actually 60 cycles per second. If you invert that frequency you get the time, in second, between each cycle of electrical power where 1/60 c/s = 0.01666666 s/c.... seconds per cycle. Multiply that by 60 and you have the exact length of 1 second. Digital circuits can do that easily.

I know ⇗ @diderius6 does not agree with me   but that's why Einstein was wrong about time dilation.  The second, hence all time, is based on the rotation of the Earth, which is a relative constant. Therefore, it is impossible for time to dilate, or for that matter, for space-time to curve.

Back to the clock. The time-keeping clock on a computer can run fairly accurately using the 60 hz line frequency as a basis for the second but when the power is turned off it has no source with which to synchronize. It has the real time clock, powered by a battery, but how does it know the length of a second? It doesn't, and if you leave any computer turned off and offline, the clock will lose time. Most computers connect to an external time source online to re-synchronize.

It's important to distinguish between hardware clocks and software clocks. A hardware clock is a dedicated, physical chip that uses a quartz crystal to establish an accurate time base. I noted from a post of ⇗ @YuriyCN that one quartz crystal runs at 3.58Mhz. That is the same crystal used in North American colour television to synchronize the colour signal. Apparently, computer manufacturers thought it easier to use an existing crystal that was readily available.

You can build a clock from discrete transistors but discrete units tend to drift with temperature change, etc. The RTCs using advanced chips are compensated internally for drift (change) and with a quartz crystal they can maintain accurate time for long periods. Also, the transistors are grown on the chip and the quality control is very good.

Software timers/clocks are not synchronized and depend on the code flow, which is controlled by the processor. It makes sense that if the processor, being based on time-slices, is loaded down with many apps, the code-timed clocks would vary with porcessor load. Therefore, it would make no sense to use a software clock/timer unless it was a dedicated unit.

Here's a discussion of some time bases on a forum:

⇗ https://forums.guru3d.com/threads/differ...and-qpc.431593/

"LAPIC is abbreviation for Local Advanced Programmable Interrupt Controller - ⇗ https://en.wikipedia.org/wiki/Advanced_P...rupt_Controller - see section "APIC timer".

TSC is abbreviation for Time Stamp Counter - ⇗ https://en.wikipedia.org/wiki/Time_Stamp_Counter

QPC is abbreviation for QueryPerformanceCounter - function from Windows API. This function can use LAPIC, TSC and also HPET (High Precision Event Timer) timers. Developers can use this function to estimate a time span between two measures (calls).

Timer resolution means system timer resolution - the interval with which system timer (usually Real Time Clock - RTC - a chip on the motherboard) fires interrupts. Those interrupts are called a "tick". System timer resolution has nothing to do with LAPIC, TSC, HPET and QPC.
A bit of info about system timer - ⇗ https://forums.guru3d.com/threads/window...ng.377790/";
#7302NT5 forever
Zitat von ⇗ diderius6 im Beitrag ¶ #7255
@NT5 forever
The procedure is a little bit difficult,
but I hope, that some test it and have success also
Dietmar

PS: Some steps here can be done more easy but not easy to write a Tutorial, that works on any compi.

Maybe you should take a look at IMG_XP_Create.exe, one of the programs included in the IMG_XP utilities pack.
It can create a Grub4DOS menu, build a new xp.img, install RAM disk driver and storage drivers and modify registry settings in xp.img.
You can select the image file size, add a custom hal.dll etc.

The great thing about the IMG_XP utilities is that they are just compiled AutoHotkey scripts interacting with existing utilities and drivers like ERUNT, Imdisk, WinVBlock, BootSect.exe, Grubinst.exe,  df.exe, dsfi.exe, dsfo.exe, etc.

The source code scripts are included in the pack, so it's very easy to modify and customise everything according to your specific needs.
I think it would be fairly easy to automate your procedure with an app that offers a nice GUI.



NT5 forever has attached files to this post
#7303NT5 forever
Zitat von ⇗ diderius6 im Beitrag ¶ #7258
@Andalu

For me, the best way for to get xp.img is,
to make a copy of the first partition of a harddisk with Winhex with MBR and the 2048 sectors before partition.
I copy all the sectors to a file and name it xp.img


Winhex supports scripting:

⇗ http://www.winhex.com/winhex/scripting.html

It is probably feasible to add some lines to the IMG_XP_Create script in order to automatically copy all the sectors to the xp.img file freshly created by IMG_XP_Create.

The IMG_XP_Create script could also delete the mounted devices registry key.
#7304diderius6⇗ @gordo999

"I know ⇗ @diderius6 does not agree with me but that's why Einstein was wrong about time dilation."

Time is always together with the 3 dimensions.
When you have gravity, time is prolonged. So dilatation of time is just the presents of a force, which we call gravity and vice versa.
Also gravity changes the distance in the 3 dimensions and vice versa, just the same as with time.
Nothing is understood what gravity is. Einstein describes gravity as a changes in geometrie.
But this is just describing the effect, no explanation at all.
I agree with Ernst Mach, who says about Einsteins General theory of relativity: "It is complete empty, no physics in it."
Without gravity, you can build an universal Psi-function, with describes the whole universe.
And with the Bohmian mechanik you can even go further to describe Non-equilibrium states as the Big Bang.
So, without gravity, physics would be "perfect".
But because noone understands gravity, nothing at all is ready in physics
Dietmar
#7305Andalu⇗ @diderius6

I re-started the procedure once again with the following differences than before:
- 2TB hard disk drive with one partition only formatted with RMPrebUSB v2.1.739;
- XP installed from scratch;
- 'Device Mounted' key deleted from registry for both HD and NVMe drives,

I finally got it but...... to complete the boot my system (Q370 + i7 9700 + 32GB of ram + NVMe 950pro) takes over 100 seconds
The pagefile is disabled, what else could it be?

 

Page 488

#7306diderius6⇗ @Andalu

Loong bootime happens, when you dont use the nvme grldr renamed to ntldr from Kai Schtrom on the nvme bootdevice.
And also check the content of the menu.lst
Dietmar
#7307Andalu⇗ @diderius6

the issue is on another place, both ntldr (renamed from grldr) and menu.lst are correct.
#7308diderius6⇗ @Andalu

I just test a 27 Gbyte to ram loaded XP.
I will report soon
Dietmar
#7309diderius6⇗ @Andalu ⇗ @NT5 forever


The new 27 Gbyte XP loads in 9 sec to ram.
The own Bios of the 950 Pro nvme enables this. On this 950 pro I have only renamed grldr, menu.lst and xp.img.

Using the own Bios nvme drivers from the Asrock Fatalty z370 gaming K6
on an Optane nvme with 29 Gbyte, I get message, that nvme cant boot from LBA 0.
This is a bug.

And I did another hack: On the xp.img itself I have NO nvme driver at all.
So, not a second device appears, because no nvme driver under XP for it, when XP loaded to ram
Dietmar

PS: I use only the 4Gbyte hack from ⇗ @daniel_k . When you use more than 4 Gbyte, you need to think about,
that this is subtracted from the 32 Gbyte ram memory.

⇗ https://ufile.io/myp86qqg
#7310NT5 forever⇗ @diderius6

So that means that in explorer you can only see a 27 GB sized C:\ drive?

The other drives are not visible?
#7311diderius6⇗ @NT5 forever

yepp ). This means, that the nvme device is perfect write protected, I checked.

Dietmar

#7312diderius6⇗ @Andalu

When you have installed XP via Firadisk for the xp.img,
make sure, that you disabled Firadisk, so that it does not comes in conflict with the Svbus driver from Kai
Dietmar
#7313AndaluI think the loading time so high may be due to this:



repeating on every boot from the NVMe drive.
Yet in the HD, once I did the disk upgrade, it did not recur. From this point I did the disk clone and the other things
#7314NT5 forever
Zitat von ⇗ diderius6 im Beitrag ¶ #7311
@NT5 forever

yepp ). This means, that the nvme device is perfect write protected, I checked.

Dietmar


Nice.

Is your XP RAM boot method compatible with all modern machines?
I just bought a new laptop.
An inexpensive ASUS with 4 GB of RAM and a NVMEe drive.
#7315diderius6⇗ @NT5 forever

From USB it works always, even from Optane in USB clothes.
But from USB, the load speed is only about 150Mbyte/sec
Dietmar
#7316Andalu
Zitat von ⇗ diderius6 im Beitrag ¶ #7312
@Andalu

When you have installed XP via Firadisk for the xp.img,
make sure, that you disabled Firadisk, so that it does not comes in conflict with the Svbus driver from Kai
Dietmar

you still haven't told this, though
#7317NT5 forever⇗ @diderius6

I'm sick and tired of using Windows 10 on my laptop.
I would like to boot XP from USB.
I don't care about slow transfer speed. My XP.img is smaller than 500 MB.
I just don't know how to get it working.
#7318NT5 forever⇗ @diderius6

AFAIK, my laptop doesn't support legacy boot, only UEFI.
I've got an XP.img file that RAM boots on my desktop PC.
I would like to boot it from USB on my laptop, but I've got no clue how to make a UEFI usb stick.
#7319diderius6⇗ @NT5 forever

There is a new UEFI grub4dos.
Until now I did not test, for what it can be used.
But because everything works here in Ram, maybe(!) with this grub4dos legacy XP ram boot is possible on pur UEFI Bios
Dietmar
#7320diderius6Toshiba RD400 works also for ramboot of XP, this nvme device has no own Bios.
It is using the Bios nvme driver from the motherboard Asrock z370 Fatalty gaming k6.
On this RD400 is only the to ntldr renamed nvme grldr from Kai Schtrom,
the menu.lst and the 15 Gbyte xp.img.
Few seconds load time for 15 Gbyte XP to ram. Then, the RD400 can be disconnected
Dietmar

 

Page 489

#7321diderius6⇗ @Andalu

Take a look, if your nvme slot shares lines with other devices.
Just try another PCI-e slot or other M2. connector.
Sharing lines can put down the transferrate near to zero
Dietmar
#7322daniel_kNice work guys, unfortunately can't join you as I have only one NVMe drive.
#7323Andalu⇗ @diderius6

the problem was simpler than I expected, it was the samsung 950pro, which was evidently excessively worn. Replacing it with a WD SN720 the boot of the 16GB takes 10 seconds (excluding the memory loading). I also replaced the samsung NVMe driver with the Microsoft one and it still worked.

The only strange thing is that every time the system boots, the "found new hardware" wizard for the NVMe device is displayed. The same happened with the samsung driver.


P.S.: my connection is getting worse and worse, in the afternoon it was completely down, I apologize in advance if I will unable to reply.
#7324diderius6⇗ @Andalu

I noticed the same strange behavior of nvme devices, only not for Optane(!).
When with Winhex you put everywhere 00, during
one session all tested nvme devices at the end become slower than a normal harddisk.
After trim (I use win8.1 for trim),
suddently the nvme device awakes to new life. But when you take a closer look,
during transfer of 10 Gbyte there are errors, only the internal error correction repairs them.
On a Western Digital black 2TB no errors are found during tranfer of 10.000 Gbyte,
as I check with Winhex. So, I do not use any nvme device for daily use.
At the airport, when going through the Scanner, my nvme device in a Lenovo notebook and the SSD show errors after.
This NEVER happens to me, when my notebook with harddisk goes through scanner
Dietmar

PS: Fast means bad for important documents. Only the Optane drives are better and do not need any Trim.
#7325NT5 forever
Zitat von ⇗ diderius6 im Beitrag ¶ #7242

[] RMPrebUSB vers. 2.1.739,

grub4dos-0.4.5c-2016-01-18 []

I install grub4dos to an USB stick via RMPrebUSB, and copy after the whole content of grub4dos-0.4.5c-2016-01-18
on root of this stick.

And I add a menu.lst with content

title Windows XP - RAMDISK
 find --set-root --ignore-floppies /xp.img
 map --mem /xp.img (hd0)
 map --hook
 root (hd0,0)
 chainloader /ntldr


I just tried that on my machine using the versions of RMPrebUSB and grub4dos you mentioned.
The stick appears in the boot menu of my laptop.
However, when I select the entry in the menu the screen flashes but it won't leave the boot menu.
It won't even load the grub4dos menu on the stick.
I've tried several times, formatting the stick in FAT32 and NTFS, with and without force LBA option.
Same result.

#7326diderius6⇗ @Andalu

Make an xp.img without any nvme driver. Connect your nvme device to your motherboard when booting from harddisk.
Then you will see a yellow question mark behind unknown pci device in Device Manager. This is your nvme disk. Disable it.
And when building xp.img from this harddisk partition, the problem with recognicing new hardware is gone,
because XP has no driver for it and it is disabled in device manager
Dietmar
#7327diderius6⇗ @NT5 forever

Make a try with the UEFI grup4dos. I never tried but maybe, that here in the forum somebody knows more,
for what you can use this new grub4dos
Dietmar
#7328NT5 forever
Zitat von ⇗ diderius6 im Beitrag ¶ #7327
@NT5 forever

Make a try with the UEFI grup4dos. I never tried but maybe, that here in the forum somebody knows more,
for what you can use this new grub4dos
Dietmar

I have downloaded it, but I don't know how to install it.
There is no installer, just a bunch of folders with files.
Documentation is in Chinese.
#7329diderius6⇗ @NT5 forever

Just copy the grldr to the root of the device and rename it ntldr. Use the menu.lst from before.
But I never tried
Dietmar
#7330NT5 foreverLol. There is no grldr file included,
#7331diderius6⇗ @NT5 forever

I think, you only need to copy the *.efi files on a Fat32 partition and boot XP via bootmgr.
The procedure with the *.img files is the same and even SVbus from Kai can be used.
But still INT13 from Bios is needed I think,
some got a working INT 13 simulation for Win7,
very experimental alpha stage
Dietmar

PS: For Win10 bit 64 ramboot seems to work via UEFI and grub4dos.
But ram boot via MBR works also for Win10 bit 64,
as long as you have legacy CSM support.
#7332AndaluThe XP booting in ram also works from a NVMe enclosure. I tried some of them connected to a USB 3.2 Gen.2 port (10 GB/s). Even if the ram loading is slow (especially for the RTL9210 chipset), the boot works for all chipsets tried:

JMS583:



RTL9210:



ASM2362 and ASM2364:



All chipsets have a yellow mark because the uaspstor driver was not installed on the base XP Hard Disk.


⇗ @diderius6
I got some 0x24 BSOD for the ntfs.sys driver booting from an NVMe inserted on the M.2 socket when the NVMe driver is no longer installed. This has occurred every time the system is restarted after a successful boot.
#7333diderius6⇗ @Andalu

Nice ).
I succeed with USB ramboot also for the Optane nvme with 29 Gbyte in USB clothes via JMS583 but not as nvme.
Funny, I do not get a yellow questionmark, the device appears 2 times (rambooted and original USB device).
Yes, it is slow. When you disable any nvme driver for Ramboot, the xp.img is perfect write protected.
So, any Bsod is strange, because nothing on the nvme device can change.
May be it has to do, how the Bios recognices the nvme device and Bios changes boot order
Dietmar
#7334Andalu⇗ @diderius6

for the same NVMe drive I also had to disable smart control from the bios as the NVMe drive was considered corrupted. The same was detected as bad in XP by CrystalDiskInfo while the same program in Win10 considered the disk as healthy.
#7335diderius6⇗ @Andalu

Is there an nvme device, which is not corrupted?
Few copy errors I get on a brandnew Samsung 1TB 980pro, when you take a look in the history of the device.
Only the internal error correction make the nvme device look, as everything is ok,
but isnt
Dietmar

 

Page 490

#7336Mov AX, 0xDEAD
Zitat von ⇗ YuriyCN im Beitrag ¶ #del-21
Zitat

acpi - fake, acpi hardware timer is disabled on skylake+, cpu-z probably reads acpi memspace in cycle, every  3.5 secs acpi time counter is overflowing, cpu-z handle this software way, any windows can't do same.
qpc - is not timer, it is cpu counter, qpc depends on cpu bus freq, cpu bus freq is 100Mhz, 100Mhz generated from 14,31Mhz
rtc - clock chip with 32768Hz
cpu-z can't show important thing - interrupt counter, this counter is base of all windows timers

Никакого разгона у меня нет, все режимы по частотам CPU в BIOS|UEFI выбраны по-умолчанию. Процессор Intel i5-6500 (4 core @ 3200 MHz), поэтому QPC показывает 3,192 GHz, так как рабочая частота 3,200 GHz.


Привет Юрий
1) there is no any acpi timers on skylake+, cpu-z show virtual timer, it may be equalent to anything
2) if you have 32x100Mhz CPU with standart 100Mhz bus refq, QPC Frequency must be 3200, not 3192 !!! use WinTimerTester 1.1 to re-check QueryPerformanceFrequency, if it is not 3200 - you have strange bus clock gen on motherboard, it cannot generate exact 100Mhz (or wrong rtc clock gen)

#7337Mov AX, 0xDEAD
Zitat von ⇗ gordo999 im Beitrag ¶ #7301
Timer resolution means system timer resolution - the interval with which system timer (usually Real Time Clock - RTC - a chip on the motherboard) fires interrupts. Those interrupts are called a "tick". System timer resolution has nothing to do with LAPIC, TSC, HPET and QPC.
A bit of info about system timer - ⇗ https://forums.guru3d.com/threads/window...cessing.377790/

Hi Gordo

Mark Russinovich, David A. Solomon, Alex Ionescu said: "On todays machines, the APIC Multiprocessor HAL configures the RTC to fire every 15.6 milliseconds, which corresponds to about 64 times a second."

OK, i was wrong, on modern APIC systems, hardware system timer is RTC chip
But on classic one-processor systems hardware timer is 8254 chip, not RTC chip. Clock input pin of 8254 connected to system 14.31Mhz (or divided by /2 or /4, i dont know details ). Windows don't trust 14.31Mhz as precision clock, it calibrate "ticks" from 8254 to fit to 1 sec (as i remember) of precision time, this "1 precision sec" it get from RTC chip
#7338gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7304
Time is always together with the 3 dimensions.
⇗ @diderius6 ...Dietmar...I confirmed this with a former physics professor from the days when I studied engineering (applied science). I met him by chance in a super market and after we chatted for a few moments I told him I had recently read that time does not exist. He said, "That's correct, humans invented time to keep tract of change".

Have you considered what I said, that time, the second, is based on the rotation of the Earth. At one time, the Egyptians used a sun dial to do the same thing, to kept tract of the Sun's position in the sky, by casting its shadow on a sun dial face. They did not understand that the Earth was rotating and the Sun was standing still.

Today, we know the Earth rotates and we have two means of tracking that rotation. One is to use the position of the Sun at Noon wrt the horizon, then wait till Earth rotates back around to the same position. We created a machine, the clock, to measure that period then we arbitrarily divided a clock face into 24 divisions, which we called a day. Then we broke down the day into hours, minutes, and seconds.

The other means is to keep tract of the Earth's rotation wrt the stars, which are relatively fixed. The advantage with that time is that it is the same throughout the Earth's orbit whereas the former method loses a few degrees each rotation due to the Earth's movement in its orbit.

Was it Mach you quoted as claiming there is no physics in Einstein's relativity theory? Louis Essen, who discovered the atomic clock, claims Einstein's relativity is not a theory but a collection of thought experiments. He went further, claiming Einstein did not understand measurement. In his paper on relativity, E. claimed time is the hands on a clock. In that case, he should have known that time is locked to the rotation of the Earth because all clocks are synchronized to the Earth's rotation. It cannot dilate.

The space you mentioned is measured in metres (or kilometres) where the metre used to be defined as a fraction of the distance  from the Equator to the North Pole. So, we humans invented that space and the time related to it. Neither exist in reality.

Gravity is a force and I think it is likely related to the electrostatic forces in atoms. It operates in the same way as two electrostatic charges where electrostatic force = K(q1.q2)/d^2. With gravity, f = G(m1m2)/d^2. Is that a coincidence? Today, students are being taught that gravity is not a force but some kind of space-time issue. I find that to be scary.

I don't think time exists. However, we have created it as an illusion in our minds where our minds create a past and a future that does not exist. Both are illusions, just like our illusion that the Sun rises in the East and sets in the West. What we have in reality is one immense space with no movement of time. In other words, if you consider the life of Christ, beginning at 0 BC, nothing has changed time-wise since then. We imagine it has but we are still in exactly the same space as when Jesus walked the Earth. There have been changes in geography due to erosion, etc., but no change in time.
#7339Gelip⇗ @Andalu

Zitat von ⇗ Andalu im Beitrag ¶ #7299
Boot failed! - Unable to find a medium containing a live file system


Edit menu.lst file adding acpi=off noapic nomodeset:

 
default 0
timeout 3
 
title Debian Live
kernel
 /images/debian-live/vmlinuz boot=live
live-media-path=/images/debian-live/live/ config username=root acpi=off
noapic nomodeset
initrd /images/debian-live/initrd.img



@NT forever
What is this laptop? Is UEFI 32 or 64-bit? This version ⇗ grub4dos-for_UEFI-2021-05-01.7z is 32 and 64-bit. You must use the version that is compatible with your UEFI. It's best to run from UEFI Shell.

If your UEFI is 64-bit, you can only run WinXP 64-bit

To check the UEFI version, format the flash drive in FAT32, create the directory structure EFI\Boot and copy the uefiinfo.efi file to Boot subfolder renaming it to bootia32.efi (if UEFI 32-bit) or bootx64.efi (if UEFI 64-bit)

or do not rename uefiinfo.efi and use appropriate UEFI Shell version

P.S. uefiinfo.efi can run under both 32-bit and 64-bit UEFI as it is compiled as EBC



Gelip has attached files to this post
#7340Brooons⇗ @gordo999
Time is needed so that events do not occur simultaneously.
Our events are not simultaneous.
This means the fact of the existence of time.
#7341diderius6⇗ @Brooons

With Bohmian Mechanics, the events happen one after the other like on Videotape. No place for any randomness.
From a philosophie side: Who ever orchester randomness? nobody, because there isnt.
This enables also the possibility, that video runs backward, nobody has a chance to notice or to change this, because all IS as before.
Gravity makes the movie to run slower or faster. From human thinking,
nobody likes the idea, that we are like statists, cant change anything
Dietmar
#7342gordo999
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7337
Mark Russinovich, David A. Solomon, Alex Ionescu said: "On todays machines, the APIC Multiprocessor HAL configures the RTC to fire every 15.6 milliseconds, which corresponds to about 64 times a second."
⇗ @Mov AX, 0xDEAD ...I am not up to date on modern computers, the older 8086 processors were easier to understand with their interrupts and RTCs.

I think the statement by Russinovich et al may be a bit misleading. I know who Russinovich is and I have read his work with great interest. In fact, I respect all three deeply as software gurus. Personally, if I want info on RTCs I would go to the source, an Intel hardware manual. A phrase like APIC Multiprocessor HAL does not make a lot of sense to me in English and I can only imagine how it must sound to you with English not your main language.  HAL is a software reference whereas an APIC is hardware. Seems Mark and the boys are viewing hardware from a software level.

An APIC, as you know, is an advanced programmable interrupt controller. It's predecessor, the PIC, a programmable interrupt controller, was introduced as a means of interrupting the processor so the processor could process external hardware devices, like COM ports, printers, etc. It had interrupt lines for IRQ (interrupt request) from 0x0 to 0x7 (8 interrupts). A newer pic was introduced later with an extra interrupt line that attached to another PIC to extend the interrupts possible to 16.

The APIC does the same work and much more and has 255 interrupt lines. In the older PICs, IRQ 0 was for the system timer, and I think that's what Russinovich and all are calling a PIT. So, the timer interrupts the processor at the highest interrupt level. I think that is done to give the processor a regular reference pulse to synchronize it. The APIC now has a function provided so companies like Microsoft can redirect the interrupts so Microsoft can redefine them.

In the book by Russinovich et al from which you quoted, they claim, "Windows programs the system clock to fire at the most appropriate interval for the machine...". A few sentences later they claim, "The RTC, on the other hand, runs at 32.768 KHz, which, by being a power of two, is easily configured to run at various intervals that to the next highest value thats been required by a process or driver)".

Seems to me they are confusing the RTC with the system clock. I had not noticed before that 32,768 is 2^15th power. That makes sense now because digital counters can naturally divided a 2^n binary number into any power of 2. However, on one hand they claim the RTC runs at 32.768 Khz, which is a constant frequency, then they claim the RTC can be configured by the APIC to fire every 15.6 ms.

I think what they mean is that the RTC 'OUTPUT' frequency is divided by separate digital circuitry which fire at various intervals. If you have a counter counting the RTC output signal, you can reset the counter to 0 any time you want. Or, you can configure the counter to reset itself every so many counts and/or to output a pulse after every interval count.

I don't pretend to understand this at depth, especially the APIC, which is far more complex than the PIC. I think all that needs to be understood is that the APIC is a complex interrupt detector that can detect service requests from external devices and internal devices like counters and timers. It also has the ability to communicate with other APICs.

A processor has to be told when power is applied. That is a power interrupt request, which forces the processor to go through housekeeping routines to reset its registers, etc. That pin is right on the processor and connected to a power source. The processor will carry on performing its house keeping routines, like refreshing memory, till it is interrupted to do other work. Windows has introduced its own software interrupts, which I think are IRQLs.
#7343gordo999
Zitat von ⇗ Brooons im Beitrag ¶ #7340
Time is needed so that events do not occur simultaneously.Our events are not simultaneous.
This means the fact of the existence of time.
⇗ @Brooons ...do you mean physical events or mental events? If you removed every human from the Earth, would any events ever occur simultaneously? The human mind has the ability to create events that don't exist in the real, physical world.

By mental events I mean those recorded in human memory. None of them happened at the same time because the humans involved did not exist in the same physical space. They died, and new humans appeared, in the same space. However, humans today read history and record that history chronologically in their mind, making it appear as if there has been a change in time. Mental chronological time is an illusion.

Consider the example of Jesus walking around Jerusalem 2000 years ago (I am not religious I just admire the guy). He and the people of his time died and are no longer in Jerusalem. If I went there now and walked in the same places Jesus walked I would not be interfering in events he experienced. But I'd be walking in the same space he walked in.
#7344gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7341
With Bohmian Mechanics, the events happen one after the other like on Videotape. No place for any randomness.Dietmar
⇗ @diderius6 ...Dietmar ...if you read Bohm's discussions with Jiddu Krishnamurti (you can find the book, The Ending of Time, on the Net) he states clearly at one point that humans invented time. Their entire discussion revolves around the illusions created by thought, including time, and the 'actuality' available to a mind that operates with a 'choiceless awareness'. That's a reference to a mind that operates only in the 'here and now'.

That's all there is...now. No past, no future. Maybe that's what's wrong with the XP timer.
#7345gordo999
Zitat von ⇗ Gelip im Beitrag ¶ #7339
⇗ @Andalu ...[quote="Andalu"|p7299]
Boot failed! - Unable to find a medium containing a live file system
⇗ @Andalu ...I often get that message if I have a USB device plugged into a USB port with the BIOS set to boot from a USB port. I drove myself crazy one night before I got what it was. I had a USB wifi device plugged into a USB port and the system was looking for an operating system on it.
#7346diderius6⇗ @gordo999
Because Bohmian Mechanics is linear with time, the situation at any moment, for example "NOW" is enough (but past(see photos) and future exist) to describe all(!) past and future.
This is very impressive, most do not understand. The routes cant cross, this is the end for all randomness
Dietmar

PS: This means, that you cant do anything wrong;)..
#7347ruthan
Zitat von ⇗ gordo999 im Beitrag ¶ #7338
Zitat von ⇗ @diderius6 im Beitrag ¶ #7304
Time is always together with the 3 dimensions.

Everybody knows, that time is flat circle :)
#7348diderius6⇗ @ruthan
When you take a look at the Zeta function, there will be endless the same situation as before,
BUT always with changes in Epsilon ranges (Poincarescher Wiederkehrsatz, also true in Quantenmechanics(!)).
Zeta grows with Log, means, changes will be big as much as possible, so an universal time exists,
counter on the Videotape, but I think without errors, not as in XP
Dietmar
#7349Andalu⇗ @Gelip
the NVMe drive is not recognized on "fdisk -l" command. Only the USB stick is listed.
#7350Andalu
Zitat von ⇗ gordo999 im Beitrag ¶ #7345
[@Andalu ...I often get that message if I have a USB device plugged into a USB port with the BIOS set to boot from a USB port. I drove myself crazy one night before I got what it was. I had a USB wifi device plugged into a USB port and the system was looking for an operating system on it.

In my case instead it was correct to search for an image file to be loaded.

 

Page 491

#7351BrooonsIf the laptop's timer speeds up or slows down, it is possible that this laptop is moving in space according to Einstein's theory
#7352Mov AX, 0xDEAD
Zitat von ⇗ gordo999 im Beitrag ¶ #7342
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7337
Mark Russinovich, David A. Solomon, Alex Ionescu said: "On todays machines, the APIC Multiprocessor HAL configures the RTC to fire every 15.6 milliseconds, which corresponds to about 64 times a second."
@Mov AX, 0xDEAD ...I am not up to date on modern computers, the older 8086 processors were easier to understand with their interrupts and RTCs.

I think the statement by Russinovich et al may be a bit misleading. I know who Russinovich is and I have read his work with great interest. In fact, I respect all three deeply as software gurus. Personally, if I want info on RTCs I would go to the source, an Intel hardware manual. A phrase like APIC Multiprocessor HAL does not make a lot of sense to me in English and I can only imagine how it must sound to you with English not your main language.  HAL is a software reference whereas an APIC is hardware. Seems Mark and the boys are viewing hardware from a software level

Hi Gordo

Yes, "APIC Multiprocessor HAL" means which HAL is activated.
APIC/ACPI/MPS HALs use RTC as input to interrupt controller
UniProcessor HAL uses 8254
#7353Mov AX, 0xDEAD⇗ @YuriyCN

Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7336
Zitat von ⇗ YuriyCN im Beitrag ¶ #del-21
Zitat

acpi - fake, acpi hardware timer is disabled on skylake+, cpu-z probably reads acpi memspace in cycle, every  3.5 secs acpi time counter is overflowing, cpu-z handle this software way, any windows can't do same.
qpc - is not timer, it is cpu counter, qpc depends on cpu bus freq, cpu bus freq is 100Mhz, 100Mhz generated from 14,31Mhz
rtc - clock chip with 32768Hz
cpu-z can't show important thing - interrupt counter, this counter is base of all windows timers

Никакого разгона у меня нет, все режимы по частотам CPU в BIOS|UEFI выбраны по-умолчанию. Процессор Intel i5-6500 (4 core @ 3200 MHz), поэтому QPC показывает 3,192 GHz, так как рабочая частота 3,200 GHz.


Can you do test on your pc ?
1) extract hal.dll and ntoskrnl.exe from sp3(or from last kernel KB***** patch if you are use fresh kernels), rename to hal1111.dll & ntos1111.exe
2) run in boot.ini "/kernel=ntos1111.exe /hal=hal1111.dll"

you will get one-cpu windows with standart "non-acpi" hal, but with another hardware timer !

del-22YuriyCN
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7353

Can you do test on your pc ?
1) extract hal.dll and ntoskrnl.exe from sp3(or from last kernel KB***** patch if you are use fresh kernels), rename to hal1111.dll & ntos1111.exe
2) run in boot.ini "/kernel=ntos1111.exe /hal=hal1111.dll"

you will get one-cpu windows with standart "non-acpi" hal, but with another hardware timer !


Проверить могу!
Только дайте мне эти 2 файла, чтобы не было путаницы.
Вдруг я не те версии использую и мы запутаемся в результатах.
Закачайте мне эти 2 файла нужных версий и я проведу проверку.
#7354NT5 forever
Zitat von ⇗ Brooons im Beitrag ¶ #7339
@NT forever
What is this laptop? Is UEFI 32 or 64-bit? This version ⇗ grub4dos-for_UEFI-2021-05-01.7z is 32 and 64-bit. You must use the version that is compatible with your UEFI. It's best to run from UEFI Shell.

If your UEFI is 64-bit, you can only run WinXP 64-bit

To check the UEFI version, format the flash drive in FAT32, create the directory structure EFI\Boot and copy the uefiinfo.efi file to Boot subfolder renaming it to bootia32.efi (if UEFI 32-bit) or bootx64.efi (if UEFI 64-bit)

or do not rename uefiinfo.efi and use appropriate UEFI Shell version

P.S. uefiinfo.efi can run under both 32-bit and 64-bit UEFI as it is compiled as EBC

Hmmm. I'm pretty sure my laptop's UEFI is 64 bit, because it runs 64 bit Win 10.

WinXP 64-bit sucks.
32-bit XP has been patched by MS until May 2019.
64-bit XP only until 2014 if my memory serves me.

Its GUI is nice, and it's stable, but AFAIK it's a pain to find the right drivers.

Windows 10 it is (unless I manage to install Windows 7 on my laptop)
Farewell XP! (when it concerns this particular machine)

I hate Windows 10 with a passion.
Maybe I should install Linux on my laptop.
I hate Linux as well, but not half as much as I hate Win 10.
Linux looks great, but it's a pain to set up and to find the right software for the job, and without good software my laptop is just a very expensive paperweight.
Maybe I should give up on computers all together, and stay far away from them when my last XP compatible motherboard dies...
#7355gordo999
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7352
UniProcessor HAL uses 8254
⇗ @Mov AX, 0xDEAD ...I think you told us your first name in the past. I don't want to say "hi, Mov".

I wonder if the i8254 could be part of the problem. Apparently, some versions of XP are related to the 8254. The newer hardware likely has this functionality included in the LAPIC and is perhaps running at a slightly different frequency.

There is a post in this form about high performance counters that states:

"Well, on the same machine, 4 different Windows installs deliver 4 different timer resolutions:

Windows XP x64 Edition SP2:
High-resolution performance counter frequency is 3215.0 MHz

Windows XP Media Center Edition 2005 SP3:
High-resolution performance counter frequency is 3.579545 MHz

Windows Vista Ultimate Edition 64-Bit SP2:
High-resolution performance counter frequency is 25.0 MHz

Windows 7 Ultimate Edition 64-Bit SP1:
High-resolution performance counter frequency is 3.139248 MHz"

⇗ https://social.msdn.microsoft.com/Forums...velopmentissues

****

Don't know if there is a mistake for Windows XP x64 = 3215.0 Mhz. That is 3.125 Ghz. It may be a typo and should read 3.125 Mhz.

Note the frequency for Windows media centre XP version = 3.579545 MHz. That is the frequency of the crystal oscillator used in colour television for the colour information reference in North American televisions. Apparently, computer manufacturers used the same crystal because it was plentiful and inexpensive. The i8254 runs at 1/3 that frequency in certain modes, or 1.19318 Mhz.

Other versions of XP are returning different values according to the article in the forum. That's not to say the queryperformancecounter function is returning those vlaues but the count they are returning for the counter is based on different base frequencies.

I imagine it might be the same for gettickcount, etc. Browsers and games are likely using those functions for XP apps but when the counter frequency base changes, their timing will be incorrect. So, when XP runs on hardware using different timers and time bases, it loses synchronization.

Also, you may find this article interesting. It is old but it explains the use of the i8254 in older systems.

⇗ https://www.compuphase.com/int70.txt
#7356gordo999
Zitat von ⇗ NT5 forever im Beitrag ¶ #7354
Linux looks great, but it's a pain to set up and to find the right software for the job...
⇗ @NT5 forever ...not only that, if you dare to look under the hood you find an archaic Unix system with some apps dating back to the 1970s, and written for teletype. Much to my horror, while trying to learn macOS to help a friend, I found the same Unix under the hood. Unix is to Linus and macOS as DOS is to Windows.

BTW...for anyone not speaking English as a first language, 'hood' refers to the metal door over the engine in an automobile. When you lift it to access the engine, you are said to be 'looking under the hood'. In the UK, they call it a bonnet, like a woman's hat.
#7357gordo999About timing issues....just noticed an article that mentions HPETs, or high precision Event timers. I had not turned XP on for several weeks and when I just booted it, the clock was within 3 seconds of the clock on my Windows 7 machine. XP is not connected to the Internet at this time, so it did not correct itself via the Net.

In Device Manager, under System devices, I have a listing for an HPET as High Precision Event Timer. Its hardware ID is ACPI\PNP0103\0.   It's memory range is FED00000 - FED003FF.

The following article explains the HPET in detail and its relation to other timers. Under 'Notes' at the end of the article, in Note d., they mention a PM Timer that can be turned on and off in boot.ini use the /usepmtimer switch. It's not clear to me at this time what that does.

⇗ https://en.wikipedia.org/wiki/High_Precision_Event_Timer

It seems my problems with timing cleared up when I used the modded intelppm/HAL mod combo.
#7358Gelip⇗ @Andalu

Zitat von ⇗ Andalu im Beitrag ¶ #7349
@Gelip
the NVMe drive is not recognized on "fdisk -l" command. Only the USB stick is listed.

Yes, Debian 6 is old. Try my Debian 9:
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (444)

P.S. On Debian 9 use:

fdisk -l -u=cylinders

⇗ @NT5 forever
Zitat von ⇗ NT5 forever im Beitrag ¶ #7354
Hmmm. I'm pretty sure my laptop's UEFI is 64 bit, because it runs 64 bit Win 10.
WinXP 64-bit sucks.


To run WinXP 64-bit under pure 64-bit UEFI class 3 you need to use 64-bit UefiSeven loader and beta files from 64-bit Longhorn Server 2008 6.0.6001.16497: ⇗ https://www.betaarchive.com/forum/viewto...=456492#p456492

Besides, you have to deploy WinXP e.g. with VMware Workstation. Installation is not possible:
⇗ How to deploy WinXP 64-bit on a UEFI (without CSM) in AHCI
#7359BrooonsSometimes, the power does not turn off, on XP.
10\1, 10 time correctly, 1 time freeze in end.
Rebooting correctly, without checkdisk.
Which way to look...
del-23YuriyCN

Я не дождался 2-х файлов от вас, поэтому решил провести эксперимент как я понял.

1. Я взял официальный SP3 для русской версии windowsxp-kb936929-sp3-x86-rus
2. Переходим в нем по пути \i386\sp3.cab
3. Из архива sp3.cab берем 2 файла hal.dll и ntoskrnl.exe, копируем в любую директорию и переименовываем в hal1111.dll и ntos1111.exe
4. Копируем hal1111.dll и ntos1111.exe в c:\WINDOWS\system32\
5. Дописываем параметры /kernel=ntos1111.exe /hal=hal1111.dll в файл boot.ini

Все 3 файла я залил в архив - ⇗ https://www.upload.ee/files/13113007/Test_Kernel.zip.html
Если нужно было проверять на других версиях - дайте свои файлы.

Готово! Измененные файлы лежат на своих местах.

6. Перезагружаем ПК.
7. При загрузке ПК началось определение оборудования, вроде как при свежеустановленной системе. Все драйвера ранее были установлены, поэтому подхватились в автоматическом режиме.
8. Чтобы все драйвера (в том числе видеокарты) нормально заработали ещё раз перезагрузил ПК.

Готово! Можно проводить тест.

9. Судя по "Диспетчеру задач" мой ПК превратился в одноядерный и слетел патч РАЕ. Смотрите скрин - из 4 ядер осталось 1 ядро, а памяти вместо 8 Гб, осталось 2,1 ГБ.



10. Провевожу проверку.
Запускаю CPU-Z и Timer. После 380 секунд проверки получаю времена как на скриншоте. Интересным моментом является то, что ранее в таком режиме я бы получил время ACPI равное времени QPC таймера, а RTC таймер ушел бы вперед за 380 секунд приблизительно на 12...14 секунд (приблизительно по +2 секунды за каждые 60 секунд).

Но с новым ядром картина резко изменилась. Время ACPI и QPC таймера немного разнится, на 0.08 секунд. При чем наоборот, уже в меньшую сторону, а время QPC и RTC вообще совпадает. Если время в 0.08 секунд считать погрешностью - то все 3 таймера считают приблизительно одинаково. Ещё раз обращаю внимание, что ранее, за 380 секунд "накрутки" я бы получил увеличение времени для RTC до +(12...14) секунд!



Пишите какие действия я должен ещё выполнить.
Может какие-то проверки необходимо повторить.
Я готов тестировать.

#7360Mov AX, 0xDEAD
Zitat von ⇗ YuriyCN im Beitrag ¶ #del-23

9. Судя по "Диспетчеру задач" мой ПК превратился в одноядерный и слетел патч РАЕ. Смотрите скрин - из 4 ядер осталось 1 ядро, а памяти вместо 8 Гб, осталось 2,1 ГБ.

Пишите какие действия я должен ещё выполнить.

⇗ @YuriyCN
You can apply WinXPPAE to hal&ntoskrnl for full RAM access, but this simple hal.dll is not "ACPI" so your PC is limited to control power/freq/cpus/...
What is difference with standart mode - clock source is virtual "8254" chip with 14.318-MHz clock (derived from 24-MHz quartz)
In standart mode with halmacpi.dll clock source is RTC chip 32768Khz

On your PC windows assume 8254 is better clock source than RTC, there is no simple way to switch clock source in halmacpi.dll, need to replace some code to version from hal.dll, it is hard job.

You can play with some timer related switches in boot.ini at standart mode:
/USE8254  на системах с устаревшим BIOS сообщает ядру ОС, что на ПК установлен таймер на основе чипа 8254
/TIMERES=X в мультипроцессорных системах устанавливает разрешение системного таймера. По умолчанию разрешение таймера 7.8ms. Параметр X измеряется в сотнях миллисекунд и поддерживаются следующие значения: (X=сотен миллисекунд миллисекунд)
9766 0.98
19532 2.0
39063 3.9
78125 7.8
#7361Mov AX, 0xDEAD
Zitat von ⇗ gordo999 im Beitrag ¶ #7355
"Well, on the same machine, 4 different Windows installs deliver 4 different timer resolutions:
Windows XP x64 Edition SP2:
High-resolution performance counter frequency is 3215.0 MHz
Windows XP Media Center Edition 2005 SP3:
High-resolution performance counter frequency is 3.579545 MHz
Windows Vista Ultimate Edition 64-Bit SP2:
High-resolution performance counter frequency is 25.0 MHz
Windows 7 Ultimate Edition 64-Bit SP1:
High-resolution performance counter frequency is 3.139248 MHz"
it is OK, because for performance counters windows can choose from pool of sources: acpi hardware, TSC, ...
3215.0 MHz = RDTSC
3.139248 MHz = RDTSC/1024 (windows 7+ divide raw TSC this way)
3.579545 MHz = ACPI hardware timer (acpi specification frequency)
25.0 MHz = mistake
with additional boot switches possible to force use HPET and 8254 as performance counters

p.s. my own experiments with broken acpi timer on skylakes: ¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (10)
#7362Andalu
Zitat von ⇗ Gelip im Beitrag ¶ #7358
Yes, Debian 6 is old. Try my Debian 9:
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (444)
P.S. On Debian 9 use:
fdisk -l -u=cylinders
thank you for the help but, sincerely, I have many difficulties to proceed, totally ignoring the linux commands. For example, I prepared the usb stick by writing the iso Debian9 with Win32 Disk Imager but I don't know if this was the right thing to do. With the command fdisk -l -u=cylinders I don't know what is intended to obtain and which parameters to change in case, as happened, an error is shown.
del-24YuriyCN
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7360
You can apply WinXPPAE to hal&ntoskrnl for full RAM access, but this simple hal.dll is not "ACPI" so your PC is limited to control power/freq/cpus/...
What is difference with standart mode - clock source is virtual "8254" chip with 14.318-MHz clock (derived from 24-MHz quartz)
In standart mode with halmacpi.dll clock source is RTC chip 32768Khz
On your PC windows assume 8254 is better clock source than RTC, there is no simple way to switch clock source in halmacpi.dll, need to replace some code to version from hal.dll, it is hard job.
You can play with some timer related switches in boot.ini at standart mode:
/USE8254  на системах с устаревшим BIOS сообщает ядру ОС, что на ПК установлен таймер на основе чипа 8254
/TIMERES=X в мультипроцессорных системах устанавливает разрешение системного таймера. По умолчанию разрешение таймера 7.8ms. Параметр X измеряется в сотнях миллисекунд и поддерживаются следующие значения: (X=сотен миллисекунд миллисекунд)
9766 0.98
19532 2.0
39063 3.9
78125 7.8
1. Про РАЕ всё понятно, я же заменил ядро на непатченое.
2. В "Диспетчере устройств" появился "Стандартный компьютер", вместо "Многопроцессорный компьютер с ACPI" который был раньше
3. Что мне делать сейчас? Оставить однопроцессорное ядро, для дальнейшего проведения тестов... Или вернуть многопроцессорное ядро и поиграться с параметрами /USE8254 и /TIMERES=X в boot.ini???

Моя материнская плата на чипсете Intel H110M, процессор Intel i5-6500.
Готов к любым экспериментам.
del-25YuriyCN

Вопрос: а как вернуть как было??

Я удалил добавленные параметры /kernel=ntos1111.exe /hal=hal1111.dll с boot.ini, но режим "Многопроцессорный компьютер с ACPI" не вернулся.... (((( Далее, я попробовал натравить на обычное ядро с РАЕ, задав в boot.ini параметр /kernel=ntkrnlpa.exe /hal=hal.dll - но опять загружается в режиме "Стандартный компьютер".

Как вернуть "Многопроцессорный компьютер с ACPI"??? Неужели Виндовс придется переустанавливать?

#7363Mov AX, 0xDEAD
Zitat von ⇗ YuriyCN im Beitrag ¶ #del-25
Я удалил добавленные параметры /kernel=ntos1111.exe /hal=hal1111.dll с boot.ini, но режим "Многопроцессорный компьютер с ACPI" не вернулся.... (((( Далее, я попробовал натравить на обычное ядро с РАЕ, задав в boot.ini параметр /kernel=ntkrnlpa.exe /hal=hal.dll - но опять загружается в режиме "Стандартный компьютер"
⇗ @YuriyCN
always make backup of registry, ERUNT is good for XP  
1) /kernel=ntkrnlpa.exe /hal=hal.dll - must work, ntkrnlpa.exe = real ntkrpamp.exe, hal.dll - real halmacpi.dll
2) load available system restore snapshot
3) del manually ""Стандартный компьютер"", reboot
4) restore registry manual backup if you have one (only SYSTEM is enough)
del-26YuriyCN
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7363

always make backup of registry, ERUNT is good for XP  
1) /kernel=ntkrnlpa.exe /hal=hal.dll - must work, ntkrnlpa.exe = real ntkrpamp.exe, hal.dll - real halmacpi.dll
2) load available system restore snapshot
3) del manually ""Стандартный компьютер"", reboot
4) restore registry manual backup if you have one (only SYSTEM is enough)


Уже вернул. Задача оказалась не простой. Восстановление системы отключено. Пункт "Стандартный компьютер" удалить нельзя - в его меню нет пункта "Удалить" когда он один и нет выбора, а в "Многопроцессорный компьютер с ACPI" - пункт удалить есть.

Правильная последовательность:
Оказывается, когда мы загружаемся с режиме "Стандартный компьютер" с альтернативного ядра hal1111.dll, то это однопроцессорное ядро втихаря копируется в файл hal.dll . В итоге, когда мы возвращаемся обратно, ядро загружается из hal.dll, но файл уже подмененный. Пришлось вернуть ехе и dll из какого-то бекапа, но ПК не загружался, а зависал с черным экраном, реестр не мог подгрузиться. Тогда повторно заменил 2 файла и загрузился в безопасном режиме (через F8). Посмотрел в "Диспетчер устройств" - появилось 2 устройства "Многопроцессорный компьютер с ACPI" и "Стандартный компьютер". Поскольку устройств было 2, то на "Стандартный компьютер" пункт "Удалить" появился. Я его и удалил, оставив только "Многопроцессорный компьютер с ACPI". Перезагрузился в обычном режиме и работа нормализовалась.

По RTC bug.



Проверка показала, что в однопроцессорном ядре проблемы нет. Я даже накручивал время почти 20 минут, но разность хода таймеров составила -0,24 секунды за 1187 секунд (~ 20 минут). За это время, на мнопроцессорном ядре мы накрутим приблизительно +40 секунд.

ВОПРОСЫ

1) Посоветуйте с каким параметром в boot.ini сделать проверку?
2) Можно ли патчем ядра установить предделитель на 1 мс (0.977 мс) принудительно (как это сделано в Windows 7) ?
#7364Fernando⇗ @YuriyCN: I don't understand, what you are writing.
This is an international Forum, but its language is English.
#7365Gelip⇗ @Andalu

Zitat von ⇗ Andalu im Beitrag ¶ #7362
With the command fdisk -l -u=cylinders I don't know what is intended to obtain and which parameters to change in case, as happened, an error is shown.

What do you dont know? Show me the output of the fdisk -l -u=cylinders

After all, I explained how to make a disk image here: ¶ #7263
bs is number of bytes from the Units= line
count is last cylinder of first partition (END column)

You need to first mount another partition, external drive or network drive where the xp.img image will fit.

To mount an NTFS partition of external USB disk (e.g. /dev/sdb1) in the /mnt/images directory:

  • create an images folder in the mnt directory:
    mkdir /mnt/images
  • mount NTFS partition in this directory:
    mount /dev/sdb1 /mnt/images


In Debian, NVME disks will be labeled /dev/nvmexxx e.g. /dev/nvme0n1 and first partition /dev/nvme0n1p1

 

Page 492

#7366gordo999⇗ @Mov AX, 0xDEAD ...thanks for link to your research. Good work.

I mentioned in previous post that timing issues on my XP installation were fixed by the intelppm/hal mod. I had games that would not start and Firefox would not run properly. After using the mod, everything worked.

Do you know what changes were made in the mod to affect the timer? After XP being turned off for several weeks, the clock was 3 seconds fast, not slow.
#7367gordo999For anyone interested, I am re-visiting the problem of getting the Nvidia GT 1030 to run on XP. The complaint thus far is that the card runs only in 2D but I can't even get it to load. I get an error 10.

Found one major problem. The recommended package from Nvidia for XP is the 368.81 package. However, it comes in three versions for x86: an XP version, a VISTA/W7/W8 package, and a W10 x86 package which seems to be a Japanese version. The XP package uses the nv_mini.sys driver which was used as far back as the GT 730. The GT 1030 requires a different driver, the nvlddmkm.sys driver which comes in the VISTA/W7/W8 package.

The 368.81 package for XP should not work at all with the GT 1030 since the required driver is missing in that package. The INF file on the XP package points to the nv_mini.sys driver whereas the Vista/W7/W8 package points to the nvlddmkm.sys driver. I am just beginning to look at the problem but thought I'd advise anyone wondering about the issues.

The INF file for the VISTA/W7/W8 package has a section for each OS, so if it is used for XP the header of one of those sections will have to be changed to reflect XP. I am thinking the Vista section would be best. The Vista INF file has no mention of the GT 1030, the highest hardware ID is DEV_1C03 = GTX 1060. Just found a W10 English version of the 368.81 package for x86 and it only goes to DEV_1C03 as well.
#7368infuscomus⇗ @gordo999

I don't think you'll have much luck getting nvlddmkm.sys working in XP, unless we can somehow get XP booting with Vista/7 ntoskrnl/hal.
I tried to get it to boot once before using a longhorn server beta bootloader that I know can boot XP but got stuck at a 12A BSOD.
#7369infuscomus⇗ @Mov AX, 0xDEAD

It is possible to boot into XP using the Longhorn Server 2008 6.0.6001.16497 bootmgr and winload.exe
So as an experiment I tried swapping out the XP ntoskrnl and hal with the one from Vista and see if it would boot - but I ran into a 12A BSOD when I tried to boot into it.

I was wondering if you might be interested in solving this? I think it would be pretty cool to have XP booting with the Vista ntoskrnl and hal
#7370gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #7368
I don't think you'll have much luck getting nvlddmkm.sys working in XP, unless we can somehow get XP booting with Vista/7 ntoskrnl/hal.
⇗ @infuscomus ...I think you are right. Just checked the driver with 'depends' and there are 22 functions missing in the XP ntoskrnl. No other module shows missing functions. I am still running the original ntoskrnl, not the newer one from W8.

Not sure how that works, I am going to check ⇗ @daniel_k 's repository to see. There may be a chance that the missing functions are not called under normal usage, but I doubt it.
#7371spacedrone808Anyone tried Ryzen 5900x on Win XP 32-bit?
5900 is the fastest cpu in terms of single thread performance!

AMD 1950x ~4Ghz | Noctua NH-U14S  | Asrock Taichi X399m | 64GB RAM Corsair DDR4 @2800Mhz| 512Gb Samsung 970 Pro NVME | 1Tb Samsung QVO SSD | 2Tb Seagate Firecuda sHDD (8Gb SSD cache) | AMD Radeon VII 16Gb VRAM | Asus Essense STX II | Edifier R2800 Speakers | 1300 Watt SeaSonic Gold| NEC PA301W | Fractal Design Meshify  Case |Topre RealForce RGB Keys | Windows 7 SP2+ x64
#7372gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #7369
So as an experiment I tried swapping out the XP ntoskrnl and hal with the one from Vista and see if it would boot - but I ran into a 12A BSOD when I tried to boot into it.
⇗ @infuscomus ...looked up bsod 12a out of interest and it's about language packs. Apparently Vista is looking for language pack info in the registry.

Got this possible solution (posted below) by translating with Google from a Russian site. This requires a registry mod on an offline system. The explanation advises to export the registry hive but I find that is not necessary. If you boot from a live CD like Hirens, you can use their registry editor.

Highlight the HKLM hive (on live CD) and look under the 'File' tab for 'Load Hive'. Go to the registry folder in the offline XP Windows directory under %windir%\system32\config and highlight the 'system' file. If that does not have the hives you need, unload the 'System' hive and load the 'Software' hive. Hit enter and it will ask for a name. I use a distinct name because it will be loaded under the HKLM hive as a sub-hive. Then you can edit the XP registry hive as if it was live in XP.

***CAUTION....be sure to unload the hive under 'File' when you are finished**** You may also be able to do this on a live XP, I don't think it would care about the added MUI stuff.

From Russian site:
⇗ http://forum.oszone.net/nextoldesttothread-269667.html

"Recently I met such a rare error on Win 7x32 ru. For some reason, the dump is not created. With difficulty I found in Google where the problem is. It turns out that when updating the "left" windows, the contents of the current * registry branch sometimes disappear
[HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet * \ Control \ MUI \ UILanguages
(see what ControlSet number is current in the system \ select section)

To solve this, you need to boot from some Live CD and load the System hive. Find the desired branch (see above) and, after checking that there are no necessary subsections, export it to disk. Then, with the right mouse, change and insert missing lines
[hive \ HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet * \ Control \ MUI \ UILanguages \ en-US]
"LCID" = dword: 00000409
"Type" = dword: 00000091

[hive \ HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet * \ Control \ MUI \ UILanguages \ ru-RU]
"LCID" = dword: 00000419
"DefaultFallback" = "en-US"
"en-US" = hex (7): 00,00,00,00
"Type" = dword: 00000092
Instead of "hive" there will be the name of the loaded hive, and instead of * - the ControlSet number that is current. Save. Then two clicks on the resulting reg file, merge and reboot. Instead of these manual work, you can probably write a simple script, but this stop is quite rare".

*****
Note....I could find no similar reference in the XP registry but there is a hive under HKLM\system\ControlSet * \Control\Nls\MUILanguages

ControlSet * refers to your current ControlSet, which you can find under HKLM\System\Select\Current. For example, my current ControlSet is ControlSet008.

Note also that W7 has a MUI hive in the same place as Vista. Maybe you could export the entire hive from W7 and import it into XP registry. Of course, if you have an offline Vista installation you could do the same.
#7373infuscomus⇗ @gordo999

Thanks for that useful info! I wasn't able to find this myself.
#7374gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #7373
Thanks for that useful info! I wasn't able to find this myself.
⇗ @infuscomus ...I got lucky. Found out that nvlddkmk means Nvidia Longhorn Display Driver  Kernel Mode Driver. Tried to force it via INF files but all I got was an error change from code 10 to code 1 to code 28. Surprisingly, my desktop video is still clear with the stock VGA drivers.
#7375Mov AX, 0xDEAD⇗ @gordo999

Zitat von ⇗ gordo999 im Beitrag ¶ #7366

I mentioned in previous post that timing issues on my XP installation were fixed by the intelppm/hal mod. I had games that would not start and Firefox would not run properly. After using the mod, everything worked.
Do you know what changes were made in the mod to affect the timer? After XP being turned off for several weeks, the clock was 3 seconds fast, not slow.

first page of this "megatopic" has mini-wiki, descriptions to most patches

p.s. intelppm mod patch cpu idle function, not any timers :)
#7376Mov AX, 0xDEAD⇗ @infuscomus

Zitat von ⇗ infuscomus im Beitrag ¶ #7369

So as an experiment I tried swapping out the XP ntoskrnl and hal with the one from Vista and see if it would boot - but I ran into a 12A BSOD when I tried to boot into it.
I was wondering if you might be interested in solving this? I think it would be pretty cool to have XP booting with the Vista ntoskrnl and hal

I'm not interested because after solving BSOD 12 you will get infinite  BSOD XXXX/YYYYY/......
to simplify this BIG problem need replace all XP's ring0 code to Vista, then fix XP's user32.dll/kernel32/gdi32.dll/ntdll.dll because these libraries contain "gates" from XP-ring3 to Vista-ring0

#7377Andalu
Zitat von ⇗ Gelip im Beitrag ¶ #7365
What do you dont know? Show me the output of the fdisk -l -u=cylinders

Here the output of the fdisk -l -u=cylinders command:

 
Device                  Boot  Start   End     Cylinders   Size     Id   Type
/dev/nvme0n1p1           *     1     4749       4749      36.4G    7   HPFS/NTFS/exFAt



Too complicated for me to understand the rest... sorry

#7378Gelip⇗ @Andalu

Zitat von ⇗ Andalu im Beitrag ¶ #7377
Here the output of the fdisk -l -u=cylinders command:

Your WinXP is on an NTFS 36.4G partition (/dev/nvme0n1p1). Shrink the partition or reinstall WinXP on a small partition, e.g. 5GB. 36GB is too much to fit in RAM !
#7379gordo999
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7375
first page of this "megatopic" has mini-wiki, descriptions to most patches
⇗ @Mov AX, 0xDEAD ...thanks, I had not looked at that page for long time. Thanks for all the hard work you and others have done to make XP work on newer motherboards.
#7380Andalu
Zitat von ⇗ Gelip im Beitrag ¶ #7378
Your WinXP is on an NTFS 36.4G partition (/dev/nvme0n1p1). Shrink the partition or reinstall WinXP on a small partition, e.g. 5GB. 36GB is too much to fit in RAM !

I'm trying different ram image sizes and even the 28GB one works in the 36GB disk partition on a system with 64GB of ram:

 

Page 493

#7381Andalu
Zitat von ⇗ NT5 forever im Beitrag ¶ #7238
I use Grub4DOS bootloader/menu, and it has the option to run XP both in file disk mode and in RAM disk mode.
When I want to install new software or hardware I use filedisk and set everything up the way I like it.
Changes are persistent after reboot, just like a regular XP installation on hard disk.
Once everything is configured correctly I reboot my machine and use RAM disk mode.
Changes made to the C drive will be flushed during a reboot.

Could you please report the content of the file menu.lst that allows the switch between file Disk mode and RAM disk mode?
#7382Fernando⇗ @Mov AX, 0xDEAD:

Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7375
first page of this "megatopic" has mini-wiki, descriptions to most patches
Thank you very much for this work!
To make it easier for new visitors of this thread to find your post, I have added a hint to your smart summary to the start post.
#7383Fernando⇗ @YuriyCN:

Zitat von ⇗ Fernando im Beitrag ¶ #7364
⇗ @YuriyCN: I don't understand, what you are writing.
This is an international Forum, but its language is English.
Since I haven't seen any reaction from you side, I have deleted all your posts, which were written by you without any translation in Russian language with Cyrillic letters.
All other Forum members except you are writing here in English language and with Latin letters, no matter where they live and which mother tongue they speak. That is not fair!
All contributions of this Forum should be readable and understandable for all visitors.
#7384Gelip
Zitat von ⇗ Andalu im Beitrag ¶ #7380
'm trying different ram image sizes and even the 28GB one works in the 36GB disk partition on a system with 64GB of ram:


64GB RAM in WinXP ???   What do you need so much RAM for? I am using WinXP 64-bit with 4GB RAM, I have the paging file disabled and I am very happy. WinXP doesn't need that much RAM.
#7385NT5 forever
Zitat von ⇗ Andalu im Beitrag ¶ #7381
Could you please report the content of the file menu.lst that allows the switch between file Disk mode and RAM disk mode?
title XP file disk
find --set-root --ignore-floppies /xp.img
map /xp.img (hd0)
map --hook
root (hd0,0)
chainloader /ntldr

title XP RAM disk
find --set-root --ignore-floppies /xp.img
map --mem /xp.img (hd0)
root (hd0,0)
chainloader /ntldr
#7386Andalu
Zitat von ⇗ Gelip im Beitrag ¶ #7384
64GB RAM in WinXP ???   What do you need so much RAM for? I am using WinXP 64-bit with 4GB RAM, I have the paging file disabled and I am very happy. WinXP doesn't need that much RAM.

Currently my main system has 32GB of ram. C: drive is used for 1.7GB with only 4 programs installed. All the rest is on ramdisk, including pagefile, browser, downloads and some Framework versions (2.0 and 4.0). Some ramdisks are loaded at startup while others are loaded only when the need occurs. Booting with 3 ramdisks (4GB for the pagefile + 6Gb for Firefox + 2GB for some programs) is a bit slow (50 seconds) but ramdisk operations are fast even with XP installed on an old Haswell board with a 4770k cpu.

Next system will have with 64GB of ram. My crazy goal is to find a way to load XP on ram and at the same time:
- still use the ramdisk software;
- install the programs currently running on C on a ramdisk even if they need their own driver to work and especially write on the drive C.

I am aware, in any case, that it will be very difficult, at least for me, to find the solution.
Any advice will be greatly appreciated :)
#7387Gelip⇗ @Andalu

  • install fresh WinXP on partition 5GB
  • install device drivers, WinVBlock RAM disk driver, and adjust system settings
  • install your programs
  • disable pagefile
  • create an xp.img image from the beginning of the disk to the end of the 5GB partition
  • boot system from xp.img to RAM with GRUB4DOS
#7388BrooonsHiberfil.sys create impossible, Hibernate mode does not work, it is impossible to turn on, error id 49, this problem is maybe solved anybody or it is not worth wasting time?
#7389YuriyCN

ENGLISH
Windows XP mod 2021 - system build for the modern PC (edition 09.05.2021)
The information doesn't fit into a forum post - so download the text file and read it in Notepad.
TXT (89KB) - ⇗ https://yadi.sk/d/ljE4cOq9IqEj3Q

RUSSIAN
Windows XP мод 2021 - сборка системы для современного ПК (редакция 09.05.2021)
Информация не помещается в форумный пост - поэтому скачайте текстовый файл и читайте в Блокноте.
TXT (100КБ) - ⇗ https://yadi.sk/d/Dt4iHUhoqABMzQ
#7390gordo999
Zitat von ⇗ Gelip im Beitrag ¶ #7339
P.S. uefiinfo.efi can run under both 32-bit and 64-bit UEFI as it is compiled as EBC
⇗ @Gelip ....thanks for your help with UEFI but after getting it working on W7, I cannot see the point of it. My shell appeared as version 2.0 but it looks like the same kind of Unix used in Linux, like DOS in Windows. Each device seems to be described by a long GUID and I cannot see manipulating each piece of hardware using 32-bit GUIDS and using a text mode which is based in Unix. There's really no point unless a user wants more control over each element that is listed in the standard visual BIOS.

I got it running in W7, rather than using an USB drive for XP,  by adding a drive letter to the system partition so it would show up in a file manager. Then I created a directory \EFI with a sub-directory \Boot. Then I placed the efi shell file in the Boot directory. With my system directory using letter z:\, that means the efi file is in z:\EFI\Boot. I had two 64-bit EFI files, one from you, named bootx64.efi and another named shell.efi. I did not know which one the system required so I placed both in the Boot directory. When I rebooted, the EFI menu appeared but it said I could escape before loading the nmi file by pressing ESC. Did not happen, it just sat there claiming the EFI boot was successful.

I could not see anything that would allow me to add XP to the W7 boot file. Then, again, I could not spend that much time investigating. Eventually, I used EasyBCD, with UEFI disabled in BIOS, to add XP to the BCD boot file in W7. Very simple, and now I have the dual boot window appear at boot.
#7391Gelip⇗ @gordo999

Zitat von ⇗ gordo999 im Beitrag ¶ #7390
thanks for your help with UEFI but after getting it working on W7, I cannot see the point of it.

What point?
Zitat von ⇗ gordo999 im Beitrag ¶ #7390
My shell appeared as version 2.0 but it looks like the same kind of Unix used in Linux, like DOS in Windows.

This is what UEFI Shell looks like.
Zitat von ⇗ gordo999 im Beitrag ¶ #7390
Each device seems to be described by a long GUID and I cannot see manipulating each piece of hardware using 32-bit GUIDS and using a text mode which is based in Unix. There's really no point unless a user wants more control over each element that is listed in the standard visual BIOS.

To edit the Boot Menu you need a special version of UEFI Shell (in Attachment) that includes the bcfg command Gelip has attached files to this post
#7392Andalu⇗ @Gelip

Thanks for your suggestions
So far I used only the SVBus driver and after some tests I managed to boot XP from memory and at the same time, always on startup, to load some ramdisks from the E: drive (SSD connected to the USB3 port), as shown in the image below:



Now I need to find a way to install two programs for which I need to permanently save their rules during usage (one possibility could be to use symbolic links, some tests are needed), but first I wanted to ask if someone can give me a hint on the following problem:

with two nvme connected, the first with the XP image and the other for ramdisk files, what command should be added in the menu.lst file to load the XP.img file located on the first drive? So far the nvme drive that is automatically selected by GRUB4DOS is always the one containing the ramdisk files and not the one with XP.img, so the system won't boot.

Current menu.lst:

title Windows XP - RAMDISK
nvme --set-drive=0x80 --set-controller=0 --showselected
find --set-root --ignore-floppies /xp.img
map --mem /xp.img (hd0)
map --hook
nvme --uninit
root (hd0,0)
chainloader /ntldr
#7393Andalu
Zitat von ⇗ diderius6 im Beitrag ¶ #7256
During my tests with Windbg in winter I noticed,
that even long time after compi shuts down,
complete parts in ram stay(!) as before (even it is ddr4).
Later I use this methode for to load tables for acpi.sys to ram, survives reboot.
I do not find a tool, with which I can reset all ram.
So I come to the idea, to use memtest86-usb .
⇗ https://www.memtest86.com/

This version does not work for XP, but there is an memtest86-usb.img in it,
which I put under XP ) via Winhex to an USB stick.
And voila, connect this USB stick to your compi and ram is freshed up
Dietmar

Is it only with debugging that I can check if the ram is effectively reset or can I use another way as well?
#7394diderius6⇗ @Andalu

With Winhex you have the possibility to check ram.
Long time ago I use DOS, for to see,
that information survives reboot in ram and I boot complete(!) XP loaded to ram before, via reboot.
For me it is not clear, how you can access real ram under XP.
Even with winhex, ram is separated into pieces of virtual ram,
which program reserves it.
Would be nice, if somebody here can explain, how to take a look at the complete physical ram under XP

Dietmar

PS:memtest86 tests whole ram, the program itself needs to copy itself to another place in ram during operation.
I do not find any explanation, HOW memtest86 succeeds with this.
And the information in memtest86 leeds to missunderstanding:
It tells for example, that ram between 0x100000000 - 0x85e409000 (for 32 Gbyte ram) is checked.
The 0x100000000 seems to be at adress 00000000000000000,
because when you build the difference between 85e409000 and 100000000 you ends with 32 Gbyte.
#7395gordo999
Zitat von ⇗ Gelip im Beitrag ¶ #7391
What point?
@Gelip....point as in advantage. You have a normal BIOS with visual menus that can be opened with values that can be changed. For example, in my BIOS, I can open the Boot tab and change the boot order easily. Or I can select which devices can boot. Seems to me that the EFI shell requires me to use 32 or 64 bit GUIDs to identify each device then use commands to operate on them.

I can see with a drive mapped as FS0, or whatever it is, I can just use the FS0. But what if I want to turn USB on or off, or turn audio on or off, or do operations on many other devices/controls. First I have to know what is there and what can be changed. With EFI, how do I know what parameters are available and which ones can be changed. Taking a look at the EFI commands, they seem a lot more like an autoexec.bat file or a config.sys file than a BIOS replacement.

Thanks for the shell.

 

Page 494

#7396galagun
Zitat von ⇗ gordo999 im Beitrag ¶ #7395
Zitat von ⇗ Gelip im Beitrag ¶ #7391
What point?
@Gelip....point as in advantage. You have a normal BIOS with visual menus that can be opened with values that can be changed. For example, in my BIOS, I can open the Boot tab and change the boot order easily. Or I can select which devices can boot.


Shell + Bcfg command allow you to add entries to firmware's boot menu, not just enable/disable/delete them or change its order on it.
So far very few machines offer built-in such capability. I know my Dell E6410 can add and modify entries there. But almost all Insyde H20 UEFI driven machines can't. EFI shell bcfg command allows you to do that without having to boot a full liveos to do it.
#7397gordo999
Zitat von ⇗ galagun im Beitrag ¶ #7396
Shell + Bcfg command allow you to add entries to firmware's boot menu, not just enable/disable/delete them or change its order on it.
⇗ @galagun ...thanks for reply. My concern about the EFI shell is whether or not we are reverting to the old Unix text mode. As you know, Unix is the base language in Linux and macOS and Windows has tried to move in that direction to an extent.

I don't understand what the big deal is about Unix. It's an ancient language from the 1970s designed for teletype communication and some of the apps in Linux date back to that era. I am think of the text editors like emacs. I could not believe how old they were and non-intuitive. That's what has turned me off about moving to Linux.

I know Unix is more powerful than DOS and I don't care because I don't have to use it. DOS works fine for me when I need it. However, I  still don't understand the purpose of the EFI shell. I have skimmed through the UEFI standard and I can see where they are going but I don't understand why. They seem to have immersed themselves in Unix and the craziness of object-oriented languages.

For example, a handle in C or C++ is a hex-based number returned by the Windows kernel when an object is defined. It's a very simple concept. However, the folks at UEFI have redefined it to mean something mysterious. Then they talk about protocols, which are similar to the DOS software interrupts, so why the crazy name? A protocol in English is simply a set of rules. What does that have to do with interrupts?

Apparently there is a graphical interface for EFI, is it GOP? The UEFI standard makes it sound like they are replacing firmware (BIOS) but they are not. They are actually re-introducing a DOS-like boot system wherein you can reach a DOS prompt before any OS is loaded. That is definitely handy but nothing you can't do with a boot disk, like a W7 boot disk, which allows you to reach a DOS (command) prompt. In fact, in the past you could start Windows from a DOS prompt, by pointing to the Windows directory and typing winboot, or whatever the command was at the time.

Why did they not just discard Unix and DOS and go straight to a graphical interface, like a mini-Windows environment that would allow you to carry on into an OS if required? Something like powershell would have been preferable to a Unix text-mode interface.

I am afraid the software community is led by super-geeks like Bill Gates, running around in their offices with their pants held up by suspenders and wearing several belts around their waists in case the suspenders break. Is EFI the best they could do? Could they not come up with a new graphical shell that could accomplish everything claimed as an advantage with EFI?

[/rant off]
#7398Gelip
Zitat von ⇗ gordo999 im Beitrag ¶ #7397
However, I  still don't understand the purpose of the EFI shell.

UEFI Shell is something like MS-DOS. You can, for example, edit the boot menu or load device driver (e.g. NTFS or NVME). You can also start the OS manually, e.g. Windows by running the bootmgfw.efi file.

Before, we had MS-DOS and Win9x and today is UEFI Shell and Win10
⇗ UEFI Shell

Gelip has attached files to this post

#7399gordo999
Zitat von ⇗ Gelip im Beitrag ¶ #7398
Before, we had MS-DOS and Win9x and today is UEFI Shell and Win10
⇗ @Gelip ...thanks for explanation and PDF...makes sense.
#7400daniel_kHi ⇗ @Andalu!

Don't remember right now, can you please confirm if you had any issues when you tested the uaspstor.sys on Win7 and which usb-to-sata and usb-to-nvme controller you've tested?
#7401Andalu⇗ @daniel_k

Hi Daniel,
some months have passed since that test (it was July 2020) and I can't remember exactly. I found only one image saved at the time about the RTL9210 NVMe enclosure connected to a PCIEx to USB3.1 card with the ASM3142 chipset (wrongly listed in the device manager as 2142):



As soon as I can I will do the updated tests
#7402daniel_k
Zitat von ⇗ Andalu im Beitrag ¶ #7401
As soon as I can I will do the updated tests

Thanks, but please don't waste your time redoing the tests.

I'm just asking about the reliability of the drivers (disconnection issues or other errors).

#7403Andalu⇗ @daniel_k

I don't use win7 so frequently to be 100% reliable. However, I do remember encountering no errors from using the uaspstor driver. If you know of a specific scenario in which there is a possibility of an issue, I am here to test ;)
#7404kukonosau⇗ @diderius6
Hello. Do you have modify drivers for Win 7 for AMD SATA Controllers? This is normally that I seeing ATA Channels and one Standard AHCI 1.0 Serial ATA? Storage is ATA, but not SATA in device manager.
#7405diderius6⇗ @kukonosau

I have no Sata driver for Win7 and AMD.
Maybe, that a Sata driver, modded for XP, also works under Win7
Dietmar
#7406kukonosau⇗ @diderius6
Thanks. But where is last best driver for XPx64? I need SATA AHCI for Ryzen for Win 7.
#7407daniel_k⇗ @Andalu

No more info needed.
Thanks!
#7408gordo999
Zitat von ⇗ kukonosau im Beitrag ¶ #7406
Thanks. But where is last best driver for XPx64? I need SATA AHCI for Ryzen for Win 7.
⇗ @kukonosau ...I had no problem running W7 on a modern mobo (Asus B360C/CSM, a 300 series chipset). There are no SATA or AHCI problems with W7 as far as I know. My problem was the USB. I got a driver from ⇗ @canonkong .
#7409igor166XPWELL64

Zitat von ⇗ XPWELL64 im Beitrag ¶ #4057
I''m currently working on Intel HDMI Audio for windows xp.

Have you finished modifying the Intel HDMI Audio for Windows XP driver yet?
I opened a ⇗ new separate topic on this issue, tk. the problem is old and many users have
#7410YuriyCN

ENGLISH

Windows XP mod 2021 - system build for the modern PC (edition 21.05.2021)
The information doesn't fit into a forum post - so download the text file and read it in Notepad.

TXT (90 KB) - ⇗ https://yadi.sk/d/DnV0Q40oo7D61A
Backup drivers from TXT (805 МБ) - ⇗ https://yadi.sk/d/LWXV9JLWetKSvA

RUSSIAN

Windows XP мод 2021 - сборка системы для современного ПК (редакция 21.05.2021)
Информация не помещается в форумный пост - поэтому скачайте текстовый файл и читайте в Блокноте.

TXT (101 КБ) - ⇗ https://yadi.sk/d/ErwFkIPMPqBm9g
Бекап драйверов из ТХТ (805 МБ) - ⇗ https://yadi.sk/d/LWXV9JLWetKSvA

 

Page 495

#7411YuriyCN⇗ https://www.youtube.com/watch?v=skzTESTEESA

Starting WinXP x64 with UEFI using Vista loader.
#7412Gelip⇗ @YuriyCN

Zitat von ⇗ YuriyCN im Beitrag ¶ #7411
Starting WinXP x64 with UEFI using Vista loader.

Yep, I did it out a not long ago in this topic: ⇗ WinXP SP2 64-bit in pure UEFI class 3 without CSM
I found an AMD PCIe graphics card that works with WinXP x64 driver even in pure UEFI class 3 mode without CSM

Have a nice day
Beta12 aka Gelip
#7413diderius6Interesting,
what you can do with ram,
Dietmar

Today, we are sharing details around our discovery of Half-Double, a new Rowhammer technique that capitalizes on the worsening physics of some of the newer DRAM chips to alter the contents of memory.Rowhammer is a DRAM vulnerability whereby repeated accesses to one address can tamper with the data stored at other addresses. Much like speculative execution vulnerabilities in CPUs, Rowhammer is a breach of the security guarantees made by the underlying hardware. As an electrical coupling phenomenon within the silicon itself, Rowhammer allows the potential bypass of hardware and software memory protection policies. This can allow untrusted code to break out of its sandbox and take full control of the system.

⇗ https://security.googleblog.com/2021/05/...-hammering.html
#7414ruthanWell, there always would be security holes.. they are as diseases.. you can life completely without it.. and they are nice for hacking some closed Hardware as game consoles or apple HW..
#7415tumagonx
Zitat von ⇗ iyutos im Beitrag ¶ #7182
@Mov AX, 0xDEAD

To add a new CPU instruction into XP kernel - it's hard to imagine, I admire your skills.

What about patching Explorer.exe so that when deleting NTFS Junction through Shift+Delete, it will not delete target files.
Also to add an ability to understand NTFS symlinks natively (though there is a symlink driver for Windows XP by Masatoshi Kimura).
To remove 255 characters limit in Explorer.exe for files and folders...


[OffTopic]
how about a maturer ASLR support? which is more crucial for 32-bit system than pure 64-bit, there are two known open source implementation:
Ozone:
⇗ http://web.archive.org/web/2007073116342...AgentKernel.zip
Wehntrust:
⇗ https://archive.codeplex.com/?p=wehntrust
#7416iyutosOn the other side, a maturer ASLR is more CPU cycles, a little slower load of executables into memory.
That's why we value XP, because of simpler and lesser kerner comparing to NT 6.
Persons who still use XP are "mature wolves", who don't fear viruses neither in PC, nor in life
#7417George KingAnybody can help me to use NVMe drivers in Vista x64? I tried to integrate ported XP NVMe drivers, but without success, I tried also generic for 7. But all the time I got same error "File is corrupted" when booting system. I doesn't matter which one I use, all the time same error. Anybody know how to solve it? If there is working driver for XP, it should run on Vista too.

I also tried ported NVMe driver from Windows 8.1 by ⇗ @daniel_k, but result was same, even if I resign files with SHA1 using same tools as canoncong does. Any idea is welcome

⇗ [REQUEST] Generic NVMe driver for Windows Vista / Server 2008?

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7418infuscomus⇗ @George King

did you make sure to integrate ntoskrnl extender along with the NVMe driver? It depends on the extender to work.
#7419George King⇗ @infuscomus

Of course, there must be something with files integrity or similiar problem.

I have created injector of needed files and registry entries for KB2864202 into Vista boot.wim, USB3.x generic driver ported by daniel_k for Vista / 7 works without problem.

I have no idea what should be wrong. Maybe PE Checskum?





Can you please compile this code? I would like to see if it helps.

 
https://gist.github.com/jay/d662cc9615f3e1ffc75e4ae9485da685
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7420infuscomus⇗ @George King

can you upload your problematic image for me to have a look at?
#7421George King⇗ @infuscomus Sure, I will build on English Vista Ultimate SP2+ and upload you today. I hope you can manage it.

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7422infuscomus⇗ @George King

I patched some NVMe drivers for you.



infuscomus has attached files to this post
#7423George King⇗ @infuscomus I tried them and it still fails with "file is missing or corrupt", even if I resign them.

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7424infuscomus⇗ @George King

here is the whole thing like you requested



infuscomus has attached files to this post
#7425George King⇗ @infuscomus Perfect, thanks!

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/

 

Page 496

#7426George King⇗ @infuscomus

I created post here

 
https://www.win-raid.com/t8967f52-REQUEST-Generic-NVMe-driver-for-Windows-Vista-Server.html#msg145101



I modded Phison and Generic Windows 7 drivers on my own with help of your compiled EMU Extender, but its still doesn't work. Currently only x86 Generic Windows 7 driver seems promissing as system is bootable in VirtualBox. I ordered PCI-e NVMe expansion card and I can try it on real HW in about 5 days.

x64 ntoskrn8.sys missing some ntoskrnl.exe fuctions to get Windows 7 storport.sys depencies green on Windows Vista in Depency Walker

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7427infuscomus⇗ @George King

Windows 7 storport.sys is unlikely to work for this.
Try with standard vista storport.sys
#7428YuriyCNENGLISH
Windows XP mod 2021 - system build for the modern PC (edition 06.06.2021)
The information doesn't fit into a forum post - so download the text file and read it in Notepad.
TXT (91 KB) - ⇗ https://yadi.sk/d/k4ilwz5gjKr1jw

RUSSIAN
Windows XP мод 2021 - сборка системы для современного ПК (редакция 06.06.2021)
Информация не помещается в форумный пост - поэтому скачайте текстовый файл и читайте в Блокноте.
TXT (104 КБ) - ⇗ https://yadi.sk/d/xAoSmxRNYaIpkg
#7429George King⇗ @infuscomus I will try it soon on real HW. Tomorrow I should got PCI-e NVMe + 128GB M2 for test on my old desktop. I will see how it goes with 7 storport.sys and and with Vista one too.

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7430steregushchyy30Good day to all.
I am collecting new components for a Windows xp computer for old games.
For older games only.
Please tell me which board is the best to buy? At z490 or x570?
#7431infuscomus⇗ @steregushchyy30

From personal experience I would recommend AMD as I can confirm it works with the proper patches.
#7432diderius6⇗ @steregushchyy30

Try to find an ASRock Fatal1ty Z370 Gaming K6
because it has drivers for everything for XP

Dietmar
#7433steregushchyy30
Zitat von ⇗ diderius6 im Beitrag ¶ #7432
@steregushchyy30

Try to find an ASRock Fatal1ty Z370 Gaming K6
because it has drivers for everything for XP

Dietmar

Thanks for the answer. If there are ALL drivers for ASRock, does it mean that there are drivers for any Z370 motherboard? Can I have a link?
#7434diderius6⇗ @steregushchyy30

As far as I remember, this is the only Z370 board, with all drivers for XP.
Now it is not sold any longer but on Ebay you can find
Dietmar
#7435steregushchyy30
Zitat von ⇗ diderius6 im Beitrag ¶ #7434
@steregushchyy30

As far as I remember, this is the only Z370 board, with all drivers for XP.
Now it is not sold any longer but on Ebay you can find
Dietmar

Where can you download these drivers? They are not on the official website.
#7436diderius6⇗ @steregushchyy30

Here in this forum,

also at

⇗ https://forums.mydigitallife.net/threads...hardware.81607/

and at

⇗ https://www.zone94.com/downloads/softwar...ntegral-edition

Dietmar
#7437zuulI have spent ages researching, which GPU is the fastest/strongest supported by Windows XP.

I concluded that Geforce 980 ti is it, since it's the latest one that has Nvidia drivers for it. It's the official Windows XP drivers v. 344 to 368, that can be used for 980 ti. They need a tiny and easy .ini text mod to work.

Do you all agree that it's virtually impossible to make the Geforce 1000 / 2000 / 3000 series work under Windows XP?
#7438infuscomus⇗ @zuul

Zitat von ⇗ zuul im Beitrag ¶ #7437
Do you all agree that it's virtually impossible to make the Geforce 1000 / 2000 / 3000 series work under Windows XP?


Yeah, it's pretty much impossible at this time, Unless ⇗ @Mov AX, 0xDEAD happens to make a major breakthrough with his ntoskrnl extender and get WDDM working in XP, it's not going to happen.
#7439gordo999
Zitat von ⇗ zuul im Beitrag ¶ #7437
Do you all agree that it's virtually impossible to make the Geforce 1000 / 2000 / 3000 series work under Windows XP?
⇗ @zuul ...would not say impossible but XP ntoskrnl has several functions missing that are required by the 1000 series drivers.
#7440gordo999May be a bit off topic but the experts in this thread are familiar with XP BIOS. If the CMOS battery is dead for an extended period of time, because the mobo has not been used for a while, can that alter the BIOS data enough for it to intermittently have trouble reading the proper memory configuration at boot? I know the problem is often due to a bad memory stick but I'm thinking of re-flashing the BIOS to make sure.

The board is a 10year old Intel DQ35JO with an ICH9 chipset and it has jumpers you can set to go into maintenance mode. My background is in hardware but this RAM problem seems to be more than a bad memory stick.

 

Page 497

#7441infuscomus⇗ @gordo999

I would imagine having a dead CMOS battery would cause strange behavior from the hardware.

I think it would be best to play it safe and replace the battery.
#7442diderius6⇗ @gordo999

Put the ram in another slot and try again.
Some ram slots gets corroded with time,
especially on notebooks
Dietmar
#7443skullteriaThe problem is not ntoskrnl. The really problem is win32k, what need implement funtions to handle wddm drivers.
#7444gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #7441
I would imagine having a dead CMOS battery would cause strange behavior from the hardware.I think it would be best to play it safe and replace the battery.
⇗ @infuscomus ...I did replace it immediately but after replacing it the mobo began behaving oddly. I had to reset the BIOS using the maintenance feature on the Intel board and that returned things to normal. However, every so often, during boot, I get three beeps, meaning there is a problem with RAM.

When I insert my RAM sticks in a certain order, it is stored in BIOS, in the CMOS section that is backed up by battery. Therefore, if the battery dies, that configuration is lost and has to be learned again after the battery us replaced. Normally, that should not be an issue, unless the CMOS memory is somehow not resetting properly after the battery is changed.

If I go into maintenance mode on the Intel mobo, I can reset the BIOS to the default values stored in EEPROM. But what if the EEPROM charges are weak in some sections and get intermittent, producing faulty code for checking the RAM stick order? That would mean I need to re-flash the default BIOS. At least, that's my reasoning.

I am not clear on the difference between EEPROM storage and CMOS storage at this point. Need to read more but I though someone who understands BIOS data may have encountered this already.
#7445gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7442
Put the ram in another slot and try again
⇗ @diderius6 ...Dietmar, I cleaned the RAM stick contacts and firmly reseated them all. I have 2 x 2Gb sticks and 2 x 1Gb sticks. The 2 Gb sticks are Kingston sticks so I worked only with them. If I put one stick in DIMM 0 it works fine and if I put the other one in DIMM 0 it works fine. However, when I populate both DIMM 0 slots in Channel A, sometimes I get the 3 beeps, telling me I have a memory problem in low memory.

After cleaning all contacts, the beeps were gone and it complained only of a change in memory. Then I filled the DIMM 1 slots in Channel B with the 2 x 1 Gb sticks. It has been working fine for a couple of days, reporting full 6 Gb memory, but it did that a month ago before starting losing the memory sticks in BIOS.
#7446gordo999
Zitat von ⇗ skullteria im Beitrag ¶ #7443
The problem is not ntoskrnl. The really problem is win32k, what need implement funtions to handle wddm drivers.
⇗ @skullteria ... I claimed it was ntoskrnl because when I checked all the drivers using 'depends', it indicates several functions missing in XP ntoskrnl for the Nvidia GT 1030 driver. I presume those functions will have to be inserted in XP ntoskrnl or another ntoskrnl will have to be used.

Depends did not indicate missing functions in win32k.sys, only in ntoskrnl.
#7447Mov AX, 0xDEADHi Gordo

Zitat von ⇗ gordo999 im Beitrag ¶ #7446

Depends did not indicate missing functions in win32k.sys, only in ntoskrnl.

⇗ https://docs.microsoft.com/en-us/windows...el-architecture
⇗ https://en.wikipedia.org/wiki/Windows_Display_Driver_Model

Yes, problem is win32k, it is shared with directx kernel / gdi32.dll / user32.dll
#7448skullteria
Zitat von ⇗ gordo999 im Beitrag ¶ #7446
Zitat von ⇗ skullteria im Beitrag ¶ #7443
The problem is not ntoskrnl. The really problem is win32k, what need implement funtions to handle wddm drivers.
@skullteria ... I claimed it was ntoskrnl because when I checked all the drivers using 'depends', it indicates several functions missing in XP ntoskrnl for the Nvidia GT 1030 driver. I presume those functions will have to be inserted in XP ntoskrnl or another ntoskrnl will have to be used.

Depends did not indicate missing functions in win32k.sys, only in ntoskrnl.


Because drivers calls are internal. All workflow of WDDM is internal and reside on win32k/gdi32 and dxgkrnl. Watchdog driver is envolved too. Ntoskrnl missing functions are minimal! We don't forget CDD (Cannonical Display Driver) is need by WDDM and it is handled by win32k.
#7449gordo999
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7447
Yes, problem is win32k, it is shared with directx kernel / gdi32.dll / user32.dll
⇗ @Mov AX, 0xDEAD ...thanks for info. There are still several functions missing in ntoskrnl and until it is patched, it seems we won't be able to do anything about win32k.

I am running a GT 1030 on XP but it is running only with VGA drivers. The required non-directx graphics are very good and stable and the DirectDraw tests work in dxdiag, but not 3D. I was wondering which driver they are using but Device Manager lists no driver. In the registry, under the GT 1030 it claims it is using the nv4_disp driver, which I think is from the GT 730 card. However, it says in the same section that it is not VGA compatible.

If I search under PCI\VEN_10DE&DEV_1D01, the GT 1030, the search stops at a display driver class with GUID {4D36E968-..........}\0000. The only entry there is coinstaller32 and it's values is nvdispgenco3236881.dll. It seems the GT 1030 is using the GT 730 driver.

I am presuming the 1000-series WDK drivers are different than the drivers used on the GT 730. I need to read the articles at the links you provided but could you offer some information as to the exact problem?  Thanks.

ps. I am using the GT 1030 because I use the same computer for XP, W7, and W10. I need the GT 1030 for more advanced games on W7/W10 and switch back to the GT 730 on XP for games.
#7450gordo999
Zitat von ⇗ skullteria im Beitrag ¶ #7448
Because drivers calls are internal. All workflow of WDDM is internal and reside on win32k/gdi32 and dxgkrnl. Watchdog driver is envolved too. Ntoskrnl missing functions are minimal! We don't forget CDD (Cannonical Display Driver) is need by WDDM and it is handled by win32k.
⇗ @skullteria ...thanks for info. I miss softice. When I used it on 32-bit systems I could trace anywhere in ring 0, right through win32k, if required. With softice, when you encounter a SYSENTER, it steps right into ring 0. I have not found a debugger since that can do that.

I worked on a DX app with softice and needed to get into the directx code. Since the mouse on a directx app is not the windows mouse, you cannot break on it using a standard mouse breakpoint. I found that I could set a BP on the Windows mouse driver and break on it, then I started tracing through ring 0 when the mouse driver called into it.

You can trace to the directx code from the entry point but that code only sets up the DX app, and when it finishes, you find yourself in the Windows message loop. It's tough to follow all the messages in the loop to find where the entry to the DX app is found but if you come in the back way, through the Windows mouse driver, and ring 0, you can find where the message loop enters the DX code. Then it's a matter of tracing through the Dark Code Woods as +Ork used to call them..

That's what I'd like to try with win32k sys and the DX module. I have been meaning to get softice running on XP x86 but there are video driver issues to be overcome and I am sure there are issues with drivers as related to the newer chipsets.
#7451gordo999
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #7447

⇗ https://docs.microsoft.com/en-us/windows...el-architecture
⇗ https://en.wikipedia.org/wiki/Windows_Display_Driver_Model

Yes, problem is win32k, it is shared with directx kernel / gdi32.dll / user32.dll
⇗ @Mov AX, 0xDEAD ....after looking briefly at the block diagram at your first link, it appears that win32k.sys is operating as it usually does. User mode apps go through gdi32.sys, the user-mode interface, then through win32k.sys, which is kernel mode. The user-mode display driver is not related to win32k.sys at this point. However, the Nvidia application needs win32k.sys to render other graphics information.

It appears the user-mode display driver indicated in the block diagram is only related to 3D.

Please consider the following. I've had the GT 730 driver running successfully on XP with games. The games were the Myst series, which were not in 3D. However, the games ran well after I installed the intelppm.sys modded driver with the associated modded hal. Before installing the intelppm/hal mods, the games would not run at all and I had trouble running browsers like Firefox.

I just ran the original Myst game using ScummVM with the GT 1030 and it runs OK. A bit grainy at 1920 x 1080, but I could live with that. I only use XP for the older games and use W7 for more modern games. I guess the point is to be able to run 3D games on XP.

The GT 730 was developed long after Vista and its drivers must be based on the WDDM model since the same card runs on W7 and W10. I don't remember how I got the GT 730 running on XP, I do remember loading a different Nvidia package. Obviously since my XP is 32-bit, and my W7 is 64-bit, I had different drivers installed for each OS, but they were basically the nv4_disp drivers. I wonder if Nvidia created different 3D drivers for 32-bit but I don't see anything like that in the Nvidia driver package.

I may be missing something here but according to the block diagram at your first link, win32k.sys is not involved with 3D rendering. It is purely a kernel-mode graphics driver and 3D rendering is done only by direct3D. The fact that the GT 730 and the GT 1030 both run on XP without 3D seems to suggest that is true.

The block diagram suggests that the output of win32k.sys, direct3D runtime, and the output of Open GL as related to gdi32.sys, are fed to dxgkrnl.sys, the direct x kernel subsystem driver. The way I see it, the direct3d runtime is rendering the nvidia driver to 3D, gdi32.sys is rendering Open GL, and win32k.sys is rendering any other graphics features, all being mixed by dxgkrnl.sys.

I presume that Nvidia knew about those issues with XP and if they ever had games running in 3D on XP, they must have had a way of doing it. Direct3D has been available since W95 so it should be available in XP. At least, the XP Dxdiag untility  indicates a 3D capability for XP.
#7452gordo999
Zitat von ⇗ skullteria im Beitrag ¶ #7448
Because drivers calls are internal. All workflow of WDDM is internal and reside on win32k/gdi32 and dxgkrnl.
⇗ @skullteria  ...according to the WDDM block diagram at link 1 provided by ⇗ @Mov AX, 0xDEAD, the 3D drivers are in user mode and they are rendered by direct3D. Other graphic information from the application are rendered separately by win32k.sys. Then they are mixed by the kernel mode dxgkrnl driver.

If win32k.sys was not running separately, I would not be able to run my GT 730 and GT 1030 in XP. There is no indication in the block diagram that win32k is involved with 3D rendering, only the direct3D runtime driver, running in user-mode.

Zitat von ⇗ skullteria im Beitrag ¶ #7448
Ntoskrnl missing functions are minimal!
Here are the missing functions in ntoskrnl when I run the GT 1030 driver, nvlddmkm.sys:

CmRegisterCallbackEx
EtwRegister
EtwUnregister
EtwWrite
IoConnectInterruptEx
IoDisconnectInterruptEx
IoInitializeWorkItem
IoQueueWorkItemEx
IoSizeofWorkItem
IoUninitializeWorkItem
KdRefreshDebuggerNotPresent
KeAcquireGuardedMutex
KeInitializeGuardedMutex
KeInitializeThreadedDpc
KeInvalidateAllCaches
KeQueryActiveProcessorCount
KeReleaseGuardedMutex
MmAllocatePagesForMdlEx
PoRegisterPowerSettingCallback
PoUnregisterPowerSettingCallback
RtlCmDecodeMemToResource
_chkstk

I have not had time to look through these yet to see what they do.
#7453skullteria
Zitat von ⇗ gordo999 im Beitrag ¶ #7452
Zitat von ⇗ skullteria im Beitrag ¶ #7448
Because drivers calls are internal. All workflow of WDDM is internal and reside on win32k/gdi32 and dxgkrnl.
@skullteria ...according to the WDDM block diagram at link 1 provided by @Mov AX, 0xDEAD, the 3D drivers are in user mode and they are rendered by direct3D. Other graphic information from the application are rendered separately by win32k.sys. Then they are mixed by the kernel mode dxgkrnl driver.

If win32k.sys was not running separately, I would not be able to run my GT 730 and GT 1030 in XP. There is no indication in the block diagram that win32k is involved with 3D rendering, only the direct3D runtime driver, running in user-mode.

Zitat von ⇗ skullteria im Beitrag ¶ #7448
Ntoskrnl missing functions are minimal!
Here are the missing functions in ntoskrnl when I run the GT 1030 driver, nvlddmkm.sys:

CmRegisterCallbackEx
EtwRegister
EtwUnregister
EtwWrite
IoConnectInterruptEx
IoDisconnectInterruptEx
IoInitializeWorkItem
IoQueueWorkItemEx
IoSizeofWorkItem
IoUninitializeWorkItem
KdRefreshDebuggerNotPresent
KeAcquireGuardedMutex
KeInitializeGuardedMutex
KeInitializeThreadedDpc
KeInvalidateAllCaches
KeQueryActiveProcessorCount
KeReleaseGuardedMutex
MmAllocatePagesForMdlEx
PoRegisterPowerSettingCallback
PoUnregisterPowerSettingCallback
RtlCmDecodeMemToResource
_chkstk

I have not had time to look through these yet to see what they do.




I will try explain to you:
WDDM work on "top" of XDDM architecture. For Directx Applications, Microsoft seperate calls to user mode instedead Kernel mode, like XDDM does. The XDDM use a pair of drivers to work: miniport and display driver.
Miniport: responsable to control the device (GPU), and translate all framebuffer calls to device to perform ouput.
Display Driver: responsable to communicate and translate GDI and Directx calls to win32k and other situations, perform call directx to miniport, like change resolution, present the display and etc.
Both drivers (the pair) works on kernel mode. Miniport call directx videport and provide callbacks to manipulate device and Display Driver comunnicate with Win32k to perform GDI and Directx things.
On WDDM, exists Miniport, Display Driver and User Mode Driver.
Miniport on WDDM: communicate with dxgkrnl (indirectx, perform a I/O call), start, stop and control device, and provide callbacks to perform directx and gdi (on WDDM 1.1 or above) things.
Display Driver: perform a sofware (by cpu) GDI things on WDDM 1.0 and on WDDM 1.1, perform hardware accelarated GDI. Call by I/O request the dxgkrnl to perform presentation of GDI things, like resolution and others. On WDDM, it is provided by OS, a genneric driver called "Cannonical Display Driver (CDD)"
User mode driver: Well, this is the part dark for now. It seem perform all directx thins on user mode, and its call probably dxgkrnl or gdi, because gdi export all callbacks provided by miniport.
Win32k has internal implementation to handle miniport callbacks to GDI and handle too directx callbacks from Dxg (directx driver) on XDDM
ON wddm, win32k call dxgkrnl to get callbacks table from miniport driver and additionals from dxgkrnl and pass to gdi by syscall table. And, win32k handle cdd callback tables.

So, it's envolves several and deep implementation. Need reompile win32k complelety, and gdi32 and user32 too. It is very very very hard.
Ntoskrnl missing are eaty to fix. Win32k implementation no.
#7454gordo999
Zitat von ⇗ skullteria im Beitrag ¶ #7453
I will try explain to you:
⇗ @skullteria ...thanks for detailed explanation. I need time to understand what you wrote.
#7455dencorso
Zitat von ⇗ diderius6 im Beitrag ¶ #7394
Long time ago I use DOS, for to see, that information survives reboot in ram and I boot complete(!) XP loaded to ram before, via reboot.

⇗ @diderius6:
Did you ever post a more detailed report of it, or even created a tutorial about it as you used to do way back when? If so, can you give me a link or point me to a .pdf document on it? I'm quite interested in "reboot/reset attacks" but all info I was able to gather up to now refers to "cold boot attack"s, which require cooling on DDR3/4, so are cumbersome for using as a way to reprograming BIOS tables without patching the BIOS. BTW, I bet you already know it, but this article is quite interesting: "Practical Cold boot attack on IoT device - Case study on Raspberry Pi -" by Yoo-Seung Won et al., 2020 IPFA...

 

Page 498

#7456diderius6⇗ @dencorso

In 2004-2005 I loaded a complete XP SP1 with a size of about 2 Gbyte to ram.
After reboot I compare this XP in ram bit by bit with a DOS tool with the original XP and was so much surprised,
that not a single bit has changed.

My aim was to boot this XP from ram,
but at that time I had no ram boot driver for to show this XP in ram as a fat32 harddisk.
Later in summer 2005 I managed to build a ntbootdd.sys driver together with the 32 MB Microsoft ramdisk,
for to boot a mini XP with about 26 MB, loaded up to ram.
I succeed to load this XP image from USB stick via DOS also to ram (without any USB in Bios) and reboot this mini XP in ram.

For reboot the compi, ram was less than a second without power, I think it was DDR2 or even older).
I am even not sure, if you restart a compi, that at any time the ram is without power.
This is like a mix between cold and warm reboot.

With the modded acpi.sys from Vista from ⇗ @infuscomus I make a test, if the loaded tables from another(!) acpi.sys can survive in ram for minutes(!) without any power and if they can be used from this new acpi.sys.
They can, as I showed here in the forum. I also put some special Hex values to ram with Windbg and check them after reboot.
I found no size limit. Always I found those stored Hex values in ram again. I make some crazy checks for to make sure,
that not Windbg itself stores thoses Hex values. Those Hexvalues really survive a cold reboot in DDR4 ram
Dietmar

PS: I have no document or tutorial about this. The most crazy hard work for me, was to translate and modify the ntbootdd.sys (Source Code) from NT4 to XP SP1.
If you have the PDF from "Practical Cold boot attack on IoT device - Case study on Raspberry Pi -" by Yoo-Seung Won et al., 2020 IPFA..." can you please send it to me, because I do not get.
#7457Bumpy⇗ https://dr.ntu.edu.sg/bitstream/10356/14...01_IPFA2020.pdf

greetings
#7458mockingbirdCan someone please have a look at my DSDT?  My motherboard is an AsRock B250M Pro4.   Everything installed fine (except for a couple of devices, one which I think I can get rid of by using a different acpi.sys and the other the MEI which I haven't found an XP driver for), but the system locks on reset.

I have used modified DSDTs before with Linux, I'm not sure how to swap them for Windows.

[[File:DSDT2.zip]]



mockingbird has attached files to this post
#7459infuscomus⇗ @mockingbird

I've found that grub2 can work for modifying the DSDT in RAM for XP.
What modifications are you looking for?
#7460Andalu
Zitat von ⇗ mockingbird im Beitrag ¶ #7458
Can someone please have a look at my DSDT?  My motherboard is an AsRock B250M Pro4.  Everything installed fine (except for a couple of devices, one which I think I can get rid of by using a different acpi.sys and the other the MEI which I haven't found an XP driver for), but the system locks on reset.

If you refer to the system block on the restart screen, I had the same issue on the same board using a keyboard connected to the PS/2 port.
Restarting works correctly with the USB keyboard.
#7461mockingbird
Zitat von ⇗ Andalu im Beitrag ¶ #7460
Restarting works correctly with the USB keyboard.

Yes! Thank you.  Brilliant...  I guess I can live without restart, because I intend to use this with an old KVM that needs to be shared with other computers that require a PS/2 (AT) keyboard.

Zitat von ⇗ infuscomus im Beitrag ¶ #7459
@mockingbird
I've found that grub2 can work for modifying the DSDT in RAM for XP.
What modifications are you looking for?

Ah, yes, of course...  Grub acts as an intercessor and pre-loads the modified DSDT before Windows loads...  Got it.  I guess I would like the PS/2 functionality not to break restart.

Is it also worthwhile fixing compilation errors with the DSDT?  The system is working fine otherwise.
#7462infuscomus⇗ @mockingbird

From what I've experienced fixing compilation errors doesn't seem to do all that much, at least for XP. I'm still a novice at this though.

so what exactly do you want to achieve by modifying the DSDT, is it just being able to restart?
#7463mockingbirdYessir, that's the only glitch -- it freezes on restard with a PS/2 device plugged in.  Is removing the MEI device also achievable by hacking the DSDT.  It has no XP driver (though I am tempted to hack the Windows 10 driver to see if it works)...

Tomorrow I will use a different acpi.sys because I think acpi2015 gives the unknown device INTACPI0331a or something like that.
#7464infuscomus⇗ @mockingbird

OK, give this one a try.



infuscomus has attached files to this post
#7465Andalu⇗ @mockingbird

if it can be useful to save you some time: I have already tried all available versions of the acpi.sys driver but none of them solved the restart problem on that crazy board.
Only as a bit note: the restart works properly if you install XP as 'uniprocessor pc'
I also tried to make some changes to the dsdt table but again without success. I hope you or ⇗ @infuscomus can solve it.
#7466gordo999
Zitat von ⇗ mockingbird im Beitrag ¶ #7458
the system locks on reset.
⇗ @mockingbird ...could you describe that in more detail? A reset, to me, is related to a separate button on some computer systems that perform a cold boot. It was called a restart button but these days they same thing seems to be accomplished by holding the start button for 4 seconds or more.

When does your problem occur? Are you able to boot into XP then have the problem on restart? Can you see a PS/2 mouse driver and a USB mouse driver in Device Manager?

There may also be a problem with your USB drivers. Maybe they are not being reloaded correctly after a reboot and freezing the system. I had a problem with a USB wifi connector that was being seen by the system as a USB hard rive. It had no operating system, of course, and my BIOS was set to recognize USB devices at boot time. Unplugging the wifi USB device solved the problem.

I have the B360M mobo and I recall discussing the two boards in the past with ⇗ @Andalu (hi, Andalu). I have two inputs for PS/2, one for keyboard and one for mouse, and I use a USB to PS/2 adapter to connect. I can run both PS/2 and USB devices at the same time with no problem.
#7467mockingbird
Zitat von ⇗ infuscomus im Beitrag ¶ #7464
@mockingbird

OK, give this one a try.

Thank you.  I followed your instructions ¶ here, and I get a BSOD when starting XP having to do with the BIOS not being fully ACPI compliant and an error code of 0x000000A5.

Don't break your head over it, it's only a minor inconvenience, and I'll probably be switching over to a Gigabyte B365M-DS3H with an i5-9400F at some point, when this AsRock board fails, like I know it is going to (it's a third RMA).
#7468gordo999
Zitat von ⇗ mockingbird im Beitrag ¶ #7467
I get a BSOD when starting XP having to do with the BIOS not being fully ACPI compliant and an error code of 0x000000A5
⇗ @mockingbird The 0xA5 error is usually because your acpi.sys is not the right version for your system. Any chance it got replaced during work you were doing?
#7469infuscomus⇗ @mockingbird

Does XP boot fine without an A5 BSOD if you don't use grub2?

can you post a screenshot of the A5 BSOD? it might give more info about the problem. perhaps I did not recompile the DSDT correctly.
#7470mockingbird
Zitat von ⇗ infuscomus im Beitrag ¶ #7469
@mockingbird

Does XP boot fine without an A5 BSOD if you don't use grub2?

can you post a screenshot of the A5 BSOD? it might give more info about the problem. perhaps I did not recompile the DSDT correctly.

Ok, I will do this ASAP...  I am just re-installing Windows XP on the machine with a different ACPI.SYS so I had to re-format the USB stick...

I suppose you mean to say, does it run ok if I boot it with agFM, but without interposing the custom DSDT...  Got it.  Will get back to you on this.

 

Page 499

#7471meklini make videos for my windows tweaks and using isos and drivers from here at youtube.com/indicator27 and for windows xp i am unable to get any usb drivers to work on asus b550m-a wifi with ryzen 3600x tho i can use ps2 keyboard to mess around on desktop, anyone know anything?

i also using archive.org/details/xp-intel-amd-2020-32-bit-en-550-mb made in italy iso and have to press F7 when the installer starts up check the videos i made of it, no usb mouse yet tho and not sure which driver to use/edit
#7472meklinRE: post #1108 by diderius

may be late reply but studying the procmon sysinternal tool to see when plugplay svc loads each .sys and .inf in my studies has shown a main usb driver being loaded first
#7473infuscomus⇗ @meklin

what happens if you don't press F7 during install?
#7474mockingbird
Zitat von ⇗ infuscomus im Beitrag ¶ #7469
@mockingbird

Does XP boot fine without an A5 BSOD if you don't use grub2?

can you post a screenshot of the A5 BSOD? it might give more info about the problem. perhaps I did not recompile the DSDT correctly.

I apologize for the delay sir.

The answer to your question whether the system boots to Windows with AgFM without loading the custom DSDT?  Yes.

Please see attached screenshot for the BSOD with your custom DSDT.

Thanks again.  

mockingbird has attached images to this post
imagepreview

IMG_1670.JPG

⇗ download

#7475infuscomus⇗ @mockingbird

OK, try this one.

⇗ @diderius6

would A5 0x03 require an acpi.sys patch?

 

 

infuscomus has attached files to this post 
#7476diderius6⇗ @infuscomus
Bsod 0xC0140004 should be gone with acpi.sys from outerspace ).
But crazy DSDT can make XP not to start with any acpi.sys
Dietmar
#7477YuriyCN

ENGLISH:

Windows XP mod 2021 - system build for the modern PC (edition 31.07.2021)
The information doesn't fit into a forum post - so download the text file and read it in Notepad.
TXT (92 KB) - ⇗ https://yadi.sk/d/iQlnfhxzgdEYCA

Updated set of 4 browsers for Windows XP from July 31, 2021
- 360EE v12 - clone Chrome 78 (recommended browser, build December 2020)
- Modernized version of the TOR browser (2 versions - October 2020 and June 2021)
- Modernized version of classic Opera v12 (build June 2021)
- Basilisk browser analogue of FireFox (2 versions - September 2020 and July 2021)
Download (438 MB) - ⇗ https://yadi.sk/d/vVYzQSpr3JNyLw

Friezes in browsers
On some new systems, friezes are observed when using browsers. To troubleshoot problems, measure 2D performance - a videocard must provide at least 1000 units and use modified files hal.dll, intelppm.sys (correct working timer) - ⇗ https://yadi.sk/d/aAMdALaTUTOLSw

RUSSIAN:

Windows XP мод 2021 - сборка системы для современного ПК (редакция 31.07.2021)
Информация не помещается в форумный пост - поэтому скачайте текстовый файл и читайте в Блокноте.
TXT (105 КБ) - ⇗ https://yadi.sk/d/bU75wHOMCwNm0w

Обновлённый комплект из 4-х браузеров для Windows XP от 31 июля 2021 года
- 360EE v12 - хромоклон на 78 движке работоспособный под WinXP (рекомендуемый браузер, сборка декабрь 2020 года)
- Модернизированная версия TOR-браузера (2 версии - октябрь 2020 и июнь 2021 года)
- Модернизированная сборка классической Opera v12 (сборка июнь 2021 года)
- Браузер Basilisk аналог FireFox (2 версии - сентябрь 2020 и июль 2021 года)
Скачать (438 МБ) - ⇗ https://yadi.sk/d/vVYzQSpr3JNyLw

Фризы в браузерах
На некоторых новых системах наблюдаются фризы при использовании браузеров. Для устранения проблем произведите замер 2D производительности - видеокарта должна обеспечить не менее 1000 единиц, а также используйте модифицированные файлы с фиксом таймера hal.dll, intelppm.sys скачанные по ссылке - ⇗ https://yadi.sk/d/aAMdALaTUTOLSw
#7478mockingbird
Zitat von ⇗ infuscomus im Beitrag ¶ #7475
@mockingbird

OK, try this one.

@diderius6

would A5 0x03 require an acpi.sys patch?

Hello, thanks but the same thing happens with that one.

Perhaps you want the DSDT dumped in a different way?  The one you are editing was dumped with R/W Everything.
#7479infuscomus⇗ @mockingbird

try using acpidump from the most recent iASL download.

acpidump -b

then send the .dat files it spits out.
#7480George KingXP2ESD v1.6 coming soon. Now with posibility to build multilanguage ISO


This is how it looks






On MultiLanguage AIO can't be used autounatted.xml otherwise Language selector screen is hidden. There is no way to skip product key + eula on these builds.


After that only one thing I would like to achieve for 1.7 remaining - make upgrade installation possible using Windows 8.0 setup engine, but this should be hard and it should require additional setup.exe patching or develop custom script to do it manualy, but I need to dig around it to see how whole process works

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7481genieautravail⇗ @YuriyCN

A member of the MSFN forums has made his own repack of the 360 Browser with many enhancements.

⇗ https://msfn.org/board/topic/182876-360-extreme-explorer-modified-version/#comments

On my side and for my convenience, I'm using a mix of the russian repack and the new.
#7482mockingbird
Zitat von ⇗ infuscomus im Beitrag ¶ #7479
@mockingbird
try using acpidump from the most recent iASL download.
acpidump -b
then send the .dat files it spits out.
Again, sorry for the delay.
Dumped with the 20190405 build.

mockingbird has attached files to this post
#7483infuscomus⇗ @mockingbird

alrighty, try this one.

please screenshot the A5 BSOD if any.



infuscomus has attached files to this post
#7484mockingbird
Zitat von ⇗ infuscomus im Beitrag ¶ #7483
@mockingbird

alrighty, try this one.

please screenshot the A5 BSOD if any.

Please see attached screenshot of the BSOD.

The only thing I can think of is that I am renaming it to a .bin extension.  Should I keep it at the default filename of dsdt.aml?

mockingbird has attached images to this post  ⇗ IMG_1673.JPG
#7485infuscomus⇗ @mockingbird

I doubt renaming it from dsdt.aml to dsdt.bin would make a difference, but you might as well try anyway.

⇗ @diderius6

This DSDT is frustrating! if I disassemble and reassemble with the version it was assembled with - 20160422 - it'll disassemble but it won't reassemble! and the most recent iASL version doesn't even recognize the file as an ACPI table!
annoying!
any ideas?

 

Page 500

#7486diderius6⇗ @infuscomus

Make a try with downloading the very first Bios for this board.
Extract its DSDT,, disassemble it and compare it with the frustrating new DSDT.
May be you find, what makes this crazy behavior.
You also can integrate the old DSDT in the new Bios.
But this is a risk
Dietmar
#7487infuscomus⇗ @diderius6

OK, thanks
I'll grab the DSDT from the oldest BIOS I can find for this board.

-------------------

Just a reminder to myself, the DSDT GUID is C118F50D-391D-45F4-B3D3-11BC931AA56D

-------------------

⇗ @mockingbird

OK, try this one, post BSOD if any.



infuscomus has attached files to this post
#7488mockingbirdThanks for your continued attempts.  Attached is the BSOD.



mockingbird has attached images to this post  ⇗ IMG_1674.JPG
#7489gordo999500 pages...is that a record? Lot of good information contained within.
#7490infuscomus⇗ @mockingbird

OK, hopefully this one doesn't BSOD.



infuscomus has attached files to this post
#7491mockingbird
Zitat von ⇗ infuscomus im Beitrag ¶ #7490
@mockingbird

OK, hopefully this one doesn't BSOD.

Please see attached BSOD.  Thanks.

mockingbird has attached images to this post  ⇗ IMG_1675.JPG
#7492infuscomus⇗ @mockingbird

Thanks.

⇗ @diderius6

looking at all the BSODs, the control method in hex is always 494e495f which is _INI

any tips for how we might proceed from here?
#7493AmirHello everyone. I have one problem when installing Windows XP on a Packard Bell EasyNote entf71bm laptop. I solved all the problems, but after downloading all the files, the laptop turns off.
#7494infuscomus⇗ @Amir

your post is a bit vague, have you charged the battery?
#7495Amir
Zitat von ⇗ infuscomus im Beitrag ¶ #7494
@Amir

your post is a bit vague, have you charged the battery?


Yes.
#7496infuscomus⇗ @Amir

well, can you describe a bit more what exactly it is you were trying to do right before it turned off?
#7497George KingIf anybody want to try my latest ISO builded by upcoming XP2ESD v1.6

This ISO is created from all Windows XP SP3 ISOs - I used 131 XP ISO to build this insane multilanguage AIO. All ported drivers are included in all images. This ISO is really universal. HALs are automatically patched to current RAM amount, so if you have installed >= 4GB RAM then is applied patch.

https://ulozto.net/file/o0O8ZYefw97R/winxp-aio-esd-iso#!ZGDkBGR1MTWuBQtjZwtmZQxjL2HlHwp5qmZjZRt1qJWGLwNj


WinXP_AIO_ESD.iso SHA1

A15294A328A0BF397E33405102A6DBBB60FB513E




How to use it?
1) Download ISO
2) Download Rufus
3) Create bootable USB using Rufus
4) Download compressed DriverPacks and place them in USB\driverpacks, you can place any *.7z compressed drivers here
5) Boot from USB and install on first partition

TIP: If your PC needs patched ACPI.sys, simply place patched file into USB\sources\$OEM$\$$\system32

NOTE: It's still testing build, but many things were fixed and hopefully it's a bug free ISO



ISO install.esd content

Details for image : F:\XP2ESD\_output\sources\install.esd

Index : 1
Name : 1. Windows XP Home (ar-SA)
Description : Windows XP Home SP3 (ar-SA)
Size : 2 815 176 804 bytes

Index : 2
Name : 2. Windows XP Professional Volume License (ar-SA)
Description : Windows XP Professional Volume License SP3 (ar-SA)
Size : 2 861 017 811 bytes

Index : 3
Name : 3. Windows XP Professional (ar-SA)
Description : Windows XP Professional SP3 (ar-SA)
Size : 2 861 126 200 bytes

Index : 4
Name : 4. Windows XP Home N (cs-CZ)
Description : Windows XP Home N SP3 (cs-CZ)
Size : 2 740 413 498 bytes

Index : 5
Name : 5. Windows XP Home (cs-CZ)
Description : Windows XP Home SP3 (cs-CZ)
Size : 2 809 069 747 bytes

Index : 6
Name : 6. Windows XP Professional N Volume License (cs-CZ)
Description : Windows XP Professional N Volume License SP3 (cs-CZ)
Size : 2 788 843 345 bytes

Index : 7
Name : 7. Windows XP Professional N (cs-CZ)
Description : Windows XP Professional N SP3 (cs-CZ)
Size : 2 788 909 714 bytes

Index : 8
Name : 8. Windows XP Professional Volume License (cs-CZ)
Description : Windows XP Professional Volume License SP3 (cs-CZ)
Size : 2 844 914 428 bytes

Index : 9
Name : 9. Windows XP Professional (cs-CZ)
Description : Windows XP Professional SP3 (cs-CZ)
Size : 2 845 083 499 bytes

Index : 10
Name : 10. Windows XP Home N (da-DK)
Description : Windows XP Home N SP3 (da-DK)
Size : 2 733 685 349 bytes

Index : 11
Name : 11. Windows XP Home (da-DK)
Description : Windows XP Home SP3 (da-DK)
Size : 2 802 587 488 bytes

Index : 12
Name : 12. Windows XP Professional N Volume License (da-DK)
Description : Windows XP Professional N Volume License SP3 (da-DK)
Size : 2 781 738 299 bytes

Index : 13
Name : 13. Windows XP Professional N (da-DK)
Description : Windows XP Professional N SP3 (da-DK)
Size : 2 779 774 691 bytes

Index : 14
Name : 14. Windows XP Professional Volume License (da-DK)
Description : Windows XP Professional Volume License SP3 (da-DK)
Size : 2 848 492 081 bytes

Index : 15
Name : 15. Windows XP Professional (da-DK)
Description : Windows XP Professional SP3 (da-DK)
Size : 2 848 568 766 bytes

Index : 16
Name : 16. Windows XP Home N (de-DE)
Description : Windows XP Home N SP3 (de-DE)
Size : 2 792 771 968 bytes

Index : 17
Name : 17. Windows XP Home (de-DE)
Description : Windows XP Home SP3 (de-DE)
Size : 2 855 988 121 bytes

Index : 18
Name : 18. Windows XP Professional N Volume License (de-DE)
Description : Windows XP Professional N Volume License SP3 (de-DE)
Size : 2 839 835 608 bytes

Index : 19
Name : 19. Windows XP Professional N (de-DE)
Description : Windows XP Professional N SP3 (de-DE)
Size : 2 842 082 673 bytes

Index : 20
Name : 20. Windows XP Professional Volume License (de-DE)
Description : Windows XP Professional Volume License SP3 (de-DE)
Size : 2 905 580 046 bytes

Index : 21
Name : 21. Windows XP Professional (de-DE)
Description : Windows XP Professional SP3 (de-DE)
Size : 2 903 520 254 bytes

Index : 22
Name : 22. Windows XP Home N (el-GR)
Description : Windows XP Home N SP3 (el-GR)
Size : 2 755 445 646 bytes

Index : 23
Name : 23. Windows XP Home (el-GR)
Description : Windows XP Home SP3 (el-GR)
Size : 2 821 594 126 bytes

Index : 24
Name : 24. Windows XP Professional N Volume License (el-GR)
Description : Windows XP Professional N Volume License SP3 (el-GR)
Size : 2 804 820 860 bytes

Index : 25
Name : 25. Windows XP Professional N (el-GR)
Description : Windows XP Professional N SP3 (el-GR)
Size : 2 802 754 256 bytes

Index : 26
Name : 26. Windows XP Professional Volume License (el-GR)
Description : Windows XP Professional Volume License SP3 (el-GR)
Size : 2 870 668 156 bytes

Index : 27
Name : 27. Windows XP Professional (el-GR)
Description : Windows XP Professional SP3 (el-GR)
Size : 2 868 703 635 bytes

Index : 28
Name : 28. Windows XP Home KN (en-US)
Description : Windows XP Home KN SP3 (en-US)
Size : 2 687 260 349 bytes

Index : 29
Name : 29. Windows XP Home K (en-US)
Description : Windows XP Home K SP3 (en-US)
Size : 2 753 618 794 bytes

Index : 30
Name : 30. Windows XP Home N (en-US)
Description : Windows XP Home N SP3 (en-US)
Size : 2 689 196 352 bytes

Index : 31
Name : 31. Windows XP Home (en-US)
Description : Windows XP Home SP3 (en-US)
Size : 2 755 932 848 bytes

Index : 32
Name : 32. Windows XP Media Center (en-US)
Description : Windows XP Media Center SP3 (en-US)
Size : 3 210 279 284 bytes

Index : 33
Name : 33. Windows XP Media Center (en-US)
Description : Windows XP Media Center SP3 (en-US)
Size : 4 416 993 364 bytes

Index : 34
Name : 34. Windows XP Professional KN (en-US)
Description : Windows XP Professional KN SP3 (en-US)
Size : 2 779 167 136 bytes

Index : 35
Name : 35. Windows XP Professional K (en-US)
Description : Windows XP Professional K SP3 (en-US)
Size : 2 848 020 244 bytes

Index : 36
Name : 36. Windows XP Professional N Volume License (en-US)
Description : Windows XP Professional N Volume License SP3 (en-US)
Size : 2 779 641 165 bytes

Index : 37
Name : 37. Windows XP Professional N (en-US)
Description : Windows XP Professional N SP3 (en-US)
Size : 2 781 886 484 bytes

Index : 38
Name : 38. Windows XP Professional Volume License (en-US)
Description : Windows XP Professional Volume License SP3 (en-US)
Size : 2 846 132 611 bytes

Index : 39
Name : 39. Windows XP Professional (en-US)
Description : Windows XP Professional SP3 (en-US)
Size : 2 848 329 108 bytes

Index : 40
Name : 40. Windows XP Tablet PC (en-US)
Description : Windows XP Tablet PC SP3 (en-US)
Size : 3 060 935 222 bytes

Index : 41
Name : 41. Windows XP Tablet PC Volume License (en-US)
Description : Windows XP Tablet PC Volume License SP3 (en-US)
Size : 3 060 793 588 bytes

Index : 42
Name : 42. Windows XP Home N (es-ES)
Description : Windows XP Home N SP3 (es-ES)
Size : 2 800 243 174 bytes

Index : 43
Name : 43. Windows XP Home (es-ES)
Description : Windows XP Home SP3 (es-ES)
Size : 2 866 696 192 bytes

Index : 44
Name : 44. Windows XP Professional N Volume License (es-ES)
Description : Windows XP Professional N Volume License SP3 (es-ES)
Size : 2 848 598 567 bytes

Index : 45
Name : 45. Windows XP Professional N (es-ES)
Description : Windows XP Professional N SP3 (es-ES)
Size : 2 846 385 776 bytes

Index : 46
Name : 46. Windows XP Professional Volume License (es-ES)
Description : Windows XP Professional Volume License SP3 (es-ES)
Size : 2 914 990 974 bytes

Index : 47
Name : 47. Windows XP Professional (es-ES)
Description : Windows XP Professional SP3 (es-ES)
Size : 2 915 135 131 bytes

Index : 48
Name : 48. Windows XP Home N (fi-FI)
Description : Windows XP Home N SP3 (fi-FI)
Size : 2 736 722 741 bytes

Index : 49
Name : 49. Windows XP Home (fi-FI)
Description : Windows XP Home SP3 (fi-FI)
Size : 2 803 378 104 bytes

Index : 50
Name : 50. Windows XP Professional N Volume License (fi-FI)
Description : Windows XP Professional N Volume License SP3 (fi-FI)
Size : 2 779 965 040 bytes

Index : 51
Name : 51. Windows XP Professional N (fi-FI)
Description : Windows XP Professional N SP3 (fi-FI)
Size : 2 782 245 227 bytes

Index : 52
Name : 52. Windows XP Professional Volume License (fi-FI)
Description : Windows XP Professional Volume License SP3 (fi-FI)
Size : 2 848 633 431 bytes

Index : 53
Name : 53. Windows XP Professional (fi-FI)
Description : Windows XP Professional SP3 (fi-FI)
Size : 2 846 652 619 bytes

Index : 54
Name : 54. Windows XP Home N (fr-FR)
Description : Windows XP Home N SP3 (fr-FR)
Size : 2 782 643 577 bytes

Index : 55
Name : 55. Windows XP Home (fr-FR)
Description : Windows XP Home SP3 (fr-FR)
Size : 2 849 353 136 bytes

Index : 56
Name : 56. Windows XP Professional N Volume License (fr-FR)
Description : Windows XP Professional N Volume License SP3 (fr-FR)
Size : 2 831 000 611 bytes

Index : 57
Name : 57. Windows XP Professional N (fr-FR)
Description : Windows XP Professional N SP3 (fr-FR)
Size : 2 828 979 396 bytes

Index : 58
Name : 58. Windows XP Professional Volume License (fr-FR)
Description : Windows XP Professional Volume License SP3 (fr-FR)
Size : 2 897 597 265 bytes

Index : 59
Name : 59. Windows XP Professional (fr-FR)
Description : Windows XP Professional SP3 (fr-FR)
Size : 2 895 596 757 bytes

Index : 60
Name : 60. Windows XP Home (he-IL)
Description : Windows XP Home SP3 (he-IL)
Size : 2 810 847 018 bytes

Index : 61
Name : 61. Windows XP Professional Volume License (he-IL)
Description : Windows XP Professional Volume License SP3 (he-IL)
Size : 2 854 500 267 bytes

Index : 62
Name : 62. Windows XP Professional (he-IL)
Description : Windows XP Professional SP3 (he-IL)
Size : 2 854 512 134 bytes

Index : 63
Name : 63. Windows XP Home N (hu-HU)
Description : Windows XP Home N SP3 (hu-HU)
Size : 2 744 291 928 bytes

Index : 64
Name : 64. Windows XP Home (hu-HU)
Description : Windows XP Home SP3 (hu-HU)
Size : 2 812 903 431 bytes

Index : 65
Name : 65. Windows XP Professional N Volume License (hu-HU)
Description : Windows XP Professional N Volume License SP3 (hu-HU)
Size : 2 791 948 704 bytes

Index : 66
Name : 66. Windows XP Professional N (hu-HU)
Description : Windows XP Professional N SP3 (hu-HU)
Size : 2 792 113 949 bytes

Index : 67
Name : 67. Windows XP Professional Volume License (hu-HU)
Description : Windows XP Professional Volume License SP3 (hu-HU)
Size : 2 856 467 652 bytes

Index : 68
Name : 68. Windows XP Professional (hu-HU)
Description : Windows XP Professional SP3 (hu-HU)
Size : 2 858 706 322 bytes

Index : 69
Name : 69. Windows XP Home N (it-IT)
Description : Windows XP Home N SP3 (it-IT)
Size : 2 743 131 306 bytes

Index : 70
Name : 70. Windows XP Home (it-IT)
Description : Windows XP Home SP3 (it-IT)
Size : 2 808 264 288 bytes

Index : 71
Name : 71. Windows XP Professional N Volume License (it-IT)
Description : Windows XP Professional N Volume License SP3 (it-IT)
Size : 2 790 543 988 bytes

Index : 72
Name : 72. Windows XP Professional N (it-IT)
Description : Windows XP Professional N SP3 (it-IT)
Size : 2 788 531 941 bytes

Index : 73
Name : 73. Windows XP Professional Volume License (it-IT)
Description : Windows XP Professional Volume License SP3 (it-IT)
Size : 2 855 927 052 bytes

Index : 74
Name : 74. Windows XP Professional (it-IT)
Description : Windows XP Professional SP3 (it-IT)
Size : 2 853 947 831 bytes

Index : 75
Name : 75. Windows XP Home (ja-JP)
Description : Windows XP Home SP3 (ja-JP)
Size : 3 161 255 734 bytes

Index : 76
Name : 76. Windows XP Professional Volume License (ja-JP)
Description : Windows XP Professional Volume License SP3 (ja-JP)
Size : 3 210 084 858 bytes

Index : 77
Name : 77. Windows XP Professional (ja-JP)
Description : Windows XP Professional SP3 (ja-JP)
Size : 3 207 825 291 bytes

Index : 78
Name : 78. Windows XP Home KN (ko-KR)
Description : Windows XP Home KN SP3 (ko-KR)
Size : 2 984 956 151 bytes

Index : 79
Name : 79. Windows XP Home K (ko-KR)
Description : Windows XP Home K SP3 (ko-KR)
Size : 3 056 249 284 bytes

Index : 80
Name : 80. Windows XP Professional KN Volume License (ko-KR)
Description : Windows XP Professional KN Volume License SP3 (ko-KR)
Size : 3 030 006 198 bytes

Index : 81
Name : 81. Windows XP Professional KN (ko-KR)
Description : Windows XP Professional KN SP3 (ko-KR)
Size : 3 028 033 542 bytes

Index : 82
Name : 82. Windows XP Professional K Volume License (ko-KR)
Description : Windows XP Professional K Volume License SP3 (ko-KR)
Size : 3 099 599 331 bytes

Index : 83
Name : 83. Windows XP Professional K (ko-KR)
Description : Windows XP Professional K SP3 (ko-KR)
Size : 3 097 780 744 bytes

Index : 84
Name : 84. Windows XP Home N (nl-NL)
Description : Windows XP Home N SP3 (nl-NL)
Size : 2 737 324 993 bytes

Index : 85
Name : 85. Windows XP Home (nl-NL)
Description : Windows XP Home SP3 (nl-NL)
Size : 2 803 637 322 bytes

Index : 86
Name : 86. Windows XP Professional N Volume License (nl-NL)
Description : Windows XP Professional N Volume License SP3 (nl-NL)
Size : 2 785 002 137 bytes

Index : 87
Name : 87. Windows XP Professional N (nl-NL)
Description : Windows XP Professional N SP3 (nl-NL)
Size : 2 783 050 694 bytes

Index : 88
Name : 88. Windows XP Professional Volume License (nl-NL)
Description : Windows XP Professional Volume License SP3 (nl-NL)
Size : 2 851 165 591 bytes

Index : 89
Name : 89. Windows XP Professional (nl-NL)
Description : Windows XP Professional SP3 (nl-NL)
Size : 2 849 092 024 bytes

Index : 90
Name : 90. Windows XP Home N (nb-NO)
Description : Windows XP Home N SP3 (nb-NO)
Size : 2 730 714 125 bytes

Index : 91
Name : 91. Windows XP Home (nb-NO)
Description : Windows XP Home SP3 (nb-NO)
Size : 2 798 801 766 bytes

Index : 92
Name : 92. Windows XP Professional N Volume License (nb-NO)
Description : Windows XP Professional N Volume License SP3 (nb-NO)
Size : 2 777 513 740 bytes

Index : 93
Name : 93. Windows XP Professional N (nb-NO)
Description : Windows XP Professional N SP3 (nb-NO)
Size : 2 777 484 771 bytes

Index : 94
Name : 94. Windows XP Professional Volume License (nb-NO)
Description : Windows XP Professional Volume License SP3 (nb-NO)
Size : 2 843 326 563 bytes

Index : 95
Name : 95. Windows XP Professional (nb-NO)
Description : Windows XP Professional SP3 (nb-NO)
Size : 2 843 432 150 bytes

Index : 96
Name : 96. Windows XP Home N (pl-PL)
Description : Windows XP Home N SP3 (pl-PL)
Size : 2 743 911 845 bytes

Index : 97
Name : 97. Windows XP Home (pl-PL)
Description : Windows XP Home SP3 (pl-PL)
Size : 2 813 020 816 bytes

Index : 98
Name : 98. Windows XP Professional N Volume License (pl-PL)
Description : Windows XP Professional N Volume License SP3 (pl-PL)
Size : 2 791 875 271 bytes

Index : 99
Name : 99. Windows XP Professional N (pl-PL)
Description : Windows XP Professional N SP3 (pl-PL)
Size : 2 791 968 167 bytes

Index : 100
Name : 100. Windows XP Professional Volume License (pl-PL)
Description : Windows XP Professional Volume License SP3 (pl-PL)
Size : 2 859 160 277 bytes

Index : 101
Name : 101. Windows XP Professional (pl-PL)
Description : Windows XP Professional SP3 (pl-PL)
Size : 2 859 232 405 bytes

Index : 102
Name : 102. Windows XP Home (pt-BR)
Description : Windows XP Home SP3 (pt-BR)
Size : 2 807 805 860 bytes

Index : 103
Name : 103. Windows XP Professional Volume License (pt-BR)
Description : Windows XP Professional Volume License SP3 (pt-BR)
Size : 2 855 262 613 bytes

Index : 104
Name : 104. Windows XP Professional (pt-BR)
Description : Windows XP Professional SP3 (pt-BR)
Size : 2 853 356 689 bytes

Index : 105
Name : 105. Windows XP Home N (pt-PT)
Description : Windows XP Home N SP3 (pt-PT)
Size : 2 743 644 616 bytes

Index : 106
Name : 106. Windows XP Home (pt-PT)
Description : Windows XP Home SP3 (pt-PT)
Size : 2 810 257 805 bytes

Index : 107
Name : 107. Windows XP Professional N Volume License (pt-PT)
Description : Windows XP Professional N Volume License SP3 (pt-PT)
Size : 2 786 829 689 bytes

Index : 108
Name : 108. Windows XP Professional N (pt-PT)
Description : Windows XP Professional N SP3 (pt-PT)
Size : 2 789 156 298 bytes

Index : 109
Name : 109. Windows XP Professional Volume License (pt-PT)
Description : Windows XP Professional Volume License SP3 (pt-PT)
Size : 2 853 295 096 bytes

Index : 110
Name : 110. Windows XP Professional (pt-PT)
Description : Windows XP Professional SP3 (pt-PT)
Size : 2 855 426 594 bytes

Index : 111
Name : 111. Windows XP Home (ru-RU)
Description : Windows XP Home SP3 (ru-RU)
Size : 2 816 870 692 bytes

Index : 112
Name : 112. Windows XP Professional Volume License (ru-RU)
Description : Windows XP Professional Volume License SP3 (ru-RU)
Size : 2 865 430 547 bytes

Index : 113
Name : 113. Windows XP Professional (ru-RU)
Description : Windows XP Professional SP3 (ru-RU)
Size : 2 863 665 213 bytes

Index : 114
Name : 114. Windows XP Home N (sv-SE)
Description : Windows XP Home N SP3 (sv-SE)
Size : 2 733 778 491 bytes

Index : 115
Name : 115. Windows XP Home (sv-SE)
Description : Windows XP Home SP3 (sv-SE)
Size : 2 802 033 107 bytes

Index : 116
Name : 116. Windows XP Professional N Volume License (sv-SE)
Description : Windows XP Professional N Volume License SP3 (sv-SE)
Size : 2 780 189 531 bytes

Index : 117
Name : 117. Windows XP Professional N (sv-SE)
Description : Windows XP Professional N SP3 (sv-SE)
Size : 2 780 303 251 bytes

Index : 118
Name : 118. Windows XP Professional Volume License (sv-SE)
Description : Windows XP Professional Volume License SP3 (sv-SE)
Size : 2 846 244 096 bytes

Index : 119
Name : 119. Windows XP Professional (sv-SE)
Description : Windows XP Professional SP3 (sv-SE)
Size : 2 844 331 942 bytes

Index : 120
Name : 120. Windows XP Home (tr-TR)
Description : Windows XP Home SP3 (tr-TR)
Size : 2 804 064 074 bytes

Index : 121
Name : 121. Windows XP Professional Volume License (tr-TR)
Description : Windows XP Professional Volume License SP3 (tr-TR)
Size : 2 851 916 089 bytes

Index : 122
Name : 122. Windows XP Professional (tr-TR)
Description : Windows XP Professional SP3 (tr-TR)
Size : 2 851 931 452 bytes

Index : 123
Name : 123. Windows XP Home (zh-CN)
Description : Windows XP Home SP3 (zh-CN)
Size : 3 054 580 412 bytes

Index : 124
Name : 124. Windows XP Professional Volume License (zh-CN)
Description : Windows XP Professional Volume License SP3 (zh-CN)
Size : 3 096 092 721 bytes

Index : 125
Name : 125. Windows XP Professional (zh-CN)
Description : Windows XP Professional SP3 (zh-CN)
Size : 3 096 139 364 bytes

Index : 126
Name : 126. Windows XP Home (zh-TW)
Description : Windows XP Home SP3 (zh-TW)
Size : 3 036 410 741 bytes

Index : 127
Name : 127. Windows XP Professional Volume License (zh-TW)
Description : Windows XP Professional Volume License SP3 (zh-TW)
Size : 3 078 222 319 bytes

Index : 128
Name : 128. Windows XP Professional (zh-TW)
Description : Windows XP Professional SP3 (zh-TW)
Size : 3 076 363 124 bytes

Index : 129
Name : 129. Windows XP Home (zh-TW)
Description : Windows XP Home SP3 (zh-TW)
Size : 3 036 161 132 bytes

Index : 130
Name : 130. Windows XP Professional Volume License (zh-TW)
Description : Windows XP Professional Volume License SP3 (zh-TW)
Size : 3 076 087 711 bytes

Index : 131
Name : 131. Windows XP Professional (zh-TW)
Description : Windows XP Professional SP3 (zh-TW)
Size : 3 078 204 195 bytes



Known bugs:
BUG1) %SystemDrive%\Windows\Web folder content is deleted by accident during setup
FIX1) Mount boot.wim (easy is to use NTLite), delete " Web" in tag list in sources\setup.cmd at line 30 and save it. Then unload and save boot.wim [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7498gordo999
Zitat von ⇗ Amir im Beitrag ¶ #7493
...the laptop turns off.
@Amir...what happens before it turns off? Do you notice a blue screen flash by? Some computers shut down automatically after a blue screen and you have to set them not to shut down so you can read the data on the blue screen. Don't remember how to set the computer on XP not to shutdown after BSOD. It can be set in system properties by right clicking My Computer icon and selecting 'properties'. Maybe someone else remembers.
#7499diderius6⇗ @George King

What is the MD5 and SHA-1 from

WinXP_AIO_ESD.iso

I search but I dont find them

Dietmar
#7500George King⇗ @diderius6

Added into post ¶ #7497

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/

 

Page 501

#7501infuscomus⇗ @mockingbird

OK, try this one.

attached files
#7502George King
Zitat von ⇗ gordo999 im Beitrag ¶ #7498
Zitat von ⇗ Amir im Beitrag ¶ #7493
...the laptop turns off.
@Amir...what happens before it turns off? Do you notice a blue screen flash by? Some computers shut down automatically after a blue screen and you have to set them not to shut down so you can read the data on the blue screen. Don't remember how to set the computer on XP not to shutdown after BSOD. It can be set in system properties by right clicking My Computer icon and selecting 'properties'. Maybe someone else remembers.


XP2ESD images have disabled reboot after BSOD by default. It's really easy
1
2
3
4
REM Disable automatic reboot after BSOD
reg load HKLM\TEMPSYSTEM "%TARGET%\Windows\System32\config\SYSTEM" >nul
REG ADD HKLM\TEMPSYSTEM\ControlSet001\Control\CrashControl /v "AutoReboot" /t REG_DWORD /d 0 /f >nul
reg unload HKLM\TEMPSYSTEM >nul
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7503Masterchief79Hello everyone,
I'm currently trying to install Win XP on my Ryzen 5800X + Gigabyte Aorus B550 Elite V2 on a 320GB SATA HDD. I don't need a highly functional 24/7 XP with NVME support, network and audio drivers, it's more for benchmarking purposes. I did this once already with an i5 7600K and a Z270 Apex motherboard but it wasn't nearly as complicated back then.

I followed the instructions in the "Windows XP 2021_7_ENU" text file and got through the first part of the setup okay one the second try. So it doesn't crash on the 07B anymore and actually installs the OS. I'm using the 2021.5.15 build with options 3,4,6,A,B,C,E,G,K enabled (look in screenshot for more info).

Then however, I get the ACPI bluescreen "A5" on the first reboot. Which modified ACPI file should I use and how do I best integrate it into the build? I assume I can't just press F7 on setup and get it to work? Is this CPU and chipset generation even able to run XP, and if not, can it at least run Windows 7?

#7504infuscomus⇗ @Masterchief79

do you get an A5 BSOD during textmode setup? don't press F7.

what A5 BSOD do you get on first reboot? can you post a screenshot?
#7505Masterchief79Thanks for the reply. Textmode setup works for me (if by textmode you mean the bit where it looks like an old BIOS, basically). It gets to the point where Windows goes "your computer will restart in 15 seconds". I haven't hit any keys during that time (so this is without F7 aswell). After rebooting, I get this BSOD:

#7506infuscomus⇗ @Masterchief79

I've never heard of a scenario where textmode setup did not give an A5 BSOD but GUI setup did.
try extracting the patched acpi.sys from DRIVER.CAB and replacing the one in your XP system32\drivers folder.
#7507diderius6⇗ @infuscomus ⇗ @mockingbird ⇗ @Masterchief79

I make a quick and dirty hack on last acpi.sys from outerspace ),
please try

Dietmar

⇗ https://ufile.io/9f6ng0y4
#7508Masterchief79⇗ @infuscomus Thanks, that didn't change anything unfortunately. I'm trying the same thing with the file from ⇗ @diderius6 now.

//
So the provided ACPI file from ⇗ @diderius6 worked! It booted into the GUI setup successfully. USB devices worked too. System froze pretty quickly on the screen where it tries to install keyboard and mouse drivers though, see screenshot below. I've got all kinds of devices connected from this being my 24/7 system aswell, should I just try to disconnect everything except for mouse and keyboard?
After that, I tried rebooting into GUI setup another time and again got the ACPI bluescreen. I don't know if that says anything.
#7509diderius6⇗ @Masterchief79

The system restore of XP replaced my hacked acpi.sys 6666 with the original acpi.sys I think.
So just replace acpi.sys again in C:\WINDOWS\system32\drivers

Dietmar
#7510Masterchief79Yeah, I figured something like that, so I already did that. Now I gotta get past this freeze :) I think I'm gonna try disconnecting the unnecessary devices next, just to see if that makes a difference, but input from more experienced people welcome of course.
#7511diderius6⇗ @Masterchief79

You can make a Setup in Safe Mode via F8 and disable there all not needed devices for first boot of XP.
Or you can disable all not needed devices in Bios
Dietmar
#7512Masterchief79On the screen it crashes on it also says something about screen flickering, so is it trying to install the video card drivers at that point in the setup? Because I currently have a 1080Ti installed. I assumed it would just skip the video driver installation if the setup doesn't have a proper driver. Do you think that could be the issue? I can try the setup again with an older videocard, I've got plenty to choose from.
#7513diderius6⇗ @Masterchief79

Disconnect also all not needed real devices, videocard also if you have a legacy video putout from your cpu (no XP driver for 1080Ti exists)
Dietmar

PS: And boot XP first time via F8 Safe Mode.
#7514Masterchief79
Zitat von ⇗ diderius6 im Beitrag ¶ #7513
@Masterchief79

Disconnect also all not needed real devices, videocard also if you have a legacy video putout from your cpu (no XP driver for 1080Ti exists)
Dietmar

PS: And boot XP first time via F8 Safe Mode.

Thank you, gonna try that next. Booting first time with F8 you mean after GUI setup is done?
#7515diderius6⇗ @Masterchief79

I think, that F8 can be done even earlier in Setup of XP,
but in this case, yes
Dietmar

 

Page 502

#7516Masterchief79So just as an update, disconnecting my USB devices and swapping to a GTX275 didn't change anything. It still freezes on the same point in the setup. I'm gonna disable unnecessary onboard devices next (like Audio, LAN etc.) but I have a feeling that I'm not gonna get further with that. I might try a different XP distribution with other drivers later but any feedback is welcome of course.
#7517infuscomus⇗ @Masterchief79

Try and replace the acpi.sys in Integrator Files\Patches\ACPI drivers with the one diderius6 gave you and build a new ISO using the script. Then do a new fresh XP install over again and see if that works.
#7518Masterchief79Good shout, worth a try, thanks :)
#7519gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7509
The system restore of XP replaced my hacked acpi.sys 6666 with the original acpi.sys I think. So just replace acpi.sys again in C:\WINDOWS\system32\driversDietmar
⇗ @diderius6 ...Dietmar...I would replace the acpi.sys where the system file checker get it's version. I don't have XP open right now but XP keeps a store of files for the system file checker. That one has to be replaced first, before inserting your version.
#7520gordo999
Zitat von ⇗ Masterchief79 im Beitrag ¶ #7516
It still freezes on the same point in the setup.  
⇗ @Masterchief79 ...if the problem is your mouse/keyboard drivers it may be that your USB drivers are not loading properly. Does your mobo have a PS/2 input? I used PS/2 on mine while setting up by connecting USB/mouse to PS/2 via an adapter. If you can get it to install that way, you can troubleshoot USB issues using Device Manager.

If the installation freezes right near the end it's likely an Internet Explorer problem. Something to do with the IE version. I don't remember the details at the moment regarding how I solved it.
#7521Masterchief79Haha, I actually got it installed and working. I replaced the ACPI file with Dietmars before building a new ISO and tried a slightly different driver combination. It recognizes my phone and everything. In terms of performance, I haven't done enough testing to say if it's faster than my 24/7 windows or an optimized Windows 7 in the benchmarks I'm interested in. That will come soon. But being able to run old benchmarks at all is a plus over Windows 10 already.
Little background: I had a 7600K on XP working and used it to benchmark a ton of old graphics cards in like 3D Mark 01 to 06. They're are usually CPU-limited, but with a very quick CPU and a reasonably old GPU (like everything between GeForce 6000 series and GTX 400 series) you can get some easy points on ⇗ www.hwbot.org (this is my profile there: ⇗ https://hwbot.org/user/masterchief79/). Add a single stage compressor cooling system that cools the GPU to -40°C on load and you can overclock and score to your hearts desire. That Z270 mainboard I was using with the 7600K just quit working unfortunately, I didn't wanna buy another one and they didn't want to repair it... Anyway, now the Singlecore performance of my 5800X should be sufficient to be competitive without having to have two different systems.

I was gonna post screenshots but I forgot that I disconnected the HDD before booting into my 24/7 windows. Promise that I'm gonna add some later.
#7522Masterchief79I had everything working with the GTX275 yesterday. Then I swapped to a GTS450, installed the according Nvidia 290.53 driver, and now I can't get into Windows anymore. It boots, then it wants to execute CHKDSK, and afterwards (no matter if I skip it or don't), it bluescreens with this BSOD. Any ideas? Safe mode boot freezes on loading "Drivers.mup".
#7523diderius6⇗ @Masterchief79

This bluescreen I have seen, when the graphik driver is not working correct.
Have you tried via F8 "Go back to last working configuration"?
This takes the copy from the registry before you installed the other graphik driver
Dietmar
#7524infuscomus⇗ @diderius6

If dump_ntoskrn8.sys is where the error occurs wouldn't ⇗ @Mov AX, 0xDEAD know more about this BSOD?
#7525Masterchief79It's probably graphics driver related, yes. I'm gonna try last working configuration, thanks. Maybe some part of the driver package (nView, PhysX, some HDMI Audio driver...) is not working correctly.
#7526imadam__Hi, i made a iso file with windows xp integral edition and the optional patches. But the setup gets stuck at setup is starting windows with no blue screen or error. I made the usb drive with "WinSetupFromUSB 1.9". ive tried it with a external dvd drive but that doesnt work.

ryzen 5 2600, asus rog strix b450-f gaming II, 16gb ram, 240gb kingston a400 SSD.

thanks
#7527diderius6⇗ @imadam__

There are some possibilities, why this setup did not work.
Easiest way is to burn a CD from the *.iso and connect this CD on a DVD drive, which is connected to the SATA slot (not USB(!)).
Other possibility is, that setup cant recognice the harddisk.
This problem can be solved, when you format your harddisk before with RMPrebUSB version 2.1.739
Dietmar
#7528imadam__I dont have any sata dvd drives :( but ill try the rmprepusb method
#7529imadam__ok so formatting the ssd with rmprepusb didnt work :( any other things i could try ?

 

Page 503

#7530 LOST
#7531 LOST
#7532 LOST
#7533 LOST
#7534 LOST
#7535 LOST
#7536diderius6

⇗ @Masterchief79

The Bsod from your graphikcard can be memory related.
So make a try with a new *.iso,
but this time without the "5" in settings of Integral Edition 2021.5.15
Dietmar

#7537 LOST
#7538 LOST
#7539 LOST
#7540 LOST
#7541 LOST
#7542infuscomus⇗ @imadam__

OK, looking at the manual for your motherboard, it should be under - CPU Core Count Control in the AMD Overclocking section.
#7543diderius6⇗ @imadam__

Hit F5 and choose "Standard PC".
This is single core and without any acpi.
Via this way you can find out, if the Sata connector is the problem.
Also change the Sata connector
Dietmar

PS: If the Sata connector does not work under XP, you can install XP to an USB device, to an nvme device
or you can try another working XP for this board with B450 chipset.
Or you can boot XP from ram;))..
#7544imadam__hi, i chose standard pc and unplugged all sata drives but it still gets stuck at that stage
#7545infuscomus⇗ @imadam__

at "Setup is Starting Windows" or a 7B BSOD?

 

Page 504

#7546imadam__Setup is starting windows.
#7547infuscomus⇗ @imadam__

Try without integrating any of the USB 3.0 drivers.
#7548imadam__Ok.
#7549diderius6⇗ @imadam__  ⇗ @infuscomus

I think it is the Sata connector. Here in the forum I find, that from Chipset B450 also Win7 does not start from this ahci.
But the modded XP drivers are from Win8.
Then only USB boot or boot from nvme will work on this board
Dietmar
#7550imadam__Weird - becuase I've used this board to install windows XP before - but I installed it from Windows 8 PE and manually copied over the drivers from Linux and it worked, but I can't seem to get that to work anymore
#7551infuscomus⇗ @imadam__

I recall you mentioned earlier that one time you got a 7B BSOD instead of the usual freezing, what options did you select when you got that?
#7552George King
Zitat von ⇗ imadam__ im Beitrag ¶ #7550
Weird - becuase I've used this board to install windows XP before - but I installed it from Windows 8 PE and manually copied over the drivers from Linux and it worked, but I can't seem to get that to work anymore


You can build XP2ESD with Windows 8.0 input ISO instead of 7. You should encounter some errors during building but they will be related to bootlogo patching. I will see today in my upcoming v1.6 version if it can be properly builded, but I think yes, we can use Windows 8.0 and Windows 10 as source ISOs. And if there will be some errors, I can catch them too and adapt XP2ESD. [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7553diderius6⇗ @imadam__

For to understand, if really the Sata connector is the problem,
build a new *.iso with settings

3 ,4, D, E, G
and my acpi.sys .

Then connect a non (!) removable device to an USB slot, for example an USB-harddisk.
Now try to install XP again. If you can install XP to this USB device,
the problem is the Sata connector. When installation is complete, you can try to find a Sata driver which works for
the B450 board under XP
Dietmar
#7554imadam__i actually removed all sata drives and tried to boot the installer but it still wouldnt boot.
#7555George King
Zitat von ⇗ imadam__ im Beitrag ¶ #7554
i actually removed all sata drives and tried to boot the installer but it still wouldnt boot.


Can you boot successfully into Windows 8.0 installer? [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7556imadam__yeah, i can boot and use the windows 8 installer fine, im building an xp2esd iso right now, just downloading things.
#7557George King
Zitat von ⇗ imadam__ im Beitrag ¶ #7556
yeah, i can boot and use the windows 8 installer fine, im building an xp2esd iso right now, just downloading things.

Good, I will review this process myself later to be sure all works in script as expected.
Using Windows 8.0 input ISO should be also option without needs Windows 10 ISO in future.

EDIT: And if current XP2ESD fails to build it for some reason, I should create this image for you [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7558imadam__ok, thanks
#7559diderius6⇗ @imadam__

There exist 2 versions of the ASUS ROG Strix B450-F Gaming II board,
one with Usb 3.1 (90MB15V0-M0EAY0) and another one with Usb3.2 (B08KH1M1H4 )
Which version do you have
Dietmar
#7560diderius6I just order the first version ASUS ROG Strix B450-F Gaming II (90MB15V0-M0EAY0) for EUR 104,90 via Amazon.
I have different Ryzen and AMD cpus, which run on this board.
It is a really interesting, cheap board with PS/2, with Intel i211 lan, COM1 port and Realtek 1200 sound.
You can install any Ryzen processors (also 5000) as far as I understand.
From this specs it is(?) one of the very last boards, that may support XP to full (Sata?!)
Dietmar

 

Page 505

#7561imadam__Mine appears to have model number 90MB15V0-M0EAY0 so it's the usb3.1 version.
#7562diderius6⇗ @imadam__

I noticed, that on the board ASUS ROG Strix B450-F Gaming II there are 2 different Sata connections:
One goes direct to the cpu and other over chipset B450,
so there is hope for full XP support
Dietmar
#7563imadam__When I get home I will try a different connector then.
#7564diderius6I found Sata driver for the B450 chipset for Win7 bit32.
Dont know, if they can be modified for XP also
Dietmar

⇗ https://ufile.io/1m410fet
#7565diderius6And this may be the same Sata drivers for XP,
thanks to ⇗ @daniel_k

Dietmar

⇗ http://www.mediafire.com/file/jog8i403j2...402_x86.7z/file
#7566George King⇗ @diderius6 I checked XP2ESD driver repository, for XP and 7 is included v1.2.001.0402. And ⇗ @imadam__ stuck on boot logo and cannot boot into installer.

I'm adapting code to build XP2ESD only using Windows 8.0 ISO right now. Testing ISO should be ready soon

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7567George King⇗ @imadam__ m What XP Edition and Language do you use? I'm ready to build your ISO based on Windows 8.0 instead of 7 & 10

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7568imadam__English And any edition of Professional (N, VL)
#7569George King⇗ @imadam__ Image created with unreleased XP2ESD v1.6. Based on English Windows 8.0 x86 + Windows XP Professional Volume License. Patched ACPI.SYS is included. You can find it in $OEM$ directory

 
 https://www.mediafire.com/file/vs5jkk12739pgqy/WinXP_AIO_ESD_v1.6_b2_w8_based.iso/file
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7570diderius6Thanks to ⇗ @pappyN4 you can use an old AMD Sata driver for XP also for the B450 chipset.
Dietmar

Download an old 13.4 XP/XP64 chipset pack from AMD.

Open up amd_sata.inf and add in these lines underneath existing DEVs:
%AMDSATA.DeviceDesc% = amd_sata_inst, PCI\VEN_1022&DEV_7901&CC_0106
%AMDSATA.DeviceDesc% = amd_sata_inst, PCI\VEN_1022&DEV_7904&CC_0106
%AMDSATA.DeviceDesc% = amd_sata_inst, PCI\VEN_1022&DEV_43C8&CC_0106
#7571imadam__so far its working good :), but my usb keyboard and mouse arent working in the windows xp setup stage and OS but they work fine in windows 8 PE (i have a ps/2 keyboard so its fine for now )
#7572George King
Zitat von ⇗ imadam__ im Beitrag ¶ #7571
so far its working good :), but my usb keyboard and mouse arent working in the setup stage (i have a ps/2 keyboard so its fine for now )


This is confirmation that WinXP_AIO_ESD_v1.6_b2_w8_based.iso was bootable, but before first XP boot USB doesn't work right? :) [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7573imadam__the usb works in the windows 8 PE stage, but in windows xp it doesnt work, also its frozen at "windows is shutting down" so should i manually restart it?
#7574imadam__and after 2nd reboot there is now a 0x000000A5 blue screen of death
#7575George King
Zitat von ⇗ imadam__ im Beitrag ¶ #7573
the usb works in the windows 8 PE stage, but in windows xp it doesnt work, also its frozen at "windows is shutting down" so should i manually restart it?

Good is you are able to install it now. Now we can solve other problems. Was your USB keyboard connected during whole setup? Ported USB3.x driver is injected directly inside image, how looks device manager after that? Do you need to install it manualy (you can extract driver using 7-zip from USB\sources\install.wim\D\M\GENERIC_USB3X)?

Zitat von ⇗ imadam__ im Beitrag ¶ #7574
and after 2nd reboot there is now a 0x000000A5 blue screen of death

Can you have a look on Windows\system32\drivers\ACPI.sys if it match that one in USB\sources\$OEM$\$$\system32\drivers? In this build is SFC patched, but maybe MyFactory re-enabled it again, this is untested scenario [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/

 

Page 506

#7576imadam__yeah, the acpi.sys in windows\system32\drivers is dated 2008 which is the default windows xp one, so i guess it didnt get copied over?
#7577George King
Zitat von ⇗ imadam__ im Beitrag ¶ #7576
yeah, the acpi.sys in windows\system32\drivers is dated 2008 which is the default windows xp one, so i guess it didnt get copied over?


This must be caused by re-enabled SFC after first reboot of deployed system. I'm going to find whats wrong now [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7578imadam__oh, i manually copied over the acpi.sys and there is no longer 0x000000A5 but now there ois 0x0000007B which i think is ahci error ?
#7579diderius6⇗ @imadam__

Can you choose your harddisk (before Bsod 0x7B), where you want to install XP and see this partition
Dietmar
#7580imadam__yes, i can
#7581diderius6⇗ @imadam__

This means, that the Sata driver no longer works.
May be, that storport.sys for this Sata driver is now deleted in windows\system32\drivers
or comes in conflict with another storport.sys driver with same name
Dietmar
#7582imadam__alright, ill try to copy the new one over and see if that works :)
#7583imadam__i manually copied over the drivers, and it gets further in booting, but it freezes at the windows xp bootscreen, ill boot it in safe mode to see


EDIT: safe mode freezes at boot on \Windows\Syetem32\Drivers\Mup.sys
#7584diderius6⇗ @imadam__

I think that something is not ok with the Sata driver.
You can make a try with all the files from ⇗ @daniel_k and replace storport.sys and the other sata files also with them
in windows\system32\drivers

Dietmar

⇗ https://ufile.io/kzeap6np
#7585imadam__i tried copying over the drivers again but no luck - i even copied over a new mup.sys and still no luck :(
#7586diderius6⇗ @imadam__

Try one by one all Sata slots
Dietmar

EDIT: You can integrate this Sata driver by hand into registry of XP, but not easy job.
#7587imadam__Ok.
#7588George KingAnd I'm building image to see how SFC goes. I have also removed some storport files to be sure only one and correct is installed. I will upload it after some Virtual Machine tests

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7589gordo999
Zitat von ⇗ imadam__ im Beitrag ¶ #7554
i actually removed all sata drives and tried to boot the installer but it still wouldnt boot.
⇗ @imadam__ ...what errors or symptoms do you get when your machine doesn't boot? Also, with no SATA drives did you adjust BIOS to give the system a bootable source? If there is no boot source, the system will simply sit there, but sometimes you get some error in text mode.

When a system boots, it needs some kind of storage device that contains the information it needs to continue booting. This article explains it well....

⇗ https://neosmart.net/wiki/mbr-boot-process/

What do you see during boot? Do you get the option to press F2 or ALT to enter the BIOS editor? On my system, I see hexadecimal character going by rapidly in one spot of the screen, indicating POST activity. Or, do you just get a blank screen with nothing?
#7590gordo999
Zitat von ⇗ imadam__ im Beitrag ¶ #7585
i tried copying over the drivers again but no luck - i even copied over a new mup.sys and still no luck :(
⇗ @imadam__   mup.sys is a common place for the file list to stop in safe mode. Means nothing.

 

Page 507

#7591infuscomus⇗ @imadam__

I think your XP install might have been corrupted after not being completed and from all the restarts. I think it's best to start again.

Can you check the device ID for your USB 3.0 controller?

On my threadripper system, this USB controller
PCI\VEN_1022&DEV_149C

never works on first boot up but it will work correctly if I disable and reenable it in device manager, this is with the backported windows 8.0 USB 3.0 driver
I'm guessing it's something to do with ACPI

maybe you have the same controller?
#7592George King⇗ @imadam__ Here is beta 4 image. I'm sure SFC is OK, even if it shows ACPI.sys date 2008 file version is 6666. I have also removed all useless drivers from repository and now are included only Generic AHCI, Generic NVMe, Generic USB3.x, AMD_AHCI, INTEL_AHCI, Samsung_NVMe - I double checked and these drivers are same as you can find in "Integral edition". These files are taken from ⇗ @daniel_k MDL ⇗ repository

 
https://www.mediafire.com/file/xv8pl5trx96wdyk/WinXP_AIO_ESD_v1.6_b4_w8_based.iso/file



EDIT: Seems like acpi.sys is restored from sp3.cab during second reboot, even with disabled SFC. Investigating right now. I have 2 ideas how to solve it, will see which one can work

EDIT2: I'm rebuilding image with new SPx.cab repack solution for patched PAE and patched ACPI right now

EDIT3: SPx.cab is repacked before first boot to avoid ACPI.sys replacement with original file. This repack is called it two scenarios 1) PAE was patched when detected >= 4GB RAM 2) APCI.sys is in USB\sources\$OEM$\$$\system32\drivers

NOTE: USB3.x should work at first boot. In past I have tested setup from USB3 with DriverPacks installation from USB3 and it worked. Maybe is broken something else. If you don't want PAE patch, simply delete it in USB\support\WXPPAE.exe


⇗ @infuscomus Can you test how it goes on your machine? If there is needed USB device restart - disable and enable device, I can add needed command to do it automatically before Snappy Driver Installer session start

EDIT4: Seems like ucx01000.sys is not correctly installed into drivers folder before capturing when adding drivers. Investigating right now

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7593imadam__still freezes on boot. but there is no 0x0000007B bsod or 0x000000A5 bsod.
#7594George King
Zitat von ⇗ imadam__ im Beitrag ¶ #7593
still freezes on boot. but there is no 0x0000007B bsod or 0x000000A5 bsod.


Installer is OK?
XP freeze on boot? [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7595imadam__yeah, the installer is ok, and the 2nd windows xp stage but when it reboots it freezes at the XP boot screen.
#7596George KingJust to be sure, you are able to see this screen? This is MyFactory driver handling stage. I will compare system before and after it's touch to see difference

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7597imadam__yeah, i was able to see that screen, but after that it no longer boots and just freezes on the boot screen like this
#7598George King⇗ @imadam__ Try to boot again into installer and then open CMD (best to open notepad - open file and change to all file extensions to see whole file system) and delete ucx01000.sys in drivers folder in deployed XP, this is only one change in files that is before second boot of deployed system. I will see what is changed in registry too

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7599imadam__so i deleted the ucx01000.sys and it actually boots.
#7600George King
Zitat von ⇗ imadam__ im Beitrag ¶ #7599
so i deleted the ucx01000.sys and it actually boots.


USB3.x doesn't work right? [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7601infuscomus
Zitat von ⇗ George King im Beitrag ¶ #7592
Can you test how it goes on your machine? If there is needed USB device restart - disable and enable device, I can add needed command to do it automatically before Snappy Driver Installer session start


⇗ @George King

This behavior still happens even after the XP installation has completed and I'm at the desktop. On every restart I need to disable and reenable the motherboard USB 3.0 controller.

To get around this I'm using a separate PCI-E USB 3.0 card with an ASMedia 2142 chip that works on every boot.
#7602imadam__yeah, my usb keyboard and mouse dont work, i have a ps/2 one though so i can install drivers in the OS
#7603diderius6⇗ @imadam__

When you go to device manager, what is shown for the Sata devices?
Can you look, which Sata driver is installed there and which Ven_&Dev_  number.
Are those numbers different for different Sata devices
Dietmar
#7604diderius6⇗ @imadam__

About USB on the B450 chipset
credit to ⇗ @pappyN4
Dietmar

Download the Windows 7 chipset pack for the B450 from AMD.

Install the 1.0.5.3 USB driver from USB31_PT for the controller and the hub. The drivers install fine, but when you insert a USB device like a mouse or USB flash drive it shows as having a Code 39 error. To fix, you will have to copy usbd.sys to your \system32\drivers folder for a live system. You can also modify the inf file in two spots to also copy over the usbd.sys file when it copies over the driver sys file like the amdxhc31.sys or amdhub31.sys.

EDIT: There are only USB files for 64 bit.
#7605George King⇗ @infuscomus Do you use same drivers that are in "Integral edition"?

I have compared them with ⇗ @daniel_k USB3.x and they are really different, maybe Ramsey patched them on his own and something is broken.

⇗ @imadam__ I would like to find out, why it happends. I have now replaced USB3.x driver with daniel_k version. I will see if all files are added correctly into repository. If yes, I will upload you another image to see if it can work automatically?

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/

 

Page 508

#7606diderius6⇗ @George King

May be, that you can add missed Dev_ ids for AMD USB just into ⇗ @daniel_k

[AMD.NTx86.5.1]
%AMDXHC.DeviceDesc% = AMDXHC, PCI\VEN_1022&DEV_YOURS

Dietmar
#7607George King⇗ @diderius6 See how much different are these two USB3x drivers



George King has attached files to this post [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7608imadam__the chipset drivers wont install. it just says "error opening installation log file. Verify that the specified log file location exists and is writable.
#7609diderius6⇗ @Mov AX, 0xDEAD  ⇗ @daniel_k

I think, that the Asmedia USB and those USB from AMD are similar.
May be it is possible, to take an Asmedia USB driver and make it work for newer AMD USB also

Dietmar
#7610George King
Zitat von ⇗ imadam__ im Beitrag ¶ #7608
the chipset drivers wont install. it just says "error opening installation log file. Verify that the specified log file location exists and is writable.


I will upload you another ISO to test. Meanwhile download Chipset DriverPack from here, placing it in driverpacks folder on USB will automatically install compatible driver if find any
 
https://download0.drp.su/driverpacks/
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7611diderius6⇗ @George King

I noticed also, that the original Win8 USB driver (patch 2 from 5 May 2020) (with WppRecorder.sys )
from ⇗ @Mov AX, 0xDEAD
is more stable than all later versions with ntoskrn8.sys

Dietmar
#7612George King⇗ @diderius6 So you recommend that one with WppRecorder.sys?

⇗ @imadam__ This one is builded with ⇗ @daniel_k USB3.x driver, ucx01000.sys is added too after first reboot of deployed system. Let me know if there is same problem. If yes, maybe other driver needs to be installed before reboot too. Simply place all needed DriverPacks *.7z inside USB\driverpacks folder. Will be nice to catch this problem :)

 
https://www.mediafire.com/file/rbkvc10beuil34p/WinXP_AIO_ESD_v1.6_b5_w8_based.iso/file
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7613diderius6⇗ @George King

I think, that ⇗ @daniel_k makes this USB driver brandnew after he learned a lot from transfering USB driver from Win8 => Win7.
Until  now, I have not tested those new ones from Daniel.

But I found a very interesting comment from ⇗ @canonkong :
For all AMD boards, you get crash with the ported USB driver from Win 8, if you use the generic USB device (this works for Intel).
But for AMD you HAVE to give the correct Dev_ from your board and this crash after boot and install with AMD USB devices is gone

[AMD.NTx86.5.1]
%AMDXHC.DeviceDesc% = AMDXHC, PCI\VEN_1022&DEV_7812


forbidden for AMD USB

%AMDXHC.DeviceDesc% = AMDXHC, PCI\VEN_1022&CC_0C0330


allowed for Intel USB

%INTELXHC.DeviceDesc% = AMDXHC, PCI\VEN_8086&CC_0C0330


Dietmar

PS: The same as for AMD USB in its *.inf may be true also for Asmedia USB, because they are very similar.
#7614Masterchief79
Zitat von ⇗ diderius6 im Beitrag ¶ #7536
@Masterchief79

The Bsod from your graphikcard can be memory related.
So make a try with a new *.iso,
but this time without the "5" in settings of Integral Edition 2021.5.15
Dietmar

Thank you, I'm gonna try that later and update you with my progress. I'm not getting back into my original XP install after I installed the GTS450 and the according driver. I don't think it's a GPU-related issue though.

Zitat von ⇗ diderius6 im Beitrag ¶ #7613
But for AMD you HAVE to give the correct Dev_ from your board and this crash after boot and install with AMD USB devices is gone

Can you elaborate on this and how to solve the error, assuming it's related to my ntoskrn8.sys BSOD?
#7615infuscomus⇗ @George King

Ramsey's XP Integral Edition uses ⇗ @Mov AX, 0xDEAD 's USB 3.0 driver since Mov specifically targeted XP when he made it.

⇗ @daniel_k is more interested in targeting windows 7 with his USB 3.0 driver.

I'm guessing the drivers are different since they target different versions of windows.
#7616imadam__i copied the driver packs to the USB:\driverpacks folder but they dont get installed
#7617George King⇗ @imadam__ So you used WinXP_AIO_ESD_v1.6_b5_w8_based.iso with Daniel_k USB3x driver? Was there same problem with ucx01000.sys?

I forgot that I removed it from ISO, download and place this SDI folder into USB:\support, then it will be automatically processed

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/

George King has attached files to this post

#7618George KingDuring XP2ESD v1.6 development was needed to do operations in CHCP 65001 in CMD which is not supported originally by XP. I found interesting patch, that can add support for CHCP 65001. Now I can use unicode characters in CMD. Patched CMD is used only during Windows XP Home conversion into WIM, but I hope you find this patch useful.

https://www.dostips.com/forum/viewtopic.php?p=34428#p34428


And if you want to use Copy + Paste into CMD, install Command Line Clipboard

https://dennisbabkin.com/clc/
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7619imadam__when i do the SDI thing and install it it no longer boots and just goes to the xp boot screen for a long time and then a black screen.
#7620infuscomus⇗ @George King

If I'm not mistaken, daniel_k's USB 3.0 driver is targeted at windows 7 not XP - you can check for it's dependencies by putting the driver and XP's ntoskrnl.exe and hal.dll in the same folder and then opening the driver sys files with dependency walker.

 

Page 509

#7621George King
Zitat von ⇗ imadam__ im Beitrag ¶ #7619
when i do the SDI thing and install it it no longer boots and just goes to the xp boot screen for a long time and then a black screen.


Thats sad, probably bad incompatible driver. Otherwise you can place any *.7z compressed drivers in this folder to automate drivers installation. And what about ucx01000.sys with beta 5 ISO? [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7622George King
Zitat von ⇗ infuscomus im Beitrag ¶ #7620
@George King

If I'm not mistaken, daniel_k's USB 3.0 driver is targeted at windows 7 not XP - you can check for it's dependencies by putting the driver and XP's ntoskrnl.exe and hal.dll in the same folder and then opening the driver sys files with dependency walker.


Here is XP USB3.x driver by daniel_k / Mov. But maybe it's and old version?
https://forums.mydigitallife.net/threads/drivers-and-tools-to-run-windows-xp-on-newer-hardware.81607/
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7623infuscomus⇗ @George King

That's the most recent version for XP as far as I know.
I also checked daniel_k's USB 3.0 driver against XP ntoskrnl/hal - no missing dependencies, so I think it should work.
#7624George King⇗ @infuscomus Yes, both of these USB3.x driver works. But when used one from "Integral Edition" ⇗ @imadam__ then was stuck on boot logo and after deleting ucx01000.sys was system bootable again.

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7625infuscomus⇗ @George King

both versions have ucx01000.sys - but it's only the "integral edition" version that freezes?
#7626George King⇗ @infuscomus We need confirmation from ⇗ @imadam__

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7627imadam__i deleted the ucx....sys file and it still wont boot.
#7628George King⇗ @imadam__ You confirmed ¶ here, when using beta 4 ISO and deleted usx....sys system was bootable. When using beta 5 ISO without driverpacks was what result?

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7629imadam__it was bootable without the SDI thing  but with them it doesnt boot.
#7630infuscomus⇗ @George King

Whilst testing your WinXP_AIO_ESD_v1.6_b5_w8_based.iso in a VMWare VM I noticed that while the driver for the USB 3.0 controller installed correctly, but the USB 3.0 hub driver did not.

I had to manually point it to usbxhci.inf again before the hub would install.

Can you test in your own VM with USB 3.0 enabled and confirm this?
#7631imadam__im trying to install the usb 3 drivers manually in snappy driver installer in the OS but the OS completely freezes when i try to
#7632infuscomus⇗ @imadam__

can you try installing XP without the USB 3.0 drivers first, and only install the USB drivers after XP makes it to the desktop?
#7633imadam__thats what im doing. in snappy driver installer.
#7634infuscomus⇗ @imadam__

you can also without snappy driver installer instead manually point it to usbxhci.inf for installation.
#7635imadam__that still freezes it.

 

Page 510

#7636George King⇗ @imadam__ Thanks, that means only ucx01000.sys in from "Integral edition" cause this problem

EDIT: OK, seems like you need to find other (chipset etc) drivers and install them first before USB3.x


⇗ @infuscomus Confirmed. This seems to be caused by MSSTMake during processing drivers when is image prepared to capture. This is related to missing ucx01000.sys and related service registry keys. I have contacted MSSTMake author as this seems like a bug. Will see what he answer

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7637YuriyCNWindows XP - 20 years!
Happy birthday!
#7638gordo999
Zitat von ⇗ imadam__ im Beitrag ¶ #7612
the chipset drivers wont install. it just says "error opening installation log file. Verify that the specified log file location exists and is writable.
⇗ @imadam__ I've had a lot of grief with this on W7 recently and it's all about file and folder permissions. Permission are not nearly as stringent in XP as in W7 so this may be a long shot.

Is there an error number? Do you see an 'access denied' anywhere?
#7639imadam__I got it to work btw
#7640infuscomus⇗ @imadam__

How?
Please tell us more.
#7641imadam__I mean the chipset drivers, still can't get usb drivers to work
#7642infuscomus⇗ @imadam__

If it's not working why did you say you got it to work?
#7643imadam__I meant I could get the chipset drivers to work, but not the usb driverd
#7644guzarguit was bootable without the SDI thing but with them it  ⇗ Windows XP 32Bit doesn't boot.
#7645George King
Zitat von ⇗ guzargu im Beitrag ¶ #7644
it was bootable without the SDI thing but with them it doesnt boot.


SDI = Snappy Driver Installer then it depends on used DriverPacks - there always can be bad driver in their collection of course [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7646imadam__i tried installing the AMDXHCI_XP_276_FINAL usb  drivers but it just froze :(
#7647diderius6⇗ @imadam__

What Sata drivers are shown in Device Manager and in Hardware which Dev_ ?
With my tests on the ASRock Fatal1ty AB350 Gaming K4 I noticed,
that very few Sata drivers work there correct. May be best is the original AMD sata driver
see post ¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (505)

and
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (112)

and
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (418)

Also I noticed, that on the Ryzen boards a lot PCI-e lines are shared. This gives crazy results,
for example sound or network. And I see, that the behavior with different Bios versions is different
and some of the the USB depends also on the cpu, because the Ryzen processor is like cpu with integrated own chipset.
So, put all out only graphikcard stays. And try different Sata slots,
because some go direct to cpu and some to the B450 chipset

Dietmar

PS: There is a new storport.sys from Kai Schtrom, which should pass through SMART information.
⇗ https://sourceforge.net/projects/storpor...-smart-support/
#7648imadam__am i looking for Hardware Ids? if so then for the sata driver AMD SATA Controller it

PCI\VEN_1022&DEV_43c8&SUBSYS_10621B21&REV_01
#7649diderius6⇗ @imadam__

Yepp, this is one Dev_ from the Sata devices. But there should be another Sata Dev_ for another Sata slot also.
And what is the exact name of the driver for Sata now
Dietmar
#7650imadam__yeah, theres another one also named "AMD SATA Controller"

PCI\VEN_1022&DEV_7901&SUBSYS_87471043&REV_51

 

Page 511

#7651diderius6⇗ @imadam__

Now the exact name with time stamp for the used Sata drivers please
Dietmar
#7652imadam__Name: AMD SATA Controller

Driver Provider: AMD
Driver Date: 3/29/2015
Driver Version: 1.2.1.402
Driver files: C:\Windows\System32\Drivers\amd_sata.sys
C:\Windows\System32\Drivers\amd_xata.sys

File Version: 1.2.001.0402 built by: WinDDK
#7653diderius6⇗ @imadam__

This looks like the original AMD Sata driver.
But even from it exist different versions.
Please go to windows\system32\drivers and look for the exact name of storport.sys with time stamp or can you upload this  storport.sys to ⇗ https://ufile.io/
Dietmar
#7654imadam__storport.sys - ⇗ https://ufile.io/7nwe2u0e
#7655diderius6⇗ @imadam__

Thanks,
this is the from win7 Sp1 backported version of storport.sys
6.1.7601.23403 (win7sp1_ldr.160325-0600)
But may be, that newer storport.sys from WinServer 2003 also works with this Sata driver
or the new one from Kai
Dietmar
#7656diderius6I just test original amd_sata.sys, build for Win7 bit 32.
It works without any modification(!) together for XP SP3 with storport.sys from Winserver 2003 SP2 vers. 5.2.3790.4485 .
But the for Trim used file amd_xata.sys shows 2 unfullfilled dependencies to ntoskrnl.exe

PoRegisterPowerSettingCallback
PoUnregisterPowerSettingCallback

Dietmar
#7657diderius6⇗ @imadam__

Can you please test this AMD Sata drivers?
First copy this storport.sys to folder windows\system32\drivers
And then try to change from running XP the Sata driver against those ones
Dietmar

⇗ https://ufile.io/vbwmo02m
#7658imadam__i tried using them files - but usb driver installatio still freezes - sorry for the wait
#7659diderius6Just in this moment my new board Asus rog strix b450-f gaming II arrives.

Before I make a try with the AB350 Asrock fatalty K4 board and Ryzen 3700x cpu.
There my new modded Sata driver for AMD works at once.

I use my own XP SP3 CD, just brandnew updated with only all XP SP3 updates and PosReady until May 2019,
my last modded acpi.sys and the AMD sata driver from below.

Thanks a lot to ⇗ @George King !

Dietmar

AMD Sata original driver for XP 1.2.1.321 using original storport from Server 2003 SP2 version 5.2.3790.4485
works for all(?) boards from AMD 400 serie

⇗ https://ufile.io/8rppgryz
#7660imadam__i tried to install the AMDXHCI XP 145-Final v3 and AMDXHCI XP 276-Final v3 USB 3 drivers and that got further - but i got a BSOD 0x0000008E
#7661juk777I wonder - how did you manage to install the driver from 2003 on XP, if NTx86.5.2 is written in your. inf file instead of NTx86.5. 1?
#7662diderius6⇗ @juk777

XP works also under the name NTx86.5.2 :)).
But a strange thing I noticed:
The file amd_xata.sys is not copied via txtsetup.oem and nlite.
When you add this file later via hand,
you get Bsod 0x7B on next reboot.
Dietmar

PS: I think, that amd_xata.sys is used for SMART information. And without changing something in storport.sys
SMART does not work for XP SP3.

EDIT: I make a try with the new storport.sys from Kai Schtrom, but keeping the original amd_sata.sys .
#7663daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7662
But a strange thing I noticed:
The file amd_xata.sys is not copied via txtsetup.oem and nlite.
When you add this file later via hand,
you get Bsod 0x7B on next reboot.

Dietmar, amd_xata.sys is a filter driver, used as a power management helper and to passthrough TRIM commands on Win7 and later.

Filter drivers are not required for basic operation and txtsetup.oem does not provide a way to install filter drivers during text mode setup.

amd_xata.sys is properly installed during GUI mode setup through the driver's INF file.
#7664diderius6⇗ @daniel_k

Nice to see you ).

I noticed another crazy behavior. On last boot I get Bsod 0x7B.
A closer look at the registry shows me, that no entry is in CriticalDeviceDatabase and also not the correct path
to the file amd_xata.sys in [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\amd_sata].
I remember, when this happen: When you try to install a not signed driver in XP. After adding servicepacks,
the message is gone in XP setup : "Do you want to install unsigned drivers?"

This can be overcome with adding a file

WINNT.SIF

[Unattended]
NonDriverSigningPolicy = "Ignore"
DriverSigningPolicy = "Ignore"

This gives message direct at the beginning of Gui-Setup
"Inconsistant Strukture" and Setup fails.

Then I changed also, but with same result "Inconsistant Strukture" and Setup fails.

HIVEDEF.INF

HKCU,"SOFTWARE\Policies\Microsoft\Windows NT\Driver Signing","BehaviorOnFailedVerify",0x00010003,00000000

Hm, now it hangs with this settings on Text setup, I cant see the harddisk.
So it seems, that the direct installation of XP SP3 does not work with this driver from AMD 1.2.1.321.
#7665imadam__are you having the same issue as me (setup is starting wndows)

 

Page 512

#7666diderius6⇗ @imadam__

I tried the original AMD 1.2.1.321 Sata driver, fails always on 3. reboot with Bsod 0x7b,
even I integrate the amd_sata.sys in registry by hand, strange.

I tried the generic Storahci driver from Kai, fails on 2. reboot with Bsod 0x7b.
This driver gives randomally 0x7b even on first boot, so something unstable there.

Now the modded Sata driver AMD 1.2.1.402  from ⇗ @daniel_k I will try and the Win8 driver for AHCI from ⇗ @Mov AX, 0xDEAD .
When those driver also fail, I will try to use no update pack at all,
just naked original XP SP3 CD.

On the Asrock ab350 gaming k4 I can use the Asmedia 106 Sata scsiport driver with its own driver,
but this is not(?) possible on the board Asus rog strix b450-f gaming 2 .
(I remember some tests from ⇗ @daniel_k to make the Sata Asmedia 106 driver generic.
This has big advantage of no need for any storport.sys because it is a scsiport driver)

Later nvme boot, usb boot or ram boot are next next possibilities.

Tomorrow is another day
Dietmar
#7667imadam__xp2esd worked for me, probably becaus it uses windows 8 PE to install  which has native usb 3 and sata drivers
#7668diderius6⇗ @imadam__

With ⇗ @Mov AX, 0xDEAD AHCI driver from Win8,
blackscreen on 3. boot.
It looks, as if the Bios has a problem to detect, at which Sata port the harddisk is connected
Dietmar

EDIT: Yepp, when I change randomally the Sata connector, suddently the black screen is gone and for the very first time I can finish install of XP with ⇗ @Mov AX, 0xDEAD AHCI driver from Win8.
#7669diderius6⇗ @daniel_k

Can you tell me about your results of making the Asmedia 106 Sata driver generic?
You changed the DEV_ ID in the driver itself away from asmedia.
As far as I remember, the CD rom device was then shown also as harddisk )
Dietmar
#7670daniel_k⇗ @diderius6

Dietmar, my finding are here:
⇗ Generic SCSIAHCI driver for Windows XP

Original ASMedia SCSIPORT drivers v2.0.3.0001:
⇗ http://www.mediafire.com/file/llbijc030nvjmtl

The driver is completely generic, there is no hardware ID checking, just edit .inf and add a generic ID:
PCI\CC_010601

Good luck!
#7671juk777"AMD AHCI Driver 1.2.001.0210
It does not support Windows XP, although it is possible to work with certain combinations of the controller and the version of the AHCI module in the BIOS.
Use it at your own risk.
ATTENTION! 1.2.001.0210 does not support TRIM, and therefore is not recommended for working with SSD.
TRIM support appeared in 1.2.001.0263 (package 10.9 for Vista /7).
Latest versions: 1.2.001.0402 (Win7), 1.3.001.0276 (Win8).
It made sense to put it only in XP, where there was no one of its own, and in Vista, where MS was not very good.
In Windows 7 and newer-the built-in is not slower, and is more stable. "(C)
#7672diderius6⇗ @daniel_k

After integrating the Asmedia 106x with nlite in the Setup CD I get message,
"No harddisk for installation can be found".
This is not a bluescreen, this message appears after accepting EULA via F8.

Do I mod the *.inf and the TXTSETUP.OEM correct?
⇗ @canonkong wrote, that for AMD generic PCI\CC_010601 does not work and that you have to give the exact Dev_ ID
for AMD devices, what do you think
Dietmar

⇗ https://ufile.io/emm0asb9


EDIT: I remember from tests with USB boot, that exact this message appears when all was ok with the driver,
but the Bios does not recognice the harddisk because of no support for USB in very old Bioses.
#7673canonkong⇗ @diderius6
If your mainboards is ASUS, Enable Precision Boost Overdrive and Disable PBO FMax Enhancer in BIOS, because ASUS will freeze when booting if using the win8 port driver.
#7674diderius6I have to use Force LBA when formatting the harddisk in RMPrepUSB, if not I get a blinking cursor at the end of TXT Setup of XP.
But now, waaoh:)) for the very first time I can install XP SP3 without any problem!
For this I use the nice modded Sata driver from ⇗ @daniel_k , I add TXTSETUP.OEM to it
and integrate this driver via nlite
Dietmar

⇗ https://ufile.io/a0h27ulz
#7675diderius6⇗ @imadam__

I use for install XP on the board Asus Rog Strix b450-f gaming II an original XP SP3 CD without any extra service packs.
With the AMD Sata driver from ⇗ @daniel_k installation was very fast, without any problem.
Shutdown works also with the PS/2 keyboard connected.
An y-cable in the PS/2 slot does not work, message "No keyboard connected".
So you can use keyboard or mouse.

Just now I try to install the USB driver AMDXHCI_XP_276_FINAL from ⇗ @daniel_k .
On USB devices this gives Bsod 0x7E 0xC0000005 and on the other 0x8E 0xC0000005
The same for AMDXHCI_XP_FINAL_V3 .

Dietmar
#7676daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7672
Do I mod the *.inf and the TXTSETUP.OEM correct?

Yes, it's correct.

The driver works with Intel controller and even Jmicron's.
Those Ryzen AMD systems are complicated to deal with.

It's a shame, Intel is much more legacy compatible.

#7677imadam__Alright, I'll try that tomorrow maybe if I have time
#7678diderius6This is brandnew USB driver,
I think from work together ⇗ @Mov AX, 0xDEAD  and ⇗ @daniel_k .

This driver needs no storport.sys and so comes not in conflict with the Sata storport.sys.
And the very best is:

It works at once for all USB ports  :))))))))))!!!!!!!!!!!!
of the Board ASUS ROG Strix B450-F Gaming II

Dietmar

⇗ https://ufile.io/9879ypno

EDIT: Now this board becomes really interesting for XP. All drivers are there!
#7679diderius6On the Board ASUS ROG Strix B450-F Gaming II
I got nearly everything to work under XP SP3.

Acpi
Graphik
Sound
Lan
Com1 port
USB2, USB3
PS/2 port
Sata

Nvme works, see post
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (513)

There is one not nice thing: The USB controller with Dev_149C crashes the compi at boot (hangs early).
Even sometimes with no USB device connected. I tried also the original Win8 USB driver from ⇗ @Mov AX, 0xDEAD from 5 May 2020. With this Usb driver, the board hangs always with Dev_149C enabled. So, on this board the new USB driver is better!
This controller with Dev_149C works, when the compi is already started (can enable it in Device Manager).
So I disable this controller Dev_149C in Device Manager.

The other controller with Dev_43D5 works with all USB devices, that I tested, no hang, no crash at all.
The PS/2 port makes no problem for shutdown, just works.

So, 4 USB ports 2 USB2, 2 USB3 are left for permanent working under XP SP3
Dietmar

#7680imadam__just curious - what graphics card is that? i ordered a gt 740 for gpu passthrough on linux but i can also use it on windows xp natively ::)

 

Page 513

#7681diderius6⇗ @imadam__

It is an Nvidia GT 730.
I just get 39001 Points with 3DMark 2001 on the Ryzen 3700x above,
this nice card seems to live forever
Dietmar

PS: I like this board a lot, now it is rock stable!
And from feeling it is fast..
#7682juk777And what specific version of mod acpi was used?
#7683diderius6⇗ @juk777

This one

⇗ https://ufile.io/jkvo34sp
#7684juk777And how did the experiments with the modification of the Server 2003 sata driver version 1.2.1.321 end?
#7685diderius6⇗ @juk777

Always Bsod 0x7B after 3. reboot. I notice, that the driver was not integrated and this can happen because of no driver signing.
With the new AMD Sata version from ⇗ @daniel_k  together with my TXTSETUP all is easy
Dietmar
#7686juk777How do you like Kai Schtrom StorAhci?
#7687diderius6⇗ @juk777

Before I thought, that the Ahci driver from Kai was the most generic.
But for the Asus Strix board it does not work
Dietmar
#7688diderius6The only nvme driver for XP SP3,
which works correct on the board ASUS ROG Strix B450-F Gaming II
with a lot of different nvme devices,
is the one from ⇗ @daniel_k .

The Samsung nvme driver shows on all nvme devices Code 10.
This means, that this Samsung driver is not the most generic

Dietmar

Working nvme driver for ASUS ROG Strix B450-F Gaming II
⇗ https://ufile.io/rdp8xw3g
#7689juk777And the respectable ⇗ @daniel_k will not try to modify Server 2003 sata driver version 1.2.1.321 to a working state?
#7690juk777"the processor always consumes significant power

The problem is again related to the disabled hardware ACPI blocks.
In ACPI described two modes of reduced power consumption C2 and C3,
to move the processor must record certain values in certain ports ACPI iron
then there is BACH and darkness, the CPU clock is no longer serving + the rest of the magic,
associated with the state of the internal cache, etc.
Because ACPI is now on the Board in truncated mode, Windows XP mode S2/S3 does not pass, though, and logs everything you need in ports.
The darkness does not come, the processor turns as if nothing had happened.
It is logical to ask - and how do Windows 7-10 save energy?
It's very simple - they use only the capabilities of the central processor without using the ACPI subsystem.

There are two options that can be achieved from the CPU:

classic hlt instruction, you can only switch to C1 mode

monitor/mwait instructions, switches to C7 or C10.

The solution for Windows XP is to patch one file so that instead of ACPI C2/C3, the same two processor methods are used... "(C)

Has it been decided yet? Which file is meant?
#7691daniel_k⇗ @diderius6

Dietmar, can you try this AHCI driver v1.2.001.0337 for Server 2003?
⇗ http://www.mediafire.com/file/1xg19o49kfv9u6l

Really hard to find and the last one for NT5.2.
#7692diderius6⇗ @daniel_k

Hi Daniel, I install those Server 2003 files via its modded *.inf

I can see what changed:

amd_sata.sys 1.2.1.402  =>  amd_sata.sys 1.2.1.337
amd_xata.sys 1.2.1.337  =>  amd_xata.sys 1.2.1.337

Both work.

Here I send you the compare of the modded  1.2.1.337 *.inf  file,
it is different from the modded  1.2.1.402 *.inf  file

Binary compare shows, that both amd_xata.sys 1.2.1.337 are identic.
But amd_sata.sys 1.2.1.402 is very different from amd_sata.sys 1.2.1.337

CrystalDiskInfo8_12_7 shows, start SMART also here works

Both drivers are very fast. This is the first time, that my hardisk shows 210 MByte/s.
The amd_sata.sys 1.2.1.402 is as fast as the amd_sata.sys 1.2.1.337

Dietmar
FILE COMPARISON
Produced: 29.08.2021 18:55:44

Mode:  Just Differences

Left file: D:\amd_sata_1.2.001.0337_Server2003\amd_sata.inf
Right file: D:\WinXP-IE Optional Patch Integrator v3.2.0-beta\Integrator Files\Patches\AMD SATA driver v1.0\amd_sata.inf
2
; Copyright (c) 2008-2012 AMD                                       
<>
2   ; Copyright (c) 2008-2015 AMD
------------------------------------------------------------------------
------------------------------------------------------------------------
10
DriverVer=10/12/2012,1.2.001.0337                                    
<>
10  DriverVer=03/29/2015,1.2.001.0402
------------------------------------------------------------------------
------------------------------------------------------------------------
22
<>
23  [AhciPowerSetting]
24  Subgroup = {0012ee47-9041-4b5d-9b77-535fba8b1442}
25
Setting =  {0b2d69d7-a2a1-449c-9680-f91c70521c60}, "AHCI Link Power
Management - HIPM/DIPM", "Configures the LPM state.",,0x00000001
26
27  Value = 0, "Active", "Neither Host or Device initiated allowed", 0x00010001, 0
28  Value = 1, "HIPM", "Host initiated allowed only", 0x00010001, 1
29  Value = 2, "HIPM+DIPM", "Both Host and Device initiated allowed", 0x00010001, 3
30  Value = 3, "DIPM", "Device initiated allowed only", 0x00010001, 2
31  Value = 4, "Lowest", "HIPM+DIPM+DEVSLP", 0x00010001, 7
32
33  ; High Performance
34  Default = {8C5E7FDA-E8BF-4A96-9A85-A6E23A8C635C}, 0, 0
35  Default = {8C5E7FDA-E8BF-4A96-9A85-A6E23A8C635C}, 1, 1
36  ; Balanced
37  Default = {381B4222-F694-41F0-9685-FF5BB260DF2E}, 0, 1
38  Default = {381B4222-F694-41F0-9685-FF5BB260DF2E}, 1, 1
39  ; Power Saving
40  Default = {A1841308-3541-4FAB-BC81-F71556F20B4A}, 0, 2
41  Default = {A1841308-3541-4FAB-BC81-F71556F20B4A}, 1, 2
------------------------------------------------------------------------
------------------------------------------------------------------------
55
<>
------------------------------------------------------------------------
------------------------------------------------------------------------

-+ 42 
;FeatureScore=0xFE
------------------------------------------------------------------------
------------------------------------------------------------------------
106
HKR, "Parameters\Device","AmdSataDevSlp",%REG_DWORD%, 0x100           
<>
86  HKR, "Parameters\Device","AmdSataDevSlp",%REG_DWORD%, 0x3E8
    
87  HKR,
"Parameters\Device","AmdSataSWSP",%REG_DWORD%, 0x0F
------------------------------------------------------------------------
------------------------------------------------------------------------
139
<>
120 HKR, "StorPort", "EnableIdlePowerManagement", %REG_DWORD%, 0x01
------------------------------------------------------------------------
#7693diderius6Here is the for XP SP3 modded version of the file

amd_sata_1.2.001.0337_Server2003.7z

from ⇗ @daniel_k

Dietmar

⇗ https://ufile.io/0x3av66j
#7694diderius6⇗ @daniel_k


This AMD Sata driver amd_sata_1.2.001.0337_Server2003  works also with original storport.sys 5.2.3790.4485 from Win Server 2003

on XP SP3

and SMART, waaohh;))..

Dietmar
#7695daniel_k⇗ @diderius6

Thanks for your test report.

1.2.1.337 might be better for XP because 1.2.1.402 is signed for Win7 and may have removed compatibility code with 2003, which usually affects power management.
It's just a guess as I didn't do a more in-depth analysis of the code.

Are you using a mechanical HDD?

If you have a chance, please check if these drivers properly shutdown SSDs (save SMART before shutdown and after turning it on again).

 

Page 514

#7696diderius6⇗ @daniel_k

I copied whole mechanical harddisk to an Samsung 860 EVO SSD.
Cristaldiskmark shows 565 MByte/s , this is the highest value, that I have ever seen.

Shutdown works, SMART is written.

But the really crazy amazing is the boottime of XP with this SSD and
AMD Sata driver amd_sata_1.2.001.0337_Server2003:

1 sec        

Dietmar
#7697daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7696
Shutdown works, SMART is written.

Check POR Recovery Count attribute.

After a proper shutdown, it does not increase.
#7698diderius6⇗ @daniel_k

POR Recovery Count 99 before shutdown.

After restart

POR Recovery Count 99

Dietmar
#7699daniel_k⇗ @diderius6

Nice, the best AHCI driver for AMD systems!

Enjoy your new AMD system, you're surely having fun with it.
#7700diderius6⇗ @daniel_k

My last AMD system for daily use was from 2003, first of all with 64 bit.

But this is the first board since this time, that I like from AMD

ROG Strix B450-F Gaming II with Ryzen 3700x, Bios 4007, 32 Gbyte Ram

Dietmar
#7701infuscomus⇗ @diderius6

what do you not like about the Asrock AB350 G K4?
#7702diderius6⇗ @infuscomus

Not bad board and I test a lot with it.
But its Bios is crazy: You have sound or network or nvme,
4 tries always for USB boot, compi starts sometimes in 5 seconds and sometimes never,
sometimes after 40 sec.
I use it with this Ryzen 3700x, test everything what can be done better in Bios. For training it is good.

The Strix board is other, just an evolution in Bios
Dietmar
#7703gordo999
Zitat von ⇗ juk777 im Beitrag ¶ #7690
It is logical to ask - and how do Windows 7-10 save energy?
It's very simple - they use only the capabilities of the central processor without using the ACPI subsystem".
⇗ @juk777 ...I don't think the processor has much to do with power saving. All power saving circuits, that turn devices on and off, are on the motherboard as hardware. It is the ACPI system that controls the power saving hardware, as far as I know. Unless, of course, the processor has circuitry to shut itself down after all ACPI-controlled circuits are shut down. That would make no sense unless the processor states were stored on the CPU or on external storage.

Power saving states are controlled by hardware devices on the motherboard, by mosfet transistors. Does not make sense to put those devices into the processor. When you get to the lowest sleep state, which is hibernate, all the computer states are stored on disk along with the memory state.
#7704galagun
Zitat von ⇗ gordo999 im Beitrag ¶ #7703

Power saving states are controlled by hardware devices on the motherboard, by mosfet transistors.

Not anymore. Newer 2019+ CPUs have PWMs and Power Management IPs and microcode bolt in the CPU die.
Main power states may still depend on external mobo hardware, but intermediate microstates don't, and actually these are more important than main states to low overall hardware consumption. Idea taken from phone SoCs btw.
#7705juk777And here's another point: for Intel, the file intelppm.sys patched (the one that is "in the package" with the patched hal.dll), and amdk8.sys for AMD - no?
#7706gordo999
Zitat von ⇗ galagun im Beitrag ¶ #7704
Not anymore. Newer 2019+ CPUs have PWMs and Power Management IPs and microcode bolt in the CPU die.
⇗ @galagun ...I'm no expert on this but are you referring to CPU power state management? That's not the same as the ACPI-based power saving states, it has more to do with power management inside the processor.

⇗ https://link.springer.com/chapter/10.100...1-4302-6638-9_2

"As power management has become more and more complex, CPUs have added internal microcontrollers that have special firmware for managing the CPU power management flows. At Intel, these microcontrollers are called both the PCU (power control unit) and the P-Unit, and the code that they execute is called pcode".

As you know, it's vital to control the heat in a CPU as well as to keep its power consumption at a minimal level. Seems to me that's what the CPU built-in controller do. They may also be geared to hardware means of fighting software reverse engineering. Lot of secrecy around it.

ps. an example is the way they shut down unused cores and reduce the power to cores until they are needed.
#7707diderius6Hi,
I got few Asus boards P8H77-M with cpu i3-3240 for free.
But now it looks for me, that the TPM chip on this boards is enabled.
All boards show with connected screen endless light blue, black, white, blue, black, white..

Keyboard or mouse on PS/2 or on USB or Win8.1 setup CD or Win10 setup USB stick are complete ignorated.

Is there a chance, when I flash the socket Bios chip with EEpromer just with Bios from Website or
is it a lost case

Dietmar

EDIT: I cleared CMOS, put cmos batterie out, changes nothing.
Because all boards show exact the same behavior, they are not defekt.

EDIT2: Hm, may be it is really only something strange in Bios of each board, because in manual of the P8H77-M is written,

"This connector supports a TPM system, TPM 20-1"

Does this mean, that this board P8H77-M itself has no TPM at all? Then Bios flash will help!
#7708infuscomus⇗ @diderius6

If you can login to the BIOS I think it should be possible to wipe the key stored in the TPM and then you should be able to switch it off.
#7709gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7707
All boards show with connected screen endless light blue, black, white, blue, black, white..
⇗ @diderius6 ...hey, Dietmar...back in the bad old days where the displays were tubes, vertical lines down the screen and right across it was called 'ringing'. Ringing refers to an oscillation modulating the beam as it scans across the screen.

With modern LCD screen, an electron beam is no longer swept across the screen, as you know, but something has to move the display pixel to pixel in a horizontal direction. At the same time, something sweeps it vertically. If there is something in a driver, or elsewhere, causing the screen pixels to be modulated in a regular manner, the result is vertical lines across the screen.

Can you see any video at all, or just a blank screen with vertical lines?

I would suggest your problem is in a driver that may not match your display specifications. BTW...I have read that a faulty power supply or bad power connections can do the same.
#7710diderius6⇗ @infuscomus ⇗ @gordo999

When I switch on the boards, the screen reacts soon and changes in a whole to this moving colors,
all over the LCD screen same color, no letters, no lines, just colors in full. It is HDMI and the connection works.
Yes, when I can reach the Bios, I can set everything back.
But the 16 boards do not react to anything, I have never seen before.
I tried different power sources, always the same.
What I think is, that somebody changes Bios to network boot
and succeed to tell the compi only via Bios, that no reaction to anything other at this time
Dietmar

PS: Today I will read out the Bios chip and then flash it new with Bios from webside of Asus and we will see..
I hope, that it is not possible to edit the Bios of the network card to make whole compi to behave like this.
The network is a 1 Gb LAN Realtek RTL8111F .

EDIT:
Just an idea: Is it possible, to delete in this readout Bios the lan card RTL8111F
and later update it normal with Website Bios?

Here is the 8 Mbyte original read out with nice EEpromer Revelprog IS of the Bios chip  W25Q64BV  of the ASUS P8H77-M

⇗ https://ufile.io/h3d2tlu3

 

Page 515

#7711daniel_k⇗ @diderius6

Dietmar, FYI your BIOS dump is from version 1202.

Make sure you save that dump so you can restore the MAC address later.

Download the latest BIOS version from 2014, open the .CAP with UEFITool NE, expand the tree, select Intel image and Extract as is.

Write the resulting .rom file to the eeprom and cross your fingers!
#7712diderius6⇗ @daniel_k

Oh, first I try to find out, from where you know, that it is Bios version 1202.
Now I find also:)).

I flashed the Bios chip with Asus website Bios 1202, without the "Cap" from Asus Bios and double check, that all works correct.
Now, the color show is gone on monitor, no output at all.
Before, the keyboard LED lits up for a short time, this is now gone also.
The compi starts (I hear ventilator from cpu starting),
but the compi looks now "more" dead than before, may be, because the MAC adress is gone and now the lan chip can not work at all
Dietmar
#7713daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7712
the compi looks now "more" dead than before, may be, because the MAC adress is gone and now the lan chip can not work at all

Did you try to remove all RAM sticks (only CPU) and power on the board to see if it beeps?
If it doesn't, flash the dump you saved and do the same test.

Do these boards were working at all? Maybe were replaced after a lightning strike?
#7714diderius6⇗ @daniel_k

I am sure, that all boards work.
I ask the "vendor" and he tells me this.
He told me also, that those boards where booted via network and Arch Linux.
And that a password for the (normal) UEFI Bios was set, which he dont knows.
This sounds strange for me, because in this case I should get the question "Enter Password",
which did not happen. And also I think, that normal Bios passwords can be killed with Batterie out and clear CMOS.
May be, that on newer motherboards this Bios password is stored at other place, who knows.

"If it doesn't, flash the dump you saved and do the same test."
Yes, this will be my next step if I have until now no other idea
Dietmar
#7715daniel_k⇗ @diderius6

Clear CMOS would work, even the manual says that and those boards are consumer models, nothing special.

Did you try an external graphics card? Might be worth a try.
#7716diderius6⇗ @daniel_k
At another board with the same light show before,
after Clear CMOS the light show is gone and now asks "Enter Password".
So, to clear CMOS is not enough for to cancel this normal UEFI Bios password
on the Asus board P8H77-M
Dietmar
#7717daniel_k⇗ @diderius6

Write the dumped BIOS back to the first board and see if the "light show is back".

Only if it does, dump the BIOS of the board that asks for the password and flash the original downloaded from ASUS.
I believe the password is stored in the eeprom itself.
#7718diderius6⇗ @daniel_k

For to test your idea,
I do not flash, but I change the Bios chips.
But now the second compi looks like dead as first one,
no flashing keyboard,
no light show, no asking for password.
When even the change of the Bioschip is not enough (I am 100% sure, that the flashing ends ok),
the UEFI BIos password or some parts of it must be stored at other place in compi also
Dietmar

EDIT: Now I change Bioschip back
and second compi asks for password again^^..
#7719daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7718
the UEFI BIos password or some parts of it must be stored at other place in compi also

It's strange as I've seen reports that flashing stock/manufacturer BIOS gets rid of the password.

Would be nice of the system administrator to clear the password before "donating" the boards.

#7720daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7718
Now I change Bioschip back
and second compi asks for password again^^..

What about trying that BIOS that asks for the password on the first board?
#7721diderius6⇗ @daniel_k

Yepp, exakt this I am doing just now

Dietmar
#7722diderius6⇗ @daniel_k

I notice, that in the board, that asks for password is a different bioschip

EN25F64

So, first I make with EEpromer a copy of this chip, it laaasts some time
before I put it in first compi

Dietmar
#7723diderius6⇗ @daniel_k

With Bios chip from Compi, that asks for password,
first compi is "dead" as before, no flashing keyboard.
May be, something is defekt with first board.
For next tests I use only second board,
which asks for password
Dietmar
#7724daniel_k⇗ @diderius6
I'd try to flash the dump back to the first board, remove the battery for some time and try to power it on again.
Sometimes hardware specific data in the BIOS image is part of the password protection.

⇗ @plutomaniac
Was thinking, does ME play any role related to UEFI admin password?
#7725diderius6⇗ @daniel_k

Just few min ago I get a mail with the password for all those boards.
The "seller" of those boards give me the mail adress, from the person, who gives to him all those boards.
And I write a kind mail to this person and he answered me in 15 min with the correct password.
The password is a little bit crazy:

ichhassems

Which means translated "I hate Microsoft" . Ok, on all the boards was Arch Linux^^, booted via network.
At the board, that asks for password, this password works at once.
I go to its Bios and delete the Admin password just now.
Now this boards is free, nice. Until now the only one, that is free.

From tomorrow I have more time and I will test dump the Bios of the other boards with password enabled.
Then I disable this password there and compare with Winhex, what changed in the Bios dump.
It looks, that it is not enough to change a Bioschip with Admin password against another Bioschip without password
Dietmar

EDIT: By the way, now I understand, WHY I get all those boards for free. The original owner of the boards did not tell his password to anyone before, even they ask a lot..

 

Page 516

#7726Masterchief79
Zitat von ⇗ diderius6 im Beitrag ¶ #7536
@Masterchief79

The Bsod from your graphikcard can be memory related.
So make a try with a new *.iso,
but this time without the "5" in settings of Integral Edition 2021.5.15
Dietmar

Hey, it's been a few days. I did what you suggested and burned another CD with the "5" disabled. XP installs fine, but the first time actually booting to OS after the setup is complete, I instantly get this ntoskrnl.exe BSOD. Before, it only happened after a few reboots and a GPU swap. Does that help to narrow the issue down?


Before and after:

#7727diderius6⇗ @Masterchief79

This Bsod is memory related. What exact happens I dont know

Dietmar
#7728infuscomus⇗ @Masterchief79

It might be one of the optional patches causing the BSOD - I think you might need to try trial and error to find out which one of the patches is causing the BSOD.

It's a shame ⇗ @Mov AX, 0xDEAD isn't around to give more info on that BSOD.
#7729diderius6⇗ @daniel_k

I make a test with Bios. This is readout from whole Bios chip with EEpromer Revelprog IS of the board ASUS P8H77-M
On the left side is without password and the right side is with password.
The diff file I make with Winhex
Dietmar

PS: Now in Bios is Password. And for the very last test I flash back the before readout without any password to the Bioschip with EEpromer.
And voila;)), on the same board now the Bios shows NO password and the compi starts normal.

This means: The major(?) part of the Admin password in UEFI Bios is stored in Bioschip.
CMOS I do not clear, so nothing of password in UEFI Bios is stored in CMOS.

Überprüfung auf Unterschiede

1. F:\P8H77-M-ASUS-1202\BiosOHNEPasswordtest220210903_235655_FLASH_25064.bin: 8.388.608 Bytes
2. F:\P8H77-M-ASUS-1202\MitPasswordTest220210904_000426_FLASH_25064.bin: 8.388.608 Bytes
Offsets: hexadez.

 155BE:	DC	C8
 155C9:	5C	48
 155D4:	DC	C8
 155DF:	FF	48
 155E0:	FF	F0
 155E1:	FF	00
 155E2:	FF	0D
 155E3:	FF	03
 155E4:	FF	00
 155E5:	FF	0C
 155E6:	FF	00
 155E7:	FF	07
 155E8:	FF	07
 155E9:	FF	03
 155EA:	FF	C8
 155EB:	FF	F0
 155EC:	FF	00
 155ED:	FF	02
 155EE:	FF	00
 155F0:	FF	40
 155F1:	FF	00
 155F2:	FF	07
 155F3:	FF	07
 155F4:	FF	04
 155F5:	FF	DC
 155F6:	FF	F0
 155F7:	FF	00
 155F8:	FF	2A
 155F9:	FF	00
 155FA:	FF	00
 155FB:	FF	48
 155FC:	FF	00
 155FD:	FF	07
 155FE:	FF	08
 155FF:	FF	00
 15600:	FF	48
 15601:	FF	F0
 15602:	FF	00
 15603:	FF	0D
 15604:	FF	03
 15605:	FF	00
 15606:	FF	0C
 15607:	FF	00
 15608:	FF	07
 15609:	FF	08
 1560A:	FF	01
 1560B:	FF	C8
 1560C:	FF	F0
 1560D:	FF	00
 1560E:	FF	02
 1560F:	FF	00
 15611:	FF	40
 15612:	FF	00
 15613:	FF	07
 15614:	FF	08
 15615:	FF	02
 15616:	FF	5C
 15617:	FF	F0
 15618:	FF	00
 15619:	FF	0D
 1561A:	FF	03
 1561B:	FF	00
 1561C:	FF	0C
 1561D:	FF	00
 1561E:	FF	07
 1561F:	FF	08
 15620:	FF	03
 15621:	FF	DC
 15622:	FF	F0
 15623:	FF	00
 15624:	FF	02
 15625:	FF	00
 15627:	FF	40
 15628:	FF	00
 15629:	FF	07
 1562A:	FF	08
 1562B:	FF	04
 1C01D:	80	00
 1C01E:	FF	00
 1C01F:	FF	00
 1C020:	FF	1F
 1C021:	FF	F8
 1C098:	FF	08
 1C099:	FF	09
 1C7A0:	FF	83
 1C7A1:	FF	0E
 1C7A2:	FF	00
 1C7A3:	FF	00
 1C7A4:	FF	00
 1C7A5:	FF	00
 1C7A6:	FF	13
 1C7A7:	FF	00
 1C7A8:	FF	0F
 1C7A9:	FF	0F
 1C7AA:	FF	00
 1C7AB:	FF	00
 1C7AC:	FF	00
 1C7AD:	FF	00
 1C7B0:	FF	84
 1C7B1:	FF	42
 1C7B2:	FF	5D
 1C7B3:	FF	00
 1C7B4:	FF	00
 1C7B5:	FF	00
 1C7B6:	FF	69
 1C7B7:	FF	89
 1C7B8:	FF	00
 1C7B9:	FF	00
 1C7BA:	FF	00
 1C7BB:	FF	00
 1C7BC:	FF	00
 1C7BD:	FF	00
 1C7BE:	FF	00
 1C7BF:	FF	00
 1C7C0:	FF	00
 1C7C1:	FF	00
 1C7C2:	FF	00
 1C7C3:	FF	00
 1C7C4:	FF	00
 1C7C5:	FF	00
 1C7C6:	FF	00
 1C7C7:	FF	00
 1C7C8:	FF	00
 1C7C9:	FF	00
 1C7CA:	FF	00
 1C7CB:	FF	00
 1C7CC:	FF	00
 1C7CD:	FF	00
 1C7CE:	FF	00
 1C7CF:	FF	00
 1C7D0:	FF	00
 1C7D1:	FF	00
 1C7D2:	FF	00
 1C7D3:	FF	00
 1C7D4:	FF	00
 1C7D5:	FF	00
 1C7D6:	FF	00
 1C7D7:	FF	00
 1C7D8:	FF	00
 1C7D9:	FF	00
 1C7DA:	FF	00
 1C7DB:	FF	00
 1C7DC:	FF	00
 1C7DD:	FF	00
 1C7DE:	FF	00
 1C7DF:	FF	00
 1C7E0:	FF	00
 1C7E1:	FF	00
 1C7E2:	FF	00
 1C7E3:	FF	00
 1C7E4:	FF	00
 1C7E5:	FF	00
 1C7E6:	FF	00
 1C7E7:	FF	00
 1C7E8:	FF	00
 1C7E9:	FF	00
 1C7EA:	FF	00
 1C7EB:	FF	00
 1C7EC:	FF	00
 1C7ED:	FF	00
 1C7EE:	FF	00
 1C7EF:	FF	00
 1C7F0:	FF	00
 1C7F1:	FF	00
 1C800:	FF	80
 1C801:	FF	4A
 1C802:	FF	00
 1C803:	FF	01
 1C804:	FF	02
 1C805:	FF	03
 1C806:	FF	04
 1C807:	FF	05
 1C808:	FF	06
 1C809:	FF	07
 1C80A:	FF	08
 1C80B:	FF	09
 1C80C:	FF	0A
 1C80D:	FF	0B
 1C80E:	FF	0C
 1C80F:	FF	0D
 1C810:	FF	0E
 1C811:	FF	0F
 1C812:	FF	06
 1C813:	FF	06
 1C814:	FF	06
 1C815:	FF	06
 1C816:	FF	06
 1C817:	FF	06
 1C818:	FF	00
 1C819:	FF	00
 1C81A:	FF	00
 1C81B:	FF	00
 1C81C:	FF	01
 1C81D:	FF	01
 1C81E:	FF	04
 1C81F:	FF	04
 1C820:	FF	01
 1C821:	FF	01
 1C822:	FF	00
 1C823:	FF	00
 1C824:	FF	00
 1C825:	FF	00
 1C826:	FF	00
 1C827:	FF	00
 1C828:	FF	00
 1C829:	FF	00
 1C82A:	FF	00
 1C82B:	FF	00
 1C82C:	FF	00
 1C82D:	FF	00
 1C82E:	FF	00
 1C82F:	FF	00
 1C830:	FF	00
 1C831:	FF	00
 1C832:	FF	00
 1C833:	FF	00
 1C834:	FF	04
 1C835:	FF	01
 1C836:	FF	01
 1C837:	FF	10
 1C838:	FF	00
 1C839:	FF	00
 1C83A:	FF	00
 1C83B:	FF	00
 1C83C:	FF	00
 1C83D:	FF	00
 1C83E:	FF	00
 1C83F:	FF	00
 1C840:	FF	00
 1C841:	FF	00
 1C842:	FF	00
 1C843:	FF	00
 1C844:	FF	00
 1C845:	FF	00
 1C846:	FF	00
 1C847:	FF	00
 1C848:	FF	00
 1C849:	FF	00
 1C850:	FF	81
 1C851:	FF	0E
 1C852:	FF	00
 1C853:	FF	00
 1C854:	FF	00
 1C855:	FF	00
 1C856:	FF	13
 1C857:	FF	00
 1C858:	FF	0F
 1C859:	FF	0F
 1C85A:	FF	00
 1C85B:	FF	00
 1C85C:	FF	00
 1C85D:	FF	00
 1C860:	FF	82
 1C861:	FF	42
 1C862:	FF	5D
 1C863:	FF	00
 1C864:	FF	00
 1C865:	FF	00
 1C866:	FF	FD
 1C867:	FF	89
 1C868:	FF	00
 1C869:	FF	00
 1C86A:	FF	00
 1C86B:	FF	00
 1C86C:	FF	00
 1C86D:	FF	00
 1C86E:	FF	00
 1C86F:	FF	00
 1C870:	FF	00
 1C871:	FF	00
 1C872:	FF	00
 1C873:	FF	00
 1C874:	FF	00
 1C875:	FF	00
 1C876:	FF	00
 1C877:	FF	00
 1C878:	FF	00
 1C879:	FF	00
 1C87A:	FF	00
 1C87B:	FF	00
 1C87C:	FF	00
 1C87D:	FF	00
 1C87E:	FF	00
 1C87F:	FF	00
 1C880:	FF	00
 1C881:	FF	00
 1C882:	FF	00
 1C883:	FF	00
 1C884:	FF	00
 1C885:	FF	00
 1C886:	FF	00
 1C887:	FF	00
 1C888:	FF	00
 1C889:	FF	00
 1C88A:	FF	00
 1C88B:	FF	00
 1C88C:	FF	00
 1C88D:	FF	00
 1C88E:	FF	00
 1C88F:	FF	00
 1C890:	FF	00
 1C891:	FF	00
 1C892:	FF	00
 1C893:	FF	00
 1C894:	FF	00
 1C895:	FF	00
 1C896:	FF	00
 1C897:	FF	00
 1C898:	FF	00
 1C899:	FF	00
 1C89A:	FF	00
 1C89B:	FF	00
 1C89C:	FF	00
 1C89D:	FF	00
 1C89E:	FF	00
 1C89F:	FF	00
 1C8A0:	FF	00
 1C8A1:	FF	00
 1C8B0:	FF	83
 1C8B1:	FF	0E
 1C8B2:	FF	00
 1C8B3:	FF	00
 1C8B4:	FF	00
 1C8B5:	FF	00
 1C8B6:	FF	13
 1C8B7:	FF	00
 1C8B8:	FF	0F
 1C8B9:	FF	0F
 1C8BA:	FF	00
 1C8BB:	FF	00
 1C8BC:	FF	00
 1C8BD:	FF	00
 1C8C0:	FF	A4
 1C8C1:	FF	40
 1C8C2:	FF	07
 1C8C3:	FF	09
 1C8C4:	FF	00
 1C8C5:	FF	5D
 1C8C6:	FF	00
 1C8C7:	FF	00
 1C8C8:	FF	00
 1C8C9:	FF	29
 1C8CA:	FF	8A
 1C8CB:	FF	00
 1C8CC:	FF	00
 1C8CD:	FF	00
 1C8CE:	FF	00
 1C8CF:	FF	00
 1C8D0:	FF	00
 1C8D1:	FF	00
 1C8D2:	FF	00
 1C8D3:	FF	00
 1C8D4:	FF	00
 1C8D5:	FF	00
 1C8D6:	FF	00
 1C8D7:	FF	00
 1C8D8:	FF	00
 1C8D9:	FF	00
 1C8DA:	FF	00
 1C8DB:	FF	00
 1C8DC:	FF	00
 1C8DD:	FF	00
 1C8DE:	FF	00
 1C8DF:	FF	00
 1C8E0:	FF	00
 1C8E1:	FF	00
 1C8E2:	FF	00
 1C8E3:	FF	00
 1C8E4:	FF	00
 1C8E5:	FF	00
 1C8E6:	FF	00
 1C8E7:	FF	00
 1C8E8:	FF	00
 1C8E9:	FF	00
 1C8EA:	FF	00
 1C8EB:	FF	00
 1C8EC:	FF	00
 1C8ED:	FF	00
 1C8EE:	FF	00
 1C8EF:	FF	00
 1C8F0:	FF	00
 1C8F1:	FF	00
 1C8F2:	FF	00
 1C8F3:	FF	00
 1C8F4:	FF	00
 1C8F5:	FF	00
 1C8F6:	FF	00
 1C8F7:	FF	00
 1C8F8:	FF	00
 1C8F9:	FF	00
 1C8FA:	FF	00
 1C8FB:	FF	00
 1C8FC:	FF	00
 1C8FD:	FF	00
 1C8FE:	FF	00
 1C8FF:	FF	00
 1C900:	FF	80
 1C901:	FF	07
 1C902:	FF	00
 1C903:	FF	00
 1C904:	FF	00
 1C905:	FF	00
 1C906:	FF	00
1A5BF2:	FF	CE
1A5BF3:	FF	20
1A5BF4:	FF	00
1A5C41:	FF	8A
1A5C42:	FF	20
1A5C43:	FF	00
1A74FF:	FF	B5
1A7500:	FF	07
1A7501:	FF	00
1A7AE0:	FF	9C
1A7AE1:	FF	01
1A7AE2:	FF	00
1A7AEE:	FF	9C
1A7AEF:	FF	01
1A7AF0:	FF	00
1A7B0C:	FF	90
1A7B0D:	FF	01
1A7B0E:	FF	00
1A7C67:	83	03
1A7C76:	FF	4E
1A7C77:	FF	56
1A7C78:	FF	41
1A7C79:	FF	52
1A7C7A:	FF	0E
1A7C7B:	FF	00
1A7C7C:	FF	AA
1A7C7D:	FF	00
1A7C7E:	FF	00
1A7C7F:	FF	88
1A7C80:	FF	FD
1A7C81:	FF	0A
1A7C82:	FF	00
1A7C83:	FF	00
1A7C84:	FF	4E
1A7C85:	FF	56
1A7C86:	FF	41
1A7C87:	FF	52
1A7C88:	FF	12
1A7C89:	FF	00
1A7C8D:	FF	88
1A7C8E:	FF	EA
1A7C8F:	FF	27
1A7C90:	FF	00
1A7C91:	FF	00
1A7C92:	FF	BA
1A7C93:	FF	B9
1A7C94:	FF	00
1A7C95:	FF	00
1A7C96:	FF	4E
1A7C97:	FF	56
1A7C98:	FF	41
1A7C99:	FF	52
1A7C9A:	FF	0C
1A7C9B:	FF	00
1A7C9C:	FF	0C
1A7C9D:	FF	00
1A7C9E:	FF	00
1A7C9F:	FF	88
1A7CA0:	FF	00
1A7CA1:	FF	00
1A7CA2:	FF	4E
1A7CA3:	FF	56
1A7CA4:	FF	41
1A7CA5:	FF	52
1A7CA6:	FF	0C
1A7CA7:	FF	00
1A7CA8:	FF	8C
1A7CA9:	FF	00
1A7CAA:	FF	00
1A7CAB:	FF	88
1A7CAC:	FF	01
1A7CAD:	FF	00
1A7CAE:	FF	4E
1A7CAF:	FF	56
1A7CB0:	FF	41
1A7CB1:	FF	52
1A7CB2:	FF	0C
1A7CB3:	FF	00
1A7CB7:	FF	88
1A7CB8:	FF	18
1A7CB9:	FF	00
1A7CBA:	FF	4E
1A7CBB:	FF	56
1A7CBC:	FF	41
1A7CBD:	FF	52
1A7CBE:	FF	0B
1A7CBF:	FF	00
1A7CC0:	FF	B2
1A7CC1:	FF	00
1A7CC2:	FF	00
1A7CC3:	FF	88
1A7CC4:	FF	01
1A7CC5:	FF	4E
1A7CC6:	FF	56
1A7CC7:	FF	41
1A7CC8:	FF	52
1A7CC9:	FF	5B
1A7CCA:	FF	00
1A7CCE:	FF	88
1A7CCF:	FF	00
1A7CD0:	FF	00
1A7CD1:	FF	00
1A7CD2:	FF	00
1A7CD3:	FF	00
1A7CD4:	FF	00
1A7CD5:	FF	00
1A7CD6:	FF	00
1A7CD7:	FF	00
1A7CD8:	FF	00
1A7CD9:	FF	00
1A7CDA:	FF	00
1A7CDB:	FF	00
1A7CDC:	FF	00
1A7CDD:	FF	00
1A7CDE:	FF	00
1A7CDF:	FF	00
1A7CE0:	FF	00
1A7CE1:	FF	00
1A7CE2:	FF	00
1A7CE3:	FF	00
1A7CE4:	FF	00
1A7CE5:	FF	00
1A7CE6:	FF	00
1A7CE7:	FF	00
1A7CE8:	FF	00
1A7CE9:	FF	00
1A7CEA:	FF	00
1A7CEB:	FF	00
1A7CEC:	FF	00
1A7CED:	FF	00
1A7CEE:	FF	00
1A7CEF:	FF	00
1A7CF0:	FF	00
1A7CF1:	FF	00
1A7CF2:	FF	00
1A7CF3:	FF	00
1A7CF4:	FF	00
1A7CF5:	FF	00
1A7CF6:	FF	00
1A7CF7:	FF	3F
1A7CF8:	FF	93
1A7CF9:	FF	DF
1A7CFA:	FF	26
1A7CFB:	FF	74
1A7CFC:	FF	BA
1A7CFD:	FF	18
1A7CFE:	FF	4D
1A7CFF:	FF	AA
1A7D00:	FF	E0
1A7D01:	FF	43
1A7D02:	FF	74
1A7D03:	FF	0F
1A7D04:	FF	07
1A7D05:	FF	A8
1A7D06:	FF	9A
1A7D07:	FF	52
1A7D08:	FF	2E
1A7D09:	FF	FE
1A7D0A:	FF	C1
1A7D0B:	FF	88
1A7D0C:	FF	54
1A7D0D:	FF	23
1A7D0E:	FF	E8
1A7D0F:	FF	FA
1A7D10:	FF	7B
1A7D11:	FF	93
1A7D12:	FF	0E
1A7D13:	FF	64
1A7D14:	FF	A2
1A7D15:	FF	B0
1A7D16:	FF	35
1A7D17:	FF	0B
1A7D18:	FF	C9
1A7D19:	FF	66
1A7D1A:	FF	5C
1A7D1B:	FF	C1
1A7D1C:	FF	EF
1A7D1D:	FF	1C
1A7D1E:	FF	83
1A7D1F:	FF	02
1A7D20:	FF	4E
1A7D21:	FF	56
1A7D22:	FF	41
1A7D23:	FF	52
1A7D24:	FF	0E
1A7D25:	FF	00
1A7D26:	FF	26
1A7D27:	FF	00
1A7D28:	FF	00
1A7D29:	FF	88
1A7D2A:	FF	FE
1A7D2B:	FF	0A
1A7D2C:	FF	00
1A7D2D:	FF	00
1A7D2E:	FF	4E
1A7D2F:	FF	56
1A7D30:	FF	41
1A7D31:	FF	52
1A7D32:	FF	0C
1A7D33:	FF	00
1A7D34:	FF	0C
1A7D35:	FF	00
1A7D36:	FF	00
1A7D37:	FF	88
1A7D38:	FF	00
1A7D39:	FF	00
1A7D3A:	FF	4E
1A7D3B:	FF	56
1A7D3C:	FF	41
1A7D3D:	FF	52
1A7D3E:	FF	0C
1A7D3F:	FF	00
1A7D40:	FF	1A
1A7D41:	FF	00
1A7D42:	FF	00
1A7D43:	FF	88
1A7D44:	FF	01
1A7D45:	FF	00
1A7D46:	FF	4E
1A7D47:	FF	56
1A7D48:	FF	41
1A7D49:	FF	52
1A7D4A:	FF	0E
1A7D4B:	FF	00
1A7D4F:	FF	88
1A7D51:	FF	0A
1A7D52:	FF	00
1A7D53:	FF	00
1A7D54:	FF	4E
1A7D55:	FF	56
1A7D56:	FF	41
1A7D57:	FF	52
1A7D58:	FF	0C
1A7D59:	FF	00
1A7D5A:	FF	0C
1A7D5B:	FF	00
1A7D5C:	FF	00
1A7D5D:	FF	88
1A7D5E:	FF	00
1A7D5F:	FF	00
1A7D60:	FF	4E
1A7D61:	FF	56
1A7D62:	FF	41
1A7D63:	FF	52
1A7D64:	FF	0C
1A7D65:	FF	00
1A7D69:	FF	88
1A7D6A:	FF	01
1A7D6B:	FF	00
1A7D6C:	FF	4E
1A7D6D:	FF	56
1A7D6E:	FF	41
1A7D6F:	FF	52
1A7D70:	FF	0B
1A7D71:	FF	00
1A7D75:	FF	88
1A7D76:	FF	00
1A7D77:	FF	4E
1A7D78:	FF	56
1A7D79:	FF	41
1A7D7A:	FF	52
1A7D7B:	FF	18
1A7D7C:	FF	00
1A7D80:	FF	83
1A7D81:	FF	04
1A7D82:	FF	42
1A7D83:	FF	6F
1A7D84:	FF	6F
1A7D85:	FF	74
1A7D86:	FF	46
1A7D87:	FF	72
1A7D88:	FF	6F
1A7D89:	FF	6D
1A7D8A:	FF	55
1A7D8B:	FF	53
1A7D8C:	FF	42
1A7D8D:	FF	00
1A7D8E:	FF	00

681 Abweichung(en) gefunden.


Bios WithOUTpassword ASUS P8H77-M
⇗ https://ufile.io/yz5ew0bb

Bios with Password ASUS P8H77-M
⇗ https://ufile.io/n4ytmjur
#7730daniel_k⇗ @diderius6

Congrats on your research!
Did you try on a password protected untouched board?

What about the first board, it's really defective?
#7731diderius6⇗ @daniel_k

Yesterday, after I delete Admin password in Bios, I set up XP SP3 on this second ASUS P8H77-M board.
Today just now I start XP one time, Bios without password and shut compi down.
Direct after this I read out Bios without Password.

Then I start this second board again, and hit F2 for Bios and set Admin password.
Then I shut this compi down. Then I start this compi with Password in Bios one more time, test via F2 if compi asks for password, yepp asks, I boot full XP and then shut down.
Direct after this I read out its Bios chip with password with EEpromer.

After this I flash back to this Bios chip the before readout without password and put the Bioschip without password back into compi.
And voila, Bios via F2 shows not password and compi starts normal XP SP3.

What happens to the first board I do not know. May be, that a compi with Admin password does not like to work with a Bios without password from other compi and refuses to start after this at all, means board is destroyed, even you flash its own, original Bios with password back. Because I have 16 identic boards, I will test this also, brr..
#7732daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7731
What happens to the first board I do not know. May be, that a compi with Admin password does not like to work with a Bios from other compi and refuses to start after this, means is destroyes. Because I have 16 identic boards, I will test this also, brr..

Yes, your best bet is to "clear" the password from the original dump using your technique above, then flash it on the first board.
#7733diderius6⇗ @daniel_k

I flash its own Bios with password back to first board.
First board does not awake. This means, that this board is destroyed,
possible before any operation with Bios on it.

On second board I flash the Bios from first board with password.
Now, second board is "dead" also.
When I flash back its own Bios without password to second board, it works again.
Then I flash back its own Bios with passport. It works again and asks for password.
When I give this password via F2 in Bios and delete there in Bios its Admin Password, second board is free and works without password and boots to XP.

Conclusions: If the Bios file from the first board has no other damage, this means, that you cant use an UEFI Bios chip with password on another board from same brand. And IF first board is ok, you cant use an UEFI Bios chip without password on another compi from same brand.
But the situation is not to 100% clear: Imagine, that the first compi AND its Bios with password has errors,
the behavior will be the same. So I need to test a 3. board, which asks for password and shows, that the board and Bios together are all ok on this 3. board.

And then, I test there on 3. compi the Bios without password from second compi
Dietmar

EDIT: Yessa, 3. board gives explanation to 100%. It asks at once for password.
Then I put in this board Bios chip from second board without password.
And voila, this 3. board now starts with Bios from 2. board without password.
And 3. board does not longer ask for password!

This means: First board has unknown problems. And also may be even its Bios has errors or it is just because of password protected.

Now the ultimative Hack for to overcome any Admin Password in UEFI Bios is, to put there just a Bios chip from another compi of same brand without password. This means, that the UEFI Bios Admin Password is ONLY stored in its Bios chip.
#7734daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7733
I flash its own Bios with password back to first board.
First board does not awake. This means, that this board is destroyed,
possible before any operation with Bios on it.

So even after flashing the original BIOS with password, it doesn't give that "light show" anymore?

What about trying to temporarily change the CPU?
#7735diderius6⇗ @daniel_k

CPU and Ram, both from first board, I put in 3. board.
Works.

This means, that the first motherboard itself has an unknown problem
Dietmar
#7736diderius6⇗ @daniel_k

At the very last I test, if it is possible, to boot from UEFI Bios chip from other compi (same brand) with other password.
Yes, it is, then Bios asks for this other Admin Password and you can go to Bios with this other password.
This means, that first board is defekt and that there are also errors in its original Bios, crazy
Dietmar
#7737diderius6⇗ @daniel_k

You can also use the Bios from Website and flash it with EEpromer
to your Bios chip for to overcome any UEFI BIOS Admin Password.

In this case you have to edit the Mac adress for the Lan by yourself.

I test this just now with Bios 1202 from Asus Website for board Asus P8H77-M, works;))..

Dietmar
#7738daniel_k⇗ @diderius6

Great, it was just a defective board after all.

Those 2nd/3rd gen boards are great for XP, native support etc. And for free!

Let us know how many boards are OK after testing them all.
#7739diderius6⇗ @daniel_k

Hihi,
I put everything out of the tower for board1.
I put everything out from board1.
I put everything new and clean in board1,

now it works;))
Dietmar

#7740daniel_k⇗ @diderius6


Those computer mysteries we can't explain.

 

Page 517

#7741gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7739
now it works;))
⇗ @diderius6 ...for what it's worth...I had a heck of a time recently getting an Intel DQ35JOE to boot consistently. I have two identical boards and one board would boot while the other one would not. Then it reversed.

Seemed to be memory card placement, but I'm not sure. I was using memory cards of different sizes and from different manufacturers. I played with it for a while then settled on placing both of the larger cards in the A slots and the smaller cards in the B slots. The computer has been running stable now for several months. I think the problem might have been caused by me. It came originally with the smaller cards in the A-slot and I added larger memory sized cards in the B-slots.

The DQ35JOE has an interesting RTC jumper arrangement. With a jumper on 1 - 2 it runs normally. With the jumper on 2 - 3, it goes into Maintenance Mode, where you can perform several functions like clearing BIOS, etc. Anyway, between memory card placement/re-seating and working in Maintenance Mode, I now have the board running OK.

Btw...if the boards have been stored in a damp location, the contacts for the memory cards and the PCI   bus may have slightly corroded. It's easy to clean the card contacts but not so easily to get at the socket contacts. I used to apply 99% isopropyl alcohol to the card contacts and insert/re-insert them several times to clean the socket contacts. It would be better if you had some kind of material for insertion into the socket that would absorb the alcohol yet not leave lint on the socket contacts.

Typically, you can have a 0.5 volt drop across normal contacts. With a 5 volt supply you could get away with that but with the 3.3 volt rail voltage or 1.8 volts supplied to the processor it would be far more critical. I don't know how low the PCI voltages get but I presume it is critical to keep all the PCI and memory sockets as clean as possibly.

I wonder if there are products for cleaning the sockets, something you could insert into the various sockets to clean them with 99% isopropyl alcohol?
#7742ruthanI wonder if exists Killer E2500 WinXP driver? I managed to get working Killer E2200 card, but not found E2500 driver.
#7743diderius6⇗ @gordo999

Yes, this board is unstable.
I have seen this with bad contacts in memory slots. I clean all as good as I can,
helps a little but not complete.
When I take a closer look at this board, it looks as if it has been to repair,
so those problems have been there before also.
Until now I tested 3 boards from 16.
2 are rockstable and fast, I run a lot of tests on them
have a nice evening
Dietmar

PS: Now I can hack Admin Password in UEFI Bios on the fly ).
So, nice result in any case!
#7744mockingbird
Zitat von ⇗ infuscomus im Beitrag ¶ #7501
@mockingbird

OK, try this one.

Sorry for the late response again, it's been a busy couple of weeks.

Please see attached BSOD.

Zitat von ⇗ diderius6 im Beitrag ¶ #7507
@infuscomus @mockingbird @Masterchief79

I make a quick and dirty hack on last acpi.sys from outerspace ),
please try

Dietmar

⇗ https://ufile.io/9f6ng0y4

Thanks, this was a definite improvement.  Now, instead of getting stuck on the shutting down screen, the screen goes black and the monitor loses signal (yet the power stays on), but the system doesn't reboot.

mockingbird has attached images to this post  ⇗ IMG_20210905_232530787.jp
#7745diderius6⇗ @mockingbird

This screen you can see only,
when the last modded acpi.sys isnt any longer in Windows\System32\drivers

Dietmar
#7746mockingbird
@mockingbird

This screen you can see only,
when the last modded acpi.sys isnt any longer in Windows\System32\drivers

Dietmar

Ah, sorry for the misunderstanding, this isn't the case here...

A few pages back ⇗ @infuscomus was modifying my DSDT to fix my problem where my system would not reboot when a PS/2 mouse and keyboard were plugged in.

And you posted a modified acpi.sys. The BSOD is for ⇗ @infuscomus when testing his modded DSDT, and the report for the ACPI.sys is for you. Thanks
#7747 LOST
#7748 LOST
#7749 LOST
#7750 LOST
#7751 LOST
#7752gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7748
Personally I dont like win10. Win8.1 I like a little, but most of all I like XP
Dietmar
⇗ @diderius6 ...Dietmar...I pinch my nose when I used W10, it stinks. However, with today's security issues, sites are beginning to demand W10. For example, online banking. If you get hacked while online, which is not likely if you are very careful, the banks will likely argue that you are using a Window's OS that is not properly secured. If you take it to court, the judges will likely accept the word of Microsoft.

Are you using the W8 version that uses the tiles instead of a Start button with menu? Even with W10, I use an app that changes the Start button back to the W7 version, so the tiles are gone and when you hit Start you get a W7-style menu. My W10 is not much different than W7/XP in appearance.

With the faster B360M mobo w/i5 processor, I hardly notice the difference in performance between XP and W10. There are other issues too. I run music apps on XP -32bit and the x86 plugins I use won't work on x64 bit systems. Therefore, I have converted to running the music apps on W7 - x64.
#7753infuscomus⇗ @mockingbird

So it manages to restart but fails to POST afterwards?

⇗ @diderius6

have you ever experienced anything like this in your testing?
#7754diderius6⇗ @infuscomus

Yes, I have seen this.
Until now only, when there is a problem with the Sata driver or on AMD boards with the PS/2 keyboard or with USB.
Other possibility is, that the original acpi.sys is changed back from System Restore into Windows\System32\drivers
Dietmar
#7755mockingbird
Zitat von ⇗ infuscomus im Beitrag ¶ #7753
@mockingbird

So it manages to restart but fails to POST afterwards?


Yes, correct.

Also, I'd like to confirm that System Restore is disabled, and System File Protection did not replace the ACPI.sys in the drivers folder.

 

Page 518

#7756infuscomus⇗ @mockingbird

It would seem that softmodding your DSDT with grub2 isn't the right approach in your case, I could never get past A5 0x03 BSOD no matter what I changed in the table.

an acpi.sys mod seems promising for you though - ⇗ @diderius6 can help with that.
#7757infuscomusIt would be nice if ⇗ @Mov AX, 0xDEAD would come back so that we might get the Vista RTM acpi.sys working reliably in XP instead of seeming at random from what ⇗ @diderius6 observed.

If Vista RTM acpi.sys can be made to reliably work in XP then it should also be possible to do the same with 7/8.1/10 acpi.sys
#7758diderius6⇗ @daniel_k ⇗ @gordo999

I get one more board Asus P8H77-M, complete with cpu  i3-3240 and 4 Gb ram, all complete in tower with power supply, harddisk and CD rom, keyboards and monitors.
From 17 of those boards 15 work fantastic stable. I run with AVX enabled prime95, 3dmark2001 and cinebench 11529 on them.
Temperature is always around 50 degrees, even under heavy load. USB3, USB2 runs very fast and stable with
nice Win8 ported driver from ⇗ @Mov AX, 0xDEAD .
I noticed another interesting "feature". On all of my newer compis from Intel or AMD, when you run those benchmarks,
a video running at the same time on Youtube always stocks. But with this "Ivy Bridge" chipset not. Hm why?
Stand By does not work under XP SP3 on those boards.

First board does not work stable and another board is from beginning "dead", shows no reaction.
This board I will check tomorrow a little bit further.
Now I have really a lot of platforms with monitors, keyboards for to test anything with XP, Bios hacks etc;))..
Dietmar
#7759diderius6Only the power source of this "dead" board is defect.
I just change it against the power source from the unstable board
and now I have a cluster of 16 Asus P8H77-M compis,
tested and work as brandnew.
Biosmod and to try to implement there legacy nvme can start now )
Dietmar
#7760daniel_k⇗ @diderius6

Congrats!

Do you have a soldering station or something?
#7761diderius6⇗ @daniel_k

I have a HOT air gun (be careful with your fingers;)) )
and other soldering staff.
Few years ago I was good in soldering.

Do you have an idea, how to implement a legacy nvme to the Bios of the Asus P8H77-M board ?
Few month ago I tried via nvme CSM Bios from another compi,
but this Bios does not work in full in legacy mode for XP
Dietmar

PS: Because the Bios chip is on socket on each of this boards,
with EEpromer Revelprog IS I can program everything as I want into this Bios without any risk.
#7762daniel_k
Zitat von ⇗ diderius6 im Beitrag ¶ #7761
Do you have an idea, how to implement a legacy nvme to the Bios of the Asus P8H77-M board ?

That board uses AMI Aptio 4, if I'm not mistaken.

See if an Aptio 4 BIOS supporting NVMe was ever released, so you could try to use those modules.

For Aptio 5 (my Z370 board), searching for INT13 in UEFITool NE, I can see many modules, for AHCI, NVMe and USB.
#7763diderius6⇗ @daniel_k

I compare the Bios for the board Asus H97M-E .
The last Bios version without nvme support 2401.CAP
with the first Bios with nvme 2402.CAP.

With UEFI tool I look for the word nvme (text Unicode and text normal).

I found the 3 known files only in Bios 2402.cap

Nvme
NvmeSmm
NVMEINT13

But the word nvme appears also in

Section_Freeform_subtype_GUID_97E409E6-4CC1-11D9-81F6-000000000000_Setup_Setup
Section_Raw_CSMCORE_CSMCORE

So I think, that to integrate those 3 files Nvme NvmeSmm NVMEINT13  into Bios from Asus P8H77-M is not enough.

How to edit in the Bios from Asus P8H77-M those 2 files for to have legacy nvme

Section_Freeform_subtype_GUID_97E409E6-4CC1-11D9-81F6-000000000000_Setup_Setup
Section_Raw_CSMCORE_CSMCORE

Dietmar
#7764daniel_k⇗ @diderius6

Try this using programmer:
⇗ http://www.mediafire.com/file/kdrtpvuxxeybf24

Basically, the key to CSM NVME support is in Section_Raw_CSMCORE_CSMCORE and maybe in Section_PE32_image_CsmDxe_CSMCORE_body.

ASRock H87 Pro4 Beta BIOS give us some clues:
⇗ https://www.asrock.com/mb/Intel/H87%20Pro4/index.asp#BIOS

At the end of Section_Raw_CsmDxe_CSMCORE_body, there is USB Storage and NVME Storage (when supported) blocks.
The USB Storage block is identical to your P8H77-M's BIOS.

There are differences in Section_PE32_image_CsmDxe_CSMCORE_body, but I don't know if they are really required or are result of other changes in the beta BIOS.
#7765diderius6⇗ @daniel_k

Thanks a lot for help. I think, together Bios has no chance;))..
Just now, with your for nvme modded Bios,
the board starts with all LEDs,
but no video output and no LED on keyboard.

Can you make a try with the original Bios (for nvme mod) from this board, which I just upload,
have a nice evening
Dietmar

⇗ https://ufile.io/vuz7te1r
#7766daniel_k⇗ @diderius6

Let's try one step at a time:
⇗ http://www.mediafire.com/file/q026p4ad215zbij

See if it boots and USB boot works.
#7767diderius6⇗ @daniel_k

With Test1 Bios, compi boots and all USB works, everything works normal.
But it hangs for USB3 or USB2 boot, blinking cursor direct at start, even in Bios the USB device is shown
Dietmar
#7768daniel_k⇗ @diderius6

Try Test2:
⇗ http://www.mediafire.com/file/miksjc1zws5m6iy
#7769diderius6⇗ @daniel_k

I make a crazy test:
I flash the whole Bios Z77EXT4  2.90P from Website for Asrock board
⇗ https://www.asrock.com/mb/intel/z77%20extreme4/#BIOS
I think, that this Bios for chipset Z77 is the only one with nvme support.

The compi starts, the nvme Samsung 960 pro
is recogniced in Bios,
but compi does not boot from it.
After boot to full XP via Sata disk with this Z77 Bios,
XP hangs
Dietmar
#7770daniel_k⇗ @diderius6

Crossflash is complicated.

In BIOS there are ID checks for chipset/device IDs, and Super I/O controller and programmable Voltage regulator must match.

 

Page 519

#7771diderius6⇗ @daniel_k

USB2,3 boot works with Bios Test 2
Dietmar
#7772daniel_k⇗ @diderius6

Here is test3:
⇗ http://www.mediafire.com/file/albf078hbiy35eg
#7773diderius6⇗ @daniel_k

With Bios test3,
the blue LED from the nvme Samsung 960 Pro is flickering at the very first boot stage.
This means, that it is recogniced from Bios!

But the nvme Samsung 960 Pro is not shown in Bios.

Usb2 boot still works as before, for USB3 boot now it boots only with an other Sata harddisk connected,
which you can switch off during boot from the USB3 harddisk in USB clothes. This strange behavior I know from other boards also, it means nothing
Dietmar
#7774daniel_k⇗ @diderius6

Test4, USB boot won't work, but NVME should:
⇗ http://www.mediafire.com/file/ljf2t0uwjbpwfve
#7775diderius6⇗ @daniel_k

The behavior with Bios test4 is as before:
The blue LED of the nvme Samsung 960 pro is flashing soon as you switch the compi on,
but it is not shown in Bios and you cant boot from it.
Now I set up a new XP for nvme boot. Because XP can be installed to a working boot device,
even it is not recogniced from Bios.
USB I do not test this time
Dietmar

EDIT: My try to set up XP direct to this nvme device does not work, gives blinking cursor at the very first begin of Setup.
EDIT2: This blinking happens, because of no USB support from Bios test4.

May be it is possible, to take all CSM parts from the Bios 2.90P
for the board from Asrock Z77 Extreme4 , which has legacy nvme support for Z77 chipset(!).
This is until now the only variant, which shows the nvme Samsung 960 pro in Bios of the board Asus P8H77-M .
#7776daniel_k⇗ @diderius6

I'm out of ideas.

Support for legacy boot is in CsmDxe (GUID: A062CF1F-8473-4AA3-8793-600BC4FFE9A8), for sure.

I don't understand the iteration between 'PE32 Image section' and 'Raw section', if in PE32 there are pointers to data in Raw section.
#7777diderius6⇗ @daniel_k

May be, that somebody here in the forum knows,
how to compile the whole CSM module for Bios
Dietmar
#7778infuscomus⇗ @daniel_k

are you willing to help me figure out why my TRX4 motherboard's USB 3.0 controller never works at boot?

the device ID is
PCI\VEN_1022&DEV_149C

It will work with your backported windows 8.0 driver if I disable and re-enable the controller in device manager after boot, but it never works at boot up.

any ideas for why it might be behaving like this?
#7779canonkong⇗ @infuscomus
If your amd mainboard is ASUS, it need to disable Fmax and Enable PBO in bios. ASUS bios bring the bug with its special function. Other mainboards not need to do that.
#7780infuscomus⇗ @canonkong

my motherboard is an ASRock TRX40 DESIGNARE

how did you find out about this bug? are you sure only ASUS boards have the bug?
#7781George King⇗ @skullteria I saw you updated your⇗  One-Core-Api GitHub repository. Can you upload also compiled dlls so I can add option into XP2ESD to added them and provide new apps support? I would also create RES patched to get multilanguage support on replaced system files (if possible)

Can you please post compiled dlls and some notes How-to use them? It should be great plugin for XP2ESD if it really adds DX10 and new apps like latest Chrome support

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7782diderius6⇗ @daniel_k

I inserted with MMTool 4.50.0.23
the 3 files Nvme  NvmeSmm NVMEINT13 for legacy nvme boot from the
Asrock Bios 2.90P for their board Z77EXT4 into my original Bios 1202 board15 for my Asus P8H77-M board.
Same effect as your try: The blue LED flashes on the Samsung 960 Pro nvme device,
but it is not listed in Bios and I also cant install XP on it

Dietmar
#7783daniel_k⇗ @infuscomus

Try to install Win 8.0 and see if all USB ports work.
If they do, issue is ACPI related.

If it's a driver issue, can't help.
If it's an ACPI issue, we need someone to improve acpi.sys.
#7784daniel_k⇗ @diderius6

Like I've said before, those NVME modules aren't enough.
Try also to replace the CsmDxe module.
#7785diderius6⇗ @daniel_k

Yepp,
I just did it and voila,
now the Samsung 960 Pro is listed as boot device on the board Asus P8H77-M
with its own, for nvme edited Bios 1202 board15.
Dietmar

PS: I am just installing XP on this nvme device

 

Page 520

#7786daniel_k⇗ @diderius6

Nice, but what about booting other devices (USB, SATA)?
#7787diderius6⇗ @daniel_k

USB3 does not work, only USB2.

Sata I have disconnected all

Dietmar

#7788daniel_k⇗ @diderius6

After testing the current hack, try to also replace USB related modules and/or SATA modules as well, if the ports don't work.
#7789diderius6⇗ @daniel_k

TXTsetup of XP works without any error.
But after reboot and Gui Setup I get message "read error",
so some more work has to be done.
But it looks, that in principe it can be done
Dietmar
#7790daniel_k⇗ @diderius6

Try to replace other dependencies, such as 25ACF158-DD61-4E64-9A49-55851E9A26C7 (CsmBlockIo).
#7791diderius6⇗ @daniel_k

It looks, as if in Gui Setup of XP,
Bios tries to boot the nvme disk with its Sata driver
Dietmar
#7792daniel_k⇗ @diderius6

Dietmar, the easiest way to test this, is to install either Win7 with NVME hotfix or Win8.1.
#7793diderius6⇗ @daniel_k

This time I dont work as chirurg,
just more like slaughter;)).
With Uefi Tool I integrate the 3 nvme files
and also change the whole csmcore driver from Asrock Bios 2.90P for Z77EXT4
into Bios 1012 for the Asus P8H77-M board.

But the effect is the same: The nvme device Samsung 960 Pro is shown in Bios, it is shown there also as boot device,
all works nice in TXT Setup from XP, but on GUI Setup I always get message "Disk read error".

Now USB3 works
Dietmar
#7794skullteria
Zitat von ⇗ George King im Beitrag ¶ #7781
@skullteria I saw you updated your⇗  One-Core-Api GitHub repository. Can you upload also compiled dlls so I can add option into XP2ESD to added them and provide new apps support? I would also create RES patched to get multilanguage support on replaced system files (if possible)

Can you please post compiled dlls and some notes How-to use them? It should be great plugin for XP2ESD if it really adds DX10 and new apps like latest Chrome support



Hello friend, i already updated and upload version 2.0 on github.
⇗ https://github.com/Skulltrail192/One-Cor...eleases/tag/2.0
#7795diderius6⇗ @daniel_k

I take a look, what XP writes on the nvme Samsung 960 Pro via TXT Setup of XP on the Asus P8H77-M board.
XP TXT Setup builds an ntbootdd.sys from the nvme driver and in boot.ini an signature entry.
This happens always, when INT13 fails in Bios.
ntbootdd.sys works on scsiport.sys base and so any driver, that uses storport.sys on the bootdevice fails.

Strange, because the nvme Samsung 960 Pro is listed as bootdevice in Bios
Dietmar
#7796infuscomus⇗ @daniel_k

Hi
In windows 8.0 all the motherboard USB 3.0 ports work correctly.

So it is an ACPI related issue.
any interest in helping me with this? acpi.sys mod? DSDT mod?
#7797daniel_k⇗ @infuscomus

Unfortunately a crash is easier to figure out.
Malfunction would be hit and miss game.
#7798diderius6⇗ @infuscomus

For better understanding, what is going on with this crazy USB,
make a try with a new XP install, hitting F5 and then "Standard PC",
means no Acpi at all
Dietmar
#7799AndaluIs there any way to always have a USB3 device recognized as such when connected to a USB 3.0 switch hub (Generic SuperSpeed USB Hub)?
Unfortunately, this doesn't always happen and many times the USB3 device (as the only device connected to the hub) is recognized as USB2 (Generic USB 2.1 Full Speed Hub).

The only way that so far seems to work better when the USB3 device is recognized as USB2 is to disconnect the USB cable of the device itself and quickly reconnect it to another USB port of the switch HUB (as I read somewhere on the web). But this way doesn't always work on the first try.

An alternative way seems to be to shut down the system and not reboot immediately but after some time, in this case you will almost certainly get the correct recognition of the USB3 device. Both methods are not a definitive solution.
I tried all versions of XP USB3 drivers. Also tried another usb switch and two different PCIEx to USB3 cards in addition to the intel controller on 3 different systems: same behavior.


P.S.:  the switch hub is powered with an additional USB cable. A USB "Y" cable for the USB3 device for additional power did not help.
#7800juk777⇗ @infuscomus Hi! OnceCoreApi2.0 - and what to do about it? Is it easy to install or should there be some kind of sequence?
Everything in a row or something specific?

 

Page 521

#7801infuscomus⇗ @juk777

I've never gotten it to work.
ask ⇗ @skullteria
#7802juk777⇗ @infuscomus I'm sorry - I made a mistake...

⇗ @skullteria  Hi! OnceCoreApi2.0 - and what to do about it? Is it easy to install or should there be some kind of sequence?
Everything in a row or something specific?
#7803skullteria
Zitat von ⇗ juk777 im Beitrag ¶ #7802
@infuscomus I'm sorry - I made a mistake...

@skullteria  Hi! OnceCoreApi2.0 - and what to do about it? Is it easy to install or should there be some kind of sequence?
Everything in a row or something specific?


Hello friend, please, download version 2.0 on "Releases"
⇗ https://github.com/Skulltrail192/One-Cor...eleases/tag/2.0

And see instructions to install and install sequence on readme:
⇗ https://github.com/Skulltrail192/One-Core-API-Binaries
#7804TwinThe webcams problems in PAE mode were mentioned here several times, but there were no solutions of them. I have plug and play SilverCrest Webcam WC2230, on my Win7 32-bit partition it uses only one driver - usbvideo.sys, and works perfectly in PAE mode. On the other hand, on my WinXP 32-bit partition this one driver is not enough; the system installs also kernel streaming driver (ks.sys), which loads yet other 12 co-drivers: dshowext.ax, iyuv_32.dll, ksproxy.ax, kstvtune.ax, ksuser.dll, kswdmcap.ax, ksxbar.ax, msh263.drv, msyuv.dll, tsbyuv.dll, vfwwdm32.dll, and vidcap.ax. In PAE mode XP system freezes (audio is working but video not) and needs forced restart. It does not matter if I use the WinXPPAE 3.5 or Fix128 0.48. There are 2007 year firm drivers available, if used, they replace in both XP+7 systems usbvideo.sys, no problem with PAE on Win7, but on WinXP the second driver ks.sys remains with all 12 co-drivers and video in PAE mode is not working as well, only in this case the XP system does not freeze.

My question to this community is: What is the true cause? Either the PAE incompatibility of one of the 12 co-drivers, or the general problem of patched AMD USB drivers (which otherwise best fit my Intel 100 Series/C230 Skylake) that is responsible for similar issues like checkdisk of flash drives or non-functional sleep mode? If the second alternative is true, is then possible to buy an external USB card with PAE compatible drivers (ASMedia, VIA...) in order to make webcam working on PAE XP?
#7805juk777⇗ @skullteria  Thanks. What does it mean:

"you can't install Base installer and others packages side by side with Kernel Standalone installed"?

Conflict? Or...?
#7806George King
Zitat von ⇗ pappyN4 im Beitrag ¶ #6265
Success for Win8 generic USB3 driver for XP x64.  Full credit to Mov AX, 0xDEAD for showing the way.

¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (328)
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware

WDF 1.11 is same. Some minor differences for x64 USB compared to x86.

KeInitializeSpinLock exists for x86 ntoskrnl.exe but for x64 function needs to be added in emu_extender.  Also, usbd.sys also needs to be changed to use ntoskrn8. For anyone trying this, you can use a hex editor like hexplorer to change and Dependency Walker to make sure everything links together.   PEChecksum.exe when finished with changes.

x86
wpprecorde8 - no change - KeInitSpinLock from ntoskrnl.exe
usb8 - no change  - KeInitSpinLock from ntoskrnl.exe
ucx01000 - change to wpprecorde8 and ntoskrn8.sys - KeInitSpinLock from ntoskrn8->ntoskrnl.exe
usbxhci- change to wpprecorde8 and ntoskrn8.sys - KeInitSpinlock from ntoskrn8->ntoskrnl.exe
usbhub3 - change to wpprecorde8 and ntoskrn8.sys ksecd8 usb8 - KeInitSpinlock from ntoskrn8->ntoskrnl.exe

x64
wpprecorde8 - no change - does not use KeInitSpinLock
usb8 - change to ntoskrn8.sys - KeInitSpinLock from ntoskrn8:function
ucx01000 - change to wpprecorde8 and ntoskrn8.sys - KeInitSpinLock from ntoskrn8:function
usbxhci - change to wpprecorde8 and ntoskrn8.sys - KeInitSpinLock from ntoskrn8:function


usbhub3 - change to wpprecorde8 and ntoskrn8.sys ksecd8 usb8 - KeInitSpinlock from ntoskrn8:function

ksecd8 same as x86 instructions

__security_cookie does need to be changed.  If you skip it, driver will BSOD on you.  I used IDA free to lookup the hex position value of where the cookie is then changed to a random value

x86
usb8 6.2.9200.20761
hexposition:	1600		
value:	4E E6 40 BB 	

ucx01000 6.2.9200.22453
hexposition:	14E00	
value:	4E E6 40 BB 	

usbhub3 6.2.9200.21180
hexposition:	27C00	
value:	4E E6 40 BB	

usbxhci 6.2.9200.22099
hexposition:	2A800	
value:	4E E6 40 BB	

wpprecorde8 6.2.9200.16384
hexposition:	1E00		
value:	4E E6 40 BB	

x64
usbxhci 6.2.9200.22099
hexposition:	39100 	
value:	32 A2 DF 2D 99 2B	

ucx01000 6.2.9200.22453
hexposition:	1AD00 	
value:	32 A2 DF 2D 99 2B	

usb8 6.2.9200.20761
hexposition:	2100 	
value:	32 A2 DF 2D 99 2B	

wpprecorde8 6.2.9200.16384
hexposition:	2500 	
value:	32 A2 DF 2D 99 2B

usbhub3 6.2.9200.21180
hexposition:	32D00 	
value:	32 A2 DF 2D 99 2B



For emu_extender, the following changes.  Add KeInitializeSpinLock_k8 function, thanks Mov AX, 0xDEAD.  Then modify one existing function.   Changes in bold.
void FASTCALL
KeInitializeSpinLock_k8( 
  KSPIN_LOCK* SpinLock)
{
    *SpinLock = 0;
}

void
Initialize (PUNICODE_STRING  RegistryPath)
{
    KLOCK_QUEUE_HANDLE  LockHandle;

    g_GuardedRegionCounter = 0;

                         KeInitializeSpinLock_k8(&g_SpinWorkerRoutineArray);
    KeAcquireInStackQueuedSpinLock(&g_SpinWorkerRoutineArray, &LockHandle);
       {
        g_LastUsedWorkerRoutineArray_Entry = 0;
        RtlZeroMemory(WorkerRoutineArray, sizeof(WorkerRoutineArray));
       }
    KeReleaseInStackQueuedSpinLock(&LockHandle);

                         KeInitializeSpinLock_k8(&g_SpinCreateProcessNotifyExArray);
    KeAcquireInStackQueuedSpinLock(&g_SpinCreateProcessNotifyExArray, &LockHandle);
       {
        g_LastUsedCreateProcessNotifyExArray_Entry = 0;
        RtlZeroMemory(CreateProcessNotifyExArray, sizeof(CreateProcessNotifyExArray));
       }
    KeReleaseInStackQueuedSpinLock(&LockHandle);

}


ADD
#pragma comment (linker, "/export:__C_specific_handler=ntoskrnl.__C_specific_handler")
#pragma comment (linker, "/export:_local_unwind=ntoskrnl._local_unwind")
#pragma comment (linker, "/export:_purecall=ntoskrnl._purecall")
#pragma comment (linker, "/export:_snwprintf=ntoskrnl._snwprintf")
#pragma comment (linker, "/export:_stricmp=ntoskrnl._stricmp")
#pragma comment (linker, "/export:_strnicmp=ntoskrnl._strnicmp")
#pragma comment (linker, "/export:_vsnwprintf=ntoskrnl._vsnwprintf")
#pragma comment (linker, "/export:_wcsicmp=ntoskrnl._wcsicmp")
#pragma comment (linker, "/export:_wcsnicmp=ntoskrnl._wcsnicmp")
#pragma comment (linker, "/export:ExAcquireFastMutex=ntoskrnl.ExAcquireFastMutex")
#pragma comment (linker, "/export:ExpInterlockedPopEntrySList=ntoskrnl.ExpInterlockedPopEntrySList")
#pragma comment (linker, "/export:ExpInterlockedPushEntrySList=ntoskrnl.ExpInterlockedPushEntrySList")
#pragma comment (linker, "/export:ExQueryDepthSList=ntoskrnl.ExQueryDepthSList")
#pragma comment (linker, "/export:ExReleaseFastMutex=ntoskrnl.ExReleaseFastMutex")
#pragma comment (linker, "/export:IoIs32bitProcess=ntoskrnl.IoIs32bitProcess")
#pragma comment (linker, "/export:IoWMIDeviceObjectToProviderId=ntoskrnl.IoWMIDeviceObjectToProviderId")
#pragma comment (linker, "/export:KeAcquireSpinLockRaiseToDpc=ntoskrnl.KeAcquireSpinLockRaiseToDpc")
#pragma comment (linker, "/export:KeLowerIrql=ntoskrnl.KeLowerIrql")
#pragma comment (linker, "/export:KeReleaseSpinLock=ntoskrnl.KeReleaseSpinLock")
#pragma comment (linker, "/export:KfRaiseIrql=ntoskrnl.KfRaiseIrql")

CHANGED FROM
#pragma comment (linker, "/export:KeInitializeSpinLock=ntoskrnl.KeInitializeSpinLock")
TO
#pragma comment (linker, "/export:KeInitializeSpinLock=KeInitializeSpinLock_k8")


Using
the x86 as guide I think i found the correct spot to make the change
for x64 version for USB3.0 speed reporting fix.  USBTreeView shows as
(0x03 (Super-Speed))
 
x86
usbhub3 6.2.9200.21180
hexposition:	9058
change:	75 09 -> EB 09	(jnz -> jmp)
 
x64
usbhub3 6.2.9200.21180
hexposition:	A44B
change:	75 0A -> EB 0A	(jnz -> jmp)



change inf NTamd64 -> NTx86 if using for x86

;
; usbhub3.inf
;
; Copyright (c) Microsoft Corporation. All rights reserved.
;

[Version]
signature="$Windows NT$"
Class=USB
ClassGUID={36FC9E60-C465-11CF-8056-444553540000}
Provider=%Msft%
DriverVer=05/01/2018,6.2.9200.16384

[SourceDisksNames]
1="Generic USB 3.0 Hub Driver"

[SourceDisksFiles]
usbhub3.sys  = 1
usb8.sys    = 1
ksecd8.sys   = 1

[ControlFlags]
BasicDriverOk = *
ExcludeFromSelect = *

[DestinationDirs]
DefaultDestDir    = 12

[Manufacturer]
%GenericHub.Mfg%=GenericHub, NTamd64

;
; ---------------------- HUB3 Controllers ----------------------
;

[GenericHub.NTamd64]
%UsbHub3.RootHubDeviceDesc%=GenericHub.Install, USB\ROOT_HUB30
%UsbHub3.Usb30HubDesc%=GenericHub.Install, USB\USB30_HUB
%UsbHub3.Usb20HubDesc%=GenericHub.Install, USB\USB20_HUB

[GenericHub.Install.NT]
CopyFiles=GenericHub.CopyFiles

[GenericHub.Install.NT.Services]
AddService=USBHUB3, 2, GenericHub.AddService

[GenericHub.AddService]
DisplayName    = %UsbHub3.SVCDESC%
ServiceType    = 1               ; SERVICE_KERNEL_DRIVER
StartType      = 3               ; SERVICE_DEMAND_START 
ErrorControl   = 1               ; SERVICE_ERROR_NORMAL
ServiceBinary  = %12%\UsbHub3.sys
LoadOrderGroup = Base
AddReg         = ServiceHub_AddReg

[GenericHub.Install.NT.WMI]
; Set access permissions for UI WMI GUIDs
WMIInterface = {4E623B20-CB14-11D1-B331-00A0C959BBD2},,WMIGuidSecurity_AllRights

[ServiceHub_AddReg]
HKR,               , BootFlags,  0x00010001, 16 ; CM_SERVICE_USB3_DISK_BOOT_LOAD
HKR, Parameters\Wdf, LogPages,   0x00010001, 3 ; KMDF IFR size
HKR, Parameters,     LogPages,   0x00010001, 3 ; Driver IFR size
;
; Create a dummy usbhub services key because UxD relies on it.
;
HKLM, SYSTEM\CurrentControlSet\Services\usbhub,,0x00000010
;
; Fixes the power off when a safely remove hardware command was send.
;
HKLM, "SYSTEM\CurrentControlSet\Services\usbhub\hubg", "DisableOnSoftRemove", 0x00010001, "1"

[GenericHub.CopyFiles]
usbhub3.sys
usb8.sys
ksecd8.sys

;
; --------------------------- Strings --------------------------
;

[Strings]
;Non-Localizable
Msft = "Microsoft"

;Localizable
GenericHub.Mfg = "(Standard USB HUBs)"
UsbHub3.RootHubDeviceDesc = "USB Root Hub (xHCI)"
UsbHub3.Usb30HubDesc = "Generic SuperSpeed USB Hub"
UsbHub3.Usb20HubDesc = "Generic USB Hub"
UsbHub3.SVCDESC = "SuperSpeed Hub"

;
; usbxhci.inf
;
; Copyright (c) Microsoft Corporation. All rights reserved.
;

[Version]
signature="$Windows NT$"
Class=USB
ClassGUID={36FC9E60-C465-11CF-8056-444553540000}
Provider=%Msft%
DriverVer=05/01/2018,6.2.9200.16384

[SourceDisksNames]
1="Generic USB xHCI Host Controller"

[SourceDisksFiles]
usbxhci.sys  = 1
ucx01000.sys = 1
WppRecorde8.sys = 1

[ControlFlags]
BasicDriverOk = *
ExcludeFromSelect = *

[DestinationDirs]
DefaultDestDir    = 12

[Manufacturer]
%Generic.Mfg%=Generic, NTamd64

;
; ---------------------- xHCI Controllers ----------------------
;

[Generic.NTamd64]
%PCI\CC_0C0330.DeviceDesc%=Generic.Install,PCI\CC_0C0330
%ACPI\PNP0D10.DeviceDesc%=Generic.Install,ACPI\PNP0D10

[Generic.Install.NT]
CopyFiles=Generic.CopyFiles
ExcludeID=PCI\VEN_1B73&DEV_1000&CC_0C0330
ExcludeID=PCI\VEN_1B73&DEV_1400&CC_0C0330
ExcludeID=PCI\VEN_1B73&DEV_1009&REV_00
ExcludeID=PCI\VEN_1022&DEV_43D5

[Generic.Install.NT.HW]
AddReg=PciD3ColdSupported.RegHW

[PciD3ColdSupported.RegHW]
HKR,e5b3b5ac-9725-4f78-963f-03dfb1d828c7,D3ColdSupported,0x10001,1

[Generic.Install.NT.Services]
AddService=USBXHCI, 2, Generic.AddService
AddService=UCX01000,,  UCX.AddService

[Generic.AddService]
DisplayName    = %PCI\CC_0C0330.DeviceDesc%
ServiceType    = 1
StartType      = 3
ErrorControl   = 1
ServiceBinary  = %12%\USBXHCI.SYS
LoadOrderGroup = Base
AddReg         = USBXHCI.AddReg

[USBXHCI.AddReg]
HKR,, BootFlags,  0x00010001, 16 ; CM_SERVICE_USB3_DISK_BOOT_LOAD

[Generic.CopyFiles]
usbxhci.sys
ucx01000.sys
WppRecorde8.sys

[UCX.AddService]
DisplayName    = "USB Controller Extension"
ServiceType    = 1                  ; SERVICE_KERNEL_DRIVER
StartType      = 3                  ; SERVICE_DEMAND_START
ErrorControl   = 1                  ; SERVICE_ERROR_NORMAL
ServiceBinary  = %12%\ucx01000.sys
LoadOrderGroup = Base
AddReg         = UCX.AddService.AddReg

[UCX.AddService.AddReg]
HKLM,System\CurrentControlSet\Control\Wdf\Kmdf\Ucx\Versions\1\1,Service,,ucx01000
HKR,, BootFlags,  0x00010001, 16 ;CM_SERVICE_USB3_DISK_BOOT_LOAD

;
; --------------------------- Strings --------------------------
;

[Strings]
;Non-Localizable
Msft = "Microsoft"

;Localizable
Generic.Mfg = "Generic USB xHCI Host Controller"
PCI\CC_0C0330.DeviceDesc="USB xHCI Compliant Host Controller"
ACPI\PNP0D10.DeviceDesc="USB xHCI Compliant Host Controller"
Note
"ExcludeID=PCI\VEN_1022&DEV_43D5" in usbxhci.inf, to avoid using
driver for USB port that I already have existing vendor drivers.


Attached unmodified original sys files for x64,x86 for anyone who wants to try


Can you upload modded files too please? [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7807AmirBlue screen of death appears when loading Windows longhorn build 4042.
#7808AmirStop: c000021a Unknown Hard Error
Unknown Hard Error
#7809tumagonx
Zitat von ⇗ Twin im Beitrag ¶ #7804
The webcams problems in PAE mode were mentioned here several times, but there were no solutions of them. I have plug and play SilverCrest Webcam WC2230, on my Win7 32-bit partition it uses only one driver - usbvideo.sys, and works perfectly in PAE mode. On the other hand, on my WinXP 32-bit partition this one driver is not enough; the system installs also kernel streaming driver (ks.sys), which loads yet other 12 co-drivers: dshowext.ax, iyuv_32.dll, ksproxy.ax, kstvtune.ax, ksuser.dll, kswdmcap.ax, ksxbar.ax, msh263.drv, msyuv.dll, tsbyuv.dll, vfwwdm32.dll, and vidcap.ax. In PAE mode XP system freezes (audio is working but video not) and needs forced restart. It does not matter if I use the WinXPPAE 3.5 or Fix128 0.48. There are 2007 year firm drivers available, if used, they replace in both XP+7 systems usbvideo.sys, no problem with PAE on Win7, but on WinXP the second driver ks.sys remains with all 12 co-drivers and video in PAE mode is not working as well, only in this case the XP system does not freeze.

My question to this community is: What is the true cause? Either the PAE incompatibility of one of the 12 co-drivers, or the general problem of patched AMD USB drivers (which otherwise best fit my Intel 100 Series/C230 Skylake) that is responsible for similar issues like checkdisk of flash drives or non-functional sleep mode? If the second alternative is true, is then possible to buy an external USB card with PAE compatible drivers (ASMedia, VIA...) in order to make webcam working on PAE XP?


Want to know about this too

Got better chance if I record after fresh boot (no freeze) but once windows run a lot of stuff, it started to freeze (but still work after wait). This was using win2003 sys files.
#7810Twin
Zitat von ⇗ tumagonx im Beitrag ¶ #7809

Want to know about this too

Got better chance if I record after fresh boot (no freeze) but once windows run a lot of stuff, it started to freeze (but still work after wait). This was using win2003 sys files.


It seems like your webcam is sensitive to limited resources during simultaneous running of many programs, whereas my webcam causes system freezing even after fresh boot, and this freezing is permanent. What do you see in XP device manager: only usbvideo.sys alone, or moreover other drivers that I have mentioned in my previous post? Maybe even the plug and play webcams are different; I would be useful if people share here their experiences with various webcam types. It really bothers me since I have otherwise no issues with all the other USB devices in XP PAE mode, only this webcam is critical.
#7811Pill Monster
Zitat von ⇗ Andalu im Beitrag ¶ #7799
Is there any way to always have a USB3 device recognized as such when connected to a USB 3.0 switch hub (Generic SuperSpeed USB Hub)?
Unfortunately, this doesn't always happen and many times the USB3 device (as the only device connected to the hub) is recognized as USB2 (Generic USB 2.1 Full Speed Hub).

The only way that so far seems to work better when the USB3 device is recognized as USB2 is to disconnect the USB cable of the device itself and quickly reconnect it to another USB port of the switch HUB (as I read somewhere on the web). But this way doesn't always work on the first try.

An alternative way seems to be to shut down the system and not reboot immediately but after some time, in this case you will almost certainly get the correct recognition of the USB3 device. Both methods are not a definitive solution.
I tried all versions of XP USB3 drivers. Also tried another usb switch and two different PCIEx to USB3 cards in addition to the intel controller on 3 different systems: same behavior.


P.S.: the switch hub is powered with an additional USB cable. A USB "Y" cable for the USB3 device for additional power did not help.

In the BIOS disable Legacy USB Support (under USB options).
#7812Pill Monster
Zitat von ⇗ Twin im Beitrag ¶ #7804
The webcams problems in PAE mode were mentioned here several times, but there were no solutions of them. I have plug and play SilverCrest Webcam WC2230, on my Win7 32-bit partition it uses only one driver - usbvideo.sys, and works perfectly in PAE mode. On the other hand, on my WinXP 32-bit partition this one driver is not enough; the system installs also kernel streaming driver (ks.sys), which loads yet other 12 co-drivers: dshowext.ax, iyuv_32.dll, ksproxy.ax, kstvtune.ax, ksuser.dll, kswdmcap.ax, ksxbar.ax, msh263.drv, msyuv.dll, tsbyuv.dll, vfwwdm32.dll, and vidcap.ax. In PAE mode XP system freezes (audio is working but video not) and needs forced restart. It does not matter if I use the WinXPPAE 3.5 or Fix128 0.48. There are 2007 year firm drivers available, if used, they replace in both XP+7 systems usbvideo.sys, no problem with PAE on Win7, but on WinXP the second driver ks.sys remains with all 12 co-drivers and video in PAE mode is not working as well, only in this case the XP system does not freeze.

My question to this community is: What is the true cause? Either the PAE incompatibility of one of the 12 co-drivers, or the general problem of patched AMD USB drivers (which otherwise best fit my Intel 100 Series/C230 Skylake) that is responsible for similar issues like checkdisk of flash drives or non-functional sleep mode? If the second alternative is true, is then possible to buy an external USB card with PAE compatible drivers (ASMedia, VIA...) in order to make webcam working on PAE XP?


Does your BIOS have a Memory Remap option, (could be referred to as "PCI memory hole/memory hoisting)? Or MMI/O enable/disable?
#7813Twin
Zitat von ⇗ Pill Monster im Beitrag ¶ #7812


Does your BIOS have a Memory Remap option, (could be referred to as "PCI memory hole/memory hoisting)? Or MMI/O enable/disable?


Nothing of that you have noticed is in my BIOS. I have HP ProDesk 490 G3 MT Business PC and was surprised how the BIOS is almost fully "automated" with only a few selectable options, as compared with BIOSes of my previous older computers.
#7814Pill Monster
Zitat von ⇗ Twin im Beitrag ¶ #7813
Zitat von ⇗ Pill Monster im Beitrag ¶ #7812


Does your BIOS have a Memory Remap option, (could be referred to as "PCI memory hole/memory hoisting)? Or MMI/O enable/disable?


Nothing of that you have noticed is in my BIOS. I have HP ProDesk 490 G3 MT Business PC and was surprised how the BIOS is almost fully "automated" with only a few selectable options, as compared with BIOSes of my previous older computers.


Yep - as an OEM HP lock their machines down fairly tightly. For a BIOS with options look for ASUS or perhaps Gigabyte.
I prefer ASUS myself. One great advantage of ASUS boards is ofc USB Flashback. :)

HP build wonderful quality desktops - I always recommend HP equipment to my clients. However they are business machines.
#7815juk777⇗ @Pill Monster

Hi! I have the same problem with the webcam. My BIOS have a Memory Remap option.
And what: enable/disable?

Page 522

#7816Pill Monster
Zitat von ⇗ juk777 im Beitrag ¶ #7815
@Pill Monster

Hi! I have the same problem with the webcam. My BIOS have a Memory Remap option.
And what: enable/disable?


Enable definitely. It's likely already enabled - usual BIOS default for most vendors.,


(I assume you have between 8GB - 32GB RAM right?))
#7817juk777⇗ @Pill Monster

Thank you, but as it turned out, Memory Remap-Enable was originally (((
#7818Pill Monster
Zitat von ⇗ juk777 im Beitrag ¶ #7817
@Pill Monster

Thank you, but as it turned out, Memory Remap-Enable was originally (((

f it's ASUS you may have another option under Northbridge Menu called MMIO. It's off by default but could be beneficial to have it on.
#7819juk777⇗ @Pill Monster

Alas, I don't have option under Northbridge Menu called MMIO (
#7820diderius6⇗ @skullteria

Hi, I want to test legacy nvme boot on the ASUS P8H77-M board.

For to reach this, first I try the BCD boot with your Vista bootfiles from normal Sata harddisk.
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (144)

But when I choose the Vista boot entry, after the message of "missing signature in ntkrnlpa.exe"
and hitting F8 for to disable "driver signature enforcement",
the compi always reboots at once.

On other compis XP SP3 boot via the Vista bootfiles and BCD works.

Do you have newer bootfiles or an idea what I am doing wrong

Dietmar

EDIT: The problem seems to be related to acpi.sys . With newested modded acpi.sys I do not get reboot at once via BCD boot files, but I cant get rid off the message
"missing signature in ntkrnlpa.exe" even I hit F8, this message appears again and again.
#7821George King⇗ @diderius6 Just set in BCD WinPE to yes. This should do the job as this works with Windows 7 bootmgr + BCD, XP2ESD use this too.

bcdedit /store "%TARGET%\boot\bcd" /set {default} winpe yes
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7822diderius6⇗ @George King

Thanks for help.
I got it work.
Now I can boot XP SP3 via ntldr or via BCD on the Asus P8H77-M with Intel Core i3-3240 Prozessor and 4 Gbyte ram.
I use an original XP SP3 CD, choose IDE mode for the harddisk and do not add any driver.

Some strange things I noticed:

1.) Works only with the newest modded acpi.sys .
⇗ https://ufile.io/6lqij4n8

2.) When you want to boot via ntldr OR BCD, there happens a mix between them.
I overcome this with connected original XP SP3 boot CD , hitting on TXT setup "repair" and then fixmbr and fixboot.
Then I deleted from an outstanding XP the folder BOOT in the xp C:\  path.
This folder BOOT is in some crazy way involved even when you boot XP via ntldr.
Then I copy the original BOOT folder from post below there again.
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (144)

EDIT: Boottime for XP to full desktop is with ntldr 13 sec, with BCD 11 sec.

Maybe, that in boot.ini (for ntldr boot) only the following entry is allowed:

[boot loader]
timeout=30
default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS
[operating systems]
multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="xppppp"


This is Tutorial from ⇗ @skullteria


Well, i will try explain

Step 1:
- From my boot files or any Windows VIsta CD, copy boot folder and place on C:\
Step 2:
- From my boot files or any Windows Vista CD, copy bootmgr and place on C:\
Step 3:
- From my boot files, copy winload to your Windows XP installation, on Windows\System32
Step 4:
- Install EasyBCD, preferly version 1.7.2. I can upload to you. This program require .Net Framework 2.0.
Step 5:
- After install easyBCD, open the program, You will get some erros, only click "ok" and wait program start. The default entry presents on BCD are wrong for now, you need delete on "Add/Remove Entries" and add a new entry, on same page on "Add and entry" your choose on type combobox: "Windows Vista/longhorn", edit Name and choose drive. Next, click in "Add entry"
Step 6:
- In "Manage bootloader section (a button named, like Other what i talked), you see "Bootloader Installtion options", you choose "Reinstall The Vista bootloader", and click in "Write MBR". You can verify if it is ok on "Viwe Settings", if you added entry is ok.
Step 7:
- I recommend add a Ntldr based entry for fallback. For it, you back to Step 5 and instead choose "Windows Vista/Longhorn", you choose "Windows NT/2000/XP/2003", click em "Add Entry". For default, the entry has wrong partition. You need edit in "change Settings" section. There, you will see "Entry based settings", and select the entry what you already add (XP based). And after, choose "Drive" where is windows XP is installed (need ntldr and ntdetect.com placed there too) (for default, C:). Click em "Save Settings".
Final Step:
- If all ok, you will restart and on Windows Vista based entry you press "F8" and choose "Disable driver integrity checks" (or similar"). You will get BSOD A5 0x0000002. For debug it. you need back to easybcd, and edit settings on "Advanced Settings", choose Windows Vista based entry and mark "Debug boot process" and click and "Apply Settings"


Dietmar
#7823Andalu
Zitat von ⇗ Pill Monster im Beitrag ¶ #7811
In the BIOS disable Legacy USB  Support (under USB options).

Thanks for the suggestion but it didn't work. Also, by disabling Legacy USB Support the usb keyboard no longer works during POST and I cannot enter the bios.


Doing some more tests I noticed the following:

- for the USB switch hub for 4 PCs, I found that in position 1 the USB3 is never enabled (even tried in Win10) so I think that USB port is defective. The other 3 positions work properly;

- for the USB switch hub for 2 PCs, however, the weirdness continues: in two PCs the USB3 device is correctly detected as connected to a SuperSpeed HUB while in other 2 PCs the same device is detected as USB2 (also in Win10) and as connected to a generic USB 2.1 Full Speed Hub


P.S.: clearly, the same version of the USB3 driver is installed in all XP systems.
#7824George King⇗ @diderius6 ⇗ @infuscomus ⇗ @daniel_k ⇗ @Mov AX, 0xDEAD
Have you ever seen this BSOD? I'm getting it in VirtualBox from some reason now

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7825diderius6Even with BCD boot of XP SP3 it is not possible,
to boot this XP on for nvme modded Bios ASUS P8H77-M board from nvme Samsung 960 Pro.
I test the BCD boot possibility of the Samsung 960 Pro on a compi with nvme support, there the 960 Pro boots BCD XP.

Another strange result is: I flash the whole nvme Bios from the z77 extreme4 Website Bios
Z77 EXT4  2.90P
into the Bioschip of the ASUS P8H77-M.
The Samsung 960 Pro is listet there at once as boot device in Bios, but does not boot.
The behavior is exact as for the for nvme modded Bios.

And for to make this crazy check complete, I succeed to boot this BCD XP SP3 with the whole(!) Bios Z77EXT42.90P
on the ASUS P8H77-M board via harddisk in IDE mode. It boots like in slow motion, but boots to full desktop.
So, maybe, that in the nvme files or CSM of the Bios Z77EXT42.90P is something wrong for nvme boot.

This I can only test, when I own such a board z77 extreme4
Dietmar

EDIT: From the nvme Samsung 950 Pro I can boot, but this one has own nvme legacy Bios.
#7826diderius6⇗ @George King

I found this

⇗ https://docs.microsoft.com/en-us/windows...ernel-mode-trap

⇗ https://www.techspot.com/community/topic...ll-0x0s.128292/

Dietmar
#7827skullteria
Zitat von ⇗ juk777 im Beitrag ¶ #7805
@skullteria  Thanks. What does it mean:

"you can't install Base installer and others packages side by side with Kernel Standalone installed"?

Conflict? Or...?


For now, has conflit. I will solve on next version
#7828infuscomus⇗ @George King

I think a driver might be crashing, what changes have you made?
#7829George King⇗ @infuscomus Nothing was changed on my HW. My host is Windows 10 and works without any problem - but I noticed my system was automatically updated after energy blackout. And after that my VirtualBox XP return mentioned BSOD. Currently I updated BIOS to latest version and seems same. I will format my system to see difference - if will be same than it must be some HW problem..


This is my main machine

Motherboard:

Asus Prime B360 Plus

CPU:

Intel Core i5-9400F, 2,9 GHz - 4,1 GHz

RAM:

2x 16GB HyperX 2666 MHz

Disks:

1x SSD 1TB Intel 660p

1x SSD 1TB Samsung EVO 970

2x HDD 8TB Seagate

GPU:

Sapphire RX 580 Nitro+ 4 GB (I bought it as it was very cheap 90% discount last piece)

Expansions:

1x PCI WiFi Qualcomm Atheros AR922x

1x PCI Silicon Image 0680 ATA/133 RAID Controller

1x PCIe VIA USB3 Controller

1x USB Bluetooth

1x SATA Asus Blu-Ray

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7830juk777⇗ @skullteria    

I installed everything was installed normally, BUT the Russian language was partially lost and the portative programs stopped working...

 

Page 523

#7831infuscomus⇗ @George King

I'm reasonable sure the cause of the BSOD in your VM wouldn't be anything on the host machine or the real hardware, the problem will be inside the VM, maybe you changed something in the VM configuration file?

Does an old version of XP2ESD give the same BSOD?
#7832George King⇗ @infuscomus You are absolutly correct. Seems like driver problems. I made a lot of changes to add x64 support.. And I forgot I replaced MassStorage drivers in Auto-Sysprep with latest ones.. I'm going to find a cause..

Weird is I encountered same error on my testing laptop few months back and reinstall solved this issue.

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7833diderius6⇗ @daniel_k

I just get board Asrock Z77 Extreme4 and now fun with legacy nvme on older boards starts
Dietmar

#7834diderius6I just flash the Bios 2.90P with nvme support to the Asrock Z77 Extreme4 board.
And voila, the Samsung 960 Pro is at once shown in Bios as boot device,
but you cant boot from it!

Now it is clear, that with this 2.90P Bios legacy nvme boot of XP is impossible.
But why?!

Dietmar
#7835diderius6May be this non bootable for XP legacy nvme device happens,
because in Bios of the Asrock Z77 Extreme4 there is no switch
in CSM between UEFI Windows <=> Other OS.

Does somebody here know, how to add this switch to CSM in Bios
Dietmar
#7836skullteria
Zitat von ⇗ juk777 im Beitrag ¶ #7830
@skullteria    

I installed everything was installed normally, BUT the Russian language was partially lost and the portative programs stopped working...


portative programs is portable programs?

About russian language, it's normal, because i used english native dlls as base, like ntdll and kernel32 (renamed to kernelex)
#7837AmirHello everybody. One question worries me. What is the acpiec.sys driver and what is it for? After Windows Longhorn build 4093, this driver simply does not exist.
#7838juk777
Zitat von ⇗ skullteria im Beitrag ¶ #7836
portative programs is portable programs?


Portable Soft
#7839infuscomus⇗ @diderius6

I'm not entirely sure what you mean by CSM switch, is CSM not switched on?
#7840diderius6⇗ @infuscomus

On newer UEFI Bios there is inside the switch CSM another switch for "Uefi Windows" or "Other OS".
This switch is missed in the nvme Bios 2.90P of the Asrock Z77 Extreme4 board.
I check, what happens, if on such a Bios you set in CSM switch "Other OS"  => "Uefi Windows".
Then it shows exact this behavior under XP: "look for bootable device" when compi starts
Dietmar
#7841infuscomus⇗ @diderius6

does nvme booting work for windows 10 on that board?
#7842daniel_k⇗ @diderius6

As suggested, see if NVME boot works in pure UEFI mode by trying to install Win8 or later.

It seems that proper legacy boot was introduced with chipsets supporting Haswell or later.
#7843infuscomus⇗ @George King

here is the 64bit ntoskrnl extender you asked for.

 

 

infuscomus has attached files to this post
#7844Pill Monster
Zitat von ⇗ Andalu im Beitrag ¶ #7799
Is there any way to always have a USB3 device recognized as such when connected to a USB 3.0 switch hub (Generic SuperSpeed USB Hub)?
Unfortunately, this doesn't always happen and many times the USB3 device (as the only device connected to the hub) is recognized as USB2 (Generic USB 2.1 Full Speed Hub).


USB 2.1 would appear be a USB 3 device plugged into a USB 2 port.  

AIDA64:

#7845infuscomus⇗ @Pill Monster ⇗ @Andalu

I'm not sure if the backported windows 8 driver in windows XP will show it like that though.

 

Page 524

#7846Pill Monster
Zitat von ⇗ Pill Monster im Beitrag ¶ #7844
[quote=Andalu|p7799]
Is there any way to always have a USB3 device recognized as such when connected to a USB 3.0 switch hub (Generic SuperSpeed USB Hub)?
Unfortunately, this doesn't always happen and many times the USB3 device (as the only device connected to the hub) is recognized as USB2 (Generic USB 2.1 Full Speed Hub).




Well this is interesting.
I just unplugged the ADATA flash drive, plugged in a USB 3 external HDD and then the ADATA, so both are connected..

Now the ADATA shows up as USB 3.0.

The VIA hub btw is a PCIe card....not onboard.  What brand hub are you using?

#7847diderius6⇗ @infuscomus ⇗ @daniel_k

On the ASRock Z77 Extreme4 board with "nvme" Bios 2.90P
I cant install on Samsung nvme 960 Pro Win10 32 on MBR and also not Win10 64 bit on MBR.
I also cant install on GPT UEFI Win10 bit 32 on Samsung nvme 960 Pro.
Only install on GPT UEFI of Win10 bit 64 works there.
I also make a try with the "nvme" Bios from 2018, its Bios 2.90A for the ASRock Z77 Extreme6 board,
with exact the same result. Cool, this Bios shows a floppy controller, so floppy connector is on  ASRock Z77 Extreme6 board ).
So, legacy nvme isnt working until now on the 77 chipset (Ivy Bridge)
Dietmar
#7848Pill Monster
Zitat von ⇗ infuscomus im Beitrag ¶ #7845
@Pill Monster ⇗ @Andalu

I'm not sure if the backported windows 8 driver in windows XP will show it like that though.

Didn't ⇗ @Andalu just say that it did? Unless I misunderstood his comment...

Zitat
the USB3 device (as the only device connected to the hub) is recognized as USB2 (Generic USB 2.1 Full Speed Hub)  



I would expect if the backported driver supports 3.0 it also supports 2.1 which OTTOMH is part of the 3.0 standard correct me if I'm wrong.

#7849Andalu⇗ @Pill Monster

trying to explain better:
I have a USB 3.0 data transfer cable connected on one side to a pc (which I will call 'master') and on the other side to a USB3 switch hub for 4 pcs (which I will call 'slave'). The hub uses additional power from another USB port.

My intention is to get the USB3 recognition of the cable on the 'master' side and especially on the 'slave' side every time I make the switch between the PCs connected to the hub.

Unfortunately, sometimes on the 'slave' side the cable is recognized as a USB2 device and can happen:
- that also the 'master' is degraded to USB2 device;
- launching the software for synchronize files between PCs, one of the two systems freeze (black screen) needing a manual reboot.

Already tried with another data transfer cable and another hub switch with the same results. This happens even with a USB3 flash drive inserted into the hub as the only connected device.

For the 'master' it seems to work to turn off the system and disconnect the power completely. For the 'slave' side I haven't found a definitive solution.

Below some images:

Master correctly recognized in XP


Slave misrecognized in Win10 (the same happens on XP as a device connected to a Generic USB 2.1 Full Speed Hub).



P.S.: Unfortunately at the moment I couldn't take an image from XP because I don't want to lose the correct recognition for both (master and slave) as USB3 switching on another PC. I have to transfer some quite big files and I don't want spent a lot of time :)


Edit: added the images containing the USB hub IDs:

USB3.0 Hub ID


USB2.1 Hub ID
#7850Pill Monster
Zitat von ⇗ Andalu im Beitrag ¶ #7849
@Pill Monster

trying to explain better:
I have a USB 3.0 data transfer cable connected on one side to a pc (which I will call 'master') and on the other side to a USB3 switch hub for 4 pcs (which I will call 'slave'). The hub uses additional power from another USB port.

My intention is to get the USB3 recognition of the cable on the 'master' side and especially on the 'slave' side every time I make the switch between the PCs connected to the hub.

Unfortunately, sometimes on the 'slave' side the cable is recognized as a USB2 device and can happen:
- that also the 'master' is degraded to USB2 device;
- launching the software for synchronize files between PCs, one of the two systems freeze (black screen) needing a manual reboot.

Already tried with another data transfer cable and another hub switch with the same results. This happens even with a USB3 flash drive inserted into the hub as the only connected device.

For the 'master' it seems to work to turn off the system and disconnect the power completely. For the 'slave' side I haven't found a definitive solution.

Below some images:

Master correctly recognized in XP


Slave misrecognized in Win10 (the same happens on XP as a device connected to a Generic USB 2.1 Full Speed Hub).



P.S.: Unfortunately at the moment I couldn't take an image from XP because I don't want to lose the correct recognition for both (master and slave) as USB3 switching on another PC. I have to transfer some quite big files and I don't want spent a lot of time :)


Edit: added the images containing the USB hub IDs:

USB3.0 Hub ID


USB2.1 Hub ID



05E3 is Genesis.
Maybe I can offer some suggestions - as it gave me few headaches in the past.

I also coincidentally own an external hub with Genesis Logic controller. It's a pita.

I'm headed to work but will post back later.
#7851Andalu⇗ @Pill Monster
my other switch hub is also a Genesis as well.
I had thought about getting another hub switch but there is no reference to the onboard chipset. I wouldn't want it to be Genesis again.
#7852Pill Monster
Zitat von ⇗ Andalu im Beitrag ¶ #7851
@Pill Monster
my other switch hub is also a Genesis as well.
I had thought about getting another hub switch but there is no reference to the onboard chipset. I wouldn't want it to be Genesis again.


Yeah me either lol. Complaints all over the web regarding the Genesis hubs.   
Mine is POS, legacy has to be disabled in BIOS or the hub USB 3 doesn't work when plugged to my machines' ASMedia 3.0 ports.
But then USB 2 devices won't work in any USB 3 ports.

Plus I'm sure the GL hub borked a bunch of my 3.0 flash drives.  
Previous GL hub (had 2) I accidentally connected a 12v adapter to it - it fried the hub ofc. The USB hubs (or controllers?) on the motherboard were killed too - and the onboard LAN.
Left me with 2 usb ports - mouse/keyboard.


Btw what Intel platform do you have?  -  Intel released updates to address Renesas controller issues, might be worth a shot.
#7853Andalu
Zitat von ⇗ Pill Monster im Beitrag ¶ #7852
What Intel platform do you have?  -  Intel released updates to address Renesas controller issues, might be worth a shot.

i5 10600 on Gigabyte H470 (master)
i5 8400 on Asrock H310 +  i7 9700 on Asus Q370 (both slave)
I have a Nec-Renesas PCIEx to USB3 but the cards with VIA chipset work better on my systems.
#7854Andalu⇗ @Pill Monster
It's getting late at my place, time for bed.
Thanks for your kind attention ;)
#7855George King⇗ @infuscomus Thanks for compiled files. Meanwhile I managed to compile them too according your informations from PM.

I managed to create Generic USB3.x driver, Generic AHCI, Generic NVMe and IRST 16 for Windows XP SP2 x64 based on informations on ⇗ @Mov AX, 0xDEAD EMU Extender project. Currently I can confirm, USB3x + AHCI driver works as expected in VM. I think NVMe will work too, but I need to test it on real HW  - I have assembled some old desktop for testing, will see how it goes :)

I will upload testing ISO and drivers soon :)

Now I think patched APCI is needed too to install it on newer HW?

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7856infuscomus⇗ @George King

Yes, Patched ACPI driver is needed for any PC newer than 2015.
#7857mockingbird
Zitat von ⇗ George King im Beitrag ¶ #7855
@infuscomus Thanks for compiled files. Meanwhile I managed to compile them too according your informations from PM.

I managed to create Generic USB3.x driver, Generic AHCI, Generic NVMe and IRST 16 for Windows XP SP2 x64 based on informations on @Mov AX, 0xDEAD EMU Extender project. Currently I can confirm, USB3x + AHCI driver works as expected in VM. I think NVMe will work too, but I need to test it on real HW  - I have assembled some old desktop for testing, will see how it goes :)

I will upload testing ISO and drivers soon :)

Now I think patched APCI is needed too to install it on newer HW?

I look forward to this...  XP x64 is very tempting....  Been using it here for more than 5 years.
#7858George KingAnybody is able to add some new functions to ntoskrn8.sys? For example, when I'm exploring Windows 7 driver, these is generic HDA driver. I found hdabus.sys is missing 4 functions in ntoskrn8.sys, but these functions are defined in ntifs_ddk.h. Is anybody able to add them so compiled ntoskn8.sys have them available?

This is in ntifs_ddk.h

 
#if (NTDDI_VERSION >= NTDDI_WIN7)
__drv_maxIRQL(APC_LEVEL)
NTKERNELAPI
NTSTATUS
PoCreatePowerRequest (
    __deref_out PVOID *PowerRequest,
    __in PDEVICE_OBJECT DeviceObject,
    __in PCOUNTED_REASON_CONTEXT Context
       );
#endif
 
#if (NTDDI_VERSION >= NTDDI_WIN7)
__drv_maxIRQL(DISPATCH_LEVEL)
NTKERNELAPI
NTSTATUS
PoSetPowerRequest (
    __inout PVOID PowerRequest,
    __in POWER_REQUEST_TYPE Type
       );
#endif
 
#if (NTDDI_VERSION >= NTDDI_WIN7)
__drv_maxIRQL(DISPATCH_LEVEL)
NTKERNELAPI
NTSTATUS
PoClearPowerRequest (
    __inout PVOID PowerRequest,
    __in POWER_REQUEST_TYPE Type
       );
#endif
 
#if (NTDDI_VERSION >= NTDDI_WIN7)
__drv_maxIRQL(APC_LEVEL)
NTKERNELAPI
VOID
PoDeletePowerRequest (
    __inout PVOID PowerRequest
       );
#endif




[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7859infuscomus⇗ @George King

why are you using ntoskrnl extender with portcls.sys?
XP should have it's own version of that already.
#7860George King⇗ @infuscomus
With XP portcls.sys is missing this function. I think "easiest" is add it into extender and use Windows 7 portcls.sys, but I'm not able to edit Extender code

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/

 

Page 525

#7861infuscomus⇗ @George King

you can edit ntoskrn8.c to add the functions you need.
#7862diderius6⇗ @daniel_k ⇗ @Ethaniel ⇗ @YuriyCN

I make a new test for legacy nvme boot of XP on board Asus P8H77-M via nvme Samsung 960 Pro with the files from
⇗ [Experimental] NVMe Option ROM (4)

But even the nvme device is now shown in Bios, no boot of XP is possible.
Those files make an entry for nvme in RAW in CSMCORE.
Later I also add the three files Nvme.ffs , NvmeSmm.ffs , NVMEINT13.ffs
does not help for legacy boot

Dietmar

PS: Does somebody know, how to extract the Rom Bios of the Samsung 950 Pro?
#7863Ethaniel⇗ @diderius6: The referenced Option ROM does not work with Samsung devices, the thread has successful reports with some models from other manufacturers.

Samsung 950 Pro has support for index-data register pair (IDP) and its Option ROM depends on that. Other Samsung models support memory-mapped I/O (MMIO) only, so the Samsung 950 Pro Option ROM will not work with those.

Instructions for extracting the Option ROM are available in the ⇗ Samsung NVMe legacy BOOT ROM present on 950 Pro thread and the very next post contains the extracted Option ROM. Note that the same method works for other devices with the exception of the primary video card as Linux is returning it from RAM that might be changed during boot.
#7864diderius6⇗ @Ethaniel

Thanks for answer.
I make a small joke:
I use the extracted Rom Bios from the Samsung 950 Pro and integrate it with MMTool 4.50.0.23 into Bios 1202 of Asus P8H77-M board, which never heard anything in its life about nvme ).
During integrating via MMTool 4.50.0.23  I set there the Ven 144D and Dev A804 for the nvme Samsung 960 Pro.
Now, this nvme device is correct(!) shown as Samsung 960 Pro in Bios of Asus P8H77-M.

But during boot of XP it hangs, but no crash and no message about wrong boot device as always before.

Now comes fun: I succeed to boot XP SP3 via this nvme Samsung 960 Pro with Grub and ramboot on Asus P8H77-M

Dietmar
#7865diderius6I make some more tests with the rom Bios of nvme Samsung 950 Pro integrated in the Bios 1202 of Asus P8H77-M board.
For this I set up a nvme BCD boot of XP SP3, thanks to ⇗ @skullteria .
And voila, for a second I can see the start screen of XP, then reboot with the nvme Samsung 960 Pro.
This Samsung 960 Pro is the only boot device connected to the Asus P8H77-M board.
This simple means, that it is possible to integrate the rom Bios of the Samsung 950 Pro in a Bios,
that never heard anything about nvme and boot XP from the Samsung 960 Pro.
The crash during boot of XP via the Samsung 960 pro happens (I think),
because this BCD nvme XP is build on other compi
Dietmar

EDIT: I am not good with grub4dos. May be somebody here knows, how to set up the most easy grub4dos boot of XP.
It is as I thought: The rom Bios of the Samsungs 950 Pro does not like to work together with NTLDR of XP on a lot of Bios.
I just test this: BCD boot of XP on the 960 Pro starts, ntldr as second boot option gives black screen at once.
#7866infuscomus⇗ @diderius6

Easy2boot has some premade grub4dos scripts than can be used to both install and boot into XP.
#7867diderius6⇗ @infuscomus

Thanks for help, I will try.
All good and bad behavior of the Samsung 950 Pro can be transported via MMTool 4.50.0.23 to the nvme Samsung 960 Pro via the rom image to Bios from post
⇗ Samsung NVMe legacy BOOT ROM present on 950 Pro

Dietmar
#7868George King
Zitat von ⇗ infuscomus im Beitrag ¶ #7861
@George King

you can edit ntoskrn8.c to add the functions you need.


I'm not programmer, so I'm not able to do it. Maybe you or any other members can investigate into mentioned 4 functions to help port Generic HDA Windows 7 drivers? [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7869gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #7861
you can edit ntoskrn8.c to add the functions you need.
⇗ @infuscomus ...I think you mentioned this before. What do you use to recompile the c file? If possible, can you quickly explain your procedure? I have visual C++ installed but it can get nasty with its error checking.
#7870infuscomus⇗ @gordo999

I use the windows 7 DDK in a VM

First setup a windows 10 VM.
Download windows 7 DDK and install it.

⇗ https://www.microsoft.com/en-au/download...s.aspx?id=11800

After installing the DDK go to the ntoskrnl extender github and download then extract it.

copy the ntoskrnl_Emu-master folder to the root of C:\
The DDK is sensitive about folder paths so this is easier.

Next open x86/x64 free build environment and navigate to C:\ntoskrnl_Emu-master
make sure it's the folder that has ntoskrn8.c in it
and type BLD to build.
#7871George KingI have created some patched drivers using EMU Extender for both - x86 and x64. I recreated all what I could as I have added x64 support to XP2ESD, now we have also ported drivers for x64.

All drivers are standalone packages - every needed file is installed by INF.

These drivers are ported according to information on ⇗ EMU Extender GitHub

x64\AMD_SATA_1.2.001.0402
x64\Generic_AHCI
x64\Generic_MSAHCI
x64\Generic_NVMe
x64\Generic_UASP_6.1.7600.4002
x64\Generic_USB3x
x64\IRST_16.8.3.1003
x64\IRST_18.36.3.1019
x64\RSTe_4.7.0.1119
x64\Samsung_NVMe_3.3.0.2003

x86\AMD_SATA_1.2.001.0402
x86\Generic_AHCI
x86\Generic_MSAHCI
x86\Generic_NVMe
x86\Generic_UASP_6.1.7600.4002
x86\Generic_USB3x
x86\IRST_16.8.2.1002
x86\RSTe_4.7.0.1119
x86\Samsung_NVMe_3.3.0.2003

NOTES:
2) Generic AHCI and USB3x drivers was tested in VirtualBox and they works, every other drivers needs to be tested
2) UASP is only INF edited VIA driver as is seems generic

Download

 
https://www.mediafire.com/file/e3fxix06lfq564w/PortedDrivers-WindowsXP%252BWindows2003_x86%252Bx64.7z/file




EDIT: To get working Generic HDA Windows 7 drivers - portcls.sys from build 6801 can be ported using EMU Extender. But this needs more time to investigate. HDAUDIO + HDABUS can be installed without problem, but device cannot start with error 10 -> maybe related to WDMAUDIO.inf + KS.inf

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7872daniel_k⇗ @diderius6

As you can easily recover the BIOS, try to use CSM/NVMe modules from some Z97 BIOS.

Native M.2 NVMe was introduced with 9 series chipsets, so probably proper legacy support may have been implemented.
#7873George KingCan anybody test this Generic Windows 8.1 NVMe driver under XP on real machine? I have patched security cookie and fixed checksum and ported Windows 7 storport.sys + ntoskrn8.sys was added into INF. Seems good in Depency Walker.

 
https://www.mediafire.com/file/5gtz85p6yz3wjld/Generic_NVMe_6.3.9600.16421_x86.7z/file
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7874diderius6Yessssaaa:)))))))!!!!!!

For the very first time I succeed to boot legacy CSM XP SP3 from an nvme Samsung 960 Pro
with VEN 144D  DEV A804
on the board Asus P8H77-M with Bios, that never heard anything about nvme in its life before.
No other device is connected, only Samsung 960 Pro without own nvme Bios.
I do not integrate any nvme.efi files in Bios.

The most critical procedure was to prepare the XP for this.
It works with BCD boot.
It is stable.

I integrate the rom Bios from the Samsung 950 Pro into the Bios from the Asus P8H77-M,
with EEpromer Revelprog IS it is easy procedure.
For me it works only with the very laast acpi.sys from outerspace ), this file is in the package here also
together with MMTool 4.50.0.23 and the rom image from the Samsung 950 Pro

Dietmar

This are all files, that I use

⇗ https://ufile.io/jl645u9x

PS: BCD boottime is below 1 sec:)).
From feeling it is the most fast XP ever. Feels even faster than complete XP in ram. Is this possible?






#7875Andalu
Zitat von ⇗ George King im Beitrag ¶ #7873
Can anybody test this Generic Windows 8.1 NVMe driver under XP on real machine? I have patched security cookie and fixed checksum and ported Windows 7 storport.sys + ntoskrn8.sys was added into INF. Seems good in Depency Walker.

Driver tried on asus prime B250M with the Sabrent Rocket SSD NVMe as secondary drive (not as system drive). All sys files manually copied into system32/drivers folder. I got the same bsod just installed the driver and also on reboot:

DRIVER_IRQL_NOT_LESS_OR_EQUAL

STOP: 0x000000D1 (0x00000408,0x00000007,0x00000000,0xB9B246EA)

storport.sys - Address B9B246EA base at B9B1F000, DateStamp 56f57964

 

Page 526

#7876gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #7870
Download windows 7 DDK and install it.
⇗ @infuscomus ...thanks for detailed explanation. I already have DDK - 7 loaded on W7 in the C:\ directory. In the \bin directory there is an \x86 sub-directory. In the root,  there is a build.exe compiler (and linkers) for x86 and in the same \x86 directory is an \AMD64, where there is another build.exe (and linkers) presumably for x64 apps.

In fact, there are several compilers in the directories, like ml.exe for assembler and rc.exe for compiling resources. Good stuff. Thanks again.

ps. just noticed on MovAX_DEAD's github page, the instructions to:

Run shell: "Start Menu\Programs\Windows Driver Kits\Win7 7600.16385.1\Build Environments\Windows XXX\YYY Free Build Environment" (XXX - target OS, YYY - target CPU)

It's all there in my W7 Start\All Programs\Windows Drivers Kits directory. Thanks again.

And thanks again to MovAX_DEAD for all the hard work creating the page and supplying the files.
#7877George King⇗ @Andalu Can you try drivers, that I ported for XP2ESD on previous page too please?

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7878George KingI have created testing ISO with XP Professional x86 SP3 and XP Professional x64 SP2 - without integrated updates - Original MSDN ISOs was used as input. Only drivers was added - Including latest MassStorage and USB driverpacks exctrated from DRP.SU / SAMLAB packs + newly ported drivers according to EMU Extender tutorial by me. This release doesn't include patched ACPI.sys.

1) Create USB install using RUFUS
2) If needed add patched ACPI.sys into USB\sources\$OEM$\sources\$OEM$\$$\system32\drivers. There are no patched x64 ACPI.sys yet.. And remember, if you add x86 ACPI.sys you cannot install x64 version
3) Boot from USB and install
4) Let me know how it goes
5) If  can, create patched ACPI.sys for x64 to be able to boot it on newer machines - x64 XP version can be booted in pure UEFI :)

Download

 
https://www.mediafire.com/file/dnpxf10lgsi7qwz/WinXP_AIO_ESD_v1.6_rc1.iso/file
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7879infuscomus⇗ @George King

nice work!
I'll try and patch the x64 ACPI.SYS driver - but I can't promise anything will come of it. ⇗ @Mov AX, 0xDEAD is much more skilled at this than I am.
#7880diderius6Hi,

is it possible to dump the legacy nvme rom image from any Bios from CSMCORE there,
may be via Linux

Dietmar
#7881diderius6I extract the "Option Rom" from the Plextor nvme M8Pe for legacy nvme boot and integrate it in Bios of the Asus H77.
It does not work, even no nvme disk at all is recogniced. The checksum is wrong and also may be not all correct in this *.rom.

So, until now the only possibility for legacy nvme boot (without any other tools) is the Option Rom from the Samsung 950 Pro

Dietmar

Option Rom from Plextor

⇗ https://ufile.io/4nu0jmy0
#7882diderius6I compare, what happens after integration of the nvme Option Rom.

This is the only thing, that changes in BIOS:

The Option Rom is copied complete at the end of raw section in CSMCORE.
Only 10 Bytes are added to the Option Rom image, at the beginning of Option Rom with the Ven and Dev number.

Here

00 A0   4D 14   04 A8   00 7E 00 00

Then follows the startsequence 55 AA .
A good search string for to find the Option Rom for nvme is text "nvme"
and Hexvalues 50 43 49 52

Dietmar
#7883diderius6Here is the best Option Rom from the Samsung 950 Pro until now.
The original Samsung pro shows 2 IDE nvme devices.
Here I cut the second nvme IDE,
so the Option Rom is much smaller and may be more generic.

I tested it for legacy nvme Boot of XP SP3,
works

Dietmar

EDIT: For some strange reasons, this cut versions hangs on second boot?!.

So, better to use the original 950pro.rom.

950pro.rom (hangs on 2. boot)
17.920 Bytes
⇗ https://ufile.io/k4prfe57

950proFULL.rom (works always)
32.256 Bytes
⇗ https://ufile.io/mr10i71p
#7884Andalu
Zitat von ⇗ George King im Beitrag ¶ #7877
@Andalu Can you try drivers, that I ported for XP2ESD on previous page too please?

I tried to install some drivers from the PortedDrivers-WindowsXP+Windows2003_x86+x64 package on my intel Skylake platform with XP-SP3 x86 Integral Edition 2021.5.15. Here the results:

- AMD_SATA not tested (I have no AMD system)

- Generic_AHCI:


- Generic_MSAHCI not tested

- Generic_NVMe:
same BSOD 0x000000D1 (0x00000408,0x00000007,0x00000000,0xB9B246EA) as reported previously.

- Generic_UASP not tested because the USB3x driver fails to install

- Generic_USB3x:
it doesn't work. I got the message "the specified location does not contain information about your hardware" on installing manually.
In the "Generic_USB3x" folder I noticed the 'usb8.sys' file. Maybe it should be 'usbd8.sys'? (even renaming this file the USB3x driver doesn't work anyway).

- IRST_16.8.2.1002:


- RSTe_4.7.0.1119:


- Samsung_NVMe_3.3.0.2003:
it works only for Samsung NVMe drives. For other brands (Crucial, WD and Sabrent I got the message "the specified location does not contain information about your hardware").



Please note that I have tested those drivers for a short time only.
#7885daniel_k⇗ @diderius6

See on page 33: A.2 PnP Option ROM Header
⇗ https://www.scs.stanford.edu/nyu/04fa/lab/specsbbs101.pdf

The Samsung 950 Pro option ROM size is OK, for "part1" and "part2". Checksum of part1 is important, for part2 doesn't matter.
Maybe part1 access data in part2, that's why it fails on 2nd boot.

About the Plextor option rom, size and checksum of part1 is OK, but part2 seems incomplete.
According to its header, part2 should have 6A00h (27136) bytes, but it's just 688A (26762) bytes long.
#7886infuscomus⇗ @diderius6 ⇗ @daniel_k

how do you dump/flash an NVMe Option boot ROM?
#7887diderius6⇗ @infuscomus

Download files from
¶ Windows XP 32-Bit and Server 2003 32-Bit on Modern Hardware (526)

I dump the NVME Option Rom from Website of for example Plextor, looking for "55 AA" Signature in those files for Option Rom.
And I flash it with MMTool 4.50.0.23,
Load Image (Whole Bios from compi)
Load Module file (Option Rom)
Enable "For Option ROM only" via "Link present"
Put Vendor ID and Device ID in (for Samsung 950 Pro Ven 144D, Dev A804)
Save Image as ..
Flash to Bioschip of compi ( I use Revelprog IS for this, best EEpromer ever)

The Option Rom is put via MMTool at the end of RAW file in CSMCORE

Dietmar
#7888George King
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #5056
Patch for VIA USB Mass Storage Device (UAS/UASP) to restore "Safe Remove":

vusbstor.sys x32 v6.1.7600.4002
89 9D 70 FF FF FF 89 9D 68 FF FF FF => 90 90 90 90 90 90 89 9D 68 FF FF FF


Is there x64 patch too please? [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7889diderius6I just add via MMTool also the Ven 1B85 Dev 6018 from the Toshiba RD400
to the Option Rom (extracted from Samsung Pro 950) into the Bios of the Asus P8H77-M board.
Interesting, the RAW file in CSMCORE in Bios does not grow,
even now there is support in Bios for the Samsung 960 Pro and the Toshiba RD400.
XP SP3 boots fast via legay CSM nvme in the Bios of the P8H77-M,
which never heard anything about nvme in its life ) before.
In Bios, the Toshiba RD400 is now listed with its correct full name.
Only with Samsung 960 Pro entries in Option Rom the Toshiba RD 400 is not recogniced from Bios at all.

Waaoh, the Option Rom from the Samsung Pro 950 seems to be really generic.

Only BCD boot of XP works on the P8H77-M, only with Sata set to IDE mode(!) or disabled.
This BCD boot is not necessary on other boards, but in about >50% of all boards
Dietmar

EDIT: Standby works with full USB3 support.
With normal ntldr boot, Standby does not work, only with BCD boot.

#7890diderius6I just get a nvme Plextor 1 Tbyte M8PeG
and I succeed to boot XP from it in legacy CSM mode on the Asus P8H77-M board.
But I dont know, how to make a working Option Rom from it
Dietmar

EDIT: If there is no way, to extract the Option Rom direct from the Plextor nvme disk,
may be it is possible, when you can extract correct the file from Plextor Website

PX-1TM8PeG_1.06.EXE
⇗ https://ufile.io/zk72k1ar


 

Page 527

#7891diderius6After crazy fight with Linux I succeed to get the correct Option Rom direct from the nvme Plextor M8Peg
Dietmar

plextor.rom
⇗ https://ufile.io/jwvy04j9


EDIT: Even I am to 100% sure, that I integrate this Option Rom from Plextor correct in Bios for the Samsung 960 Pro on the Asus P8H77-M board, no nvme at all is shown.

So, only the Option Rom from the Samsung 950 Pro is generic and works for other nvme devices also for legacy boot of XP.
#7892diderius6I make some more tests with the Option Rom extracted from the Samsung 950 Pro.
For this I integrate into Bios together(!) the 3 Ven Dev numbers, all nvme, from the

500 GB Samsung 960 Pro (144D A804)
the Toshiba RD400 with 500 GB (1B85 6018)
and the Samsung 970 Pro 1TB (144D A808).

I integrate all with MMtool step by step into the Bios 1306 of the Asus P8H77-M board,
before without any nvme. All nvme disks work now, nice ).
So all (?) nvme devices can be used as legacy Boot device for XP SP3 on any motherboard
(I test only UEFI) with the extracted Option Rom from the Samsung 950 Pro.
Standby now works always with BCD boot. With ntldr boot, Standby does not work.
Even boot with 2 different nvme disks, connected at the same time for to boot legacy XP on the Asus P8H77-M works ).

I use only the nvme driver from ⇗ @Mov AX, 0xDEAD .
⇗ http://www.mediafire.com/file/7os0e1db59..._XP_x86.7z/file

Dietmar

#7893diderius6I make some fun with the Asus mainboard P8Z68-V LX of ⇗ @dencorso ).
Voila, legacy nvme boot of XP SP3 works there also.
I only integrate the image.rom extracted from the Samsung 950 pro
with Ven_144D&Dev_A808 for the Samsing 1TB 970 Pro
Dietmar

#7894George KingI have created some patched drivers using EMU Extender for both - x86 and x64. I recreated all what I could as I have added x64 support to XP2ESD, now we have also ported drivers for x64.

All drivers are standalone packages - every needed file is installed by INF.

These drivers are ported according to information on ⇗ EMU Extender GitHub

x64\AMD_SATA_1.2.001.0402
x64\Generic_AHCI_6.2.9200.16384
x64\Generic_MSAHCI_6.1.7601.23403
x64\Generic_NVMe_6.1.7601.23403
x64\Generic_UASP_6.1.7600.4002
x64\Generic_USB3x_6.2.9200.21180
x64\IRST_16.8.3.1003
x64\IRST_18.36.3.1019
x64\RSTe_4.7.0.1119
x64\Samsung_NVMe_3.3.0.2003

x86\AMD_SATA_1.2.001.0402
x86\Generic_AHCI_6.2.9200.16384
x86\Generic_MSAHCI_6.1.7601.23403
x86\Generic_NVMe_6.1.7601.23403
x86\Generic_UASP_6.1.7600.4002
x86\Generic_USB3x_6.2.9200.21180
x86\IRST_16.8.2.1002
x86\RSTe_4.7.0.1119
x86\Samsung_NVMe_3.3.0.2003


Download

 
https://www.mediafire.com/file/1md5awnrgg7k4xg/PortedDrivers-WindowsXP+Windows2003_x86+x64_v2.7z/file




Changes from last upload¶  in this post

1. Fixed all INFs encoding to UTF8 - LE BOM, this caused USB3.x driver was refused with "no compatible device" messsage
2. All INFs are prepared for future signing
3. Applied USB3.x additional patch to correctly recognize USB speed
4. Applied USAP additional patch to recover "safe removal" in x86 version of uapstor.sys - for x64 there is no patch at this moment
5. Added versions into all folder names


To-Do list
1. Find x64 patch for uapstor.sys
2. Review NVMe driver - ⇗ @Andalu reported some BSOD, this seems weird as stornvme.sys in unmodified and this must be in ported storport.sys? Every ported drivers use same storport.sys. This can be also caused by test environment (XP Integral edition)
3. Create working Generic HDA driver - I found some of them ⇗ here by ⇗ @skullteria , but no sound at all after installation, maybe there are needed more steps to do in system
4. Find out solution for MSAHCI and original mshdc.inf. I can confirm this driver works good, but it will be reinstalled with bad files after second reboot

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7895George King
Zitat von ⇗ Andalu im Beitrag ¶ #7884
Zitat von ⇗ George King im Beitrag ¶ #7877
@Andalu Can you try drivers, that I ported for XP2ESD on previous page too please?

I tried to install some drivers from the PortedDrivers-WindowsXP+Windows2003_x86+x64 package on my intel Skylake platform with XP-SP3 x86 Integral Edition 2021.5.15. Here the results:

- AMD_SATA not tested (I have no AMD system)

- Generic_AHCI:


- Generic_MSAHCI not tested

- Generic_NVMe:
same BSOD 0x000000D1 (0x00000408,0x00000007,0x00000000,0xB9B246EA) as reported previously.

- Generic_UASP not tested because the USB3x driver fails to install

- Generic_USB3x:
it doesn't work. I got the message "the specified location does not contain information about your hardware" on installing manually.
In the "Generic_USB3x" folder I noticed the 'usb8.sys' file. Maybe it should be 'usbd8.sys'? (even renaming this file the USB3x driver doesn't work anyway).

- IRST_16.8.2.1002:


- RSTe_4.7.0.1119:


- Samsung_NVMe_3.3.0.2003:
it works only for Samsung NVMe drives. For other brands (Crucial, WD and Sabrent I got the message "the specified location does not contain information about your hardware").



Please note that I have tested those drivers for a short time only.



Thanks a lot, I have uploaded new set with fixed USB3.x driver INF, it was caused by accident by bad file encoding. Should work now without any problem. Yes, Samsung driver is only for Samsung devices, this is not modded INF to switch it into generic driver. [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7896George King⇗ @diderius6 Can you try NVMe driver from my collection please? I would like to know if you encounter same BSOD as ⇗ @Andalu?

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7897diderius6⇗ @George King

Your modded nvme stornvme.sys works without any problem under XP SP3.
I tested different nvme disks.

There is a difference between this driver and the driver from ⇗ @daniel_k :
Your stornvme.sys and your storport.sys drivers are both ported from Win7.
The stornvme.sys and storport.sys from ⇗ @daniel_k are modded from Win8
Dietmar

PS: A BSOD can happen for another reason: When you first install the Samsung Nvme driver, its Filterdriver secnvmeF.sys
does not want to go and when you delete it by hand, you get Bsod 0x7B.
By the way I noticed during my intensive tests, that the Samsung nvme driver secnvme.sys often gives yellow question mark with Start error 10. So, the generic nvme driver stornvme.sys is the better choice.

Until now no TRIM support for nvme devices under XP.
#7898George King⇗ @diderius6 Nice, that is great! Seem Like I managed to build whole driver collection for upcoming XP2ESD v1.6. Only this patch equivalent for x64 needs to be discovered

⇗ @Mov AX, 0xDEAD
Patch for VIA USB Mass Storage Device (UAS/UASP) to restore "Safe Remove":

vusbstor.sys x32 v6.1.7600.4002
89 9D 70 FF FF FF 89 9D 68 FF FF FF => 90 90 90 90 90 90 89 9D 68 FF FF FF


And of course x64 ACPI.sys patch needs to be done..

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7899George King
Zitat von ⇗ diderius6 im Beitrag ⇗ HP Pavilion 11-E10SG shuts down during Windows XP installation
@George King

I am happy, when you can make an XP SP3 , German version.
This I would test intensive
Dietmar


⇗ @diderius6 Give me few hours to build it. I would like to finish XP2ESD v1.6 and release for public as this can help everyone to install it. Do you have any new patched x86 ACPI.sys which would you like to include? [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7900George King⇗ @diderius6

⇗ Here is German (de-DE) Windows XP SP3+ ISO (Installer is English and Windows 7 + 10 based, don't worry about installed system). Please create bootable USB using Rufus as it can be installed from USB3.x without problem.

This in nLite session from XP2ESD

 
[Tasks]
Hotfixes and Update Packs
Options
 
[Patches]
DoUxTheme
DoSFC
 
[Hotfixes]
F:\XP2ESD\plugins\updates\OnePiece_Windows_XP_Post-SP3_UpdatePack_v1.1.0_FINAL_DEU_.7z
F:\XP2ESD\plugins\updates\OnePiece_WinXP_Embedded_Post-SP3_True_AddOn_DEU.7z
F:\XP2ESD\plugins\updates\OnePiece_NetFxLangPack_SvcPack_AddOn_DEU.cab
F:\XP2ESD\plugins\updates\addons\TimeZonesUpdate_SVCPACK.7z
F:\XP2ESD\plugins\updates\addons\VisualC++.7z



Just for clarification - Huge MassStorage + USB driver set is integrated in captured image to provide universal image. Don't worry about unneeded drivers as every not used driver service is disabled after first reboot of installed system using MyFactory (That is first screen that looks like original Windows XP setup billboard, but it's MyFactory with applied WinntBBU design). You can find all included drivers in Drivers folder in root of installed system or in USB\sources\install.esd\Drivers. Also in CLONE_TAG.txt are all of them listed in install.esd. And all ported drivers are ported by me using tutorials from @Mov AX, 0xDEAD. And these drivers are still unsigned, no need to do it right now until we are sure they works as expected.

If your machine needs patched ACPI.sys place them into USB\sources\$OEM$\$$\system32\drivers
If you don't want to use PAE patcher by ⇗ @daniel_k, delete WinXPPAE.exe from USB\support


EDIT: XP2ESD build log

 
                                                                                   Started on 05.10.2021 at 17:47:59,24
                                                                                       Auto-Sysprep progress: 1 / 1
 
   [1] Extracting de_windows_xp_professional_with_service_pack_3_x86_cd_vl_x14-73985.iso
         Windows XP Professional Volume License (de-DE)
   [2] Integrating UpdatePack
   [3] Adding Auto-Sysprep
   [4] Building ISO
   [5] Installing into VirtualBox
   [6] Extracting VHD
   [7] Capturing image
   [8] Exporting image
 

                                                                                   Started on 05.10.2021 at 18:12:30,07
 Windows XP Modern Installer
 
   [1] Extracting Windows 7 & 10 ISO
   [2] Building setup structure
         Building bootloader
         Adding DriverPacks support
         Adding Setup folder
   [3] Upgrading setup engine
         Integrating setup updates
         Integrating setup drivers
   [4] Patching setup design
   [5] Modifying setup launch
   [7] Compressing boot.wim
   [8] Updating install.wim
         1. Windows XP Professional Volume License (de-DE)
              License files check
   [9] Compressing install.esd
   [11] Building bootable ISO
                                                                                  Finished on 05.10.2021 at 18:18:25,68
 
 Process finished, press any key to exit...
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7901Andalu
Zitat von ⇗ George King im Beitrag ¶ #7894
2. Review NVMe driver - @Andalu reported some BSOD, this seems weird as stornvme.sys in unmodified and this must be in ported storport.sys? Every ported drivers use same storport.sys. This can be also caused by test environment (XP Integral edition)

Zitat von ⇗ George King im Beitrag ¶ #7895
Thanks a lot, I have uploaded new set with fixed USB3.x driver INF, it was caused by accident by bad file encoding. Should work now without any problem. Yes, Samsung driver is only for Samsung devices, this is not modded INF to switch it into generic driver.

I tried again the drivers that didn't work before on my system. Here are the results:

Generic_USB3x_6.2.9200.21180 + Generic_UASP_6.1.7600.4002:



Generic_NVMe_6.1.7601.23403
Installed on the 'XP-Integral Edition 2021.5.15' (with PAE enabled) and on the 'en_windows_xp_professional_with_service_pack_3_x86_cd_vl_x14-73974' (with no PAE) ISOs without any issue this time:



The strange thing is that now I get the exact same BSOD that I reported previously for the NVMe driver modded from Win8 on both iso mentioned above.
#7902diderius6⇗ @George King

Thanks for the german XP version!

First I install it on the Asus P8H77-M board from USB stick using Rufus 2.18p (last version for XP).
With chosing IDE mode in Bios it shows Bsod 0x7B.
When I chose AHCI mode it installs fast.
At the end of the installation I cant chose "Time Zone" (just white list there without letters),
but chosing "next" works.
The USB3 driver shows yellow questionmark, does not work.
The XP Updates are all there, even the last Posready.

What I like very much is, that you keep every program and setting from Original XP CD

Dietmar

PS: Nice would be also a Setup, which uses only BCD boot for XP.
I know, that after Skylake and processors > Celeron it does not work but for all the other compis,
and also for nvme boot.
#7903George King
Zitat von ⇗ diderius6 im Beitrag ¶ #7902
@George King

Thanks for the german XP version!

First I install it on the Asus P8H77-M board from USB stick using Rufus 2.18p (last version for XP).
With chosing IDE mode in Bios it shows Bsod 0x7B.
When I chose AHCI mode it installs fast.
At the end of the installation I cant chose "Time Zone" (just white list there without letters),
but chosing "next" works.
The USB3 driver shows yellow questionmark, does not work.
The XP Updates are all there, even the last Posready.

What I like very much is, that you keep every program and setting from Original XP CD

Dietmar

PS: Nice would be also a Setup, which uses only BCD boot for XP.
I know, that after Skylake and processors > Celeron it does not work but for all the other compis,
and also for nvme boot.


1) IDE / AHCI problem should be caused by drivers mismatch - included driver set will always need user touch to remove unneeded ones before building XP2ESD ISO
2) TimeZone problem is interesting. I must moved INF setup from SYSSETUP to SVCPACK and apply it during RunOnceEx same as VisualC++, I must do it according to x64 support to XP2ESD. I have no idea why is selection box empty in OOBE. If you try to change TimeZone you can see all of them are here. Will see what can I do as TimeZone OOBE pages are unlocked by editing OOBE htm file.
3) Weird, even if I reinstall USB3.x driver in VirtualBox I got error 3. This VM machine is configured as XP 32bit. When I try same ISO on VM configured as 8 x64 same result. Any idea what should cause it? I will try to buid another image. I have some ideas why it happends - When I tried these ported drivers it was only on pure XP SP3 English and Czech and it worked, so maybe caused by UpdatePack's WDF CO installers or other drivers, but wdfldr seems as correct one.

I will investigate these weirdos tomorrow.


Currently is used BCD + BOOTMGR + NTLDR legacy option. I have added some experimental support for booting through BCD + BOOTMGR + WINLOAD but this doesn't work due detecthal feature which we need. I'm 110% in to find cause and be able to boot only using this modern method. [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7904infuscomus⇗ @George King

Remind me why XP2ESD needs to use the detecthal feature of a vista beta NTLDR?

I think it wouldn't be unreasonable to assume that anyone running this XP2ESD would be running it on hardware newer than 2005.
So why not just have it automatically use multiprocessor HAL and kernel and not bother with detecthal?
#7905User32
Zitat von ⇗ infuscomus im Beitrag ¶ #7904
@George King

Remind me why XP2ESD needs to use the detecthal feature of a vista beta NTLDR?

I think it wouldn't be unreasonable to assume that anyone running this XP2ESD would be running it on hardware newer than 2005.
So why not just have it automatically use multiprocessor HAL and kernel and not bother with detecthal?
lol speak for yourself, XP2ESD would be a massive time saver for people who play around with old/XP era hardware quite often.

 

Page 528

#7906infuscomus⇗ @User32

The Windows 8/10 PreInstall Environment doesn't always work on older hardware though.
#7907User32
Zitat von ⇗ infuscomus im Beitrag ¶ #7906
@User32

The Windows 8/10 PreInstall Environment doesn't always work on older hardware though.
Indeed it doesn't, you need PAE, NX and some other instructions for it so anything below a C0 stepping Pentium M can't run it.
#7908George King
Zitat von ⇗ infuscomus im Beitrag ¶ #7904
@George King

Remind me why XP2ESD needs to use the detecthal feature of a vista beta NTLDR?

I think it wouldn't be unreasonable to assume that anyone running this XP2ESD would be running it on hardware newer than 2005.
So why not just have it automatically use multiprocessor HAL and kernel and not bother with detecthal?


I got and idea how to change this seetings on the fly on USB in settings.ini. I'm building testing image right now to see how it goes.

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7909George King⇗ @infuscomus ⇗ @User32
There are still two methods to build XP2ESD Installer in v1.6

"Legacy" ISO -> Windows 7 PE + Windows 10 setup engine -> most compatible with older machines
"Modern" ISO -> Windows 8.0 or Windows 10  PE including setup engine -> most compatible with newer machines

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7910Masterchief79I got some more info on this now. I did another XP installation on my B550 board and 5800X Ryzen CPU and it worked pretty well. I installed no optional patches and could boot, reboot, switch between OSes etc. no issues.

Then I got into overclocking a little bit and inevitably got the PC to freeze on a too aggressive overclock during a benchmark. This is what I mainly wanna use XP for if you remember: To have a fast platform for benchmarking old graphics cards, a GTX285 in this case.
So PC froze, I shut it down and rebooted it, and got greeted with Windows Check Disk. After disk checking, the PC bluescreens again, so it seems my install is borked and I can't get it to boot anymore. It doesn't matter if I actually run the disk check or not, it still BSODs.
I still have all kinds of HDDs connected that I use as data storage on my Win10 OS. Interestingly enough, the C drive from Windows XP install is not the HDD where it's actually installed on, either. (So I install Windows on my 320GB HDD which ends up being the E: drive.) Is that just a severe case of data salad? Would just disconnecting all other HDDs probably solve the issue?
#7911infuscomus⇗ @Masterchief79

Post a screenshot of the BSOD, it'll help determine what the problem is.
#7912diderius6May be (!?)
that it is possible to start XP SP3 with NTLDR and ntdetect.com from XP 64.
Crazy idea, but who knows and may be, this opens door to UEFI
Dietmar

PS: Does anybody know, what this message at boot of XP means?

#7913infuscomus⇗ @diderius6

I'm not sure, google it?
or look through NTDETECT source code for error code?
#7914diderius6I make a try with the master ntldr debug for XP for to see, why using ntldr with the integrated option rom from the nvme
Samsung 950 Pro always gives reboot.
Here is the output of Windbg.
Any help, why ntldr XP reboots from nvme device after last line is welcome
Dietmar

PS: ntldr seems to hang at
kd>
osloader!NtProcessStartup+0x238:
0040e6f1 f6052cfc420001 test byte ptr [osloader!BootFlags (0042fc2c)],1
kd>
osloader!NtProcessStartup+0x23f:
0040e6f8 742c je osloader!NtProcessStartup+0x26d (0040e726)
kd>
osloader!NtProcessStartup+0x26d:
0040e726 e896d70000 call osloader!BlTerminalHandleLoaderFailure (0041bec1)

or at
osloader!InitializeMemoryDescriptors+0x19:
0041169a a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> t
osloader!InitializeMemoryDescriptors+0x1e:
0041169f 8975e8          mov     dword ptr [ebp-18h],esi
kd> t
osloader!InitializeMemoryDescriptors+0x21:
004116a2 ff502c          call    dword ptr [eax+2Ch]
kd> t
000212eb 6858000000      push    58h
kd> t
000212f0 68f6120000      push    12F6h
kd> t
000212f5 cb              retf




Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Sun Oct 17 11:01:52.859 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for osloader.exe - 
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Sun Oct 17 11:01:54.406 2021 (UTC + 2:00): Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> p
osloader!DbgBreakPoint+0x1:
0040b0c7 c3              ret
kd> p
osloader!BdInitDebugger+0x3c0:
0040bb78 eb05            jmp     osloader!BdInitDebugger+0x3c7 (0040bb7f)
kd> p
osloader!BdInitDebugger+0x3c7:
0040bb7f c9              leave
kd> p
osloader!BdInitDebugger+0x3c8:
0040bb80 c20c00          ret     0Ch
kd> p
osloader!MempCopyGdt+0x254:
0041143c 33c0            xor     eax,eax
kd> p
osloader!MempCopyGdt+0x256:
0041143e 5b              pop     ebx
kd> 
osloader!MempCopyGdt+0x257:
0041143f 5f              pop     edi
kd> 
osloader!MempCopyGdt+0x258:
00411440 5e              pop     esi
kd> 
osloader!MempCopyGdt+0x259:
00411441 59              pop     ecx
kd> 
osloader!MempCopyGdt+0x25a:
00411442 59              pop     ecx
kd> 
osloader!MempCopyGdt+0x25b:
00411443 c3              ret
kd> 
osloader!InitializeMemorySubsystem+0x236:
0041167a 5f              pop     edi
kd> 
osloader!InitializeMemorySubsystem+0x237:
0041167b 5e              pop     esi
kd> 
osloader!InitializeMemorySubsystem+0x238:
0041167c 5b              pop     ebx
kd> 
osloader!InitializeMemorySubsystem+0x239:
0041167d c9              leave
kd> 
osloader!InitializeMemorySubsystem+0x23a:
0041167e c20400          ret     4
kd> 
osloader!DoGlobalInitialization+0x62:
0040e2fd 85c0            test    eax,eax
kd> 
osloader!DoGlobalInitialization+0x64:
0040e2ff 740f            je      osloader!DoGlobalInitialization+0x75 (0040e310)
kd> 
osloader!DoGlobalInitialization+0x75:
0040e310 e86c330000      call    osloader!InitializeMemoryDescriptors (00411681)
kd> 
osloader!DoGlobalInitialization+0x7a:
0040e315 c20400          ret     4
kd> 
osloader!NtProcessStartup+0x15:
0040e4ce 56              push    esi
kd> 
osloader!NtProcessStartup+0x16:
0040e4cf 68b8254200      push    offset osloader!BlSuCmdLine (004225b8)
kd> 
osloader!NtProcessStartup+0x1b:
0040e4d4 e83ffeffff      call    osloader!ParseCommandLine (0040e318)
kd> 
osloader!NtProcessStartup+0x20:
0040e4d9 56              push    esi
kd> 
osloader!NtProcessStartup+0x21:
0040e4da e86c4affff      call    osloader!BlFillInSystemParameters (00402f4b)
kd> 
osloader!NtProcessStartup+0x26:
0040e4df 8b4628          mov     eax,dword ptr [esi+28h]
kd> 
osloader!NtProcessStartup+0x29:
0040e4e2 a32cfc4200      mov     dword ptr [osloader!BootFlags (0042fc2c)],eax
kd> 
osloader!NtProcessStartup+0x2e:
0040e4e7 8b06            mov     eax,dword ptr [esi]
kd> 
osloader!NtProcessStartup+0x30:
0040e4e9 8b00            mov     eax,dword ptr [eax]
kd> 
osloader!NtProcessStartup+0x32:
0040e4eb 25ff000000      and     eax,0FFh
kd> 
osloader!NtProcessStartup+0x37:
0040e4f0 bb48f34200      mov     ebx,offset osloader!BootPartitionName (0042f348)
kd> 
osloader!NtProcessStartup+0x3c:
0040e4f5 0f848c010000    je      osloader!NtProcessStartup+0x1ce (0040e687)
kd> 
osloader!NtProcessStartup+0x42:
0040e4fb 83f801          cmp     eax,1
kd> 
osloader!NtProcessStartup+0x45:
0040e4fe 0f8483010000    je      osloader!NtProcessStartup+0x1ce (0040e687)
kd> 
osloader!NtProcessStartup+0x4b:
0040e504 83f840          cmp     eax,40h
kd> 
osloader!NtProcessStartup+0x4e:
0040e507 751a            jne     osloader!NtProcessStartup+0x6a (0040e523)
kd> 
osloader!NtProcessStartup+0x6a:
0040e523 83f841          cmp     eax,41h
kd> 
osloader!NtProcessStartup+0x6d:
0040e526 7514            jne     osloader!NtProcessStartup+0x83 (0040e53c)
kd> 
osloader!NtProcessStartup+0x83:
0040e53c 50              push    eax
kd> 
osloader!NtProcessStartup+0x84:
0040e53d e82efdffff      call    osloader!BlIsElToritoCDBoot (0040e270)
kd> 
osloader!NtProcessStartup+0x89:
0040e542 84c0            test    al,al
kd> 
osloader!NtProcessStartup+0x8b:
0040e544 8b06            mov     eax,dword ptr [esi]
kd> 
osloader!NtProcessStartup+0x8d:
0040e546 741e            je      osloader!NtProcessStartup+0xad (0040e566)
kd> 
osloader!NtProcessStartup+0xad:
0040e566 0fb64801        movzx   ecx,byte ptr [eax+1]
kd> 
osloader!NtProcessStartup+0xb1:
0040e56a 0fb600          movzx   eax,byte ptr [eax]
kd> 
osloader!NtProcessStartup+0xb4:
0040e56d 51              push    ecx
kd> 
osloader!NtProcessStartup+0xb5:
0040e56e 50              push    eax
kd> 
osloader!NtProcessStartup+0xb6:
0040e56f 53              push    ebx
kd> 
osloader!NtProcessStartup+0xb7:
0040e570 e842fcffff      call    osloader!BlGetActivePartition (0040e1b7)
kd> 
osloader!NtProcessStartup+0xbc:
0040e575 6a4f            push    4Fh
kd> 
osloader!NtProcessStartup+0xbe:
0040e577 33ff            xor     edi,edi
kd> 
osloader!NtProcessStartup+0xc0:
0040e579 8d45a5          lea     eax,[ebp-5Bh]
kd> 
osloader!NtProcessStartup+0xc3:
0040e57c 57              push    edi
kd> 
osloader!NtProcessStartup+0xc4:
0040e57d 50              push    eax
kd> 
osloader!NtProcessStartup+0xc5:
0040e57e c645a400        mov     byte ptr [ebp-5Ch],0
kd> 
osloader!NtProcessStartup+0xc9:
0040e582 e825dd0000      call    osloader!memset (0041c2ac)
kd> 
osloader!NtProcessStartup+0xce:
0040e587 8b06            mov     eax,dword ptr [esi]
kd> 
osloader!NtProcessStartup+0xd0:
0040e589 897d08          mov     dword ptr [ebp+8],edi
kd> 
osloader!NtProcessStartup+0xd3:
0040e58c 8b00            mov     eax,dword ptr [eax]
kd> 
osloader!NtProcessStartup+0xd5:
0040e58e 83e07f          and     eax,7Fh
kd> 
osloader!NtProcessStartup+0xd8:
0040e591 50              push    eax
kd> 
osloader!NtProcessStartup+0xd9:
0040e592 8d45a4          lea     eax,[ebp-5Ch]
kd> 
osloader!NtProcessStartup+0xdc:
0040e595 6834054200      push    offset osloader!`string' (00420534)
kd> 
osloader!NtProcessStartup+0xe1:
0040e59a 50              push    eax
kd> 
osloader!NtProcessStartup+0xe2:
0040e59b e8b0db0000      call    osloader!sprintf (0041c150)
kd> 
osloader!NtProcessStartup+0xe7:
0040e5a0 83c418          add     esp,18h
kd> 
osloader!NtProcessStartup+0xea:
0040e5a3 8d4508          lea     eax,[ebp+8]
kd> 
osloader!NtProcessStartup+0xed:
0040e5a6 50              push    eax
kd> 
osloader!NtProcessStartup+0xee:
0040e5a7 6a02            push    2
kd> 
osloader!NtProcessStartup+0xf0:
0040e5a9 8d45a4          lea     eax,[ebp-5Ch]
kd> 
osloader!NtProcessStartup+0xf3:
0040e5ac 50              push    eax
kd> 
osloader!NtProcessStartup+0xf4:
0040e5ad a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0xf9:
0040e5b2 ff505c          call    dword ptr [eax+5Ch]
kd> 
osloader!NtProcessStartup+0xfc:
0040e5b5 85c0            test    eax,eax
kd> 
osloader!NtProcessStartup+0xfe:
0040e5b7 0f85bd000000    jne     osloader!NtProcessStartup+0x1c1 (0040e67a)
kd> 
osloader!NtProcessStartup+0x104:
0040e5bd 57              push    edi
kd> 
osloader!NtProcessStartup+0x105:
0040e5be 8d45f8          lea     eax,[ebp-8]
kd> 
osloader!NtProcessStartup+0x108:
0040e5c1 50              push    eax
kd> 
osloader!NtProcessStartup+0x109:
0040e5c2 ff7508          push    dword ptr [ebp+8]
kd> 
osloader!NtProcessStartup+0x10c:
0040e5c5 a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x111:
0040e5ca 897df8          mov     dword ptr [ebp-8],edi
kd> 
osloader!NtProcessStartup+0x114:
0040e5cd 897dfc          mov     dword ptr [ebp-4],edi
kd> 
osloader!NtProcessStartup+0x117:
0040e5d0 ff5070          call    dword ptr [eax+70h]
kd> 
osloader!NtProcessStartup+0x11a:
0040e5d3 85c0            test    eax,eax
kd> 
osloader!NtProcessStartup+0x11c:
0040e5d5 0f858a000000    jne     osloader!NtProcessStartup+0x1ac (0040e665)
kd> 
osloader!NtProcessStartup+0x122:
0040e5db 8d45f4          lea     eax,[ebp-0Ch]
kd> 
osloader!NtProcessStartup+0x125:
0040e5de 50              push    eax
kd> 
osloader!NtProcessStartup+0x126:
0040e5df bf00020000      mov     edi,200h
kd> 
osloader!NtProcessStartup+0x12b:
0040e5e4 57              push    edi
kd> 
osloader!NtProcessStartup+0x12c:
0040e5e5 8d85a4fdffff    lea     eax,[ebp-25Ch]
kd> 
osloader!NtProcessStartup+0x132:
0040e5eb 50              push    eax
kd> 
osloader!NtProcessStartup+0x133:
0040e5ec ff7508          push    dword ptr [ebp+8]
kd> 
osloader!NtProcessStartup+0x136:
0040e5ef a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x13b:
0040e5f4 ff5064          call    dword ptr [eax+64h]
kd> 
osloader!NtProcessStartup+0x13e:
0040e5f7 85c0            test    eax,eax
kd> 
osloader!NtProcessStartup+0x140:
0040e5f9 7563            jne     osloader!NtProcessStartup+0x1a5 (0040e65e)
kd> 
osloader!NtProcessStartup+0x142:
0040e5fb 39855cffffff    cmp     dword ptr [ebp-0A4h],eax
kd> 
osloader!NtProcessStartup+0x148:
0040e601 756d            jne     osloader!NtProcessStartup+0x1b7 (0040e670)
kd> 
osloader!NtProcessStartup+0x1b7:
0040e670 ff7508          push    dword ptr [ebp+8]
kd> 
osloader!NtProcessStartup+0x1ba:
0040e673 e89b69ffff      call    osloader!ArcCacheClose (00405013)
kd> 
osloader!NtProcessStartup+0x1bf:
0040e678 eb2d            jmp     osloader!NtProcessStartup+0x1ee (0040e6a7)
kd> 
osloader!NtProcessStartup+0x1ee:
0040e6a7 6a02            push    2
kd> 
osloader!NtProcessStartup+0x1f0:
0040e6a9 e848260000      call    osloader!FwAllocateHeapPermanent (00410cf6)
kd> 
osloader!NtProcessStartup+0x1f5:
0040e6ae a38c304300      mov     dword ptr [osloader!PcrBasePage (0043308c)],eax
kd> 
osloader!NtProcessStartup+0x1fa:
0040e6b3 85c0            test    eax,eax
kd> 
osloader!NtProcessStartup+0x1fc:
0040e6b5 7408            je      osloader!NtProcessStartup+0x206 (0040e6bf)
kd> 
osloader!NtProcessStartup+0x1fe:
0040e6b7 c1e80c          shr     eax,0Ch
kd> 
osloader!NtProcessStartup+0x201:
0040e6ba a38c304300      mov     dword ptr [osloader!PcrBasePage (0043308c)],eax
kd> 
osloader!NtProcessStartup+0x206:
0040e6bf 6a03            push    3
kd> 
osloader!NtProcessStartup+0x208:
0040e6c1 e830260000      call    osloader!FwAllocateHeapPermanent (00410cf6)
kd> 
osloader!NtProcessStartup+0x20d:
0040e6c6 a390304300      mov     dword ptr [osloader!TssBasePage (00433090)],eax
kd> 
osloader!NtProcessStartup+0x212:
0040e6cb 85c0            test    eax,eax
kd> 
osloader!NtProcessStartup+0x214:
0040e6cd 7408            je      osloader!NtProcessStartup+0x21e (0040e6d7)
kd> 
osloader!NtProcessStartup+0x216:
0040e6cf c1e80c          shr     eax,0Ch
kd> 
osloader!NtProcessStartup+0x219:
0040e6d2 a390304300      mov     dword ptr [osloader!TssBasePage (00433090)],eax
kd> 
osloader!NtProcessStartup+0x21e:
0040e6d7 e843360000      call    osloader!BlMemoryInitialize (00411d1f)
kd> 
osloader!NtProcessStartup+0x223:
0040e6dc e84744ffff      call    osloader!AEInitializeStall (00402b28)
kd> 
osloader!NtProcessStartup+0x228:
0040e6e1 e800d50000      call    osloader!BlInitializeHeadlessPort (0041bbe6)
kd> 
osloader!NtProcessStartup+0x22d:
0040e6e6 e8e568ffff      call    osloader!BlIoInitialize (00404fd0)
kd> 
osloader!NtProcessStartup+0x232:
0040e6eb 53              push    ebx
kd> 
osloader!NtProcessStartup+0x233:
0040e6ec e8a9f4ffff      call    osloader!BlStartup (0040db9a)
kd> 
osloader!NtProcessStartup+0x238:
0040e6f1 f6052cfc420001  test    byte ptr [osloader!BootFlags (0042fc2c)],1
kd> 
osloader!NtProcessStartup+0x23f:
0040e6f8 742c            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> 
osloader!NtProcessStartup+0x26d:
0040e726 e896d70000      call    osloader!BlTerminalHandleLoaderFailure (0041bec1)
kd> 
osloader!NtProcessStartup+0x272:
0040e72b 84c0            test    al,al
kd> 
osloader!NtProcessStartup+0x274:
0040e72d 74f7            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> 
osloader!NtProcessStartup+0x276:
0040e72f ebed            jmp     osloader!NtProcessStartup+0x265 (0040e71e)
kd> 
osloader!NtProcessStartup+0x265:
0040e71e a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> 
osloader!NtProcessStartup+0x26a:
0040e723 ff5014          call    dword ptr [eax+14h]
kd> 
Shutdown occurred at (Sun Oct 17 11:02:34.859 2021 (UTC + 2:00))...unloading all symbol tables.
Waiting to reconnect...

   

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Sun Oct 17 11:23:06.125 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for osloader.exe - 
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Sun Oct 17 11:23:07.671 2021 (UTC + 2:00): Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> t
osloader!DbgBreakPoint+0x1:
0040b0c7 c3              ret
kd> t
osloader!BdInitDebugger+0x3c0:
0040bb78 eb05            jmp     osloader!BdInitDebugger+0x3c7 (0040bb7f)
kd> t
osloader!BdInitDebugger+0x3c7:
0040bb7f c9              leave
kd> t
osloader!BdInitDebugger+0x3c8:
0040bb80 c20c00          ret     0Ch
kd> t
osloader!MempCopyGdt+0x254:
0041143c 33c0            xor     eax,eax
kd> t
osloader!MempCopyGdt+0x256:
0041143e 5b              pop     ebx
kd> t
osloader!MempCopyGdt+0x257:
0041143f 5f              pop     edi
kd> t
osloader!MempCopyGdt+0x258:
00411440 5e              pop     esi
kd> 
osloader!MempCopyGdt+0x259:
00411441 59              pop     ecx
kd> 
osloader!MempCopyGdt+0x25a:
00411442 59              pop     ecx
kd> 
osloader!MempCopyGdt+0x25b:
00411443 c3              ret
kd> 
osloader!InitializeMemorySubsystem+0x236:
0041167a 5f              pop     edi
kd> 
osloader!InitializeMemorySubsystem+0x237:
0041167b 5e              pop     esi
kd> 
osloader!InitializeMemorySubsystem+0x238:
0041167c 5b              pop     ebx
kd> 
osloader!InitializeMemorySubsystem+0x239:
0041167d c9              leave
kd> 
osloader!InitializeMemorySubsystem+0x23a:
0041167e c20400          ret     4
kd> 
osloader!DoGlobalInitialization+0x62:
0040e2fd 85c0            test    eax,eax
kd> 
osloader!DoGlobalInitialization+0x64:
0040e2ff 740f            je      osloader!DoGlobalInitialization+0x75 (0040e310)
kd> 
osloader!DoGlobalInitialization+0x75:
0040e310 e86c330000      call    osloader!InitializeMemoryDescriptors (00411681)
kd> 
osloader!InitializeMemoryDescriptors:
00411681 55              push    ebp
kd> 
osloader!InitializeMemoryDescriptors+0x1:
00411682 8bec            mov     ebp,esp
kd> 
osloader!InitializeMemoryDescriptors+0x3:
00411684 83ec20          sub     esp,20h
kd> 
osloader!InitializeMemoryDescriptors+0x6:
00411687 8365e400        and     dword ptr [ebp-1Ch],0
kd> 
osloader!InitializeMemoryDescriptors+0xa:
0041168b 53              push    ebx
kd> 
osloader!InitializeMemoryDescriptors+0xb:
0041168c 56              push    esi
kd> 
osloader!InitializeMemoryDescriptors+0xc:
0041168d 57              push    edi
kd> 
osloader!InitializeMemoryDescriptors+0xd:
0041168e bfff0f0000      mov     edi,0FFFh
kd> 
osloader!InitializeMemoryDescriptors+0x12:
00411693 6a14            push    14h
kd> 
osloader!InitializeMemoryDescriptors+0x14:
00411695 5e              pop     esi
kd> 
osloader!InitializeMemoryDescriptors+0x15:
00411696 8d45e0          lea     eax,[ebp-20h]
kd> 
osloader!InitializeMemoryDescriptors+0x18:
00411699 50              push    eax
kd> 
osloader!InitializeMemoryDescriptors+0x19:
0041169a a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
osloader!InitializeMemoryDescriptors+0x1e:
0041169f 8975e8          mov     dword ptr [ebp-18h],esi
kd> 
osloader!InitializeMemoryDescriptors+0x21:
004116a2 ff502c          call    dword ptr [eax+2Ch]
kd> 
000212eb 6858000000      push    58h
kd> 
000212f0 68f6120000      push    12F6h
kd> 
000212f5 cb              retf
kd> 
0058:12f6 6655            push    ebp
16.kd> 
0058:12f8 6653            push    ebx
16.kd> 
0058:12fa 6656            push    esi
16.kd> 
0058:12fc 6657            push    edi
16.kd> 
0058:12fe 6689e3          mov     ebx,esp
16.kd> 
0058:1301 b86000          mov     ax,60h
16.kd> 
0058:1304 8ed8            mov     ds,ax
16.kd>

   

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Sun Oct 17 11:27:16.250 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for osloader.exe - 
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Sun Oct 17 11:27:17.796 2021 (UTC + 2:00): Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> p
osloader!DbgBreakPoint+0x1:
0040b0c7 c3              ret
kd> p
osloader!BdInitDebugger+0x3c0:
0040bb78 eb05            jmp     osloader!BdInitDebugger+0x3c7 (0040bb7f)
kd> p
osloader!BdInitDebugger+0x3c7:
0040bb7f c9              leave
kd> p
osloader!BdInitDebugger+0x3c8:
0040bb80 c20c00          ret     0Ch
kd> p
osloader!MempCopyGdt+0x254:
0041143c 33c0            xor     eax,eax
kd> p
osloader!MempCopyGdt+0x256:
0041143e 5b              pop     ebx
kd> p
osloader!MempCopyGdt+0x257:
0041143f 5f              pop     edi
kd> p
osloader!MempCopyGdt+0x258:
00411440 5e              pop     esi
kd> p
osloader!MempCopyGdt+0x259:
00411441 59              pop     ecx
kd> p
osloader!MempCopyGdt+0x25a:
00411442 59              pop     ecx
kd> p
osloader!MempCopyGdt+0x25b:
00411443 c3              ret
kd> p
osloader!InitializeMemorySubsystem+0x236:
0041167a 5f              pop     edi
kd> p
osloader!InitializeMemorySubsystem+0x237:
0041167b 5e              pop     esi
kd> p
osloader!InitializeMemorySubsystem+0x238:
0041167c 5b              pop     ebx
kd> p
osloader!InitializeMemorySubsystem+0x239:
0041167d c9              leave
kd> p
osloader!InitializeMemorySubsystem+0x23a:
0041167e c20400          ret     4
kd> p
osloader!DoGlobalInitialization+0x62:
0040e2fd 85c0            test    eax,eax
kd> p
osloader!DoGlobalInitialization+0x64:
0040e2ff 740f            je      osloader!DoGlobalInitialization+0x75 (0040e310)
kd> p
osloader!DoGlobalInitialization+0x75:
0040e310 e86c330000      call    osloader!InitializeMemoryDescriptors (00411681)
kd> p
osloader!DoGlobalInitialization+0x7a:
0040e315 c20400          ret     4
kd> p
osloader!NtProcessStartup+0x15:
0040e4ce 56              push    esi
kd> p
osloader!NtProcessStartup+0x16:
0040e4cf 68b8254200      push    offset osloader!BlSuCmdLine (004225b8)
kd> p
osloader!NtProcessStartup+0x1b:
0040e4d4 e83ffeffff      call    osloader!ParseCommandLine (0040e318)
kd> p
osloader!NtProcessStartup+0x20:
0040e4d9 56              push    esi
kd> p
osloader!NtProcessStartup+0x21:
0040e4da e86c4affff      call    osloader!BlFillInSystemParameters (00402f4b)
kd> p
osloader!NtProcessStartup+0x26:
0040e4df 8b4628          mov     eax,dword ptr [esi+28h]
kd> p
osloader!NtProcessStartup+0x29:
0040e4e2 a32cfc4200      mov     dword ptr [osloader!BootFlags (0042fc2c)],eax
kd> p
osloader!NtProcessStartup+0x2e:
0040e4e7 8b06            mov     eax,dword ptr [esi]
kd> p
osloader!NtProcessStartup+0x30:
0040e4e9 8b00            mov     eax,dword ptr [eax]
kd> p
osloader!NtProcessStartup+0x32:
0040e4eb 25ff000000      and     eax,0FFh
kd> p
osloader!NtProcessStartup+0x37:
0040e4f0 bb48f34200      mov     ebx,offset osloader!BootPartitionName (0042f348)
kd> p
osloader!NtProcessStartup+0x3c:
0040e4f5 0f848c010000    je      osloader!NtProcessStartup+0x1ce (0040e687)
kd> p
osloader!NtProcessStartup+0x42:
0040e4fb 83f801          cmp     eax,1
kd> p
osloader!NtProcessStartup+0x45:
0040e4fe 0f8483010000    je      osloader!NtProcessStartup+0x1ce (0040e687)
kd> p
osloader!NtProcessStartup+0x4b:
0040e504 83f840          cmp     eax,40h
kd> p
osloader!NtProcessStartup+0x4e:
0040e507 751a            jne     osloader!NtProcessStartup+0x6a (0040e523)
kd> p
osloader!NtProcessStartup+0x6a:
0040e523 83f841          cmp     eax,41h
kd> p
osloader!NtProcessStartup+0x6d:
0040e526 7514            jne     osloader!NtProcessStartup+0x83 (0040e53c)
kd> p
osloader!NtProcessStartup+0x83:
0040e53c 50              push    eax
kd> p
osloader!NtProcessStartup+0x84:
0040e53d e82efdffff      call    osloader!BlIsElToritoCDBoot (0040e270)
kd> p
osloader!NtProcessStartup+0x89:
0040e542 84c0            test    al,al
kd> p
osloader!NtProcessStartup+0x8b:
0040e544 8b06            mov     eax,dword ptr [esi]
kd> p
osloader!NtProcessStartup+0x8d:
0040e546 741e            je      osloader!NtProcessStartup+0xad (0040e566)
kd> p
osloader!NtProcessStartup+0xad:
0040e566 0fb64801        movzx   ecx,byte ptr [eax+1]
kd> p
osloader!NtProcessStartup+0xb1:
0040e56a 0fb600          movzx   eax,byte ptr [eax]
kd> p
osloader!NtProcessStartup+0xb4:
0040e56d 51              push    ecx
kd> p
osloader!NtProcessStartup+0xb5:
0040e56e 50              push    eax
kd> p
osloader!NtProcessStartup+0xb6:
0040e56f 53              push    ebx
kd> p
osloader!NtProcessStartup+0xb7:
0040e570 e842fcffff      call    osloader!BlGetActivePartition (0040e1b7)
kd> p
osloader!NtProcessStartup+0xbc:
0040e575 6a4f            push    4Fh
kd> p
osloader!NtProcessStartup+0xbe:
0040e577 33ff            xor     edi,edi
kd> p
osloader!NtProcessStartup+0xc0:
0040e579 8d45a5          lea     eax,[ebp-5Bh]
kd> p
osloader!NtProcessStartup+0xc3:
0040e57c 57              push    edi
kd> p
osloader!NtProcessStartup+0xc4:
0040e57d 50              push    eax
kd> p
osloader!NtProcessStartup+0xc5:
0040e57e c645a400        mov     byte ptr [ebp-5Ch],0
kd> p
osloader!NtProcessStartup+0xc9:
0040e582 e825dd0000      call    osloader!memset (0041c2ac)
kd> p
osloader!NtProcessStartup+0xce:
0040e587 8b06            mov     eax,dword ptr [esi]
kd> p
osloader!NtProcessStartup+0xd0:
0040e589 897d08          mov     dword ptr [ebp+8],edi
kd> p
osloader!NtProcessStartup+0xd3:
0040e58c 8b00            mov     eax,dword ptr [eax]
kd> p
osloader!NtProcessStartup+0xd5:
0040e58e 83e07f          and     eax,7Fh
kd> p
osloader!NtProcessStartup+0xd8:
0040e591 50              push    eax
kd> p
osloader!NtProcessStartup+0xd9:
0040e592 8d45a4          lea     eax,[ebp-5Ch]
kd> p
osloader!NtProcessStartup+0xdc:
0040e595 6834054200      push    offset osloader!`string' (00420534)
kd> p
osloader!NtProcessStartup+0xe1:
0040e59a 50              push    eax
kd> p
osloader!NtProcessStartup+0xe2:
0040e59b e8b0db0000      call    osloader!sprintf (0041c150)
kd> p
osloader!NtProcessStartup+0xe7:
0040e5a0 83c418          add     esp,18h
kd> p
osloader!NtProcessStartup+0xea:
0040e5a3 8d4508          lea     eax,[ebp+8]
kd> p
osloader!NtProcessStartup+0xed:
0040e5a6 50              push    eax
kd> p
osloader!NtProcessStartup+0xee:
0040e5a7 6a02            push    2
kd> p
osloader!NtProcessStartup+0xf0:
0040e5a9 8d45a4          lea     eax,[ebp-5Ch]
kd> p
osloader!NtProcessStartup+0xf3:
0040e5ac 50              push    eax
kd> p
osloader!NtProcessStartup+0xf4:
0040e5ad a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!NtProcessStartup+0xf9:
0040e5b2 ff505c          call    dword ptr [eax+5Ch]
kd> p
osloader!NtProcessStartup+0xfc:
0040e5b5 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0xfe:
0040e5b7 0f85bd000000    jne     osloader!NtProcessStartup+0x1c1 (0040e67a)
kd> p
osloader!NtProcessStartup+0x104:
0040e5bd 57              push    edi
kd> p
osloader!NtProcessStartup+0x105:
0040e5be 8d45f8          lea     eax,[ebp-8]
kd> p
osloader!NtProcessStartup+0x108:
0040e5c1 50              push    eax
kd> p
osloader!NtProcessStartup+0x109:
0040e5c2 ff7508          push    dword ptr [ebp+8]
kd> p
osloader!NtProcessStartup+0x10c:
0040e5c5 a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!NtProcessStartup+0x111:
0040e5ca 897df8          mov     dword ptr [ebp-8],edi
kd> p
osloader!NtProcessStartup+0x114:
0040e5cd 897dfc          mov     dword ptr [ebp-4],edi
kd> p
osloader!NtProcessStartup+0x117:
0040e5d0 ff5070          call    dword ptr [eax+70h]
kd> p
osloader!NtProcessStartup+0x11a:
0040e5d3 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x11c:
0040e5d5 0f858a000000    jne     osloader!NtProcessStartup+0x1ac (0040e665)
kd> p
osloader!NtProcessStartup+0x122:
0040e5db 8d45f4          lea     eax,[ebp-0Ch]
kd> p
osloader!NtProcessStartup+0x125:
0040e5de 50              push    eax
kd> p
osloader!NtProcessStartup+0x126:
0040e5df bf00020000      mov     edi,200h
kd> p
osloader!NtProcessStartup+0x12b:
0040e5e4 57              push    edi
kd> p
osloader!NtProcessStartup+0x12c:
0040e5e5 8d85a4fdffff    lea     eax,[ebp-25Ch]
kd> p
osloader!NtProcessStartup+0x132:
0040e5eb 50              push    eax
kd> p
osloader!NtProcessStartup+0x133:
0040e5ec ff7508          push    dword ptr [ebp+8]
kd> p
osloader!NtProcessStartup+0x136:
0040e5ef a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!NtProcessStartup+0x13b:
0040e5f4 ff5064          call    dword ptr [eax+64h]
kd> p
osloader!NtProcessStartup+0x13e:
0040e5f7 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x140:
0040e5f9 7563            jne     osloader!NtProcessStartup+0x1a5 (0040e65e)
kd> p
osloader!NtProcessStartup+0x142:
0040e5fb 39855cffffff    cmp     dword ptr [ebp-0A4h],eax
kd> p
osloader!NtProcessStartup+0x148:
0040e601 756d            jne     osloader!NtProcessStartup+0x1b7 (0040e670)
kd> p
osloader!NtProcessStartup+0x1b7:
0040e670 ff7508          push    dword ptr [ebp+8]
kd> p
osloader!NtProcessStartup+0x1ba:
0040e673 e89b69ffff      call    osloader!ArcCacheClose (00405013)
kd> p
osloader!NtProcessStartup+0x1bf:
0040e678 eb2d            jmp     osloader!NtProcessStartup+0x1ee (0040e6a7)
kd> p
osloader!NtProcessStartup+0x1ee:
0040e6a7 6a02            push    2
kd> p
osloader!NtProcessStartup+0x1f0:
0040e6a9 e848260000      call    osloader!FwAllocateHeapPermanent (00410cf6)
kd> p
osloader!NtProcessStartup+0x1f5:
0040e6ae a38c304300      mov     dword ptr [osloader!PcrBasePage (0043308c)],eax
kd> p
osloader!NtProcessStartup+0x1fa:
0040e6b3 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x1fc:
0040e6b5 7408            je      osloader!NtProcessStartup+0x206 (0040e6bf)
kd> p
osloader!NtProcessStartup+0x1fe:
0040e6b7 c1e80c          shr     eax,0Ch
kd> p
osloader!NtProcessStartup+0x201:
0040e6ba a38c304300      mov     dword ptr [osloader!PcrBasePage (0043308c)],eax
kd> p
osloader!NtProcessStartup+0x206:
0040e6bf 6a03            push    3
kd> p
osloader!NtProcessStartup+0x208:
0040e6c1 e830260000      call    osloader!FwAllocateHeapPermanent (00410cf6)
kd> p
osloader!NtProcessStartup+0x20d:
0040e6c6 a390304300      mov     dword ptr [osloader!TssBasePage (00433090)],eax
kd> p
osloader!NtProcessStartup+0x212:
0040e6cb 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x214:
0040e6cd 7408            je      osloader!NtProcessStartup+0x21e (0040e6d7)
kd> p
osloader!NtProcessStartup+0x216:
0040e6cf c1e80c          shr     eax,0Ch
kd> p
osloader!NtProcessStartup+0x219:
0040e6d2 a390304300      mov     dword ptr [osloader!TssBasePage (00433090)],eax
kd> p
osloader!NtProcessStartup+0x21e:
0040e6d7 e843360000      call    osloader!BlMemoryInitialize (00411d1f)
kd> p
osloader!NtProcessStartup+0x223:
0040e6dc e84744ffff      call    osloader!AEInitializeStall (00402b28)
kd> p
osloader!NtProcessStartup+0x228:
0040e6e1 e800d50000      call    osloader!BlInitializeHeadlessPort (0041bbe6)
kd> p
osloader!NtProcessStartup+0x22d:
0040e6e6 e8e568ffff      call    osloader!BlIoInitialize (00404fd0)
kd> p
osloader!NtProcessStartup+0x232:
0040e6eb 53              push    ebx
kd> p
osloader!NtProcessStartup+0x233:
0040e6ec e8a9f4ffff      call    osloader!BlStartup (0040db9a)
kd> p
osloader!NtProcessStartup+0x238:
0040e6f1 f6052cfc420001  test    byte ptr [osloader!BootFlags (0042fc2c)],1
kd> p
osloader!NtProcessStartup+0x23f:
0040e6f8 742c            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> p
osloader!NtProcessStartup+0x26d:
0040e726 e896d70000      call    osloader!BlTerminalHandleLoaderFailure (0041bec1)
kd> p
osloader!NtProcessStartup+0x272:
0040e72b 84c0            test    al,al
kd> p
osloader!NtProcessStartup+0x274:
0040e72d 74f7            je      osloader!NtProcessStartup+0x26d (0040e726)
kd> p
osloader!NtProcessStartup+0x276:
0040e72f ebed            jmp     osloader!NtProcessStartup+0x265 (0040e71e)
kd> p
osloader!NtProcessStartup+0x265:
0040e71e a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!NtProcessStartup+0x26a:
0040e723 ff5014          call    dword ptr [eax+14h]
kd> p
Shutdown occurred at (Sun Oct 17 11:29:23.734 2021 (UTC + 2:00))...unloading all symbol tables.
Waiting to reconnect...
#7915infuscomus⇗ @diderius6

having access to proper symbols would probably help with this, I'm assuming NTLDR symbols are still on microsofts symbol server?

Alternatively, build your own NTLDR from source code and use its private symbols might give more info about the problem?
#7916diderius6And here comes a working bootprocess with the same master debug ntldr and the same nvme and the same XP
on another compi

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Sun Oct 17 12:09:47.984 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for osloader.exe - 
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Sun Oct 17 12:09:49.562 2021 (UTC + 2:00): Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> p
osloader!DbgBreakPoint+0x1:
0040b0c7 c3              ret
kd> p
osloader!BdInitDebugger+0x3c0:
0040bb78 eb05            jmp     osloader!BdInitDebugger+0x3c7 (0040bb7f)
kd> p
osloader!BdInitDebugger+0x3c7:
0040bb7f c9              leave
kd> p
osloader!BdInitDebugger+0x3c8:
0040bb80 c20c00          ret     0Ch
kd> p
osloader!MempCopyGdt+0x254:
0041143c 33c0            xor     eax,eax
kd> p
osloader!MempCopyGdt+0x256:
0041143e 5b              pop     ebx
kd> p
osloader!MempCopyGdt+0x257:
0041143f 5f              pop     edi
kd> p
osloader!MempCopyGdt+0x258:
00411440 5e              pop     esi
kd> p
osloader!MempCopyGdt+0x259:
00411441 59              pop     ecx
kd> p
osloader!MempCopyGdt+0x25a:
00411442 59              pop     ecx
kd> p
osloader!MempCopyGdt+0x25b:
00411443 c3              ret
kd> p
osloader!InitializeMemorySubsystem+0x236:
0041167a 5f              pop     edi
kd> p
osloader!InitializeMemorySubsystem+0x237:
0041167b 5e              pop     esi
kd> p
osloader!InitializeMemorySubsystem+0x238:
0041167c 5b              pop     ebx
kd> p
osloader!InitializeMemorySubsystem+0x239:
0041167d c9              leave
kd> p
osloader!InitializeMemorySubsystem+0x23a:
0041167e c20400          ret     4
kd> p
osloader!DoGlobalInitialization+0x62:
0040e2fd 85c0            test    eax,eax
kd> p
osloader!DoGlobalInitialization+0x64:
0040e2ff 740f            je      osloader!DoGlobalInitialization+0x75 (0040e310)
kd> p
osloader!DoGlobalInitialization+0x75:
0040e310 e86c330000      call    osloader!InitializeMemoryDescriptors (00411681)
kd> p
osloader!DoGlobalInitialization+0x7a:
0040e315 c20400          ret     4
kd> p
osloader!NtProcessStartup+0x15:
0040e4ce 56              push    esi
kd> p
osloader!NtProcessStartup+0x16:
0040e4cf 68b8254200      push    offset osloader!BlSuCmdLine (004225b8)
kd> p
osloader!NtProcessStartup+0x1b:
0040e4d4 e83ffeffff      call    osloader!ParseCommandLine (0040e318)
kd> p
osloader!NtProcessStartup+0x20:
0040e4d9 56              push    esi
kd> p
osloader!NtProcessStartup+0x21:
0040e4da e86c4affff      call    osloader!BlFillInSystemParameters (00402f4b)
kd> p
osloader!NtProcessStartup+0x26:
0040e4df 8b4628          mov     eax,dword ptr [esi+28h]
kd> p
osloader!NtProcessStartup+0x29:
0040e4e2 a32cfc4200      mov     dword ptr [osloader!BootFlags (0042fc2c)],eax
kd> p
osloader!NtProcessStartup+0x2e:
0040e4e7 8b06            mov     eax,dword ptr [esi]
kd> p
osloader!NtProcessStartup+0x30:
0040e4e9 8b00            mov     eax,dword ptr [eax]
kd> p
osloader!NtProcessStartup+0x32:
0040e4eb 25ff000000      and     eax,0FFh
kd> p
osloader!NtProcessStartup+0x37:
0040e4f0 bb48f34200      mov     ebx,offset osloader!BootPartitionName (0042f348)
kd> p
osloader!NtProcessStartup+0x3c:
0040e4f5 0f848c010000    je      osloader!NtProcessStartup+0x1ce (0040e687)
kd> p
osloader!NtProcessStartup+0x42:
0040e4fb 83f801          cmp     eax,1
kd> p
osloader!NtProcessStartup+0x45:
0040e4fe 0f8483010000    je      osloader!NtProcessStartup+0x1ce (0040e687)
kd> p
osloader!NtProcessStartup+0x4b:
0040e504 83f840          cmp     eax,40h
kd> p
osloader!NtProcessStartup+0x4e:
0040e507 751a            jne     osloader!NtProcessStartup+0x6a (0040e523)
kd> p
osloader!NtProcessStartup+0x6a:
0040e523 83f841          cmp     eax,41h
kd> p
osloader!NtProcessStartup+0x6d:
0040e526 7514            jne     osloader!NtProcessStartup+0x83 (0040e53c)
kd> p
osloader!NtProcessStartup+0x83:
0040e53c 50              push    eax
kd> p
osloader!NtProcessStartup+0x84:
0040e53d e82efdffff      call    osloader!BlIsElToritoCDBoot (0040e270)
kd> p
osloader!NtProcessStartup+0x89:
0040e542 84c0            test    al,al
kd> p
osloader!NtProcessStartup+0x8b:
0040e544 8b06            mov     eax,dword ptr [esi]
kd> p
osloader!NtProcessStartup+0x8d:
0040e546 741e            je      osloader!NtProcessStartup+0xad (0040e566)
kd> p
osloader!NtProcessStartup+0xad:
0040e566 0fb64801        movzx   ecx,byte ptr [eax+1]
kd> p
osloader!NtProcessStartup+0xb1:
0040e56a 0fb600          movzx   eax,byte ptr [eax]
kd> p
osloader!NtProcessStartup+0xb4:
0040e56d 51              push    ecx
kd> p
osloader!NtProcessStartup+0xb5:
0040e56e 50              push    eax
kd> p
osloader!NtProcessStartup+0xb6:
0040e56f 53              push    ebx
kd> p
osloader!NtProcessStartup+0xb7:
0040e570 e842fcffff      call    osloader!BlGetActivePartition (0040e1b7)
kd> p
osloader!NtProcessStartup+0xbc:
0040e575 6a4f            push    4Fh
kd> p
osloader!NtProcessStartup+0xbe:
0040e577 33ff            xor     edi,edi
kd> p
osloader!NtProcessStartup+0xc0:
0040e579 8d45a5          lea     eax,[ebp-5Bh]
kd> p
osloader!NtProcessStartup+0xc3:
0040e57c 57              push    edi
kd> p
osloader!NtProcessStartup+0xc4:
0040e57d 50              push    eax
kd> p
osloader!NtProcessStartup+0xc5:
0040e57e c645a400        mov     byte ptr [ebp-5Ch],0
kd> p
osloader!NtProcessStartup+0xc9:
0040e582 e825dd0000      call    osloader!memset (0041c2ac)
kd> p
osloader!NtProcessStartup+0xce:
0040e587 8b06            mov     eax,dword ptr [esi]
kd> p
osloader!NtProcessStartup+0xd0:
0040e589 897d08          mov     dword ptr [ebp+8],edi
kd> p
osloader!NtProcessStartup+0xd3:
0040e58c 8b00            mov     eax,dword ptr [eax]
kd> p
osloader!NtProcessStartup+0xd5:
0040e58e 83e07f          and     eax,7Fh
kd> p
osloader!NtProcessStartup+0xd8:
0040e591 50              push    eax
kd> p
osloader!NtProcessStartup+0xd9:
0040e592 8d45a4          lea     eax,[ebp-5Ch]
kd> p
osloader!NtProcessStartup+0xdc:
0040e595 6834054200      push    offset osloader!`string' (00420534)
kd> p
osloader!NtProcessStartup+0xe1:
0040e59a 50              push    eax
kd> p
osloader!NtProcessStartup+0xe2:
0040e59b e8b0db0000      call    osloader!sprintf (0041c150)
kd> p
osloader!NtProcessStartup+0xe7:
0040e5a0 83c418          add     esp,18h
kd> p
osloader!NtProcessStartup+0xea:
0040e5a3 8d4508          lea     eax,[ebp+8]
kd> p
osloader!NtProcessStartup+0xed:
0040e5a6 50              push    eax
kd> p
osloader!NtProcessStartup+0xee:
0040e5a7 6a02            push    2
kd> p
osloader!NtProcessStartup+0xf0:
0040e5a9 8d45a4          lea     eax,[ebp-5Ch]
kd> p
osloader!NtProcessStartup+0xf3:
0040e5ac 50              push    eax
kd> p
osloader!NtProcessStartup+0xf4:
0040e5ad a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!NtProcessStartup+0xf9:
0040e5b2 ff505c          call    dword ptr [eax+5Ch]
kd> p
osloader!NtProcessStartup+0xfc:
0040e5b5 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0xfe:
0040e5b7 0f85bd000000    jne     osloader!NtProcessStartup+0x1c1 (0040e67a)
kd> p
osloader!NtProcessStartup+0x104:
0040e5bd 57              push    edi
kd> p
osloader!NtProcessStartup+0x105:
0040e5be 8d45f8          lea     eax,[ebp-8]
kd> p
osloader!NtProcessStartup+0x108:
0040e5c1 50              push    eax
kd> p
osloader!NtProcessStartup+0x109:
0040e5c2 ff7508          push    dword ptr [ebp+8]
kd> p
osloader!NtProcessStartup+0x10c:
0040e5c5 a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!NtProcessStartup+0x111:
0040e5ca 897df8          mov     dword ptr [ebp-8],edi
kd> p
osloader!NtProcessStartup+0x114:
0040e5cd 897dfc          mov     dword ptr [ebp-4],edi
kd> p
osloader!NtProcessStartup+0x117:
0040e5d0 ff5070          call    dword ptr [eax+70h]
kd> p
osloader!NtProcessStartup+0x11a:
0040e5d3 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x11c:
0040e5d5 0f858a000000    jne     osloader!NtProcessStartup+0x1ac (0040e665)
kd> p
osloader!NtProcessStartup+0x122:
0040e5db 8d45f4          lea     eax,[ebp-0Ch]
kd> p
osloader!NtProcessStartup+0x125:
0040e5de 50              push    eax
kd> p
osloader!NtProcessStartup+0x126:
0040e5df bf00020000      mov     edi,200h
kd> p
osloader!NtProcessStartup+0x12b:
0040e5e4 57              push    edi
kd> p
osloader!NtProcessStartup+0x12c:
0040e5e5 8d85a4fdffff    lea     eax,[ebp-25Ch]
kd> p
osloader!NtProcessStartup+0x132:
0040e5eb 50              push    eax
kd> p
osloader!NtProcessStartup+0x133:
0040e5ec ff7508          push    dword ptr [ebp+8]
kd> p
osloader!NtProcessStartup+0x136:
0040e5ef a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!NtProcessStartup+0x13b:
0040e5f4 ff5064          call    dword ptr [eax+64h]
kd> p
osloader!NtProcessStartup+0x13e:
0040e5f7 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x140:
0040e5f9 7563            jne     osloader!NtProcessStartup+0x1a5 (0040e65e)
kd> p
osloader!NtProcessStartup+0x142:
0040e5fb 39855cffffff    cmp     dword ptr [ebp-0A4h],eax
kd> p
osloader!NtProcessStartup+0x148:
0040e601 756d            jne     osloader!NtProcessStartup+0x1b7 (0040e670)
kd> p
osloader!NtProcessStartup+0x1b7:
0040e670 ff7508          push    dword ptr [ebp+8]
kd> p
osloader!NtProcessStartup+0x1ba:
0040e673 e89b69ffff      call    osloader!ArcCacheClose (00405013)
kd> p
osloader!NtProcessStartup+0x1bf:
0040e678 eb2d            jmp     osloader!NtProcessStartup+0x1ee (0040e6a7)
kd> p
osloader!NtProcessStartup+0x1ee:
0040e6a7 6a02            push    2
kd> p
osloader!NtProcessStartup+0x1f0:
0040e6a9 e848260000      call    osloader!FwAllocateHeapPermanent (00410cf6)
kd> p
osloader!NtProcessStartup+0x1f5:
0040e6ae a38c304300      mov     dword ptr [osloader!PcrBasePage (0043308c)],eax
kd> p
osloader!NtProcessStartup+0x1fa:
0040e6b3 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x1fc:
0040e6b5 7408            je      osloader!NtProcessStartup+0x206 (0040e6bf)
kd> p
osloader!NtProcessStartup+0x1fe:
0040e6b7 c1e80c          shr     eax,0Ch
kd> p
osloader!NtProcessStartup+0x201:
0040e6ba a38c304300      mov     dword ptr [osloader!PcrBasePage (0043308c)],eax
kd> p
osloader!NtProcessStartup+0x206:
0040e6bf 6a03            push    3
kd> p
osloader!NtProcessStartup+0x208:
0040e6c1 e830260000      call    osloader!FwAllocateHeapPermanent (00410cf6)
kd> p
osloader!NtProcessStartup+0x20d:
0040e6c6 a390304300      mov     dword ptr [osloader!TssBasePage (00433090)],eax
kd> p
osloader!NtProcessStartup+0x212:
0040e6cb 85c0            test    eax,eax
kd> p
osloader!NtProcessStartup+0x214:
0040e6cd 7408            je      osloader!NtProcessStartup+0x21e (0040e6d7)
kd> p
osloader!NtProcessStartup+0x216:
0040e6cf c1e80c          shr     eax,0Ch
kd> p
osloader!NtProcessStartup+0x219:
0040e6d2 a390304300      mov     dword ptr [osloader!TssBasePage (00433090)],eax
kd> p
osloader!NtProcessStartup+0x21e:
0040e6d7 e843360000      call    osloader!BlMemoryInitialize (00411d1f)
kd> p
osloader!NtProcessStartup+0x223:
0040e6dc e84744ffff      call    osloader!AEInitializeStall (00402b28)
kd> p
osloader!NtProcessStartup+0x228:
0040e6e1 e800d50000      call    osloader!BlInitializeHeadlessPort (0041bbe6)
kd> p
osloader!NtProcessStartup+0x22d:
0040e6e6 e8e568ffff      call    osloader!BlIoInitialize (00404fd0)
kd> p
osloader!NtProcessStartup+0x232:
0040e6eb 53              push    ebx
kd> p
osloader!NtProcessStartup+0x233:
0040e6ec e8a9f4ffff      call    osloader!BlStartup (0040db9a)
kd> p
Sun Oct 17 12:12:20.812 2021 (UTC + 2:00): BD: 804BA000 \WINDOWS\system32\ntkrnlpa.exe
Sun Oct 17 12:12:21.937 2021 (UTC + 2:00): BD: 806C8000 \WINDOWS\system32\hal.dll
Sun Oct 17 12:12:23.046 2021 (UTC + 2:00): BD: 806E9000 \WINDOWS\system32\kdcom.dll
Sun Oct 17 12:12:24.062 2021 (UTC + 2:00): BD: 80010000 \WINDOWS\system32\BOOTVID.dll
Sun Oct 17 12:12:25.312 2021 (UTC + 2:00): BD: 80124000 \WINDOWS\system32\DRIVERS\ACPI.sys
Sun Oct 17 12:12:26.234 2021 (UTC + 2:00): BD: 80004000 \WINDOWS\system32\DRIVERS\WMILIB.SYS
Sun Oct 17 12:12:27.156 2021 (UTC + 2:00): BD: 80062000 \WINDOWS\system32\DRIVERS\pci.sys
Sun Oct 17 12:12:28.078 2021 (UTC + 2:00): BD: 80006000 \WINDOWS\system32\DRIVERS\isapnp.sys
Sun Oct 17 12:12:29.000 2021 (UTC + 2:00): BD: 80013000 \WINDOWS\system32\drivers\firadisk.sys
Sun Oct 17 12:12:29.921 2021 (UTC + 2:00): BD: 8001A000 \WINDOWS\system32\DRIVERS\pciide.sys
Sun Oct 17 12:12:30.843 2021 (UTC + 2:00): BD: 80154000 \WINDOWS\system32\DRIVERS\PCIIDEX.SYS
Sun Oct 17 12:12:31.765 2021 (UTC + 2:00): BD: 8015B000 \WINDOWS\System32\Drivers\MountMgr.sys
Sun Oct 17 12:12:32.687 2021 (UTC + 2:00): BD: 80166000 \WINDOWS\system32\DRIVERS\ftdisk.sys
Sun Oct 17 12:12:33.609 2021 (UTC + 2:00): BD: 8001B000 \WINDOWS\System32\drivers\dmload.sys
Sun Oct 17 12:12:34.531 2021 (UTC + 2:00): BD: 80185000 \WINDOWS\System32\drivers\dmio.sys
Sun Oct 17 12:12:35.453 2021 (UTC + 2:00): BD: 801AB000 \WINDOWS\System32\Drivers\PartMgr.sys
Sun Oct 17 12:12:36.375 2021 (UTC + 2:00): BD: 8001D000 \WINDOWS\system32\DRIVERS\ACPIEC.sys
Sun Oct 17 12:12:37.296 2021 (UTC + 2:00): BD: 80073000 \WINDOWS\system32\DRIVERS\OPRGHDLR.SYS
Sun Oct 17 12:12:38.218 2021 (UTC + 2:00): BD: 801B6000 \WINDOWS\System32\Drivers\VolSnap.sys
Sun Oct 17 12:12:39.140 2021 (UTC + 2:00): BD: 801C3000 \WINDOWS\system32\DRIVERS\atapi.sys
Sun Oct 17 12:12:40.062 2021 (UTC + 2:00): BD: 80A02000 \WINDOWS\system32\DRIVERS\iaStor.sys
Sun Oct 17 12:12:41.000 2021 (UTC + 2:00): BD: 801DB000 \WINDOWS\system32\DRIVERS\stornvme.sys
Sun Oct 17 12:12:41.921 2021 (UTC + 2:00): BD: 801E9000 \WINDOWS\system32\DRIVERS\storport.sys
Sun Oct 17 12:12:42.843 2021 (UTC + 2:00): BD: 80232000 \WINDOWS\system32\DRIVERS\ntoskrn8.sys
Sun Oct 17 12:12:43.765 2021 (UTC + 2:00): BD: 80255000 \WINDOWS\system32\DRIVERS\disk.sys
Sun Oct 17 12:12:44.687 2021 (UTC + 2:00): BD: 80265000 \WINDOWS\system32\DRIVERS\CLASSPNP.SYS
Sun Oct 17 12:12:45.625 2021 (UTC + 2:00): BD: 80272000 \WINDOWS\system32\DRIVERS\fltMgr.sys
Sun Oct 17 12:12:46.546 2021 (UTC + 2:00): BD: 80292000 \WINDOWS\system32\DRIVERS\sr.sys
Sun Oct 17 12:12:47.468 2021 (UTC + 2:00): BD: 802A4000 \WINDOWS\System32\Drivers\KSecDD.sys
Sun Oct 17 12:12:48.390 2021 (UTC + 2:00): BD: 802BB000 \WINDOWS\System32\Drivers\Ntfs.sys
Sun Oct 17 12:12:49.328 2021 (UTC + 2:00): BD: 80348000 \WINDOWS\System32\Drivers\NDIS.sys
Sun Oct 17 12:12:50.250 2021 (UTC + 2:00): BD: 80375000 \WINDOWS\system32\DRIVERS\wdf01000.sys
Sun Oct 17 12:12:51.187 2021 (UTC + 2:00): BD: 806EB000 \WINDOWS\system32\DRIVERS\WDFLDR.SYS
Sun Oct 17 12:12:52.109 2021 (UTC + 2:00): BD: 806F9000 \WINDOWS\System32\Drivers\Mup.sys
Shutdown occurred at (Sun Oct 17 12:12:53.125 2021 (UTC + 2:00))...unloading all symbol tables.
Waiting to reconnect...

   

A compare with Beyondcompare2 shows,
that they are absolut identic,
only after this it stops

working
0040e6ec e8a9f4ffff      call    osloader!BlStartup (0040db9a)
kd> p
Sun Oct 17 12:12:20.812 2021 (UTC + 2:00): BD: 804BA000 \WINDOWS\system32\ntkrnlpa.exe

not working
0040e6ec e8a9f4ffff call osloader!BlStartup (0040db9a)
kd> p
osloader!NtProcessStartup+0x238:
0040e6f1 f6052cfc420001 test byte ptr [osloader!BootFlags (0042fc2c)],1
#7917diderius6Yessssaa ), I get XP SP3 to boot from an 960 Pro on normal ntldr on ASUS P8H77-M via Option Rom from Samsung 950 Pro.
Now, legacy nvme boot of XP is possible on any compi with a Pci-e connector and may be even install
Dietmar

PS: For this I set a breakpoint at

kd> bp 0040e6ec
kd> g
Sun Oct 17 12:30:39.515 2021 (UTC + 2:00): Breakpoint 0 hit
osloader!NtProcessStartup+0x233:
0040e6ec e8a9f4ffff      call    osloader!BlStartup (0040db9a)

and compare working boot of XP SP3 with not working boot.
#7918diderius6So the "not boot" behavior on older Bios of legacy XP on Option Rom from Samsung 950 Pro
seems to be a time problem. XP shuts off too quick.

Post is too big here for spoiler even I split in 2 parts

Dietmar

EDIT: Boot is unstable.

Very strange: Successfull boot and not successfull boot ends with exact the same output of Windbg

0041c77e 0fb7057c2f4200  movzx   eax,word ptr [osloader!__mb_cur_max (00422f7c)]
kd> t
osloader!atol+0x95:
0041c785 83f801          cmp     eax,1
kd> t
osloader!atol+0x98:
0041c788 7e13            jle     osloader!atol+0xad (0041c79d)
kd> t
osloader!atol+0xad:
0041c79d 8b55f4          mov     edx,dword ptr [ebp-0Ch]
kd> t
osloader!atol+0xb0:
0041c7a0 a1742f4200      mov     eax,dword ptr [osloader!_pctype (00422f74)]
kd> t
osloader!atol+0xb5:
0041c7a5 0fb70c50        movzx   ecx,word ptr [eax+edx*2]
kd> t
osloader!atol+0xb9:
0041c7a9 83e104          and     ecx,4
kd> t
osloader!atol+0xbc:
0041c7ac 894dec          mov     dword ptr [ebp-14h],ecx
kd> t
osloader!atol+0xbf:
0041c7af 837dec00        cmp     dword ptr [ebp-14h],0
kd> t
osloader!atol+0xc3:
0041c7b3 7424            je      osloader!atol+0xe9 (0041c7d9)
kd> t
osloader!atol+0xe9:
0041c7d9 837dfc2d        cmp     dword ptr [ebp-4],2Dh
kd> t
osloader!atol+0xed:
0041c7dd 7509            jne     osloader!atol+0xf8 (0041c7e8)
kd> t
osloader!atol+0xf8:
0041c7e8 8b45f8          mov     eax,dword ptr [ebp-8]
kd> t
osloader!atol+0xfb:
0041c7eb 8be5            mov     esp,ebp
kd> t
osloader!atol+0xfd:
0041c7ed 5d              pop     ebp
kd> t
osloader!atol+0xfe:
0041c7ee c3              ret
kd> t
osloader!BlGetPathMnemonicKey+0x84:
00404fc3 59              pop     ecx
kd> t
osloader!BlGetPathMnemonicKey+0x85:
00404fc4 8b4d10          mov     ecx,dword ptr [ebp+10h]
kd> t
osloader!BlGetPathMnemonicKey+0x88:
00404fc7 8901            mov     dword ptr [ecx],eax
kd> t
osloader!BlGetPathMnemonicKey+0x8a:
00404fc9 32c0            xor     al,al
kd> t
osloader!BlGetPathMnemonicKey+0x8c:
00404fcb 5e              pop     esi
kd> t
osloader!BlGetPathMnemonicKey+0x8d:
00404fcc c9              leave
kd> t
osloader!BlGetPathMnemonicKey+0x8e:
00404fcd c20c00          ret     0Ch
kd> t
osloader!BiosPartitionOpen+0x152:
004045eb 84c0            test    al,al
kd> t
osloader!BiosPartitionOpen+0x154:
004045ed 0f85dffeffff    jne     osloader!BiosPartitionOpen+0x39 (004044d2)
kd> t
osloader!BiosPartitionOpen+0x15a:
004045f3 8d4508          lea     eax,[ebp+8]
kd> t
osloader!BiosPartitionOpen+0x15d:
004045f6 50              push    eax
kd> t
osloader!BiosPartitionOpen+0x15e:
004045f7 8b45f8          mov     eax,dword ptr [ebp-8]
kd> t
osloader!BiosPartitionOpen+0x161:
004045fa 53              push    ebx
kd> t
osloader!BiosPartitionOpen+0x162:
004045fb 83e880          sub     eax,0FFFFFF80h
kd> t
osloader!BiosPartitionOpen+0x165:
004045fe 50              push    eax
kd> t
osloader!BiosPartitionOpen+0x166:
004045ff 895d08          mov     dword ptr [ebp+8],ebx
kd> t
osloader!BiosPartitionOpen+0x169:
00404602 e853f4ffff      call    osloader!BiosDiskOpen (00403a5a)
kd> t
osloader!BiosDiskOpen:
00403a5a 55              push    ebp
kd> t
osloader!BiosDiskOpen+0x1:
00403a5b 8bec            mov     ebp,esp
kd> t
osloader!BiosDiskOpen+0x3:
00403a5d 83ec0c          sub     esp,0Ch
kd> t
osloader!BiosDiskOpen+0x6:
00403a60 817d0881000080  cmp     dword ptr [ebp+8],80000081h
kd> t
osloader!BiosDiskOpen+0xd:
00403a67 53              push    ebx
kd> t
osloader!BiosDiskOpen+0xe:
00403a68 0f9745fe        seta    byte ptr [ebp-2]
kd> t
osloader!BiosDiskOpen+0x12:
00403a6c 816508ffffff7f  and     dword ptr [ebp+8],7FFFFFFFh
kd> t
osloader!BiosDiskOpen+0x19:
00403a73 817d0880000000  cmp     dword ptr [ebp+8],80h
kd> t
osloader!BiosDiskOpen+0x20:
00403a7a 56              push    esi
kd> t
osloader!BiosDiskOpen+0x21:
00403a7b 8b3528274200    mov     esi,dword ptr [osloader!FwDiskCache (00422728)]
kd> t
osloader!BiosDiskOpen+0x27:
00403a81 57              push    edi
kd> t
osloader!BiosDiskOpen+0x28:
00403a82 c645ff00        mov     byte ptr [ebp-1],0
kd> t
osloader!BiosDiskOpen+0x2c:
00403a86 7341            jae     osloader!BiosDiskOpen+0x6f (00403ac9)
kd> t
osloader!BiosDiskOpen+0x6f:
00403ac9 33ff            xor     edi,edi
kd> t
osloader!BiosDiskOpen+0x71:
00403acb 807dfe00        cmp     byte ptr [ebp-2],0
kd> t
osloader!BiosDiskOpen+0x75:
00403acf 740b            je      osloader!BiosDiskOpen+0x82 (00403adc)
kd> t
osloader!BiosDiskOpen+0x82:
00403adc 897df8          mov     dword ptr [ebp-8],edi
kd> t
osloader!BiosDiskOpen+0x85:
00403adf a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> t
osloader!BiosDiskOpen+0x8a:
00403ae4 57              push    edi
kd> t
osloader!BiosDiskOpen+0x8b:
00403ae5 57              push    edi
kd> t
osloader!BiosDiskOpen+0x8c:
00403ae6 57              push    edi
kd> t
osloader!BiosDiskOpen+0x8d:
00403ae7 57              push    edi
kd> t
osloader!BiosDiskOpen+0x8e:
00403ae8 57              push    edi
kd> t
osloader!BiosDiskOpen+0x8f:
00403ae9 ff7508          push    dword ptr [ebp+8]
kd> t
osloader!BiosDiskOpen+0x92:
00403aec 897df4          mov     dword ptr [ebp-0Ch],edi
kd> t
osloader!BiosDiskOpen+0x95:
00403aef 6a08            push    8
kd> t
osloader!BiosDiskOpen+0x97:
00403af1 ff5004          call    dword ptr [eax+4]
kd> t
00020b4d 6858000000      push    58h
kd> t
00020b52 68580b0000      push    0B58h
kd> t
00020b57 cb              retf
kd> t
0058:0b58 6655            push    ebp
16.kd> t
0058:0b5a 6653            push    ebx
16.kd> t
0058:0b5c 6656            push    esi
16.kd> t
0058:0b5e 6657            push    edi
16.kd> t
0058:0b60 6689e3          mov     ebx,esp
16.kd> t
0058:0b63 b86000          mov     ax,60h
16.kd> t
0058:0b66 8ed8            mov     ds,ax
16.kd> t
#7919diderius6I found the place, from where nvme XP crashes, see

⇗ https://blog.titanwolf.in/a?ID=00200-bb5...c7-79b0a47d49ce

osloader!BlStartup+0x27d:
0040de17 e864d50000      call    osloader!BlSelectKernel (0041b380)

So it looks, as if XP cant find the correct Arcpath for the nvme disk.

Direct after this appears message on screen:
Invalid BOOT.INI file
Booting from c:\windows\

and then in Windbg
osloader!BlStartup+0x29b:
0040de35 e82ffbffff      call    osloader!BlDetectHardware (0040d969)

and after this on screen
Error opening NTDETECT.COM, status = 0002

Dietmar

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Sun Oct 17 15:11:02.406 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for osloader.exe - 
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> bp 0040e6ec
kd> g
Breakpoint 0 hit
osloader!NtProcessStartup+0x233:
0040e6ec e8a9f4ffff      call    osloader!BlStartup (0040db9a)
kd> t
osloader!BlStartup:
0040db9a 6a68            push    68h
kd> p
osloader!BlStartup+0x2:
0040db9c 68c0134200      push    offset osloader!__lookuptable+0x100 (004213c0)
kd> p
osloader!BlStartup+0x7:
0040dba1 e8f7bfffff      call    osloader!_SEH_prolog (00409b9d)
kd> p
osloader!BlStartup+0xc:
0040dba6 33f6            xor     esi,esi
kd> p
osloader!BlStartup+0xe:
0040dba8 8975fc          mov     dword ptr [ebp-4],esi
kd> p
osloader!BlStartup+0x11:
0040dbab 8975d8          mov     dword ptr [ebp-28h],esi
kd> p
osloader!BlStartup+0x14:
0040dbae 8d45d8          lea     eax,[ebp-28h]
kd> p
osloader!BlStartup+0x17:
0040dbb1 50              push    eax
kd> p
osloader!BlStartup+0x18:
0040dbb2 56              push    esi
kd> p
osloader!BlStartup+0x19:
0040dbb3 ff7508          push    dword ptr [ebp+8]
kd> p
osloader!BlStartup+0x1c:
0040dbb6 a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!BlStartup+0x21:
0040dbbb ff505c          call    dword ptr [eax+5Ch]
kd> p
osloader!BlStartup+0x24:
0040dbbe 3bc6            cmp     eax,esi
kd> p
osloader!BlStartup+0x26:
0040dbc0 7417            je      osloader!BlStartup+0x3f (0040dbd9)
kd> p
osloader!BlStartup+0x3f:
0040dbd9 6a00            push    0
kd> p
osloader!BlStartup+0x41:
0040dbdb ff75d8          push    dword ptr [ebp-28h]
kd> p
osloader!BlStartup+0x44:
0040dbde e8e8e2ffff      call    osloader!TextGrInitialize (0040becb)
kd> p
osloader!BlStartup+0x49:
0040dbe3 6a09            push    9
kd> p
osloader!BlStartup+0x4b:
0040dbe5 59              pop     ecx
kd> p
osloader!BlStartup+0x4c:
0040dbe6 bec0024200      mov     esi,offset osloader!`string' (004202c0)
kd> p
osloader!BlStartup+0x51:
0040dbeb bf20ef4200      mov     edi,offset osloader!ConsoleInputName (0042ef20)
kd> p
osloader!BlStartup+0x56:
0040dbf0 f3a5            rep movs dword ptr es:[edi],dword ptr [esi]
kd> p
osloader!BlStartup+0x58:
0040dbf2 6a09            push    9
kd> p
osloader!BlStartup+0x5a:
0040dbf4 59              pop     ecx
kd> p
osloader!BlStartup+0x5b:
0040dbf5 be98024200      mov     esi,offset osloader!`string' (00420298)
kd> p
osloader!BlStartup+0x60:
0040dbfa bfe0ee4200      mov     edi,offset osloader!ConsoleOutputName (0042eee0)
kd> p
osloader!BlStartup+0x65:
0040dbff f3a5            rep movs dword ptr es:[edi],dword ptr [esi]
kd> p
osloader!BlStartup+0x67:
0040dc01 66a5            movs    word ptr es:[edi],word ptr [esi]
kd> p
osloader!BlStartup+0x69:
0040dc03 c7458820ef4200  mov     dword ptr [ebp-78h],offset osloader!ConsoleInputName (0042ef20)
kd> p
osloader!BlStartup+0x70:
0040dc0a c7458ce0ee4200  mov     dword ptr [ebp-74h],offset osloader!ConsoleOutputName (0042eee0)
kd> p
osloader!BlStartup+0x77:
0040dc11 8d4588          lea     eax,[ebp-78h]
kd> p
osloader!BlStartup+0x7a:
0040dc14 50              push    eax
kd> p
osloader!BlStartup+0x7b:
0040dc15 6a02            push    2
kd> p
osloader!BlStartup+0x7d:
0040dc17 e8eee00000      call    osloader!BlInitStdio (0041bd0a)
kd> p
osloader!BlStartup+0x82:
0040dc1c ff75d8          push    dword ptr [ebp-28h]
kd> p
osloader!BlStartup+0x85:
0040dc1f e8ef73ffff      call    osloader!ArcCacheClose (00405013)
kd> p
osloader!BlStartup+0x8a:
0040dc24 8d45d8          lea     eax,[ebp-28h]
kd> p
osloader!BlStartup+0x8d:
0040dc27 50              push    eax
kd> p
osloader!BlStartup+0x8e:
0040dc28 6a02            push    2
kd> p
osloader!BlStartup+0x90:
0040dc2a ff7508          push    dword ptr [ebp+8]
kd> p
osloader!BlStartup+0x93:
0040dc2d a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!BlStartup+0x98:
0040dc32 ff505c          call    dword ptr [eax+5Ch]
kd> p
osloader!BlStartup+0x9b:
0040dc35 8bd8            mov     ebx,eax
kd> p
osloader!BlStartup+0x9d:
0040dc37 85db            test    ebx,ebx
kd> p
osloader!BlStartup+0x9f:
0040dc39 7587            jne     osloader!BlStartup+0x28 (0040dbc2)
kd> p
osloader!BlStartup+0xa1:
0040dc3b c645b801        mov     byte ptr [ebp-48h],1
kd> p
osloader!BlStartup+0xa5:
0040dc3f 8845e6          mov     byte ptr [ebp-1Ah],al
kd> p
osloader!BlStartup+0xa8:
0040dc42 b88c024200      mov     eax,offset osloader!`string' (0042028c)
kd> p
osloader!BlStartup+0xad:
0040dc47 33ff            xor     edi,edi
kd> p
osloader!BlStartup+0xaf:
0040dc49 897dd0          mov     dword ptr [ebp-30h],edi
kd> p
osloader!BlStartup+0xb2:
0040dc4c 803dfef8420000  cmp     byte ptr [osloader!BlBootingFromNet (0042f8fe)],0
kd> p
osloader!BlStartup+0xb9:
0040dc53 744e            je      osloader!BlStartup+0x109 (0040dca3)
kd> p
osloader!BlStartup+0x109:
0040dca3 897de0          mov     dword ptr [ebp-20h],edi
kd> p
osloader!BlStartup+0x10c:
0040dca6 897ddc          mov     dword ptr [ebp-24h],edi
kd> p
osloader!BlStartup+0x10f:
0040dca9 397dd0          cmp     dword ptr [ebp-30h],edi
kd> p
osloader!BlStartup+0x112:
0040dcac 0f8529010000    jne     osloader!BlStartup+0x241 (0040dddb)
kd> p
osloader!BlStartup+0x118:
0040dcb2 8d4de0          lea     ecx,[ebp-20h]
kd> p
osloader!BlStartup+0x11b:
0040dcb5 51              push    ecx
kd> p
osloader!BlStartup+0x11c:
0040dcb6 57              push    edi
kd> p
osloader!BlStartup+0x11d:
0040dcb7 50              push    eax
kd> p
osloader!BlStartup+0x11e:
0040dcb8 ff75d8          push    dword ptr [ebp-28h]
kd> p
osloader!BlStartup+0x121:
0040dcbb e89b75ffff      call    osloader!BlOpen (0040525b)
kd> p
osloader!BlStartup+0x126:
0040dcc0 8bd8            mov     ebx,eax
kd> p
osloader!BlStartup+0x128:
0040dcc2 6820020000      push    220h
kd> p
osloader!BlStartup+0x12d:
0040dcc7 57              push    edi
kd> p
osloader!BlStartup+0x12e:
0040dcc8 6800f94200      push    offset osloader!MyBuffer (0042f900)
kd> p
osloader!BlStartup+0x133:
0040dccd e8dae50000      call    osloader!memset (0041c2ac)
kd> p
osloader!BlStartup+0x138:
0040dcd2 83c40c          add     esp,0Ch
kd> p
osloader!BlStartup+0x13b:
0040dcd5 3bdf            cmp     ebx,edi
kd> p
osloader!BlStartup+0x13d:
0040dcd7 0f85fe000000    jne     osloader!BlStartup+0x241 (0040dddb)
kd> p
osloader!BlStartup+0x241:
0040dddb e8be9b0000      call    osloader!MdShutoffFloppy (0041799e)
kd> p
osloader!BlStartup+0x246:
0040dde0 8d45dc          lea     eax,[ebp-24h]
kd> p
osloader!BlStartup+0x249:
0040dde3 50              push    eax
kd> p
osloader!BlStartup+0x24a:
0040dde4 6a04            push    4
kd> p
osloader!BlStartup+0x24c:
0040dde6 6860f34100      push    offset osloader!`string' (0041f360)
kd> p
osloader!BlStartup+0x251:
0040ddeb ff35a8244200    push    dword ptr [osloader!BlConsoleOutDeviceId (004224a8)]
kd> p
osloader!BlStartup+0x257:
0040ddf1 a1ec224200      mov     eax,dword ptr [osloader!GlobalSystemBlock+0x20 (004222ec)]
kd> p
osloader!BlStartup+0x25c:
0040ddf6 ff506c          call    dword ptr [eax+6Ch]
kd> p
osloader!BlStartup+0x25f:
0040ddf9 803dfef8420000  cmp     byte ptr [osloader!BlBootingFromNet (0042f8fe)],0
kd> p
osloader!BlStartup+0x266:
0040de00 7405            je      osloader!BlStartup+0x26d (0040de07)
kd> p
osloader!BlStartup+0x26d:
0040de07 897dc8          mov     dword ptr [ebp-38h],edi
kd> p
osloader!BlStartup+0x270:
0040de0a ff75b8          push    dword ptr [ebp-48h]
kd> p
osloader!BlStartup+0x273:
0040de0d 8d45c8          lea     eax,[ebp-38h]
kd> p
osloader!BlStartup+0x276:
0040de10 50              push    eax
kd> p
osloader!BlStartup+0x277:
0040de11 ff75d0          push    dword ptr [ebp-30h]
kd> p
osloader!BlStartup+0x27a:
0040de14 ff75d8          push    dword ptr [ebp-28h]
kd> p
osloader!BlStartup+0x27d:
0040de17 e864d50000      call    osloader!BlSelectKernel (0041b380)
kd> p
osloader!BlStartup+0x282:
0040de1c 8bf0            mov     esi,eax
kd> p
osloader!BlStartup+0x284:
0040de1e 8975bc          mov     dword ptr [ebp-44h],esi
kd> p
osloader!BlStartup+0x287:
0040de21 3bf7            cmp     esi,edi
kd> p
osloader!BlStartup+0x289:
0040de23 0f8423030000    je      osloader!BlStartup+0x5b2 (0040e14c)
kd> p
osloader!BlStartup+0x28f:
0040de29 807de600        cmp     byte ptr [ebp-1Ah],0
kd> p
osloader!BlStartup+0x293:
0040de2d 7556            jne     osloader!BlStartup+0x2eb (0040de85)
kd> p
osloader!BlStartup+0x295:
0040de2f ff75c8          push    dword ptr [ebp-38h]
kd> p
osloader!BlStartup+0x298:
0040de32 ff75d8          push    dword ptr [ebp-28h]
kd> p
osloader!BlStartup+0x29b:
0040de35 e82ffbffff      call    osloader!BlDetectHardware (0040d969)
kd> p
osloader!BlStartup+0x2a0:
0040de3a 84c0            test    al,al
#7920infuscomus⇗ @diderius6

I'm happy to hear you've made progress!

 

Page 529

#7921diderius6The crash seems to happen at XferPhysicalDiskSectors .
This would mean, that the Bios does not recognice correct the physical data of the nvme disk
Dietmar

kd> bp 00403997
kd> g
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> t
osloader!XferPhysicalDiskSectors+0x6e:
0040399c ff5004          call    dword ptr [eax+4]
kd> t
00020b4d 6858000000      push    58h
kd> t
00020b52 68580b0000      push    0B58h
kd> t
00020b57 cb              retf
kd> t
0058:0b58 6655            push    ebp
16.kd> t
0058:0b5a 6653            push    ebx
16.kd> t
0058:0b5c 6656            push    esi
16.kd> t
0058:0b5e 6657            push    edi
16.kd> t
0058:0b60 6689e3          mov     ebx,esp
16.kd> t
0058:0b63 b86000          mov     ax,60h
16.kd> t
0058:0b66 8ed8            mov     ds,ax
16.kd>
#7922diderius6This is in machine.c
⇗ http://218.94.103.156:8090/download/deve.../i386/machine.c
Dietmar
ARC_STATUS
XferPhysicalDiskSectors(
    IN  UCHAR     Int13UnitNumber,
    IN  ULONGLONG StartSector,
    IN  UCHAR     SectorCount,
    IN  PUCHAR    Buffer,
    IN  UCHAR     SectorsPerTrack,
    IN  USHORT    Heads,
    IN  USHORT    Cylinders,
    IN  BOOLEAN   AllowExtendedInt13,
    IN  BOOLEAN   Write
       )

/*++

Routine Description:

    Read or write disk sectors.

    Xfers sectors via int13. If the request starts on a cylinder
    larger than the number of cylinders reported by conventional int13, then
    extended int13 will be used if the drive supports it.

    It is assumed that the caller has ensured that the transfer buffer is
    under the 1MB line, that the sector run does not cross a 64K boundary,
    and that the sector run does not cross a track boundary. (The latter
    might not be strictly necessary, but the i/o will fail if the sector run
    starts inside the magic CHS boundary and ends past it since we won't
    switch to xint13 unless the start sector indicates that it is necessary.)

Arguments:

    Int13UnitNumber - supplies the int13 drive number for the drive
        to be read from/written to.

    StartSector - supplies the absolute physical sector number. This is 0-based
        relative to all sectors on the drive.

    SectorCount - supplies the number of sectors to read/write.

    Buffer - receives data read from the disk or supplies data to be written.

    SectorsPerTrack - supplies sectors per track (1-63) from int13 function 8
        for the drive.

    Heads - supplies number of heads (1-255) from int13 function 8 for the drive.

    Cylinders - supplies number of cylinders (1-1023) from int13 function 8
        for the drive.

    AllowExtendedInt13 - if TRUE and the start cylinder for the i/o is
        greater than the cylinder count reported by conventional int13 for
        the drive, then extended int13 will be used to do the i/o operation.

    Write - supplies a flag indicating whether this is a write operation.
        If FALSE, then it's a read. Otherwise it's a write.

Return Value:

    ARC status code indicating outcome.

--*/
#7923diderius6This is a working XP boot from legacy nvme

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Sun Oct 17 17:04:25.859 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for osloader.exe - 
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> bp 00403997
kd> g
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd>

#7924diderius6And the same as unsuccessfull boot of XP via legacy nvme
Dietmar

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
BD: Debugging NTLDR --By: diyhack
BD: Boot Debugger Initialized
Connected to Windows Boot Debugger 3790 x86 compatible target at (Sun Oct 17 17:24:13.296 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for osloader.exe - 
Windows Boot Debugger Kernel Version 3790 UP Checked x86 compatible
Machine Name:
Primary image base = 0x00400000 Loaded module list = 0x0042fc9c
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
osloader!DbgBreakPoint:
0040b0c6 cc              int     3
kd> bp 00403997
kd> g
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Breakpoint 0 hit
osloader!XferPhysicalDiskSectors+0x69:
00403997 a14cfc4200      mov     eax,dword ptr [osloader!ExternalServicesTable (0042fc4c)]
kd> 
Shutdown occurred at (Sun Oct 17 17:25:11.062 2021 (UTC + 2:00))...unloading all symbol tables.
Waiting to reconnect...

#7925diderius6Is it possible to boot XP SP3 with the Reactos freeldr.sys (it is "ntldr" from Reactos)
Dietmar
#7926diderius6I see on youtube

⇗ https://www.youtube.com/watch?v=0dWbTIchr5Y

and even booting win2003 from ext2 partition

⇗ https://www.youtube.com/watch?v=tovBUJ7cQUE&t=27s

Win2003 booting with freeldr.sys from 30 January 2008,
I think it is freeldr.sys from Reactos 0.3.4 .
And the possibility of freeldr.sys to boot win2000 and XP is kept.

Comment of Aleksey Bragin (from reactos people)

"My biggest achievement in the bootloading land: Winldr (this is how I called the windows loading part of the FreeLdr) from ReactOS natively boots Windows 2003."
"Allocate memory for groups list dynamically, and make it enough (4096 bytes) for a really long list of groups. This makes Windows 2003 booting up to explorer without crashing.(Aleksey Bragin)"

"WINLDR: Load drivers database (AppPatch/drvmain.sdb), so Windows could use it if needed.(Aleksey Bragin)
WINLDR: Don't store memory allocation descriptors inside the bootloader, since this memory is unmapped in kernelmode. Fixe s a pagefault after switching to paged mode. Store the configuration data in the LPB.(Aleksey Bragin)
WINLDR: Different behavior for NT4 or NT5+ boot: NT4 requires text mode to be set up, and further version of Windows OS require a different preparation.(Aleksey Bragin)
WINLDR: Properly fill ACPI BIOS configuration entry (a couple of ACPI specification structures were added). This makes Windows 2003 initialize HAL (ACPI version) properly and be able to connect to the debugger.(Aleksey Bragin)
WINLDR: Fix an incorrect type of memory behind PDE, HAL mapping and kernel segment pagetables. They should be MemoryData (and change allocation algorithm slightly). With this change Windows 2003 boots up to the BSOD showing ACPI_BIOS_ERROR.(Aleksey Bragin)
WINLDR: Fix a typo in the if branch, which resulted in marking almost all memory above the bootloader as "FirmwareTemporary", even reserved ACPI pages. This should fix the ACPI BSOD Windows 2003 and XP show up. If a memory is marked as "free", leave it so, without transferring to FirmwareTemporary.(Aleksey Bragin)"

EDIT: Problem in this is, that I even cant install Reactos 0.3.5 in IDE mode on the Asus H77 board.
Life CD of 0.35 also not works, brrr..
Just renaming freeldr.sys => ntldr on an XP installation does not work.
#7927diderius6I succeed to install Reactos 0.4.1.3 on the Asus P8H77-M  Fat32 and IDE mode.
For this I need about 10 restarts, because always the Setup stops for unknown reason.
USB2 works, USB mouse works, PS/2 keyboard works.
No sound, no network.
Moorhuhn works, without sound. Device manager shows Acpi Uniprocessor.
It is less stable than win95 ).

Now I try to boot XP via freeldr.sys and freeldr.ini, just replacing all the files from XP SP3 there
Dietmar
#7928diderius6Waaaoh,
for a second I can see the XP SP3 start screen, only with freeldr.sys and modded freeldr.ini
but then crashes
Dietmar

#7929diderius6Waaaoh:))))))))!!!!!!

I succeed to start XP SP3 to full desktop ONLY with freeldr.sys and freeldr.ini from Reactos 0.4.1.3
on Asus P8H77-M board and all other files from XP SP3. No ntldr, no ntdetect.com, no boot.ini .

All works.

Moorhuhn with sound now,
Acpi Multiprocessor, Sata, USB2,3, sound, network, USB mouse, PS/2, Graphik3D, COM1 port etc.
Standby works.

and it is stable
Dietmar

#7930lsmlcxbeautiful
how to used them?
#7931diderius6⇗ @lsmlcx

Until now it works on Fat32.
I dont know anything about the MBR and the Bootsector from Reactos. Because of this, first I install Reactos 0.4.13 on an IDE harddisk. Now, after changing the Reactos files all against them from XP, only freeldr.sys and freeldr.ini stay. Ntldr, ntdetect.com and boot.ini I dont copy from XP files. Now XP SP3 boots from Sata and now it is stable. I change with editor all word reactos against Windows in freeldr.ini, works ).
My try was, to make any compi bootable from legacy nvme and XP, but I am not sure if the reactos freeldr.sys can do this.
A lot of test are necessary. But until now I do not see any XP in world, that boots direct from this nice freeldr.sys.

Thanks a lot to Aleksey Bragin из Москвы, Россия.


Dietmar

PS: MBR and Bootsector from Reactos

⇗ https://ufile.io/iylfkpg2
#7932diderius6The Reactos Freeldr.sys boots also XP on the ASRock Fatal1ty Z370 Gaming K6 with 8700k cpu.
There it boots also from legacy nvme.
But on the Asus P8H77-M via legacy nvme boot XP shows the same red an violett points as with ntldr, ntdetect.com and boot.ini.
So it looks a little bit like miracle, that via winload.exe it boots via BCD legacy nvme XP on the Asus P8H77-M
Dietmar
#7933diderius6Has somebody a bootsector for NTFS for Reactos, which asks for freeldr.sys?
There has been an ntfs.asm for Reactos but I do not find it
Dietmar
#7934infuscomus⇗ @canonkong

besides disabling PBO and FMax do you have any other ideas to try for the misbehaving AMD 149C USB 3.0 controller?
#7935infuscomus⇗ @diderius6

Do any of the motherboards in your collection have this specific USB controller?

PCI\VEN_1022&DEV_149C

 

Page 530

#7936diderius6⇗ @infuscomus

Yes see the post down here, and it shows exact the same behavior as for you
Dietmar

¶ XP/W2k3 x86 on Modern Hardware (513)
#7937diderius6Yesssa ),
I succeed to boot XP SP3 via legacy nvme on the Asus P8H77-M board with the freeldr.sys from Reactos 0.4.13,
using the Plextor m8pe nvme M2 disk. No Bios mod(!). This is an absolut generic XP, just put in PCI-e slot and boot compi.
This is the very first time for me, that the freeldr has an advantage against the ntldr, ntdetect.com. StandBy works.
And in some sense the Plextor M8Pe is better than the Samsung 950 Pro for XP boot.
But even with cooling you can fry eggs on the Plextor M8Pe
Dietmar



And here is the same XP SP3 installation, booting the Asrock Fatal1ty Z370 Gaming K6 board
from freeldr via legacy nvme, niccccccce ) everything works absolut stable and fast

#7938infuscomus⇗ @diderius6

I have not experienced any crashing or freezing when I use the 149C controller, it simply does not function.
Maybe I did not test correctly, how did you cause it to crash?
#7939diderius6⇗ @infuscomus

Sometimes no crash at all during boot of XP and sometimes crash, compi hangs during boot, no BSOD.
For me it was a big problem to identify the USB3 controller with DEV_149C as the cause of this problem.
Later I disabled it in Device Manager and from this moment no crash at all.
When XP booted to desktop, I can enable again the DEV_149C without any crash during this session and it works normal,
strange
Dietmar
#7940infuscomus⇗ @diderius6

Very Strange,
No crashes for me, instead it simply doesn't work until I disable and re-enable the 149C controller.

I think the problem might be ACPI related? The 149C controller works fine in Windows 8.0 and we're using it's driver already so I'm thinking it's something to do with ACPI.
#7941diderius6⇗ @infuscomus

To test, if this behavior of USB3 controller with DEV_149C is acpi related, install an "Standard PC" XP SP3 without any acpi
and look
Dietmar

EDIT: You dont need to install XP new. XP can work with "Acpi Multiprocessor" and "Standard PC" at the same time,
see
⇗ https://www.scm-pc-card.de/file/manual/F..._xp_english.pdf
#7942infuscomus⇗ @diderius6

Oh OK, thanks for the tip, I'll try that.
#7943canonkong⇗ @infuscomus
Only ASUS mainboards will have this problem because of the bios, try to update the latest bios, ASUS x570 already solved this problem with its latest bios.
#7944infuscomus⇗ @diderius6

So I tried Standard PC without any ACPI.
my system froze.
no BSOD, just nothing.

textmode setup had same result.

damn!

⇗ @canonkong

I have a Gigabyte board, but I updated to the latest F4 BIOS anyway, no change in behavior.
#7945diderius6⇗ @infuscomus

This means, that the crazy behavior of the USB3 DEV_149C is not acpi related.
Have you tried F8 "Last good configuration"?
May be before Setup you can disable this USB3 DEV_149C in Bios?
If this also not helps, you need to do your Setup without any USB.
This was the only way for me
Dietmar
#7946diderius6Is it possible to integrate into UEFI Bios a legacy Option Rom with the UEFITool?
Dietmar
#7947infuscomus⇗ @diderius6

I've worked around it thus far with a separate PCI-E USB 3.0 card that works, but still it would be preferable to actually resolve the problem instead of going around it.

Zitat von ⇗ diderius6 im Beitrag ¶ #7946
Is it possible to integrate into UEFI Bios a legacy Option Rom with the UEFITool?


I'd imagine it would be possible, but then again maybe the BIOS developers have some other tool that they use.
#7948diderius6I try to integrate the extracted Option Rom from life Plextor M8Pe via Linux from post
¶ XP/W2k3 x86 on Modern Hardware (527)

by hand into the Bios of the Asus P8H77-M board.
But I fail. Nothing from nvme of the 960 Pro is recogniced.
Also not with Dev&Ven from Toshiba RD400.
May be, that there are other parts in "Bios" from this nvme device M8Pe, that are needed.
The Option Rom from the Samsung 950 Pro works very similar. There I succeed.
Both show legacy nvme device as 4 Ide devices
Dietmar
#7949diderius6I make a new try with the Plop "Option Rom" insert into Bios.
For this I use the "Option Rom" file NvmeOpRom.bin from post
⇗ [Experimental] NVMe Option ROM
First I change my Ven_&DEV_ number in the NvmeOpRom.bin against the one from the Samsung 960 Pro nvme disk
Ven_144D&DEV_A804 . This is very bad documented on Elmars Tutorial.

and with commandline

plpbtrom -vendorid 0x10EC -deviceid 0x8168 NvmeOpRom.bin nvme.rom


This is Ven_10EC&Dev_8168 for my Realtek Lan card for PXE lan boot.

I make a new "Option Rom" nvme.rom from it, now nvme with bootmanager from Elmar.
With MMtool I change the Option Rom for the Realtek boot lan card against this nvme.rom "Option Rom"
in the Bios 1306 from the Asus P8H77-M.
Then I flash this new Bios.
When I enable boot from Lan in Bios, the line for the Plop Option Rom from Elmar appears for a second
and I can choose "Plop Boot Manager" as boot device. But then I get blinking cursor

Dietmar

This is new try with the modded Option Rom Via Plop for the Samsung 960 Pro
⇗ https://ufile.io/ggsywage


And this is the original Bios 1306 from Asus P8H77-M board, full 8MB readout with nice EEpromer Revelprog IS
⇗ https://ufile.io/5cgb1xtk

EDIT: The same blinking cursor with the Option Rom from the Samsung 950 Pro.
With the Option Rom of the Plextor M8Pe I get first message, that this Option Rom is too large.
So I use only the first driver from 2 in it.
Then, I also see the message of bootmanager, but then compi restarts.
So, my resume is just, that the Option Rom methode from Elmar does not work for nvme.

EDIT2: Maybe, that I missunderstand something: That you can only integrate in Bios the Option Rom plpbtrom.bin from Elmar and no other Option Rom from outerworld ).
#7950infuscomus⇗ @diderius6

If I send you the checked build of the windows 8.0 USB 3.0 driver would you be willing to trace through it to see why it fails when run on the 149C controller?

 

Page 531

#7951diderius6⇗ @infuscomus

Send it to me.
I try. I think only small chance to see something.
The crash via 149C controller (hanging of XP and even not always) happens very early
in boot process and Windbg is quite blind in this moment
Dietmar

PS: By the way I noticed, that ⇗ @daniel_k updated his USB3 driver few days ago at my digital life forum. Make try.
#7952infuscomus⇗ @diderius6

here is the checked build of the windows 8.0 USB 3.0 driver, both original and modded with PDB symbols. I hope I did the mod correctly for the ntoskrnl extender.

Thanks, I'll have to check out daniel_k's new driver.



infuscomus has attached files to this post
#7953infuscomus⇗ @diderius6

I forgot to change ksecdd -> ksecd8

use this new version.



infuscomus has attached files to this post
#7954diderius6Waaoooh:)))))) ,
I split the Option Rom in 2 parts:
First Option Rom is original plpbtrom.bin from Elmar (Plop).
I modd this for the Realtek Lan PXE boot on the Asus P8H77-M board via

plpbtrom -vendorid 0x10EC -deviceid 0x8168 plpbtrom.bin nvmeua.rom

and integrate nvmeua.rom into Bios with MMTool (Replace Methode "Option Rom", here for 10EC 8168).

The second Option Rom is from the Samsung 950 Pro.
This I modd for the Samsung 960 Pro  etc. and integrate it also in the same Bios
with MMTool (insert Option Rom with 144D A804).

And voila: I can now boot legacy NVME XP SP3
via ntldr(?), via freeldr.sys and via winload.exe on the Asus P8H77-M board from any nvme device.
This methode should work on all (needs to be tested) motherboards.

It is stable. All works. StandBy works.

When I have time I write Tutorial. Now I am going to look at USB3 from ⇗ @infuscomus
So the Plop plpbtrom-0.6 for to build Option Rom is a very nice, good tool.
New nocumentation should be done for this Plop plpbtrom-0.6 from Elmar
Dietmar

EDIT: Plop can load freeldr.sys(!) and ntldr. Plop cant load MBR for winload.exe.
So in my eyes is winload.exe not a good choice for to run XP.

PS: The Option Rom from the Plextor M8Pe does also not work via this way with Plop and also not alone.
So I think, the Option Rom Bios of the Plextor M8Pe speaks in other(?) way to its nvme disk.

The Option Rom from Vmware see post also does not work.
⇗ [Experimental] NVMe Option ROM
Not alone and also not with Plop.
Plop bootmanager starts but does not show harddisk and also nvme cant be booted via "Lan" switch in Plop.
The legacy nvme disk is recogniced but not correct.

This is full readout Bios 1306 8MB from Asus P8H77-M board. It contains the full Samsung 950 Pro Option Rom.
It boots XP SP3 from Samsung 950 Pro, Samsung 960 Pro, Samsung 970 Pro and Toshiba RD 400
and Plextor M8Pe.
It contains also the Option Rom from Elmar for the Realtek PXE Lan boot on the P8H77-M.
⇗ https://ufile.io/gfnu4jn2

#7955diderius6⇗ @infuscomus

First I make small joke, if the Asus ROG STRIX B450-F GAMING II with AMD 3700x cpu and Bios 4007 and 32 Gb Ram can boot
from ntldr, freeldr.sys and winload.exe. It can, nice board for XP!
It has also an COM1 port for debug. So, even debug before ntoskrln.exe is loaded is possible.

As far as I know, this is the only new board on the market, that supports XP Sp3 in all.

Now I set up on this board an Ramsey XP from 15 May 2021 on ntldr via
WinXP-IE Optional Patch Integrator v3.2.0.2b.cmd without any USB, only needed drivers (Customized Option; 4,E,I).
I use a 500 Gbyte harddisk for this. This harddisk I weep out with Winhex with 00 everywhere and then use RMPrebUSB
with nldr, ntfs and forced LBA.
After this I install your debug version of USB3 drivers from Win8, set up a Debug session and soon will report
Dietmar
#7956diderius6⇗ @infuscomus
The first strange thing that I notice is, that install of XP via Firadisk does not work from all USB ports.
Installation after this via Firadisk on working USB3 port goes on without problem,
even survives most critical 3. reboot from harddisk.
But then the OEM folder was not found, even it exists on USB.
So I copy the OEM folder by hand on the harddisk and repeat 3. reboot of install, from harddisk.
OEM folder now is found and installs
Dietmar

PS: Because no driver from XP is used for this install, there may be a real problem with an USB port, may be via Bios.

EDIT: Hard job to do install without any mouse. I look for my COM port mouse from 1997 ).
Yesssaa, Serial Mouse with Wheel works )..
Interesting, Mouse without LED light is much more comfortable.

#7957infuscomus⇗ @diderius6

I hope I didn't miss anything porting that checked USB driver.
#7958diderius6⇗ @infuscomus

First I copy to Windows\system32\drivers those Win8 Debug files

ksecd8.sys
ntoskrn8.sys
UCX01000.SYS
usbd8.sys
USBHUB3.SYS
USBXHCI.SYS
Wdf01000.sys
WdfLdr.sys
WppRecorder.sys

Then I start install for the uncritical USB3 device with DEV_43D5.
Install starts but then asks for WppRecor.sys .
To rename WppRecorder.sys =>WppRecor.sys
gives Bsod.
So, there happens a mix between those two files (8 characters convention)
Dietmar
#7959infuscomus⇗ @diderius6

copy all the files in the MOD folder to /drivers
use my .inf files
mine go to wpprecorder.sys
#7960diderius6⇗ @infuscomus

in the xhci.inf is a typo:
Down there is written wpprecor.sys.
This I change there to wpprecorder.sys. Now compi installs everything for xhci.
But in the end it gives Bsod
Dietmar
#7961infuscomus⇗ @diderius6

please screenshot BSOD?

maybe security_cookie needs to be changed? I thought with extender we don't need to do that but maybe we do?

edit:
did you download the updated version win8_USB3_checked_2.7z.zip?
#7962diderius6⇗ @infuscomus

BSOD is shown for a 1/100 sec, I make video and from this screenshot
Dietmar

#7963infuscomus⇗ @diderius6

If I recall correctly, a 7F BSOD is related to the security_cookie thing.
I'll try editing the cookie tomorrow.
or you can try it yourself if you feel you can do it.
#7964diderius6⇗ @infuscomus

I have no idea, how to do this^^
Dietmar
#7965infuscomus⇗ @diderius6

with PDB symbols and a disassembler I do a search for security_cookie in the file.

like in usbhub3.sys it's at 0x0029000 with a value of 0xBB40E64E

It should be 0xBB40E64E in every .sys file

in a hex editor

4E E6 40 BB B1 19 BF 44 0C 92 03 00 14 92 03 00

I'd change it to

DE AD BE EF B1 19 BF 44 0C 92 03 00 14 92 03 00

 

Page 532

#7966diderius6⇗ @infuscomus
I make a try with the updated USB3 driver from ⇗ @daniel_k .
The uncritical USB3 device with DEV_43D5 installs at once,
but the USB3 device with DEV_ 149C hangs as usual, here during the install of USBXHCI.sys
Dietmar
#7967George King⇗ @infuscomus From my tests, without changing security cookie you encounter BSOD after reboot or during INF install

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7968infuscomus⇗ @George King

I think you are correct.

⇗ @diderius6

new version with security_cookie changed.

please try it.



infuscomus has attached files to this post
#7969George King⇗ @diderius6 What do you mean with updated Daniel_k's driver? I see still same file on MDL USBXHCI_UASP_XP_x86.7z uploaded 2020-07-25 17:26:32.

And I posted my files in same topic too, you can try them too. But yes they are not from debug Win8 release

 
https://forums.mydigitallife.net/threads/drivers-and-tools-to-run-windows-xp-on-newer-hardware.81607/page-10#post-1693276
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#7970StraniI have a virtual machine on vmWare Workstation with Windows XP SP3 with all the latest updates. Applied the latest version WinXPPAE. Additionally replaced usbport.sys. After a reboot, the virtual machine is loaded if there is no more than three with small GB of memory. If I increase memory to 3.5 GB, there is a blue screen with an error of UNMOUNTABLE_BOOT_VOLUME (STOP 0x000000ED). If I increase memory to 6 GB, there is a blue screen with STOP 0x0000007B error. HAL - ACPI Uniprocessor HAL.
Links posted on My Digital Life forum under the theme "Drivers and tools to run Windows XP on newer hardware".
#7971diderius6⇗ @infuscomus

Now your driver works:)).
You just forget to change the typo in xhci.inf down for wpprecor.sys ;).

Here are first results: The uncritical USB3 with DEV_43D5 I can install at once
on the Asus ROG STRIX B450-F GAMING II board.
When I install the critical USB3 with DEV_ 149C it hangs at the end of xhci install, shown install of wpprecorder.sys.
I have to reboot compi. I try to install the critical USB3 (now yellow questionmark) again.
This time it works. At this moment ALL USB connectors on the Asus board works normal, I test them.
Ok, after next reboot compi hangs early in boot process.
By the way I notice, that the Serial Mouse does not work(!) in Safe Mode.
Even in Save Mode the critical USB3 does not work and I cant install this USB in Safe Mode(?!).
Then I disable all USB and restart.
In first reboot I can only install the uncritical USB.
And again after reboot I can install the critical USB3 and all USB works.
So, this behavior is reproducible, because on next reboot compi hangs early in boot process,
even in Safe Mode.

Now I set up a new Ramsey XP with same settings, now with Serial Mouse from beginning.
I do this, because only then I can keep all situations in registry what happens between the Install of the critical USB.
After this I set up a Windbg session (with Debug ntoskrnl and hal) and hope that compi hangs after ntoskrnl is loaded
Dietmar

PS: The USB slot, from where I cant install XP via Firadisk belongs to the critical USB device with DEV_ 149C.
So this problem may be Bios related.

EDIT: In Safe Mode the critical USB does not always hang, about 50/50. When it does not hang here,
all USB work.
In normal Mode, XP hangs always, very early in boot process with this "working" critical USB.
#7972infuscomus⇗ @diderius6

does it hang before debugging is possible?
#7973infuscomus⇗ @Strani

Very strange, never seen behavior like that before. maybe you corrupted your VM somehow?
#7974Strani
Zitat von ⇗ infuscomus im Beitrag ¶ #7973
@Strani

Very strange, never seen behavior like that before. maybe you corrupted your VM somehow?

No, it's ruled out. I use the snapshots so that at any moment it is possible to restore the earlier state of the system. Without the patch, the virtual machine even works with 8 GB (seeing only 3 GB of them).
#7975infuscomus⇗ @Strani

Strange.
I use VMWare Player 16 and I can use WinXPPAE in an XP VM without any problems.

So I'm not sure why it's not working for you.
#7976Strani
Zitat von ⇗ infuscomus im Beitrag ¶ #7975
@Strani

Strange.
I use VMWare Player 16 and I can use WinXPPAE in an XP VM without any problems.

I have a hard drive connected to the VMware PVSCSI Controller.
Do you have a hard drive connected to where?
#7977infuscomus⇗ @Strani

I use a virtual SATA vmdk with AHCI driver for srv2003
⇗ https://sourceforge.net/projects/storahci-for-windows-2003/
#7978Strani
Zitat von ⇗ infuscomus im Beitrag ¶ #7977
@Strani

I use a virtual SATA vmdk with AHCI driver for srv2003

I figured out what the problem was. After applying WinXPPAE and increasing memory to 3.5 GB or higher, the VMware PVSCSI Controller driver stops working correctly.
If I change to "VMware VMSCSI Controller" or "LSI Adapter, Ultra320 SCSI 2000 Series, w/1020/1030," the virtual machine will work normally.
#7979infuscomus⇗ @Strani

I'm happy to hear it's now working for you!
#7980diderius6⇗ @infuscomus

XP hangs after ntoskrnl is loaded.
This are good news.
Windbg is running in this moment.
The problem is to find the exact point, where the hang happens,
because no BSOD and so Windbg suddently stops working without any output (cant type anything at console, no break possible)
Dietmar

 

Page 533

#7981diderius6⇗ @infuscomus

Crazy, now XP boots to full desktop with Debugger connected
Dietmar

DevNode 0x8acac6f8 for PDO 0x8acace50
           InstancePath is "PCI\VEN_1022&DEV_149C&SUBSYS_87C01043&REV_00\4&f6230fb&0&0341"
           ServiceName is "USBXHCI"
           State = DeviceNodeStarted (0x308)
           Previous State = DeviceNodeEnumerateCompletion (0x30d)
           DevNode 0x8a9f7d40 for PDO 0x8aa8de00
             InstancePath is "USB\ROOT_HUB30\5&399a3586&1&0"
             ServiceName is "USBHUB3"
             State = DeviceNodeStarted (0x308)
             Previous State = DeviceNodeEnumerateCompletion (0x30d)

EDIT: Ok, now XP hangs again and Debugger does not react to anything:))..
And again XP starts normal, after I set a breakpoint very short before hanging happens, brrr;))..

Now XP hangs again.
This I caught milliseconds before hang happens:

DevNode 0x8ac3fed8 for PDO 0x8abff6a0
           InstancePath is "PCI\VEN_1022&DEV_149C&SUBSYS_87C01043&REV_00\4&f6230fb&0&0341"
           ServiceName is "USBXHCI"
           State = DeviceNodeDriversAdded (0x303)
           Previous State = DeviceNodeInitialized (0x302)

Dont know, if this means anything

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows XP 2600 x86 compatible target at (Fri Oct 22 17:09:13.828 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
Windows XP Kernel Version 2600 MP (1 procs) Checked x86 compatible
Built by: 2600.xpsp.080413-2133
Machine Name:
Kernel base = 0x80a02000 PsLoadedModuleList = 0x80b019e8
System Uptime: not available
MM: Loader/HAL memory block indicates large pages cannot be used for 80100000->8012777F
MM: Loader/HAL memory block indicates large pages cannot be used for 818A6000->82D8AFFF
MM: Disabling large pages for all ranges due to overlap
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
Break instruction exception - code 80000003 (first chance)
*******************************************************************************
*                                                                             *
*   You are seeing this message because you pressed either                    *
*       CTRL+C (if you run kd.exe) or,                                        *
*       CTRL+BREAK (if you run WinDBG),                                       *
*   on your debugger machine's keyboard.                                      *
*                                                                             *
*                   THIS IS NOT A BUG OR A SYSTEM CRASH                       *
*                                                                             *
* If you did not intend to break into the debugger, press the "g" key, then   *
* press the "Enter" key now.  This message might immediately reappear.  If it *
* does, press "g" and "Enter" again.                                          *
*                                                                             *
*******************************************************************************
nt!RtlpBreakWithStatusInstruction:
80ac37ec cc              int     3


*** Assertion failed: IoWorkItem->Size == sizeof( IO_WORKITEM )
***   Source File: d:\xpsp\base\ntos\io\iomgr\misc.c, line 965

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i

*** Assertion failed: IoWorkItem->Size == sizeof( IO_WORKITEM )
***   Source File: d:\xpsp\base\ntos\io\iomgr\misc.c, line 965
 		  	  


And this is msec later, but this leads to successful boot of XP:

DevNode 0x8abca8e0 for PDO 0x8abca038
            InstancePath is "PCI\VEN_1022&DEV_149C&SUBSYS_87C01043&REV_00\4&f6230fb&0&0341"
            ServiceName is "USBXHCI"
            State = DeviceNodeStarted (0x308)
            Previous State = DeviceNodeEnumerateCompletion (0x30d)
            DevNode 0x8ab4a9d0 for PDO 0x8aa7d540
              InstancePath is "USB\ROOT_HUB30\5&399a3586&1&0"
              ServiceName is "USBHUB3"
              State = DeviceNodeResourcesAssigned (0x304)
              Previous State = DeviceNodeDriversAdded (0x303)
#7982infuscomus⇗ @diderius6

maybe a trace through usbxhci.sys while it is being loaded will shed some light on why it hangs?
#7983diderius6⇗ @infuscomus
I dont know, if this is possible with Kernel Debug.

I think I find the place, at which the hang happens
Dietmar

80ae3e09 fb              sti
15: kd> p
nt!KiIdleLoop+0x3a:
80ae3e0a 90              nop
15: kd> p
nt!KiIdleLoop+0x3b:
80ae3e0b 90              nop
15: kd> g
Break instruction exception - code 80000003 (first chance)
nt!Kei386EoiHelper+0x45:
80adf811 5a              pop     edx
13: kd> g
Break instruction exception - code 80000003 (first chance)
nt!Kei386EoiHelper+0x45:
80adf811 5a              pop     edx
12: kd> g
Break instruction exception - code 80000003 (first chance)
processr!AcpiC1Idle+0x19:
ba209d45 59              pop     ecx
11: kd> g
Break instruction exception - code 80000003 (first chance)
nt!Kei386EoiHelper+0x45:
80adf811 5a              pop     edx
10: kd> g
Break instruction exception - code 80000003 (first chance)
nt!Kei386EoiHelper+0x45:
80adf811 5a              pop     edx

And soon Windbg crashs.
#7984infuscomus⇗ @diderius6

in processr.sys? odd
I would have thought either usbxhci.sys or usbhub3.sys would be the cause of the system hanging.
#7985diderius6⇗ @infuscomus

Yepp, at a successfull boot of XP,
XP does not stop at bp ba209d45,
this means, that this Address  ba209d45  is never reached when all is ok,
but is reached, when the critical USB hangs
Dietmar
#7986diderius6⇗ @infuscomus

This is whole protocol from hanging XP

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows XP 2600 x86 compatible target at (Fri Oct 22 18:27:38.531 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
Windows XP Kernel Version 2600 MP (1 procs) Checked x86 compatible
Built by: 2600.xpsp.080413-2133
Machine Name:
Kernel base = 0x80a02000 PsLoadedModuleList = 0x80b019e8
System Uptime: not available
MM: Loader/HAL memory block indicates large pages cannot be used for 80100000->8012777F
MM: Loader/HAL memory block indicates large pages cannot be used for 818A6000->82D8AFFF
MM: Disabling large pages for all ranges due to overlap
Break instruction exception - code 80000003 (first chance)
*******************************************************************************
*                                                                             *
*   You are seeing this message because you pressed either                    *
*       CTRL+C (if you run kd.exe) or,                                        *
*       CTRL+BREAK (if you run WinDBG),                                       *
*   on your debugger machine's keyboard.                                      *
*                                                                             *
*                   THIS IS NOT A BUG OR A SYSTEM CRASH                       *
*                                                                             *
* If you did not intend to break into the debugger, press the "g" key, then   *
* press the "Enter" key now.  This message might immediately reappear.  If it *
* does, press "g" and "Enter" again.                                          *
*                                                                             *
*******************************************************************************
nt!RtlpBreakWithStatusInstruction:
80ac37ec cc              int     3
kd> bp ba209d45
kd> g
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 163

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
EX: Pageable code called at IRQL 2

*** Assertion failed: FALSE
***   Source File: d:\xpsp\base\ntos\ex\rundown.c, line 274

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
KD: write to 0xba209d45 ok
#7987infuscomus⇗ @diderius6

would you say that it unlikely that we will discover the cause of why this 149C controller does not behave correctly?

For whatever reason the 149C controller is not ready at boot.

My 149C controller has a slightly different problem to yours, no crash, but any USB device connected has ID USB\VID_0000&PID_0000

edit: until disable and re-enable in device manager, then it works fine.
#7988diderius6⇗ @infuscomus

I am quite sure, that this is the place, where the hanging happens,
because a successful boot to full desktop of XP gives this KD: write to 0xba209d45 ok
and direct after this the last 3 USB files are loaded
Dietmar
0: kd> g
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for WppRecorder.sys - 
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for WDFLDR.SYS - 
*** ERROR: Module load completed but symbols could not be loaded for USBXHCI.SYS
*** ERROR: Module load completed but symbols could not be loaded for wdf01000.sys
*** ERROR: Module load completed but symbols could not be loaded for ucx01000.sys
*** ERROR: Module load completed but symbols could not be loaded for audstub.sys
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ndistapi.sys - 
*** ERROR: Module load completed but symbols could not be loaded for ndiswan.sys
*** ERROR: Module load completed but symbols could not be loaded for raspppoe.sys
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for psched.sys - 
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ptilink.sys - 
*** ERROR: Module load completed but symbols could not be loaded for raspti.sys
*** ERROR: Module load completed but symbols could not be loaded for rdpdr.sys
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for termdd.sys - 
KD: write to 0xba209d45 ok
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ksecd8.sys - 
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for USBD8.SYS - 
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for UsbHub3.sys - 

*** Assertion failed: IoWorkItem->Size == sizeof( IO_WORKITEM )
***   Source File: d:\xpsp\base\ntos\io\iomgr\misc.c, line 965

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i

*** Assertion failed: IoWorkItem->Size == sizeof( IO_WORKITEM )
***   Source File: d:\xpsp\base\ntos\io\iomgr\misc.c, line 965

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
*** ERROR: Module load completed but symbols could not be loaded for Fdc.SYS
*** ERROR: Module load completed but symbols could not be loaded for cdrom.sys
*** ERROR: Module load completed but symbols could not be loaded for Cdaudio.SYS
*** ERROR: Module load completed but symbols could not be loaded for Fs_Rec.SYS
*** ERROR: Module load completed but symbols could not be loaded for Null.SYS
*** ERROR: Module load completed but symbols could not be loaded for Beep.SYS

*** Assertion failed: IoWorkItem->Size == sizeof( IO_WORKITEM )
***   Source File: d:\xpsp\base\ntos\io\iomgr\misc.c, line 965

Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? i
i
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for VIDEOPRT.SYS - 
*** ERROR: Module load completed but symbols could not be loaded for RDPCDD.sys
*** ERROR: Module load completed but symbols could not be loaded for mouhid.sys
*** ERROR: Module load completed but symbols could not be loaded for rasacd.sys
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for rdbss.sys - 
*** ERROR: Module load completed but symbols could not be loaded for DumpDrv.SYS
*** ERROR: Module load completed but symbols could not be loaded for autochk.exe
*** ERROR: Module load completed but symbols could not be loaded for sfcfiles.dll
*** ERROR: Module load comp
#7989infuscomus⇗ @diderius6

regarding this

Zitat von ⇗ diderius6 im Beitrag ¶ #7988
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for WppRecorder.sys - 
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for WDFLDR.SYS - 
*** ERROR: Module load completed but symbols could not be loaded for USBXHCI.SYS
*** ERROR: Module load completed but symbols could not be loaded for wdf01000.sys
*** ERROR: Module load completed but symbols could not be loaded for ucx01000.sys

etc...

did the PDB symbols I included for the USB3 drivers in the zip file not work for you?
#7990diderius6⇗ @infuscomus

No, that simply means, that just now my compi for daily use crash, first time in more than 3 years.
It is a x58 board from 2009
Dietmar

PS: Just now I write from other compi, but until next hours (?) no Windbg..

EDIT: These lines are also interesting, may be, that the hanging happens here

*** Assertion failed: IoWorkItem->Size == sizeof( IO_WORKITEM )
***   Source File: d:\xpsp\base\ntos\io\iomgr\misc.c, line 965
#7991infuscomus⇗ @diderius6

Fortunately we have access to source code so we can make changes to that line of code if we need to.
#7992diderius6⇗ @infuscomus

processr!AcpiC1Idle+0x19:

can this been acpi related to the sleeping state C1

Dietmar
#7993infuscomus⇗ @diderius6

I suppose it's possible, I can't say for certain.
#7994Strani
Zitat von ⇗ diderius6 im Beitrag ¶ #7192
@daniel_k

I changed

usbport.sys
usbstor.sys
usbd.sys

against their version from win2003

After applying patch WinXpPAE on Windows XP SP3 I need to replace the built-in driver USB2, correct? How to do this correctly:
1. Take usbport.sys from Windows Server 2003 KB2862330?
2. Take usbport.sys and usbd.sys files from Windows Server 2003 KB2862330?
3. Take usbport.sys from your message?
4. Take usbport.sys and usbd.sys files from your message?

Sorry for my bad english!
#7995diderius6⇗ @infuscomus

On 21 August this year 2021 I make a copy of my Windows\System32\config  folder from an external XP.
Just this safes now my life.
I think, the problem is the harddisk, WD 2 TB from 2017.
Even there are 20 Gb free on it, when I try to run chkdisk, only phase 1 completes
and from phase 2 I do not see one little green mark, I think because millions of small files on it
Dietmar

PS: But fun with Windbg can go on now.

 

Page 534

#7996diderius6⇗ @infuscomus

XP hangs because of critical USB

Dietmar

Connected to Windows XP 2600 x86 compatible target at (Fri Oct 22 23:18:49.583 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
Windows XP Kernel Version 2600 (Service Pack 3) MP (16 procs) Checked x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp.080413-2133
Machine Name:
Kernel base = 0x80a02000 PsLoadedModuleList = 0x80b019e8
Debug session time: Sat Oct 23 06:20:19.937 2021 (UTC + 2:00)
System Uptime: 0 days 0:00:07.453
Break instruction exception - code 80000003 (first chance)
*******************************************************************************

DevNode 0x8ac84300 for PDO 0x8ad41178
            InstancePath is "PCI\VEN_1022&DEV_149C&SUBSYS_87C01043&REV_00\4&f6230fb&0&0341"
            ServiceName is "USBXHCI"
            State = DeviceNodeStarted (0x308)
            Previous State = DeviceNodeEnumerateCompletion (0x30d)
            DevNode 0x8a8fded8 for PDO 0x8ad454b8
              InstancePath is "USB\ROOT_HUB30\5&399a3586&1&0"
              ServiceName is "USBHUB3"
                                        State = DeviceNodeStartPostWork (0x307)
              Previous State = DeviceNodeStartCompletion (0x306)

13: kd> p
nt!IoFreeWorkItem+0x2d:
80a250cb 5e              pop     esi
13: kd> p
nt!IoFreeWorkItem+0x2e:
80a250cc 5d              pop     ebp
13: kd> p
nt!IoFreeWorkItem+0x2f:
80a250cd c20400          ret     4
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x219:
b8981643 33c0            xor     eax,eax
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x21b:
b8981645 50              push    eax
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x21c:
b8981646 50              push    eax
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x21d:
b8981647 8d4310          lea     eax,[ebx+10h]
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x220:
b898164a 50              push    eax
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x221:
b898164b ff15b8b19ab8    call    dword ptr [USBXHCI!_imp__KeSetEvent (b89ab1b8)]
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x227:
b8981651 5f              pop     edi
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x228:
b8981652 5e              pop     esi
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x229:
b8981653 5b              pop     ebx
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x22a:
b8981654 8be5            mov     esp,ebp
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x22c:
b8981656 5d              pop     ebp
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x22d:
b8981657 c20c00          ret     0Ch
13: kd> p
ntoskrn8+0x672:
b9e67672 eb07            jmp     ntoskrn8+0x67b (b9e6767b)
13: kd> p
ntoskrn8+0x67b:
b9e6767b 8bce            mov     ecx,esi
13: kd> p
ntoskrn8+0x67d:
b9e6767d ff1528efe6b9    call    dword ptr [ntoskrn8+0x7f28 (b9e6ef28)]
13: kd> p
ntoskrn8+0x683:
b9e67683 5e              pop     esi
13: kd> p
ntoskrn8+0x684:
b9e67684 5d              pop     ebp
13: kd> p
ntoskrn8+0x685:
b9e67685 c20400          ret     4
13: kd> p
nt!ExpWorkerThread+0x10f:
80ad51a9 83bfd400000000  cmp     dword ptr [edi+0D4h],0
13: kd> p
nt!ExpWorkerThread+0x116:
80ad51b0 7431            je      nt!ExpWorkerThread+0x149 (80ad51e3)
13: kd> p
nt!ExpWorkerThread+0x149:
80ad51e3 ff150c31a080    call    dword ptr [nt!_imp__KeGetCurrentIrql (80a0310c)]
13: kd> p
nt!ExpWorkerThread+0x14f:
80ad51e9 84c0            test    al,al
13: kd> p
nt!ExpWorkerThread+0x151:
80ad51eb 757d            jne     nt!ExpWorkerThread+0x1d0 (80ad526a)
13: kd> p
nt!ExpWorkerThread+0x153:
80ad51ed f6874802000008  test    byte ptr [edi+248h],8
13: kd> p
nt!ExpWorkerThread+0x15a:
80ad51f4 7484            je      nt!ExpWorkerThread+0xe0 (80ad517a)
13: kd> p
nt!ExpWorkerThread+0xe0:
80ad517a ff75f8          push    dword ptr [ebp-8]
13: kd> p
nt!ExpWorkerThread+0xe3:
80ad517d ff75f4          push    dword ptr [ebp-0Ch]
13: kd> p
nt!ExpWorkerThread+0xe6:
80ad5180 56              push    esi
13: kd> p
nt!ExpWorkerThread+0xe7:
80ad5181 e83013f6ff      call    nt!KeRemoveQueue (80a364b6)
13: kd> p
nt!ExpWorkerThread+0xec:
80ad5186 8bd8            mov     ebx,eax
7: kd> p
nt!ExpWorkerThread+0xee:
80ad5188 81fb02010000    cmp     ebx,102h
7: kd> p
nt!ExpWorkerThread+0xf4:
80ad518e 7479            je      nt!ExpWorkerThread+0x16f (80ad5209)
7: kd> p
nt!ExpWorkerThread+0xf6:
80ad5190 33c9            xor     ecx,ecx
7: kd> p
nt!ExpWorkerThread+0xf8:
80ad5192 8d462c          lea     eax,[esi+2Ch]
7: kd> p
nt!ExpWorkerThread+0xfb:
80ad5195 41              inc     ecx
7: kd> p
nt!ExpWorkerThread+0xfc:
80ad5196 f00fc108        lock xadd dword ptr [eax],ecx
7: kd> p
nt!ExpWorkerThread+0x100:
80ad519a 8b4b0c          mov     ecx,dword ptr [ebx+0Ch]
7: kd> p
nt!ExpWorkerThread+0x103:
80ad519d 8b4308          mov     eax,dword ptr [ebx+8]
7: kd> p
nt!ExpWorkerThread+0x106:
80ad51a0 51              push    ecx
7: kd> p
nt!ExpWorkerThread+0x107:
80ad51a1 8945fc          mov     dword ptr [ebp-4],eax
7: kd> p
nt!ExpWorkerThread+0x10a:
80ad51a4 894d08          mov     dword ptr [ebp+8],ecx
7: kd> p
nt!ExpWorkerThread+0x10d:
80ad51a7 ffd0            call    eax
7: kd> p
nt!ExpWorkerThread+0x10f:
80ad51a9 83bfd400000000  cmp     dword ptr [edi+0D4h],0
7: kd> p
nt!ExpWorkerThread+0x116:
80ad51b0 7431            je      nt!ExpWorkerThread+0x149 (80ad51e3)
7: kd> p
nt!ExpWorkerThread+0x149:
80ad51e3 ff150c31a080    call    dword ptr [nt!_imp__KeGetCurrentIrql (80a0310c)]
7: kd> p
nt!ExpWorkerThread+0x14f:
80ad51e9 84c0            test    al,al
7: kd> p
nt!ExpWorkerThread+0x151:
80ad51eb 757d            jne     nt!ExpWorkerThread+0x1d0 (80ad526a)
7: kd> p
nt!ExpWorkerThread+0x153:
80ad51ed f6874802000008  test    byte ptr [edi+248h],8
7: kd> p
nt!ExpWorkerThread+0x15a:
80ad51f4 7484            je      nt!ExpWorkerThread+0xe0 (80ad517a)
7: kd> p
nt!ExpWorkerThread+0xe0:
80ad517a ff75f8          push    dword ptr [ebp-8]
7: kd> p
nt!ExpWorkerThread+0xe3:
80ad517d ff75f4          push    dword ptr [ebp-0Ch]
7: kd> p
nt!ExpWorkerThread+0xe6:
80ad5180 56              push    esi
7: kd> p
nt!ExpWorkerThread+0xe7:
80ad5181 e83013f6ff      call    nt!KeRemoveQueue (80a364b6)
7: kd> p
nt!ExpWorkerThread+0xec:
80ad5186 8bd8            mov     ebx,eax
10: kd> 
nt!ExpWorkerThread+0xee:
80ad5188 81fb02010000    cmp     ebx,102h
10: kd> p
nt!ExpWorkerThread+0xf4:
80ad518e 7479            je      nt!ExpWorkerThread+0x16f (80ad5209)
10: kd> p
nt!ExpWorkerThread+0xf6:
80ad5190 33c9            xor     ecx,ecx
10: kd> p
nt!ExpWorkerThread+0xf8:
80ad5192 8d462c          lea     eax,[esi+2Ch]
10: kd> p
nt!ExpWorkerThread+0xfb:
80ad5195 41              inc     ecx
10: kd> p
nt!ExpWorkerThread+0xfc:
80ad5196 f00fc108        lock xadd dword ptr [eax],ecx
10: kd> p
nt!ExpWorkerThread+0x100:
80ad519a 8b4b0c          mov     ecx,dword ptr [ebx+0Ch]
10: kd> p
nt!ExpWorkerThread+0x103:
80ad519d 8b4308          mov     eax,dword ptr [ebx+8]
10: kd> p
nt!ExpWorkerThread+0x106:
80ad51a0 51              push    ecx
10: kd> p
nt!ExpWorkerThread+0x107:
80ad51a1 8945fc          mov     dword ptr [ebp-4],eax
10: kd> p
nt!ExpWorkerThread+0x10a:
80ad51a4 894d08          mov     dword ptr [ebp+8],ecx
10: kd> p
nt!ExpWorkerThread+0x10d:
80ad51a7 ffd0            call    eax
10: kd> p
nt!ExpWorkerThread+0x10f:
80ad51a9 83bfd400000000  cmp     dword ptr [edi+0D4h],0
10: kd> 
nt!ExpWorkerThread+0x116:
80ad51b0 7431            je      nt!ExpWorkerThread+0x149 (80ad51e3)
10: kd> p
nt!ExpWorkerThread+0x149:
80ad51e3 ff150c31a080    call    dword ptr [nt!_imp__KeGetCurrentIrql (80a0310c)]
10: kd> p
nt!ExpWorkerThread+0x14f:
80ad51e9 84c0            test    al,al
10: kd> p
nt!ExpWorkerThread+0x151:
80ad51eb 757d            jne     nt!ExpWorkerThread+0x1d0 (80ad526a)
10: kd> p
nt!ExpWorkerThread+0x153:
80ad51ed f6874802000008  test    byte ptr [edi+248h],8
10: kd> p
nt!ExpWorkerThread+0x15a:
80ad51f4 7484            je      nt!ExpWorkerThread+0xe0 (80ad517a)
10: kd> p
nt!ExpWorkerThread+0xe0:
80ad517a ff75f8          push    dword ptr [ebp-8]
10: kd> p
nt!ExpWorkerThread+0xe3:
80ad517d ff75f4          push    dword ptr [ebp-0Ch]
10: kd> p
nt!ExpWorkerThread+0xe6:
80ad5180 56              push    esi
10: kd> p
nt!ExpWorkerThread+0xe7:
80ad5181 e83013f6ff      call    nt!KeRemoveQueue (80a364b6)
10: kd> p
nt!ExpWorkerThread+0xec:
80ad5186 8bd8            mov     ebx,eax
9: kd> p
nt!ExpWorkerThread+0xee:
80ad5188 81fb02010000    cmp     ebx,102h
9: kd> p
nt!ExpWorkerThread+0xf4:
80ad518e 7479            je      nt!ExpWorkerThread+0x16f (80ad5209)
9: kd> p

*** Assertion failed: IoWorkItem->Size == sizeof( IO_WORKITEM )
***   Source File: d:\xpsp\base\ntos\io\iomgr\misc.c, line 965

nt!ExpWorkerThread+0xf6:
80ad5190 33c9            xor     ecx,ecx
9: kd> p
Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? p
p
nt!ExpWorkerThread+0xf8:
80ad5192 8d462c          lea     eax,[esi+2Ch]
9: kd> p
nt!ExpWorkerThread+0xfb:
80ad5195 41              inc     ecx
9: kd> p
nt!ExpWorkerThread+0xfc:
80ad5196 f00fc108        lock xadd dword ptr [eax],ecx
9: kd> p
nt!ExpWorkerThread+0x100:
80ad519a 8b4b0c          mov     ecx,dword ptr [ebx+0Ch]
9: kd> p
nt!ExpWorkerThread+0x103:
80ad519d 8b4308          mov     eax,dword ptr [ebx+8]
9: kd> p
nt!ExpWorkerThread+0x106:
80ad51a0 51              push    ecx
9: kd> p
nt!ExpWorkerThread+0x107:
80ad51a1 8945fc          mov     dword ptr [ebp-4],eax
9: kd> p
nt!ExpWorkerThread+0x10a:
80ad51a4 894d08          mov     dword ptr [ebp+8],ecx
9: kd> p
nt!ExpWorkerThread+0x10d:
80ad51a7 ffd0            call    eax
9: kd> p
nt!ExpWorkerThread+0x10f:
80ad51a9 83bfd400000000  cmp     dword ptr [edi+0D4h],0
9: kd> p
nt!ExpWorkerThread+0x116:
80ad51b0 7431            je      nt!ExpWorkerThread+0x149 (80ad51e3)
9: kd> p
nt!ExpWorkerThread+0x149:
80ad51e3 ff150c31a080    call    dword ptr [nt!_imp__KeGetCurrentIrql (80a0310c)]
9: kd> p
nt!ExpWorkerThread+0x14f:
80ad51e9 84c0            test    al,al
9: kd> p
nt!ExpWorkerThread+0x151:
80ad51eb 757d            jne     nt!ExpWorkerThread+0x1d0 (80ad526a)
9: kd> p
nt!ExpWorkerThread+0x153:
80ad51ed f6874802000008  test    byte ptr [edi+248h],8
9: kd> p
nt!ExpWorkerThread+0x15a:
80ad51f4 7484            je      nt!ExpWorkerThread+0xe0 (80ad517a)
9: kd> p
nt!ExpWorkerThread+0xe0:
80ad517a ff75f8          push    dword ptr [ebp-8]
9: kd> p
nt!ExpWorkerThread+0xe3:
80ad517d ff75f4          push    dword ptr [ebp-0Ch]
9: kd> p
nt!ExpWorkerThread+0xe6:
80ad5180 56              push    esi
9: kd> p
nt!ExpWorkerThread+0xe7:
80ad5181 e83013f6ff      call    nt!KeRemoveQueue (80a364b6)
9: kd> p

*** Fatal System Error: 0x000000e9
                                             (0x8AD270C0,0x00000000,0x00000000,0x00000000)

WARNING: This break is not a step/trace completion.
The last command has been cleared to prevent
accidental continuation of this unrelated event.
Check the event, location and thread before resuming.
Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target at (Sat Oct 23 00:04:20.143 2021 (UTC + 2:00)), ptr64 FALSE
Loading Kernel Symbols
.............................................................
Loading User Symbols

Loading unloaded module list
.
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntoskrn8.sys - 
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for amd_sata.sys - 
*** ERROR: Module load completed but symbols could not be loaded for ftdisk.sys
*** ERROR: Module load completed but symbols could not be loaded for amd_xata.sys
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ptilink.sys - 
*** ERROR: Module load completed but symbols could not be loaded for raspti.sys
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for BOOTVID.dll - 
*** ERROR: Module load completed but symbols could not be loaded for ACPIEC.sys
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for kdcom.dll - 
*** ERROR: Module load completed but symbols could not be loaded for WMILIB.SYS
Unable to read KiBugCheckData
Unable to read KiBugCheckData
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 0, {0, 0, 0, 0}

Unable to read KiBugCheckData


Failure could not be analyzed

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************
Bugcheck code 000000E9
Arguments 8ad270c0 00000000 00000000 00000000

ChildEBP RetAddr  Args to Child              
ba55742c 80a30d7b 00000003 ba557788 00000000 nt!RtlpBreakWithStatusInstruction
ba557478 80a319e6 00000003 8ad29290 8ad270c0 nt!KiBugCheckDebugBreak+0x19
ba557858 80a31f77 000000e9 8ad270c0 00000000 nt!KeBugCheck2+0x574
ba557878 80bdc60b 000000e9 8ad270c0 00000000 nt!KeBugCheckEx+0x1b
ba557928 80bdc910 c0000001 8ad29290 00000000 nt!PspExitThread+0x813
ba55794c 80bdcbd0 8ad270c0 c0000001 ba557988 nt!PspTerminateThreadByPointer+0x88
ba557978 80adedd8 00000000 c0000001 00000030 nt!NtTerminateProcess+0x158
ba557978 80a3c91d 00000000 c0000001 00000030 nt!KiFastCallEntry+0x158
ba557a04 80ac5485 ffffffff c0000001 00000001 nt!ZwTerminateProcess+0x11
ba557cfc 80ac54e4 80a2506e 80a2504a 000003c5 nt!RtlAssert2+0xe7
ba557d18 80a250c3 80a2506e 80a2504a 000003c5 nt!RtlAssert+0x18
ba557d34 b8981643 8aa2a978 8ad270c0 8aa8e4f8 nt!IoFreeWorkItem+0x25
ba557d68 b9e67672 8aa8e4f8 8aa11868 8aa2a978 USBXHCI!CommonBuffer_WorkItem+0x219
WARNING: Stack unwind information not available. Following frames may be wrong.
ba557d80 80ad51a9 8aa2a978 00000000 8ad270c0 ntoskrn8!IoGetDevicePropertyData+0x48
ba557dac 80bd81ac 8aa2a978 00000000 00000000 nt!ExpWorkerThread+0x10f
ba557ddc 80ae4212 80ad509a 00000000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16

nt!RtlpBreakWithStatusInstruction:
80ac37ec cc              int     3
13: kd> 
ChildEBP RetAddr  Args to Child              
ba55742c 80a30d7b 00000003 ba557788 00000000 nt!RtlpBreakWithStatusInstruction
ba557478 80a319e6 00000003 8ad29290 8ad270c0 nt!KiBugCheckDebugBreak+0x19
ba557858 80a31f77 000000e9 8ad270c0 00000000 nt!KeBugCheck2+0x574
ba557878 80bdc60b 000000e9 8ad270c0 00000000 nt!KeBugCheckEx+0x1b
ba557928 80bdc910 c0000001 8ad29290 00000000 nt!PspExitThread+0x813
ba55794c 80bdcbd0 8ad270c0 c0000001 ba557988 nt!PspTerminateThreadByPointer+0x88
ba557978 80adedd8 00000000 c0000001 00000030 nt!NtTerminateProcess+0x158
ba557978 80a3c91d 00000000 c0000001 00000030 nt!KiFastCallEntry+0x158
ba557a04 80ac5485 ffffffff c0000001 00000001 nt!ZwTerminateProcess+0x11
ba557cfc 80ac54e4 80a2506e 80a2504a 000003c5 nt!RtlAssert2+0xe7
ba557d18 80a250c3 80a2506e 80a2504a 000003c5 nt!RtlAssert+0x18
ba557d34 b8981643 8aa2a978 8ad270c0 8aa8e4f8 nt!IoFreeWorkItem+0x25
ba557d68 b9e67672 8aa8e4f8 8aa11868 8aa2a978 USBXHCI!CommonBuffer_WorkItem+0x219
WARNING: Stack unwind information not available. Following frames may be wrong.
ba557d80 80ad51a9 8aa2a978 00000000 8ad270c0 ntoskrn8!IoGetDevicePropertyData+0x48
ba557dac 80bd81ac 8aa2a978 00000000 00000000 nt!ExpWorkerThread+0x10f
ba557ddc 80ae4212 80ad509a 00000000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16
13: kd> lm
start    end        module name
80100000 80127780   HAL3       (pdb symbols)          c:\symbols\halmacpi.pdb\E84507EBCC884EC88312CED392E768A61\halmacpi.pdb
80a02000 80da3000   nt         (pdb symbols)          c:\symbols\ntkrpamp.pdb\5B9E8A586D3D49D98927B5D5117577231\ntkrpamp.pdb
b865f000
b86c6000   ksecd8     (pdb symbols)          C:\Programme\Debugging
Tools for Windows
(x86)\sym\ksecdd.pdb\7A79E8DB807B4AE2B8DE483364369CAE1\ksecdd.pdb
b86c6000
b8729000   UsbHub3    (private pdb symbols)  C:\Programme\Debugging
Tools for Windows
(x86)\sym\usbhub3.pdb\FCC3C5A1B41E43F2BC5FCAF5C68E6CEF1\usbhub3.pdb
b8779000 b87d6f00   update     (pdb symbols)          c:\symbols\update.pdb\840B22B4D8124987BF5F6AB05B14102C1\update.pdb
b87d7000 b87f9700   ks         (pdb symbols)          c:\symbols\ks.pdb\B006640EDA8C40FD8951E31F54F77B642\ks.pdb
b87fa000 b8829c80   rdpdr      (pdb symbols)          c:\symbols\rdpdr.pdb\2B82EDCE1DF54F7AAE60CD3A5DD350851\rdpdr.pdb
b882a000 b883b280   psched     (pdb symbols)          c:\symbols\psched.pdb\9F3A1A98725A4CEF9067BB7CFFBDF5751\psched.pdb
b8864000 b887a680   ndiswan    (pdb symbols)          c:\symbols\ndiswan.pdb\A4934DF1DEAF464A90C88C559BC259C72\ndiswan.pdb
b887b000 b88a3000   HDAudBus   (pdb symbols)          c:\symbols\hdaudbus.pdb\A6AEE77DD7294755AA656D52792AEEFB1\hdaudbus.pdb
b88a3000 
b88d4000   ucx01000   (private pdb symbols)  C:\Programme\Debugging
Tools for Windows
(x86)\sym\ucx01000.pdb\B5DBF075046B4B60A8FCCB4E56AE51271\ucx01000.pdb
b88d4000
b897e000   wdf01000   (private pdb symbols)  C:\Programme\Debugging
Tools for Windows
(x86)\sym\Wdf01000.pdb\4B21CEB3EDE541318DA92AA1A31DA6C01\Wdf01000.pdb
b897e000
b89c5000   USBXHCI    (private pdb symbols)  C:\Programme\Debugging
Tools for Windows
(x86)\sym\usbxhci.pdb\2C65A36AB54E4E93815303711F6822FB1\usbxhci.pdb
b9ca1000 b9ca4c80   mssmbios   (pdb symbols)          c:\symbols\mssmbios.pdb\9940673F3B9A4BD682DF9D96A12A355C1\mssmbios.pdb
b9cb9000 b9cbb900   ndistapi   (pdb symbols)          c:\symbols\ndistapi.pdb\98F0B15E72FD4123B200B770799B214B1\ndistapi.pdb
b9cc1000 b9cc3280   wmiacpi    (pdb symbols)          c:\symbols\wmiacpi.pdb\7E27F259317A4D7596E61F675272F8671\wmiacpi.pdb
b9d01000 b9d1ae80   Mup        (pdb symbols)          c:\symbols\mup.pdb\1C433960902E4E169BCDB83FDA9AA3D82\mup.pdb
b9d1b000 b9d47a80   NDIS       (pdb symbols)          c:\symbols\ndis.pdb\3DFF1E048DD2464D8D0B1BFEBAC7C8A12\ndis.pdb
b9d48000 b9dd4d00   Ntfs       (pdb symbols)          c:\symbols\ntfs.pdb\89F306F8DA21470E8DBC76F3BFED90C62\ntfs.pdb
b9dd5000 
b9debb80   KSecDD     (pdb symbols)          C:\Programme\Debugging
Tools for Windows
(x86)\sym\ksecdd.pdb\F1FFF3CA4D5C4A568D3FA1B71EB0F5FE1\ksecdd.pdb
b9dec000 b9dfdf00   sr         (pdb symbols)          c:\symbols\sr.pdb\9D5432B7234C4CD2A8F6275B9D9AF41F1\sr.pdb
b9dfe000 b9e1db00   fltMgr     (pdb symbols)          c:\symbols\fltMgr.pdb\30197425FFC04385B84C0354E5035D5C1\fltMgr.pdb
b9e1e000 b9e67000   storport   (pdb symbols)          c:\symbols\storport.pdb\AB4436C5F6B54079A136C8FA486F6D4E2\storport.pdb
b9e67000 b9e89680   ntoskrn8   (export symbols)       ntoskrn8.sys
b9e8a000 b9e9f000   amd_sata   (export symbols)       amd_sata.sys
b9e9f000 b9ec4700   dmio       (pdb symbols)          c:\symbols\dmio.pdb\7DD31474CC0941E9B2175DDBC956E4601\dmio.pdb
b9ec5000 b9ee3880   ftdisk     (no symbols)           
b9ee4000 b9ef4a80   pci        (pdb symbols)          c:\symbols\pci.pdb\46927BAFB8E740B6B4BAC813675A82871\pci.pdb
b9ef5000 b9f24d80   ACPI       (pdb symbols)          c:\symbols\acpi.pdb\3E23085EEF9C4EB5AC40C386278F6D7E1\acpi.pdb
b9f25000
b9fa7000   WDF01_W8   (private pdb symbols)  C:\Programme\Debugging
Tools for Windows
(x86)\sym\Wdf01000.pdb\20273A8183AD43C0B93F7EFEE76FA6AC2\Wdf01000.pdb
ba0a8000
ba0b6000   WDFLDR8    (private pdb symbols)  C:\Programme\Debugging
Tools for Windows
(x86)\sym\wdfldr.pdb\2BA2A21947B449C294395DF16113E10F2\wdfldr.pdb
ba0b8000 ba0c1180   isapnp     (pdb symbols)          c:\symbols\isapnp.pdb\C88742CDDA0641E39B06BD20309F22991\isapnp.pdb
ba0c8000 ba0d2700   MountMgr   (pdb symbols)          c:\symbols\mountmgr.pdb\5D38A8CA29F64A48AB5F17646D153CEA1\mountmgr.pdb
ba0d8000 ba0e3000   PartMgr    (pdb symbols)          c:\symbols\partmgr.pdb\553D05ACC6B74F7A96205455C0FDC0612\partmgr.pdb
ba0e8000 ba0f4c80   VolSnap    (pdb symbols)          c:\symbols\volsnap.pdb\063AE2CDED15450491E240111E7E66511\volsnap.pdb
ba0f8000 ba103000   amd_xata   (no symbols)           
ba108000 ba118000   disk       (pdb symbols)          c:\symbols\disk.pdb\3DA44D56F4CF49678E6E538BEA9F55311\disk.pdb
ba118000 ba124180   CLASSPNP   (pdb symbols)          c:\symbols\classpnp.pdb\79125526F95B483880DC8AC59206505E2\classpnp.pdb
ba178000
ba182000   WppRecorder   (private pdb symbols)  C:\Programme\Debugging
Tools for Windows
(x86)\sym\wpprecorder.pdb\91005AD9C44F453EB3B06C8BBE01A5EA1\wpprecorder.pdb
ba188000
ba197000   WDFLDR     (private pdb symbols)  C:\Programme\Debugging
Tools for Windows
(x86)\sym\wdfldr.pdb\F402F779A2FF45BFB2C05076C4D691591\wdfldr.pdb
ba198000 ba1a4d00   i8042prt   (pdb symbols)          c:\symbols\i8042prt.pdb\FA66C3D83C0546E0862C49B30DF6B8022\i8042prt.pdb
ba1a8000 ba1b0c00   processr   (pdb symbols)          c:\symbols\processr.pdb\1C3453BC6D454A0F84F9F53A5AA11C7F1\processr.pdb
ba1b8000 ba1c4880   rasl2tp    (pdb symbols)          c:\symbols\rasl2tp.pdb\FADB1E8D59EE44EF82E7E9D8324CE21B2\rasl2tp.pdb
ba1c8000 ba1d2200   raspppoe   (pdb symbols)          c:\symbols\raspppoe.pdb\7031C43F730146F69C07DA1F1D2B8D3C1\raspppoe.pdb
ba1d8000 ba1e3d00   raspptp    (pdb symbols)          c:\symbols\raspptp.pdb\D7C7E7BFE2924EA29A16BD98B0B46BCE2\raspptp.pdb
ba1e8000 ba1f0900   msgpc      (pdb symbols)          c:\symbols\msgpc.pdb\E80C52EE74E1497EBBC1E28C15CB28811\msgpc.pdb
ba1f8000 ba201f80   termdd     (pdb symbols)          c:\symbols\termdd.pdb\341B8AB6C73249269B2AFA3A108CCA5A1\termdd.pdb
ba208000 ba212000   NDProxy    (pdb symbols)          c:\symbols\ndproxy.pdb\D1A519BC9F3341D785DFC664C26A58671\ndproxy.pdb
ba218000 ba222000   USBD8      (pdb symbols)          c:\symbols\usbd.pdb\E73E119839284DAF97EAF2403A6DC4A21\usbd.pdb
ba3f8000 ba3fe000   kbdclass   (pdb symbols)          c:\symbols\kbdclass.pdb\227A15B4C380417181684895714317F31\kbdclass.pdb
ba400000 ba404a80   TDI        (pdb symbols)          c:\symbols\tdi.pdb\545742C029D24374BD687966638629EB1\tdi.pdb
ba408000 ba40c580   ptilink    (export symbols)       ptilink.sys
ba410000 ba414080   raspti     (no symbols)           
ba418000 ba41da00   mouclass   (pdb symbols)          c:\symbols\mouclass.pdb\1BBF200238534BE489B4DC62262BE30C1\mouclass.pdb
ba4b8000 ba4bb000   BOOTVID    (export symbols)       BOOTVID.dll
ba4bc000 ba4bed80   ACPIEC     (no symbols)           
ba5a8000 ba5a9b80   kdcom      (export symbols)       kdcom.dll
ba5aa000 ba5ab100   WMILIB     (no symbols)           
ba5ac000 ba5ad700   dmload     (deferred)             
ba5b2000 ba5b3100   swenum     (deferred)             
ba670000 ba670d80   OPRGHDLR   (deferred)             
ba7b3000 ba7b3c00   audstub    (deferred)             

Unloaded modules:
ba328000 ba32f000   firadisk.sys
13: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

ACTIVE_EX_WORKER_THREAD_TERMINATION (e9)
An executive worker thread is being terminated without having gone through
the worker thread rundown code.  A stack trace should indicate the cause.
Arguments:
Arg1: 8ad270c0, The exiting ETHREAD.
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


DEFAULT_BUCKET_ID:  DRIVER_FAULT

BUGCHECK_STR:  0xE9

PROCESS_NAME:  System

ASSERT_DATA:  IoWorkItem->Size == sizeof( IO_WORKITEM )

ASSERT_FILE_LOCATION:  d:\xpsp\base\ntos\io\iomgr\misc.c at Line 965

LAST_CONTROL_TRANSFER:  from 80a30d7b to 80ac37ec

STACK_TEXT:  
ba55742c 80a30d7b 00000003 ba557788 00000000 nt!RtlpBreakWithStatusInstruction
ba557478 80a319e6 00000003 8ad29290 8ad270c0 nt!KiBugCheckDebugBreak+0x19
ba557858 80a31f77 000000e9 8ad270c0 00000000 nt!KeBugCheck2+0x574
ba557878 80bdc60b 000000e9 8ad270c0 00000000 nt!KeBugCheckEx+0x1b
ba557928 80bdc910 c0000001 8ad29290 00000000 nt!PspExitThread+0x813
ba55794c 80bdcbd0 8ad270c0 c0000001 ba557988 nt!PspTerminateThreadByPointer+0x88
ba557978 80adedd8 00000000 c0000001 00000030 nt!NtTerminateProcess+0x158
ba557978 80a3c91d 00000000 c0000001 00000030 nt!KiFastCallEntry+0x158
ba557a04 80ac5485 ffffffff c0000001 00000001 nt!ZwTerminateProcess+0x11
ba557cfc 80ac54e4 80a2506e 80a2504a 000003c5 nt!RtlAssert2+0xe7
ba557d18 80a250c3 80a2506e 80a2504a 000003c5 nt!RtlAssert+0x18
ba557d34 b8981643 8aa2a978 8ad270c0 8aa8e4f8 nt!IoFreeWorkItem+0x25
ba557d68 b9e67672 8aa8e4f8 8aa11868 8aa2a978 USBXHCI!CommonBuffer_WorkItem+0x219
WARNING: Stack unwind information not available. Following frames may be wrong.
ba557d80 80ad51a9 8aa2a978 00000000 8ad270c0 ntoskrn8!IoGetDevicePropertyData+0x48
ba557dac 80bd81ac 8aa2a978 00000000 00000000 nt!ExpWorkerThread+0x10f
ba557ddc 80ae4212 80ad509a 00000000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!IoFreeWorkItem+25
80a250c3 6a00            push    0

SYMBOL_STACK_INDEX:  b

SYMBOL_NAME:  nt!IoFreeWorkItem+25

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4802b3ce

FAILURE_BUCKET_ID:  0xE9_nt!IoFreeWorkItem+25

BUCKET_ID:  0xE9_nt!IoFreeWorkItem+25

Followup: MachineOwner
---------

#7997diderius6⇗ @infuscomus

*** Assertion failed: IoWorkItem->Size == sizeof( IO_WORKITEM )
***   Source File: d:\xpsp\base\ntos\io\iomgr\misc.c, line 965

USBXHCI!CommonBuffer_WorkItem+0x21a:
b8981644 c050508d        rcl     byte ptr [eax+50h],8Dh
12: kd> p
Break repeatedly, break Once, Ignore, terminate Process, or terminate Thread (boipt)? p
p
PS: Unhandled Kernel Mode Exception Pointers = 0xBA55B7C8
Code c0000005 Addr B8981644 Info0 00000001 Info1 00000050 Info2 00000050 Info3 00860001

*** Fatal System Error: 0x0000007e
                                             (0xC0000005,0xB8981644,0xBA55BC7C,0xBA55B978)


A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

But windbg continues until

*** Fatal System Error: 0x000000e9
                                             (0x8AD270C0,0x00000000,0x00000000,0x00000000)

Shutdown occurred at (Sat Oct 23 01:08:20.453 2021 (UTC + 2:00))...unloading all symbol tables.
Waiting to reconnect...
#7998diderius6
12: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

ACTIVE_EX_WORKER_THREAD_TERMINATION (e9)
An executive worker thread is being terminated without having gone through
the worker thread rundown code.  A stack trace should indicate the cause.
Arguments:
Arg1: 8ad26020, The exiting ETHREAD.
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


DEFAULT_BUCKET_ID:  DRIVER_FAULT

BUGCHECK_STR:  0xE9

PROCESS_NAME:  System

ASSERT_DATA:  IoWorkItem->Size == sizeof( IO_WORKITEM )

ASSERT_FILE_LOCATION:  d:\xpsp\base\ntos\io\iomgr\misc.c at Line 965

LAST_CONTROL_TRANSFER:  from 80a30d7b to 80ac37ec

STACK_TEXT:  
ba55b42c 80a30d7b 00000003 ba55b788 00000000 nt!RtlpBreakWithStatusInstruction
ba55b478 80a319e6 00000003 8ad29290 8ad26020 nt!KiBugCheckDebugBreak+0x19
ba55b858 80a31f77 000000e9 8ad26020 00000000 nt!KeBugCheck2+0x574
ba55b878 80bdc60b 000000e9 8ad26020 00000000 nt!KeBugCheckEx+0x1b
ba55b928 80bdc910 c0000001 8ad29290 00000000 nt!PspExitThread+0x813
ba55b94c 80bdcbd0 8ad26020 c0000001 ba55b988 nt!PspTerminateThreadByPointer+0x88
ba55b978 80adedd8 00000000 c0000001 00000030 nt!NtTerminateProcess+0x158
ba55b978 80a3c91d 00000000 c0000001 00000030 nt!KiFastCallEntry+0x158
ba55ba04 80ac5485 ffffffff c0000001 00000000 nt!ZwTerminateProcess+0x11
ba55bcfc 80ac54e4 80a2506e 80a2504a 000003c5 nt!RtlAssert2+0xe7
ba55bd18 80a250c3 80a2506e 80a2504a 000003c5 nt!RtlAssert+0x18
ba55bd34 b8981643 8a9bbcb8 8ad26020 8aacc038 nt!IoFreeWorkItem+0x25
ba55bd68 b9e67672 8aacc038 8a9fa348 8a9bbcb8 USBXHCI!CommonBuffer_WorkItem+0x219
WARNING: Stack unwind information not available. Following frames may be wrong.
ba55bd80 80ad51a9 8a9bbcb8 00000000 8ad26020 ntoskrn8!IoGetDevicePropertyData+0x48
ba55bdac 80bd81ac 8a9bbcb8 00000000 00000000 nt!ExpWorkerThread+0x10f
ba55bddc 80ae4212 80ad509a 00000000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!IoFreeWorkItem+25
80a250c3 6a00            push    0

SYMBOL_STACK_INDEX:  b

SYMBOL_NAME:  nt!IoFreeWorkItem+25

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4802b3ce

FAILURE_BUCKET_ID:  0xE9_nt!IoFreeWorkItem+25

BUCKET_ID:  0xE9_nt!IoFreeWorkItem+25

Followup: MachineOwner
---------
#7999infuscomus⇗ @diderius6

should we change the size of workitem?
#8000gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7983
@infuscomus
I dont know, if this is possible with Kernel Debug.
⇗ @diderius6 ...I'm not sure about this either but would like to find out. A major weakness with windbg for me is not being able to trace through system code (ring0). Maybe Microsoft has done that by design. If that's true, maybe there is a way to mod windbg to enter system code instead of bypassing it at a SYSENTER command.

I could do it with softice. I read somewhere that it might be possible using windbg in a remote connection like yours.
#8001diderius6⇗ @gordo999 ⇗ @infuscomus

Yes, the behavior from Windbg is strange. What you can see from all the output here is,
that at the moment, when USBHUB3.SYS is loaded and gets to start, something went wrong.
From my intuition I would say, that this has something to do with the sleeping mode of USB and its Hub in XP.
I can also see, that with the other, uncritical USB3, always all is ok. And when I remember the situation, that I cant install XP via Firadisk on this critical USB port, it may be Bios related.
For me is the most most crazy thing, that when I set a breakpoint, the compi does not always stop at this point.
How is this possible? Then I get message, that it is ok, that KD writes to this breakpoint but does not stop???
I only can imagine, that this breakpoint is not hit at this situation.
But it is impossible(?!), because it is the start of usbxhci.sys.
Now I will try the methode from ⇗ @Mov AX, 0xDEAD with the endless loop at the driver entry point, here USBXHCI.SYS and especcially USBHUB3.SYS. And the hang of XP seems not to happen always at the exact place, only around..
I am quite sure, that it is not the fault of usbxhci.sys, because this driver is always loaded and started correct
Dietmar

PS: Any help with Windbg is welcome!

⇗ @gordo999
"I read somewhere that it might be possible using windbg in a remote connection like yours."
Yes, I did. But it works only until the Comp, which is doing the Debug, is older = Core Duo and very few graphik cards work.
#8002Mov AX, 0xDEADHi All

Zitat von ⇗ diderius6 im Beitrag ¶ #7997

*** Assertion failed: IoWorkItem->Size == sizeof( IO_WORKITEM )
***   Source File: d:\xpsp\base\ntos\io\iomgr\misc.c, line 965

checked kernel has additional field Size:
 
typedef struct _IO_WORKITEM {
    WORK_QUEUE_ITEM WorkItem;
    PIO_WORKITEM_ROUTINE Routine;
    PDEVICE_OBJECT DeviceObject;
    PVOID Context;
#if DBG
    ULONG Size;
#endif
} IO_WORKITEM;


Emu_Extender override original IO_WORKITEM struct to new "vista-like" format and not compatible with assertion check above

p.s. remove check in IoFreeWorkItem

#8003infuscomus⇗ @Mov AX, 0xDEAD

We haven't heard from you for a while! Welcome back!

⇗ @diderius6 ⇗ @gordo999

we have source code for windbg (XP SP1 version) maybe there is something in there for how to debug ring0?
#8004Strani⇗ @diderius6

Can you answer my question above?
¶ XP/W2k3 x86 on Modern Hardware (534)
#8005diderius6⇗ @Mov AX, 0xDEAD

Can I hack this Bsod in checked XP SP3 ntoskrnl.exe
via
.text:0042309E ; void __stdcall IoFreeWorkItem(PIO_WORKITEM IoWorkItem)
.text:0042309E                 public _IoFreeWorkItem@4
.text:0042309E _IoFreeWorkItem@4 proc near
.text:0042309E
.text:0042309E P               = dword ptr  8
.text:0042309E
.text:0042309E                 mov     edi, edi
.text:004230A0                 push    ebp
.text:004230A1                 mov     ebp, esp
.text:004230A3                 push    esi
.text:004230A4                 mov     esi, [ebp+P]
.text:004230A7                 cmp     dword ptr [esi+1Ch], 20h
.text:004230AB                                                 jz      short loc_4230C3   ============> jmp      short loc_4230C3
.text:004230AD                 push    0               ; Message
.text:004230AF                 push    3C5h            ; LineNumber
.text:004230B4                 push    offset aDXpspBaseNt_10 ; "d:\\xpsp\\base\\ntos\\io\\iomgr\\misc.c"
.text:004230B9                 push    offset aIoworkitemSize ; "IoWorkItem->Size == sizeof( IO_WORKITEM"...
.text:004230BE                 call    _RtlAssert@16   ; RtlAssert(x,x,x,x)
.text:004230C3

.text:004230C3 loc_4230C3: ; CODE XREF: IoFreeWorkItem(x)+D j
.text:004230C3                 push    0               ; Tag
.text:004230C5                 push    esi             ; P
.text:004230C6                 call    _ExFreePoolWithTag@8 ; ExFreePoolWithTag(x,x)
.text:004230CB                 pop     esi
.text:004230CC                 pop     ebp
.text:004230CD                 retn    4
.text:004230CD _IoFreeWorkItem@4 endp
.text:004230CD
.text:004230CD ; ---------------------------------------------------------------------------
#8006diderius6⇗ @Strani
Change those USB files,
where is question
Dietmar
#8007diderius6⇗ @Mov AX, 0xDEAD
Here is this hack )
now I test
Dietmar

⇗ https://ufile.io/ij5g8pzj

EDIT: Yesssa:)))), hack works.. спасибо большое!
#8008diderius6⇗ @infuscomus
Now back to the critical USB.

When I set a breakpoint at 0xb8981643

because 
13: kd> p
nt!IoFreeWorkItem+0x2f:
80a250cd c20400 ret 4
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x219:
b8981643 33c0 xor eax,eax
13: kd> p
USBXHCI!CommonBuffer_WorkItem+0x21b:
b8981645 50 push eax
I get message 
KD: write to 0xb8981643 ok  (???)
and the Windbg hangs
Dietmar
#8009infuscomus⇗ @diderius6

maybe try nop that part?
#8010diderius6⇗ @infuscomus

I am very near to the root of the problem with critical USB.
processr!AcpiC1Idle remembers me a lot of sleeping Hub
Dietmar

DevNode 0x8ac0c420 for PDO 0x8ac98338
            InstancePath is "PCI\VEN_1022&DEV_149C&SUBSYS_87C01043&REV_00\4&f6230fb&0&0341"
            ServiceName is "USBXHCI"
            State = DeviceNodeStarted (0x308)
            Previous State = DeviceNodeEnumerateCompletion (0x30d)
            DevNode 0x8a9e28f0 for PDO 0x8aa8ba60
              InstancePath is "USB\ROOT_HUB30\5&399a3586&1&0"
                                        ServiceName is "USBHUB3"
              State = DeviceNodeResourcesAssigned (0x304)
              Previous State = DeviceNodeDriversAdded (0x303)


80ae3ded 751a            jne     nt!KiIdleLoop+0x39 (80ae3e09)
12: kd> p
nt!KiIdleLoop+0x39:
80ae3e09 fb              sti
12: kd> p
nt!KiIdleLoop+0x3a:
80ae3e0a 90              nop
12: kd> p
nt!KiIdleLoop+0x3b:
80ae3e0b 90              nop
12: kd> p
nt!KiIdleLoop+0x3c:
80ae3e0c fa              cli
12: kd> p
nt!KiIdleLoop+0x3d:
80ae3e0d 3b6d00          cmp     ebp,dword ptr [ebp]
12: kd> p
nt!KiIdleLoop+0x40:
80ae3e10 740f            je      nt!KiIdleLoop+0x51 (80ae3e21)
12: kd> p
nt!KiIdleLoop+0x51:
80ae3e21 83bb2801000000  cmp     dword ptr [ebx+128h],0
12: kd> p
nt!KiIdleLoop+0x58:
80ae3e28 74b0            je      nt!KiIdleLoop+0xa (80ae3dda)
12: kd> p
nt!KiIdleLoop+0xa:
80ae3dda 8d8b500c0000    lea     ecx,[ebx+0C50h]
12: kd> p
nt!KiIdleLoop+0x10:
80ae3de0 ff11            call    dword ptr [ecx]
12: kd> p
WARNING: This break is not a step/trace completion.
The last command has been cleared to prevent
accidental continuation of this unrelated event.
Check the event, location and thread before resuming.
Break instruction exception - code 80000003 (first chance)
processr!AcpiC1Idle+0x19:
ba1a9d45 59              pop     ecx
15: kd> g
Break instruction exception - code 80000003 (first chance)
processr!AcpiC1Idle+0x19:
ba1a9d45 59              pop     ecx
14: kd> g
Single step exception - code 80000004 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
nt!KeSwapProcessOrStack+0x19:
80a3fd1f 6a00            push    0
13: kd> g
Break instruction exception - code 80000003 (first chance)
processr!AcpiC1Idle+0x19:
ba1a9d45 59              pop     ecx
11: kd> g
Break instruction exception - code 80000003 (first chance)
processr!AcpiC1Idle+0x12:
ba1a9d3e 6a00            push    0
10: kd> g
Break instruction exception - code 80000003 (first chance)
processr!AcpiC1Idle+0x19:
ba1a9d45 59              pop     ecx
9: kd> g
Break instruction exception - code 80000003 (first chance)
processr!AcpiC1Idle+0x19:
ba1a9d45 59              pop     ecx
8: kd> g
Single step exception - code 80000004 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
nt!PopProcessorIdle+0x105:
80abe4ad 84c0            test    al,al
7: kd> g
Break instruction exception - code 80000003 (first chance)
processr!AcpiC1Idle+0x12:
ba1a9d3e 6a00            push    0
6: kd> g
Single step exception - code 80000004 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
nt!KiIdleLoop+0xa:
80ae3dda 8d8b500c0000    lea     ecx,[ebx+0C50h]
5: kd> g
Break instruction exception - code 80000003 (first chance)
processr!AcpiC1Idle+0x19:
ba1a9d45 59              pop     ecx
3: kd> g
Break instruction exception - code 80000003 (first chance)
nt!Kei386EoiHelper+0x45:
80adf811 5a              pop     edx
2: kd> g
Break instruction exception - code 80000003 (first chance)
nt!Kei386EoiHelper+0x45:
80adf811 5a              pop     edx
1: kd> g
Break instruction exception - code 80000003 (first chance)
nt!Kei386EoiHelper+0x45:
80adf811 5a              pop     edx
0: kd> g
Breakpoint 0 hit
USBXHCI!CommonBuffer_WorkItem+0x22d:
b8981657 e20c            loop    USBXHCI!CommonBuffer_QueueWorkItem+0x5 (b8981665)
11: kd> p

*** Fatal System Error: 0x0000010d
                                             (0x00000005,0x00000000,0x00001030,0x8AAD1A90)


*** Fatal System Error: 0x0000010d
                                             (0x00000005,0x00000000,0x00001030,0x8AAD1A90)

WARNING: This break is not a step/trace completion.
The last command has been cleared to prevent
accidental continuation of this unrelated event.
Check the event, location and thread before resuming.
Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target at (Sat Oct 23 12:34:15.125 2021 (UTC + 2:00)), ptr64 FALSE
Loading Kernel Symbols
.............................................................
Loading User Symbols

Loading unloaded module list
.
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 10D, {5, 0, 1030, 8aad1a90}

*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntoskrn8.sys - 
Probably caused by : memory_corruption

Followup: memory_corruption
---------

nt!RtlpBreakWithStatusInstruction:
80ac37ec cc              int     3
11: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

WDF_VIOLATION (10d)
The Kernel-Mode Driver Framework was notified that Windows detected an error
in a framework-based driver. In general, the dump file will yield additional
information about the driver that caused this bug check.
Arguments:
Arg1: 00000005, A framework object handle of the incorrect type was passed to
	a framework object method.
Arg2: 00000000, The handle value passed in.
Arg3: 00001030, Reserved.
Arg4: 8aad1a90, Reserved.

Debugging Details:
------------------


BUGCHECK_STR:  0x10D_5

DEFAULT_BUCKET_ID:  CODE_CORRUPTION

PROCESS_NAME:  System

LAST_CONTROL_TRANSFER:  from 80a30d7b to 80ac37ec

STACK_TEXT:  
ba55f8c8 80a30d7b 00000003 ba55fc24 00000000 nt!RtlpBreakWithStatusInstruction
ba55f914 80a319e6 00000003 00000000 8aac1880 nt!KiBugCheckDebugBreak+0x19
ba55fcf4 80a31f77 0000010d 00000005 00000000 nt!KeBugCheck2+0x574
ba55fd14 b8925387 0000010d 00000005 00000000 nt!KeBugCheckEx+0x1b
ba55fd30
b88f2666 00000005 00000000 00001030 wdf01000!FxVerifierBugCheck+0x21
[d:\w8rtm\minkernel\wdf\framework\shared\object\fxverifierbugcheck.cpp @
72]
ba55fd58 b8981673 8aad1b78 00000000 8ad26da8
wdf01000!imp_WdfDeviceWdmGetDeviceObject+0x26
[d:\w8rtm\minkernel\wdf\framework\kmdf\src\core\fxdeviceapi.cpp @ 158]
ba55fd68 b9e67672 8aac1880 8a9a7848 8aa0da00 USBXHCI!CommonBuffer_QueueWorkItem+0x13
WARNING: Stack unwind information not available. Following frames may be wrong.
ba55fd80 80ad51a9 8aa0da00 00000000 8ad26da8 ntoskrn8!IoGetDevicePropertyData+0x48
ba55fdac 80bd81ac 8aa0da00 00000000 00000000 nt!ExpWorkerThread+0x10f
ba55fddc 80ae4212 80ad509a 00000000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


STACK_COMMAND:  kb

CHKIMG_EXTENSION: !chkimg -lo 50 -d !USBXHCI
    b8981657 - USBXHCI!CommonBuffer_WorkItem+22d
	[ c2:e2 ]
1 error : !USBXHCI (b8981657)

MODULE_NAME: memory_corruption

IMAGE_NAME:  memory_corruption

FOLLOWUP_NAME:  memory_corruption

DEBUG_FLR_IMAGE_TIMESTAMP:  0

MEMORY_CORRUPTOR:  ONE_BIT

FAILURE_BUCKET_ID:  MEMORY_CORRUPTION_ONE_BIT

BUCKET_ID:  MEMORY_CORRUPTION_ONE_BIT

Followup: memory_corruption
---------

 

Page 535

#8011diderius6And the next one. May be, that hack in acpi.sys against C3 (deep sleep) can help..
DevNode 0x8ac7db58 for PDO 0x8aca9360
            InstancePath is "PCI\VEN_1022&DEV_149C&SUBSYS_87C01043&REV_00\4&f6230fb&0&0341"
            ServiceName is "USBXHCI"
            State = DeviceNodeStarted (0x308)
            Previous State = DeviceNodeEnumerateCompletion (0x30d)
            DevNode 0x8a928a88 for PDO 0x8aa6c410
              InstancePath is "USB\ROOT_HUB30\5&399a3586&1&0"
                                        ServiceName is "USBHUB3"
              State = DeviceNodeStarted (0x308)
              Previous State = DeviceNodeEnumerateCompletion (0x30d)

This is strange, because it means, that the Hub for the critical USB device also already started.
KD: write to 0xba1a9d45 ok

Breakpoint 0 hit
processr!AcpiC1Idle+0x19:
ba1a9d45 7589            jne     processr!Acpi2C3ArbdisIdle+0xcc (ba1a9cd0)  ==> This is Deep Sleep ;))
9: kd> p
MM:***EBX BA380C70, ESI BA380C50 EDI 8AC60D68
processr!Acpi2C3ArbdisIdle+0xcc:
ba1a9cd0 1aba00740a51    sbb     bh,byte ptr [edx+510A7400h]
9: kd> p

*** Fatal System Error: 0x000000d1
                                             (0x510A7478,0x00000002,0x00000000,0xBA1A9CD0)

MM:***PAGE FAULT AT IRQL > 1  Va 510A7478, IRQL 2
MM:***EIP BA1A9CD0, EFL 00010306
MM:***EAX FBB1B338, ECX 00000000 EDX 00000078
MM:***EBX BA370C70, ESI BA370C50 EDI 8AC60D68

*** Fatal System Error: 0x000000d1
                                             (0x510A7478,0x00000002,0x00000000,0xBA1A9CD0)



A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target at (Sat Oct 23 13:02:28.171 2021 (UTC + 2:00)), ptr64 FALSE
Loading Kernel Symbols
.............................................................
Loading User Symbols

Loading unloaded module list
..
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck D1, {510a74b8, 2, 0, ba1a9cd0}

Probably caused by : memory_corruption

Followup: memory_corruption
---------
#8012infuscomus⇗ @diderius6

maybe try with windows 8.0 checked ISO?

⇗ https://windowstan.com/win/windows-8-debug-checked-build/

compare what happens in windows 8.0 when it is working to XP?
#8013diderius6⇗ @infuscomus
I am just downloading, thanks!
May be it is related to C3 (deep sleep) and may be, that a new hack in acpi.sys from outerspace )
can repair this
Dietmar
#8014diderius6⇗ @infuscomus
I can reduce the number of XP SP3 crashes,
when I set in Bios "ACPI _CST C1 Declaration" to "enabled".
Bios tells, that via this setting "Determines whether or not to declare the C1 state to the OS".
In 20 starts, XP hangs 3 times (11, 15, 19. start)
Dietmar

PS: So it has something to do with the sleeping states produced by the Hub, but the problem is still not solved.
#8015infuscomus⇗ @diderius6

I checked the power states for both working and non-working USB 3.0 controllers.

Both have power state D0
#8016diderius6⇗ @infuscomus

Just now I am installing your Win8 debug and soon I report.
For this, I set "ACPI _CST C1 Declaration" to "Auto" back in Bios
Dietmar
#8017Strani⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #8006
@Strani
Change those USB files,
where is question

Sorry, but I didn't understand your answer.
I repeat.

After applying patch WinXpPAE on Windows XP SP3 I need to replace the built-in driver USB2, correct? How to do this correctly:
1. Take usbport.sys from Windows Server 2003 KB2862330?
2. Take usbport.sys and usbd.sys files from Windows Server 2003 KB2862330?
3. Take usbport.sys from your message?
4. Take usbport.sys and usbd.sys files from your message?
#8018diderius6⇗ @infuscomus

Ok, I get Win8 Debug version running and also just now Windbg for it.
Hm, what can I check now
Dietmar


Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows 7 9200 x86 compatible target at (Sat Oct 23 17:58:56.640 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntkrpamp.exe - 
Windows 7 Kernel Version 9200 MP (1 procs) Checked x86 compatible
Built by: 9200.16384.x86chk.win8_rtm.120725-1247
Machine Name:
Kernel base = 0x81816000 PsLoadedModuleList = 0x81c57888
System Uptime: 0 days 0:00:00.744 (checked kernels begin at 49 days)
Break instruction exception - code 80000003 (first chance)
*******************************************************************************
*                                                                             *
*   You are seeing this message because you pressed either                    *
*       CTRL+C (if you run kd.exe) or,                                        *
*       CTRL+BREAK (if you run WinDBG),                                       *
*   on your debugger machine's keyboard.                                      *
*                                                                             *
*                   THIS IS NOT A BUG OR A SYSTEM CRASH                       *
*                                                                             *
* If you did not intend to break into the debugger, press the "g" key, then   *
* press the "Enter" key now.  This message might immediately reappear.  If it *
* does, press "g" and "Enter" again.                                          *
*                                                                             *
*******************************************************************************
nt!RtlpBreakWithStatusInstruction:
819d7a80 cc              int     3
kd> lm
start    end        module name
80400000 80414000   pdc        (deferred)             
80418000 80425000   ApiSetSchema   (deferred)             
80425000 8043c000   mcupdate_AuthenticAMD   (deferred)             
8043c000 80485000   CLFS       (deferred)             
80485000 804a6000   tm         (deferred)             
804a6000 804bb000   PSHED      (deferred)             
804bb000 804c4000   BOOTVID    (deferred)             
804c4000 8053b000   CI         (deferred)             
8053b000 80585000   msrpc      (deferred)             
80585000 805f6000   cng        (deferred)             
80610000 80623000   partmgr    (deferred)             
80623000 80663000   spaceport   (deferred)             
80663000 80674000   volmgr     (deferred)             
80674000 806c5000   volmgrx    (deferred)             
806c5000 806da000   mountmgr   (deferred)             
806da000 806ed000   storahci   (deferred)             
806ed000 80735000   storport   (deferred)             
80735000 8074e000   EhStorClass   (deferred)             
8074e000 807a4000   fltmgr     (deferred)             
807a4000 807b6000   fileinfo   (deferred)             
80800000 80827000   tpm        (deferred)             
80827000 80833000   WdBoot     (deferred)             
80837000 808e1000   Wdf01000   (deferred)             
808e1000 808f0000   WDFLDR     (deferred)             
808f0000 80902000   acpiex     (deferred)             
80902000 8090c000   WppRecorder   (deferred)             
8090c000 80991000   ACPI       (deferred)             
80991000 8099a000   WMILIB     (deferred)             
8099a000 809a2000   msisadrv   (deferred)             
809a2000 809e2000   pci        (deferred)             
809e2000 809ef000   vdrvroot   (deferred)             
80ec1000 80ecb000   kdcom      (deferred)             
81816000
821d1000   nt         (pdb symbols)          C:\Programme\Debugging
Tools for Windows
(x86)\sym\ntkrpamp.pdb\C4F414C9D1854DE495BDAD814A722C4D1\ntkrpamp.pdb
821d1000 8222d000   hal        (deferred)             
82c0d000 82c83000   fvevol     (deferred)             
82c83000 82cc7000   volsnap    (deferred)             
82cc7000 82d08000   rdyboost   (deferred)             
82d08000 82d1c000   mup        (deferred)             
82d1c000 82d27000   hwpolicy   (deferred)             
82d27000 82d3e000   disk       (deferred)             
82d3e000 82d88000   CLASSPNP   (deferred)             
82e0b000 82fbe000   tcpip      (deferred)             
82fbe000 82fcc000   wfplwfs    (deferred)             
89811000 89863000   WdFilter   (deferred)             
89863000 89934000   ndis       (deferred)             
89934000 89984000   NETIO      (deferred)             
89984000 899b5000   ksecpkg    (deferred)             
899b5000 899fc000   fwpkclnt   (deferred)             
89a00000 89a0a000   Fs_Rec     (deferred)             
89a18000 89bd3000   Ntfs       (deferred)             
89bd3000 89be9000   ksecdd     (deferred)             
89be9000 89bf9000   pcw        (deferred)

#8019diderius6Interesting,
if there is a difference between XP and win8 ;))
Dietmar

DevNode 0x87959808 for PDO 0x87958a10
            InstancePath is "PCI\VEN_1022&DEV_149C&SUBSYS_87C01043&REV_00\4&14393665&0&0341"
            ServiceName is "USBXHCI"
            State = DeviceNodeStarted (0x308)
            Previous State = DeviceNodeEnumerateCompletion (0x30d)
            DevNode 0x90beba48 for PDO 0x90a480d0
              InstancePath is "USB\ROOT_HUB30\5&cd58b07&0&0"
              ServiceName is "USBHUB3"
              State = DeviceNodeStarted (0x308)
              Previous State = DeviceNodeEnumerateCompletion (0x30d)


And this one is very near to crash of critical USB in XP

nt!KiExceptionExit+0xcd:
819ddb7d 8b54243c        mov     edx,dword ptr [esp+3Ch]
2: kd> p
nt!KiExceptionExit+0xd1:
819ddb81 8b4c2440        mov     ecx,dword ptr [esp+40h]
2: kd> p
nt!KiExceptionExit+0xd5:
819ddb85 8b442444        mov     eax,dword ptr [esp+44h]
2: kd> p
nt!KiExceptionExit+0xd9:
819ddb89 66837d6c08      cmp     word ptr [ebp+6Ch],8
2: kd> p
nt!KiExceptionExit+0xde:
819ddb8e 740c            je      nt!KiExceptionExit+0xec (819ddb9c)
2: kd> p
nt!KiExceptionExit+0xec:
819ddb9c 8d6554          lea     esp,[ebp+54h]
2: kd> p
nt!KiExceptionExit+0xef:
819ddb9f 5f              pop     edi
2: kd> p
nt!KiExceptionExit+0xf0:
819ddba0 5e              pop     esi
2: kd> p
nt!KiExceptionExit+0xf1:
819ddba1 5b              pop     ebx
2: kd> p
nt!KiExceptionExit+0xf2:
819ddba2 5d              pop     ebp
2: kd> p
nt!KiExceptionExit+0xf3:
819ddba3 83c404          add     esp,4
2: kd> p
nt!KiExceptionExit+0xf6:
819ddba6 cf              iretd
2: kd> p

*** Fatal System Error: 0x0000007f
 (0x00000008,0x83052280,0x00000000,0x00000000)


Gives BSOD :( on Win8, I like blue screen from XP more:))

I think, possible fault is hanging USB3 Hub, the same as in XP

DevNode 0x8795c808 for PDO 0x8795ba10
            InstancePath is "PCI\VEN_1022&DEV_149C&SUBSYS_87C01043&REV_00\4&14393665&0&0341"
            ServiceName is "USBXHCI"
            State = DeviceNodeStarted (0x308)
            Previous State = DeviceNodeEnumerateCompletion (0x30d)
            DevNode 0x90b97608 for PDO 0x90a6f670
              InstancePath is "USB\ROOT_HUB30\5&cd58b07&0&0"
              ServiceName is "USBHUB3"
                                        State = DeviceNodeStartPending (0x305)
              Previous State = DeviceNodeResourcesAssigned (0x304)


 0x0000007F: UNEXPECTED KERNEL MODE TRAP 


 0x0000007f (0x00000008, xxx,yyy,zzz)

Double Fault Indicates that an exception occurs during a call to the handler for a prior exception. Typically, the two exceptions are handled serially. However, there are several exceptions that cannot be handled serially, and in this situation the processor signals a double fault. There are two common causes of a Double Fault: 1. A kernel stack overflow. This overflow occurs when a guard page is hit, and the kernel tries to push a trap frame. Because there is no stack left, a stack overflow results, causing the double fault. If you think this has occurred, use !thread to determine the stack limits, and then use kb (Display Stack Backtrace) with a large parameter (for example, kb 100) to display the full stack. 2. The other common cause is a hardware problem.
#8020infuscomus⇗ @diderius6

Windows 8.0 USB3 will work for me, I need to use your patched acpi.sys though.
#8021diderius6⇗ @infuscomus

I think, win8 has the same problem with this critical USB device as XP.
Just the error management is "better" (less critical), which gives 20 from 20 instead 17 from 20 under XP
Dietmar
#8022diderius6Just now I test, if it is possible, to boot XP via freeldr.sys from a normal formatted XP Fat32 harddisk with ntldr in it
or what are the minimal changes on harddisk for

freeldr.sys <==> ntldr

Dietmar

Edit: Maybe it is even possible to make a harddisk as hybrid, which can boot ntldr and freeldr.sys.
#8023infuscomus⇗ @Strani

Yes copy the USB driver files from a server 2003 install, take the most recent version if you have it.
#8024YuriyCN

ENGLISH
Windows XP mod 2021 - system build for the modern PC (edition 23.10.2021)
The information doesn't fit into a forum post - so download the text file and read it in Notepad.
TXT (93KB) - ⇗ https://yadi.sk/d/KKgPIfOF31v65g

RUSSIAN
Windows XP мод 2021 - сборка системы для современного ПК (редакция 23.10.2021)
Информация не помещается в форумный пост - поэтому скачайте текстовый файл и читайте в Блокноте.
TXT (105КБ) - ⇗ https://yadi.sk/d/AumB5BTbg7RYxA
#8025canonkong⇗ @diderius6
I think it is some bug on ASUS bios, I tested ASUS Gigabyt MSI ASRock B350/450/B550/X570. On win8, all work very well with the win8 port usb driver.
On win7 with the win8 port usb driver, only ASUS will freeze while booting. As we know, X570 Io chip is from CPU IO DIE, so OF you use x570 to run a zen2/3 CPU, it will shows three XHCI controller and the device ID all are 149C. To drive the x570 chips' 149C xhci controller, it is working well. But once you drive the 149C XHCI controller from the CPU IO DIE, it wiill freeze while booting.
It is very strange that this problem will only appear on ASUS mainboard. Maybe ASUS BIOS have something special.

 

Page 536

#8026infuscomus⇗ @canonkong

I wonder whats up with my 149C controller? do you think it's an ACPI issue?

no freezes, but it never works at boot with XP.

It works correctly in Windows 8.0 on every boot - although I need to use a patched acpi.sys by ⇗ @diderius6
In XP it never works at boot but it will work if I disable and re-enable it.

weird.
#8027infuscomus⇗ @diderius6

besides you ASUS board, do you have any other X570 boards?
If you do check if they also have the 149C controller.
#8028diderius6⇗ @infuscomus
I have only the ASUS Prime X570-PRO board for AMD chips.
With the very first Bios, I can install there also the 1700x Cpu.
I remember, that from the USB controllers, one is on board
and the other is integrated in the Cpu, which means, that it changes with each Cpu.
From feeling, this is the most most bad board, that I ever had
Dietmar
#8029infuscomus⇗ @diderius6

do you know if the 149C USB controller is a CPU or Chipset controller?
#8030diderius6⇗ @infuscomus

This is from ⇗ @canonkong

"AM4 Ryzen CPUs have a usb controller that DEV_ID 149C, even though we use 300/400 series mainboards, 149C still doesnt work, but can use mainboards USB controller from ASMedia."

Dietmar
#8031canonkong⇗ @diderius6
I also have Gigabyte X570 and MSI X570, both of them have three 149C controllers.
Here is the ASUS X570-I with 5800X. Because the xhci controller can not use win8 port driver, I used AMD 1.0.0.13 usb driver.
#8032infuscomus⇗ @canonkong

It's strange that the 149C controller works in windows 8.0 for me but not for you.
I wonder why?

do you know if there is a 32-bit version of the AMD 1.0.0.13 usb driver?
#8033canonkong⇗ @infuscomus
No, On win8/server 2012 system, all of the mainboards are working well, even use the mod win8 port driver also are working well.
Not have 32bit 1.0.0.13 usb driver.
#8034diderius6I make some more fun with the freeldr from Reactos with nice result for XP SP3 boot!
This Tutorial I tested on 2 different motherboards.

1.) First I take an old 80 Gbyte Sata harddisk and wipe all out with 00 with Winhex.
    This step is not necessary, but it gives clear start situation.
    
This HD is in an USB box, so that I can easy see, which is the wished 80 GB harddisk and that I do not destroy my other harddisks(!).

2.) Make a Fat32 partition with RMPrebUSB 2.1.739 with ntldr and force use LBA on this 80 Gbyte HD.

3.) With Rufus 2.18 portable (last version for XP)
    set mark for "Show USB" , Fat32, "Schnellformatierung", "Startffäges Laufwerk erstellen   Grub4Dos 0.4.6a" and hit Start.
    Message about grldr I ignore. And also message about "fehlgeschlagen".

4.) Copy grldr (extracted from RMPrebUSB 2.1.739) on the 80Gb HD.

5.) Make a *.txt file on the 80 Gb HD with content

title  ReactOS
root  (hd0,0)
kernel  /freeldr.sys

and rename it to menu.lst .

6.) Copy freeldr.sys and freeldr.ini from Reactos 0.4.13 on the 80GB HD.

7. With Editor open freeldr.ini and replace all  ReactOS => WINDOWS .
  
With only the 4 files grldr, menu.lst, freeldr.sys and freeldr.ini on harddisk, you can test already boot possibility for XP.
It works from harddisk, USB, nvme..

8.) With copy and paste copy there a (small, not necessary small) working XP SP3 installation.
   Not important, if this XP installation comes from ntfs or fat32, all work.
   ntldr, ntdetect.com and boot.ini dont copy. Also dont copy Recycler, System Volume Information, pagefile.

9.) Now fun starts: Connect this 80 GB HD to a compi.
   It gives ultrafast start of XP to Desktop via freeldr, faster than with ntldr.

10.) Tell me, if it works for you )

Dietmar

PS: I just test my own Tutorial for booting XP via freeldr step by step and it works .

EDIT: I just notice, that Rufus 2.18 can be kicked out of the Tutorial,
        because RMPrebUSB offers also the possibility to install grub4dos and also to install its own and wished grldr.

Here are the needed and already edited files for XP boot via freeldr
⇗ https://ufile.io/71t6nooh
#8035diderius6⇗ @infuscomus

There are reports in Internet about the X570 AMD, that even win10 shows exact the same problems with 0000 everywhere on this
149C USB controller and that they can disable and enable again this xhci and then starts. But after reboot the same as before, brrr..
Dietmar

PS: I remember my tests with the crazy board from Asus Prime X570-PRO from May 2020.
There exact the same to me happens as to you now.
At this time I noticed, that the USBD driver was missed and problems with the win8 version of it.

Make try with them
⇗ https://ufile.io/e78fghm0
#8036infuscomus⇗ @diderius6

This version works for you?
#8037diderius6⇗ @infuscomus
In May 2020 I wrote a lot of mails with ⇗ @Mov AX, 0xDEAD
about testing his nice USB3 driver for XP ported from Win8.
And I also write him about this problem with critical USB controller 149C on the Asus x570 board.
As far as I remember, with this laaast version of USB3 for XP from 5 May 2020 all tested USB controllers on all my boards work without a single fail.
I start all my boards about 500 times with a lot of different USB devices
Dietmar

PS: On the ROG Strix B450-F Gaming II board I did not test until now.
#8038George KingHi ⇗ @Mov AX, 0xDEAD, can you please have a look on x64 vusbstor.sys and find proper patch to restore "Safe Remove" as you find for x86?

Patch for VIA USB Mass Storage Device (UAS/UASP) to restore "Safe Remove":
- replace in vusbstor.sys (v6.1.7600.4002):
page:000209B4: mov [ebp+SurpriseRemovalOK], ebx -> NOPs
(89 9D 70 FF FF FF 89 9D 68 FF FF FF => 90 90 90 90 90 90 89 9D 68 FF FF FF)

Here are ported driver set for both x86 and x64. I builded them according to your notes on GitHub and here on WinRaid. NOTE: vusbstor.sys is renamed to uapstor.sys

 
#7898




And I would also like to request missing informations for WDF 1.11. I would like to use ported WDF 1.11 with original XP ones to avoid unhandled problems with other drivers.

 
If need coexist with original WDF1.9 drivers:
 
Rename WDF01000.SYS->WDF01_W8.SYS, WdfLdr.sys->WdfLdr8.sys
In WDF01_W8.SYS replace string "WdfLdr.sys" to "WdfLdr8.sys" in import section
In
 WdfLdr8.sys replace unicode string
"\Registry\Machine\System\CurrentControlSet\Services\Wdf%02d000" to
"\Registry\Machine\System\CurrentControlSet\Services\Wdf%02d_w8"
In WdfLdr8.sys replace hex pattern F6 78 1B F6 to F6 EB 1B F6 (x32), ** ** to ** ** (x64)
In target driver XXX.sys replace string "WdfLdr.sys" to "WdfLdr8.sys" in import section
In .INF of ported driver add creating new service:




After these things we should have great drivers set for both architectures. And only x64 ACPI.sys patch will be needed.

Thanks for your hard work!

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8039diderius6I just succeed to switch for one and the same XP installation between boot with freeldr from Reactos or via ntldr.
For this I use menu.lst (thanks to jaclaz at reboot.pro) with content

title XP via ReactOS loader
root (hd0,0)
kernel /freeldr.sys

title XP via normal NTLDR
root (hd0,0)
chainloader /ntldr

This configuration can now boot any XP bootdevice. It can boot more(!) devices than ntldr alone.
This is the very first time, that Reactos puts XP a lot forward.
Some more tests with other boards I need, then I write new Tutorial
Dietmar

EDIT: With Reactos freeldr boot, the strange shutdown problem on some boards is gone.
#8040infuscomus⇗ @diderius6

I wonder, does freeldr.sys solve the issues with the 149C USB controller?

 

Page 537

#8041diderius6⇗ @infuscomus

I am doing a lot of tests with freeldr.sys. Until now, all looks nice:)). Tomorrow I write Tutorial.
Just now I test easy setup for everything. On each board and for any bootdevice freeldr works.
The package from ⇗ @Mov AX, 0xDEAD for USB3 boot does not help for your board with critical USB?
This is strange, because the only board which makes problems in May 2020 was
this crazy Asus PRIME X570-PRO with the same critical USB controller.
But with the very last version this problem with 0000 everywhere was gone and I can even boot XP via USB3 on this board
Dietmar

EDIT: I just finished test successfull with normal install of a Ramsey XP ⇗ @Outbreaker on Fat32 harddisk and (Customized Option; 4,6,7,C,H).
I do not use USB for first tests. A Serial Mouse;) on COM1 port helps me through installing.
This test where done on my Asrock Fatal1ty Z370 Gaming K6 with 8700k cpu and 32 Gbyte ram.
There I can now switch on each boot between freeldr and ntldr and compare.
It is stable.
#8042dencorso
Zitat von ⇗ diderius6 im Beitrag ¶ #7897
PS: A BSOD can happen for another reason: When you first install the Samsung Nvme driver, its Filterdriver secnvmeF.sys does not want to go and when you delete it by hand, you get Bsod 0x7B.

⇗ @diderius6 : For what it's worth, the way to avoid such BSODs is to do the folowing, before trying to remove either just secnvmeF.sys or the full Samsing driver... (I mean: one has installed it, then decides to remove it: so, before anything, while the system still boots correcly, not after one starts getting the BSOD 0x7B) do the folowing from inside the running XP: (1) run regedit; (2) go to HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}; (3) once there, delete the MULTI_SZ value "LowerFilters"="secnvmeF"; (4) close regedit and reboot... the reboot should occur normally and one ends at the desktop. From this point, one may use one's favorite method for removing either just secnvmeF.sys or the full Samsing driver. HTH.
#8043diderius6Sometimes, the combination of ntldr and ntdetect.com cant boot Windows XP SP3.
This you see in a blinking cursor, a message that a driver cant be found,
error in reading from bootdevice, error in ntdetect.com, missing ntldr or just black screen.
In a lot of this cases the use of the freeldr.sys from Reactos can help to boot such a XP.
During my test I found examples for all the crashs above, but freeldr boots this XP.
I do not find a single case, where ntldr works but freeldr fails.
Sometimes the boot via winload.exe also helps. But this booting of XP via winload shows a lot of other unnice behaviors.
The disadvantages of freeldr are: Only support for Fat32 until now, no Ntfs.
Only the very last USB3 driver ported from Win8 from ⇗ @Mov AX, 0xDEAD and ⇗ @daniel_k works.
⇗ https://forums.mydigitallife.net/threads...hardware.81607/
The old modded USB drivers from AMD work also with freeldr.
When you use the patch of more than 4 GB, freeldr boots, but shows only <4Gb free ram.
I notice, that in this case the XP with freeldr is faster than with ntldr.
When you use the patch for AVX, freeldr boots but without AVX.
The boottime with freeldr is shorter than with ntldr.
Nvme, lan, sound, graphik, keyboard, mouse, COM1 etc. works all on a XP, booted from freeldr, which I tested.
May be, that freeldr supports Windbg from COM-slotcard.
Some boards, which have a problem to shut down XP, shut down with freeldr.
Booting via freeldr works also for Reactos, Win2003 and Win2000.

Dietmar
#8044diderius6Tutorial
Booting XP via freeldr or ntldr

1.) Format your bootdevice with Fat32. MBR, harddisk 1, partition 1.
I test harddisk and nvme device, formatted with RMPrepUSB 2.1.739 (in attachment),
with settings FAT32, NTLDR, force LBA.

2.) This step do only, if you want to test at once,
if you can switch booting of XP between freeldr and ntldr.
Enable grub4dos with RMPrepUSB 2.1.739 on your bootdevice from 1.).
Copy the 7 files from attachment here to the root of your bootdevice.
grldr, menu.lst (thanks to jaclaz at reboot.pro), freeldr.sys, freeldr.ini, ntldr, ntdetect.com and boot.ini.
Restart computer.

3.) Install XP on this Fat32 partition.
I use Firadisk and the nice XP from Ramsey ⇗ @Outbreaker
Windows XP Professional SP3 x86 - Integral Edition 2021.5.15 (Customized Option; 4,6,7,C,H) with
WinXP-IE Optional Patch Integrator v3.2.0.2b .
During first tests I work without any USB but with Serial Mouse.
Until now dont use USB3 ported from Win8 there. You can use option "N" for USB.

4.) Enable grub4dos with RMPrepUSB 2.1.739 on your bootdevice from 1.)
answer to question about to copy grldr with "yes".

5.) Copy from attachment the bootfiles to the root of your bootdevice, replacing your files.

6.) Tell me, if it works for you )

Dietmar

PS: If you dont see the bootmenu from grub4dos in 2.), run a diskcheck for this harddisk,
after(!) you copied the 7 bootfiles on it.

EDIT: For to install new drivers or programs I use NTLDR.

Bootfiles
⇗ https://ufile.io/1xs2lrb5

You have to rename the splitted files for RMPrepUSB again to RMPrepUSB.part1.rar and RMPrepUSB.part2.rar after download.



diderius6 has attached files to this post
#8045infuscomus⇗ @diderius6

I'll try your freeldr tutorial in a VM first to make sure I get it right before I try on real hardware.

regarding that USB 3.0 driver you uploaded earlier, it seems to be the exact same backported windows 8.0 driver we have already, what is different about this one?
#8046diderius6⇗ @infuscomus

It is not the USB driver but the Kernel Mode Driver Framework 1.11 (updated) by MOV AX, 0xDEAD,
that you need to install before the USB driver
Dietmar

PS: The Tutorial will work in VM for sure, but interesting is in real:)) life.

EDIT: May be, that I missunderstand your question:
The USB3 driver from ⇗ @Mov AX, 0xDEAD from 5 May 2020 does not need any ntoskrn8.sys file.
#8047Mov AX, 0xDEADHi George King

Zitat von ⇗ George King im Beitrag ¶ #8038

Patch for VIA USB Mass Storage Device (UAS/UASP) to restore "Safe Remove":
- replace in vusbstor.sys (v6.1.7600.4002):
page:000209B4: mov [ebp+SurpriseRemovalOK], ebx -> NOPs
(89 9D 70 FF FF FF 89 9D 68 FF FF FF => 90 90 90 90 90 90 89 9D 68 FF FF FF)

vusbstor.sys_x64 6.1.7600.4002 :
89 AC 24 84 00 00 00 -> 90 90 90 90 90 90 90

Zitat von ⇗ George King im Beitrag ¶ #8038

And I would also like to request missing informations for WDF 1.11. I would like to use ported WDF 1.11 with original XP ones to avoid unhandled problems with other drivers.
In WdfLdr8.sys replace hex pattern F6 78 1B F6 to F6 EB 1B F6 (x32), ** ** to ** ** (x64)

wdfldr.sys_x64 1.11.9200.16384 :
85 FF 78 2A -> 85 FF EB 2A

i don't have any XP x64 installed now, hex patterns made by "copy&paste way", need to confirm working state
#8048diderius6⇗ @George King

I make small fun with the nice German XP.iso, that you make for me.
First I try to do the BCD install on a Fat32 partition. But then comes message,
that Install can only be done on a Ntfs partition.
So, first step of Install is done on a Ntfs partition.
Now comes fun: Before 2. step in Install, I change by hand the  ntfs ==> Fat32, keeping all files and settings.
And voila, 2. step of Install continues, this time using freeldr.
Because I am not good in the syntax of freeldr.ini later in Setup it hangs,
but in principe it can be done;))
Dietmar
#8049infuscomus⇗ @diderius6

So I finally got around to testing that USB 3.0 driver you send me from May 2020 for the 149C controller.

Unfortunately, the behavior is exactly the same with this driver as with the other drivers, no change.
#8050infuscomus⇗ @diderius6

If I send you a halmacpi.dll HAL built from XP SP1 source code can you test it to see if it works with XP SP3?
#8051diderius6⇗ @infuscomus

Are you sure, that no part from any other USB3 driver is still used?
There are crazy side effects.
For example I cant install the very last USB3 driver (I think, this is just now the best USB3 on the market) from ⇗ @daniel_k
without before installing the old AMD USB3 driver. Without I get message, that no compatible hardware(!) is found
Dietmar
#8052diderius6⇗ @infuscomus

I tested, this will not work, hal.dll only works together with its own ntoskrnl
Dietmar
#8053infuscomus⇗ @diderius6

It was a new install, no existing USB 3.0 drivers present.
same result.

damn! I was hoping we could use source code to modify the HAL.

⇗ @Mov AX, 0xDEAD

Have you ever tried to modify the HAL?

I tried to make a HAL extender using your ntoskrnl extender project a little while ago. I recall it didn't work correctly since it did not use PMHalDispatchTable correctly - I suppose only the real HAL can do that?
#8054diderius6Hi,
I succeed to fake ntldr in Setup of XP with freeldr.sys and freeldr.ini.

But in GUI Setup, after I see for about 2 sec the running bar, comes Message 
SYSTEM_LICENSE_VIOLATION

0x0000009A (0x00000000, 0x00000000, 0x00000000, 0x00690057)
This kind of message I never saw before
Dietmar

PS: In Internet I found, that this comes from registry. But I dont find. Also I dont find this Bsod with IDA Pro in ntoskrnl or in hal. Hm, where else can 0x0000009A be stored???

"In TD you must set "correct" value for your OS partition size." by Slobodan Brcin (eMVP)
This was for XP Embedded.
Oh.., I think I understand this. You have to use always the exact same partition during install of XP.


#8055diderius6⇗ @infuscomus

I hack hal.dll for always to use the onboard system clock in hal.dll from XP SP2 and XP SP3.
At this point I see, that you cant mix those hals with different versions of XP
Dietmar

 

Page 538

#8056st1cky⇗ @diderius6 Do you know if its possible to do changes on Win10 Hal / ntoskrnl?

Would like to change a function with a function from an older Win10 build.

But hadn't figured out how to bypass the security check on Boot for Kernel Drivers.
#8057diderius6⇗ @st1cky

Dont know, if this tool ResourceHacker works also for Win10. For all XP versions it is like magic ).
⇗ www.angusj.com/resourcehacker

Just open with ResourceHacker.exe the edited file and store it again

Dietmar
#8058st1cky⇗ @diderius6

I dont think it will work.

It was easier back then, even with Win7, I think.

But under Windows 10, as far as I know, the kernel drivers must be digitally signed and the checksum must be adjusted after the modification.

And under the new Windows 10 versions, the hal.dll was even made smaller, I think there are only shortcuts in the file that can be found in ntoskrnl.

Maybe I'll deal with it again later. : D

Hal -  10.0.16299.15 - 460 KB (471.448 Bytes)
Hal -  10.0.19042.1237 - 16,7 KB (17.200 Bytes)
#8059un user
Zitat von ⇗ diderius6 im Beitrag ¶ #8054
Hi,
I succeed to fake ntldr in Setup of XP with freeldr.sys and freeldr.ini.

But in GUI Setup, after I see for about 2 sec the running bar, comes Message 
SYSTEM_LICENSE_VIOLATION

0x0000009A (0x00000000, 0x00000000, 0x00000000, 0x00690057)
This kind of message I never saw before
Dietmar

PS: In Internet I found, that this comes from registry. But I dont find. Also I dont find this Bsod with IDA Pro in ntoskrnl or in hal. Hm, where else can 0x0000009A be stored???

"In TD you must set "correct" value for your OS partition size." by Slobodan Brcin (eMVP)
This was for XP Embedded.
Oh.., I think I understand this. You have to use always the exact same partition during install of XP.



In Windows Embedded this also mean sistem license is incorrect.
#8060Tom33231How new of a system can windows xp work on I heard of people getting that os to work on haswell and ivy bridge system. If anything newer is possible let me know.
#8061diderius6⇗ @un user

Yes, you are right. I choose the identic partition but still get this error.
With Beyond Compare I make a Binary check between working install
and the one with Bsod 0x0000009A (0x00000000, 0x00000000, 0x00000000, 0x00690057).
Only the files in WINDOWS\System32\config
which means whole registry, are ALL different.
Now, the partition is identic, but still this crazy message.

Do you know, which file makes this Bsod?
It looks for me, that you know much more

Dietmar
#8062diderius6⇗ @Tom33231

Until now I dont know any board, where XP SP3 not works
Dietmar
#8063infuscomus⇗ @st1cky

Looks like they moved the HAL into the ntoskrnl itself.

hal.dll is empty now, just forwarded names.
#8064diderius6⇗ @un user

I also look with IDA Pro in winlogon.exe,
because from XP Embedded I know,
that nothing bad about License happens, when you change winlogon.exe against minlogon.exe.
But also in winlogon I dont find any information about
Bsod 0x0000009A (0x00000000, 0x00000000, 0x00000000, 0x00690057)

Now, only the hard way for me is left, put one file after the other into folder WINDOWS and boot until first time this message appears
Dietmar
#8065diderius6Now only freeldr.sys, freeldr.ini, ntkrnlpa.exe, hal.dll and folder config are left before GUI Setup of XP.
Now, during load via freeldr, loading hangs at "system hive", but no error message is posted until now,
Dietmar
#8066infuscomus⇗ @diderius6

My HAL build from source code works in XP!!

⇗ @Mov AX, 0xDEAD

Would you have any interest at all in making changes to the HAL source code?
like get our SP1 version to match SP3 version?
or add additional exports to the HAL for more functionality?

Using a modded HAL I would like to be able to use the Windows 8.0 acpi.sys with XP - Thanks to ⇗ @diderius6 it is proven at least possible with the Vista RTM version, if a bit unreliably.
#8067diderius6⇗ @infuscomus
Nice ,
what do you change in Hal.dll in sources from XP SP1, so that in works in XP SP3
Dietmar
#8068infuscomus⇗ @diderius6

That's the thing, I didn't change anything, I simply opened razzle and compiled inside XPSP1\base\hals and swapped the resulting halmacpi.dll and it works.

The srv03rtm build however doesn't work in XP, maybe thats what you were thinking of?
#8069un userHi Diderius
This happens when PID is wrong or when i forgot to copy weruntime.ini in root partition.

Also, if you use Minlogon you need to import following in registry, before system boot.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
"Config"=dword:00000017
#8070diderius6⇗ @infuscomus

This can mean only one thing: The hal.dll build from SP1 sources is different to the normal SP1 hal.dll .
Can you please send me your new build halmacpi.dll
Dietmar

 

Page 539

#8071infuscomus⇗ @diderius6

here.



infuscomus has attached files to this post
#8072un userHi Diderius

Tomorrow i will start to made some test in order to see exact steps for this error.
#8073diderius6⇗ @infuscomus

Waaooh, this Hal.dll from Sources SP1 from you also starts XP SP3, loaded via nvme and freeldr, to desktop
Dietmar
#8074diderius6⇗ @un user

I am just building XP Gui boot from Scratch.
I can use boot via ntldr or via freeldr, so normal ntldr boot gives me always the hint,
which driver is still missed.
Interesting, you need more files than I thought just for to load System Hive from XP SP3
Dietmar
#8075infuscomus⇗ @diderius6

Now I'm hoping to add missing exports from Vista and later to XP HAL.

I think Vista acpi.sys from before failed because my psuedo h8l.sys put nothing in _PMHalDispatchTable
maybe modifying the real HAL will actually work.

⇗ @Mov AX, 0xDEAD

any interest in helping?
#8076isopc1999aAsrock Z690 motherboards still have CSM Support
⇗ https://download.asrock.com/Manual/Z690%...hi.pdf#page=125
#8077infuscomus⇗ @isopc1999a

Desktop PCs still have CSM, That's good to know.

Intel NUC9 and later have dropped CSM, and as far as I know all the laptop manufactures have dropped CSM too.
#8078diderius6Yessa, I caught the Bsod 0xA9, which happens ONLY during setup with ntldr ==> freeldr modd
using the debug function from freeldr(!) during Setup of XP SP3 in GUI Mode (second stage)
Dietmar

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows XP 2600 x86 compatible target at (Wed Oct 27 20:34:14.468 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
Windows XP Kernel Version 2600 (Service Pack 3) MP (4 procs) Free x86 compatible
Product: WinNt
Built by: 2600.xpsp_sp3_qfe.190108-0655
Machine Name:
Kernel base = 0x80400000 PsLoadedModuleList = 0x8048c4c0
Debug session time: Wed Oct 27 22:34:13.515 2021 (UTC + 2:00)
System Uptime: 0 days 0:00:01.890
Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target at (Wed Oct 27 20:34:16.718 2021 (UTC + 2:00)), ptr64 FALSE
Loading Kernel Symbols
.....................
Loading User Symbols

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 9A, {0, 0, 0, 690057}

Probably caused by : ntkrnlmp.exe ( nt!ExpInitSystemPhase0+bcb )

Followup: MachineOwner
---------

nt!RtlpBreakWithStatusInstruction:
8040b9c2 cc              int     3
3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_LICENSE_VIOLATION (9a)
A violation of the software license agreement has occurred. This can be due to
either attempting to change the product type of an offline system, or an attempt
to change the trial period of an evaluation unit of Windows.
Arguments:
Arg1: 00000000, means that offline product type changes were attempted
Arg2: 00000000, if 1, product should be LanmanNT or ServerNT. If 0, should be WinNT
Arg3: 00000000, partial serial number
Arg4: 00690057, first two characters of product type from product options.

Debugging Details:
------------------


DEFAULT_BUCKET_ID:  DRIVER_FAULT

BUGCHECK_STR:  0x9A

PROCESS_NAME:  System

LAST_CONTROL_TRANSFER:  from 8045f57f to 8040b9c2

STACK_TEXT:  
f789e2d4 8045f57f 00000004 f771f408 00000000 nt!RtlpBreakWithStatusInstruction
f789e320 80460557 00000004 04000000 00690057 nt!KiBugCheckDebugBreak+0x19
f789e700 8046066a 0000009a 00000000 00000000 nt!KeBugCheck2+0xa75
f789e720 805fc6d8 0000009a 00000000 00000000 nt!KeBugCheckEx+0x1b
f789e838 805f2916 805dafe6 00000000 8e879950 nt!ExpInitSystemPhase0+0xbcb
f789e83c 805dafe6 00000000 8e879950 00000000 nt!ExInitSystemPhase2+0x5
f789edac 8049e828 80068000 00000000 00000000 nt!Phase1Initialization+0xa9b
f789eddc 804151a9 805da7bf 80068000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExpInitSystemPhase0+bcb
805fc6d8 cc              int     3

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  nt!ExpInitSystemPhase0+bcb

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  5c34e27b

FAILURE_BUCKET_ID:  0x9A_nt!ExpInitSystemPhase0+bcb

BUCKET_ID:  0x9A_nt!ExpInitSystemPhase0+bcb

Followup: MachineOwner
---------

#8079diderius6And this is the jump to death  in ntoskrnl

INIT:005DE6B9 loc_5DE6B9:
; CODE XREF: sub_5DDD58+1AF j
INIT:005DE6B9                                         ; sub_5DDD58+1C5
j ...
INIT:005DE6B9                 push          9Ah             ; BugCheckCode
INIT:005DE6BE                 call    _KeBugCheckEx@20 ; KeBugCheckEx(x,x,x,x,x)
INIT:005DE6BE sub_5DDD58      endp



Hihi, this point of death loc_5DE6B9 is reached via jmp from 18(!), (with co-jumpers 24) positions in ntoskrnl ,

but from now soon not
Dietmar
#8080NT5 forever
Zitat von ⇗ diderius6 im Beitrag ¶ #8044
Tutorial
Booting XP via freeldr or ntldr

Very interesting!
Can freeldr also boot RAMDisk images?
#8081diderius6⇗ @NT5 forever

Yes. I think freeldr has whole functionality of ntldr, even more, for example Debug from only itself,
but I need more tests.
Just now I am working on those 18 places for to tell XP,
that even for Setup freeldr is a nice one^^
Dietmar
#8082NT5 forever
Zitat von ⇗ diderius6 im Beitrag ¶ #8073
@infuscomus

Waaooh, this Hal.dll from Sources SP1 from you also starts XP SP3, loaded via nvme and freeldr, to desktop
Dietmar

Does it support PAE natively, so XP can see more than 4GB of RAM without patch?
#8083NT5 forever
Zitat von ⇗ diderius6 im Beitrag ¶ #8081
@NT5 forever

Yes. I think freeldr has whole functionality of ntldr, even more, for example Debug from only itself,
but I need more tests.
Just now I am working on those 18 places for to tell XP,
that even for Setup freeldr is a nice one^^
Dietmar


Fascinating. I've got a newish ASUS laptop with a NVME SSD and I wonder how difficult it would be to boot a RAMdisk image with a universal XP on that machine.
#8084NT5 foreverIf only the ntldr of 64 bit XP could be modded to boot 32 bit XP.... I think that's the missing part of the puzzle.
#8085diderius6⇗ @NT5 forever

There is also a 64Bit Reactos version with its freeldr,
Dietmar

 

Page 540

#8086NT5 foreverThat might be a better option because it's designed to target modern hardware.
#8087NT5 foreverMaybe someone could try to mod the 64 bit freeldr so it can boot 32 bit Reactos.
That would probably be easier than modding ntldr.
#8088diderius6⇗ @infuscomus

Just for to know, can you test boot with freeldr on your board with critical USB
Dietmar
#8089infuscomus⇗ @diderius6

I'm still going through your tutorial for how to set it up correctly.

Can you image your freeldr bootable installation with paragon? I'll restore the image and try and boot from it.
#8090diderius6⇗ @infuscomus
Which step in the Tutorial you dont understand?
To upload an image with Paragon is possible,
but not sure if it works for you
Dietmar
#8091diderius6⇗ @Mov AX, 0xDEAD

Is it possible to replace the call of ExpInitSystemPhase0
just with Boolean "True"?
And how to do this at the place where ExpInitSystemPhase0
is called in ntoskrnl
Dietmar
#8092Mov AX, 0xDEAD⇗ @infuscomus

Zitat von ⇗ infuscomus im Beitrag ¶ #8066

@Mov AX, 0xDEAD
Would you have any interest at all in making changes to the HAL source code?
like get our SP1 version to match SP3 version?
or add additional exports to the HAL for more functionality?

Let imagine you have Win7/8 HAL and it works with sp3, then you try Win7/8' acpi.sys and it still not works, i dont see reason to convert hal if final point still not reached
#8093Mov AX, 0xDEAD
Zitat von ⇗ diderius6 im Beitrag ¶ #8091
@Mov AX, 0xDEAD
Is it possible to replace the call of ExpInitSystemPhase0
just with Boolean "True"?
And how to do this at the place where ExpInitSystemPhase0
is called in ntoskrnl

to return Boolean:
 
mov eax, 1
ret xxx


xxx - amount of arguments of ExpInitSystemPhase0(if it is stdcall) *4

#8094infuscomus⇗ @Mov AX, 0xDEAD

I think this final point can be reached.
⇗ @diderius6 showed that XP can boot with Vista RTM acpi.sys - I think it was just my hack was too sloppy to be reliable.

edit:
⇗ @Mov AX, 0xDEAD  here diderius6 got it working
¶ XP/W2k3 x86 on Modern Hardware (438)
#8095diderius6Until now I cant install XP using freeldr,
because it is crazy hard to overcome this BSOD in ntkrnlpa.exe
BugCheck 9A, {0, 0, 0, 690057}
Probably caused by : ntkrnlmp.exe ( nt!ExpInitSystemPhase0+bcb )
see post
¶ XP/W2k3 x86 on Modern Hardware (539)

I found 3 places, which belongs to this BSOD, so all together more than 50 pathes have to be modded
Dietmar

PS: No information in BSOD from where it comes. And also Windbg does not accept breakpoints before this crash.
And this Bsod happens very early in bootprocess, only in 2. Stage of XP Setup, GUI mode.
#8096galagunThat's because freeldr doesn't implement the necessary code to set up certain structures used by ntoskrnl exinit.c and systime.c later. That code is used by text mode setup phase to set up license data, timebombs, update state and such, which ReactOS has no need on. You will trigger some strange errors if using FreeLDR to boot setup phases.

More about systime and exinit:
⇗ https://tinyurl.com/build-win2k3
#8097skullteria
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #8093
Zitat von ⇗ diderius6 im Beitrag ¶ #8091
@Mov AX, 0xDEAD
Is it possible to replace the call of ExpInitSystemPhase0
just with Boolean "True"?
And how to do this at the place where ExpInitSystemPhase0
is called in ntoskrnl

to return Boolean:
 
mov eax, 1
ret xxx


xxx - amount of arguments of ExpInitSystemPhase0(if it is stdcall) *4



How is the code in hex?
#8098skullteria
Zitat von ⇗ diderius6 im Beitrag ¶ #8095
Until now I cant install XP using freeldr,
because it is crazy hard to overcome this BSOD in ntkrnlpa.exe
BugCheck 9A, {0, 0, 0, 690057}
Probably caused by : ntkrnlmp.exe ( nt!ExpInitSystemPhase0+bcb )
see post
¶ XP/W2k3 x86 on Modern Hardware (539)

I found 3 places, which belongs to this BSOD, so all together more than 50 pathes have to be modded
Dietmar

PS: No information in BSOD from where it comes. And also Windbg does not accept breakpoints before this crash.
And this Bsod happens very early in bootprocess, only in 2. Stage of XP Setup, GUI mode.


Do you trying use freeldr or setupldr?
#8099diderius6⇗ @skullteria

For TXT Setup I use normal ntldr.
And for GUI Setup I use freeldr.
When I see the post from ⇗ @galagun
¶ XP/W2k3 x86 on Modern Hardware (540)

I do not think that it is impossible to use freeldr for everything.
So maybe it is worth a try, to look at the boot and install process of Reactos very close
Dietmar

EDIT: Just an idea: Change the whole registry from XP after TXT Setup against the registry from Reactos, also after TXT Setup.
And with outstanding Reactos edit via loading Hive all ReactOS ==> WINDOWS in this Registry.
#8100diderius6⇗ @Mov AX, 0xDEAD

For to give always the Boolean "True" as answer from the function ExpInitSystemPhase0,
is this changing at its end correct?

Original
loc_5DDD46:
mov     al, [ebp+var_1]     (is here in Hex 8A 45 FF  as can be seen via IDA Pro)
pop     edi
pop     esi
pop     ebx
leave
retn
_ExpInitSystemPhase0@0 endp

===>

MOD
loc_5DDD46:
mov     al, 1    (is in Hex B0 01 90)
nop
pop     edi
pop     esi
pop     ebx
leave
retn
_ExpInitSystemPhase0@0 endp

Dietmar

 

Page 541

#8101un user⇗ @diderius6
Maybe information about Product Key is not entered in registry ?
You could try to start setup from Windows installation and replace ntldr with freeldr before restart to see if works.

Or

Copy registry key with activation from ntldr installation in to registry from freeldr installation (or whole SYSTEM).
#8102skullteria
Zitat von ⇗ diderius6 im Beitrag ¶ #8099
@skullteria

For TXT Setup I use normal ntldr.
And for GUI Setup I use freeldr.
When I see the post from @galagun
¶ XP/W2k3 x86 on Modern Hardware (540)

I do not think that it is impossible to use freeldr for everything.
So maybe it is worth a try, to look at the boot and install process of Reactos very close
Dietmar

EDIT: Just an idea: Change the whole registry from XP after TXT Setup against the registry from Reactos, also after TXT Setup.
And with outstanding Reactos edit via loading Hive all ReactOS ==> WINDOWS in this Registry.


Have a way to use freeldr with BCD? I want intregate it with Vista+ setup engine.
#8103diderius6⇗ @skullteria

You need to describe "to use freeldr with BCD" a little bit more.
Should this be a dual boot freeldr and BCD as in your Tutorial for BCD boot of XP, with MBR from Vista
Dietmar
#8104diderius6I found the exact place in ntkrnlpa.exe for Bsod when try to setup XP with freeldr

.text:0046F228 ; =============== S U B R O U T I N E =======================================
.text:0046F228
.text:0046F228
.text:0046F228 ; __stdcall KiThreadStartup(x)
.text:0046F228 _KiThreadStartup@4 proc near            ; DATA XREF: KiInitializeContextThread(x,x,x,x,x)+22E↑o
.text:0046F228                 xor     ebx, ebx
.text:0046F22A                 xor     esi, esi
.text:0046F22C                 xor     edi, edi
.text:0046F22E                 xor     ebp, ebp
.text:0046F230                 mov     ecx, 1
.text:0046F235                 call    ds:__imp_@KfLowerIrql@4 ; KfLowerIrql(x)
.text:0046F23B                 pop     eax
.text:0046F23C                 call    eax  ===> Here you can set Breakpoint bp 804151a7 ,
because in real compi it is
nt!KiThreadStartup+0x14:
804151a7 ffd0            call    eax                                     The content of EAX at this point is 8049e7f4

when you hit t, EIP jumps to this adress, but it is an endless loop from there, I run it for 2 hours.

.text:0046F23E                   pop     ecx ==>          This line was never reached via Windbg (it is 804151a9   on real compi)
.text:0046F23F                 or      ecx, ecx
.text:0046F241                 jz      short loc_46F24A
.text:0046F243                 mov     ebp, esp
.text:0046F245                 jmp     _KiServiceExit2
.text:0046F24A ; ---------------------------------------------------------------------------
.text:0046F24A



When you type "p" after this Breakpoint, at once you get 

nt!KiThreadStartup+0x14:
804151a7 ffd0            call    eax
kd> p

*** Fatal System Error: 0x0000009a
                                             (0x00000000,0x00000000,0x00000000,0x00690057)

Dietmar

PS: Interesting, a lot of drivers are already loaded at this point from freeldr during GUI Setup of XP before Bsod.
3: kd> lm
start    end        module name
80301000 80321d80   hal        (deferred)             
80400000 80629000   nt         (pdb symbols)          c:\symbols\ntkrnlmp.pdb\2070D15C611B40BDA93F5F7F12CAC76C2\ntkrnlmp.pdb
f6fff000 f702ba80   NDIS       (deferred)             
f702c000 f7042b80   KSecDD     (deferred)             
f7043000 f7106400   dmboot     (deferred)             
f7107000 f73bc000   iaStor     (deferred)             
f73bc000 f73e1700   dmio       (deferred)             
f73e2000 f7400880   Ftdisk     (deferred)             
f7401000 f7411a80   PCI        (deferred)             
f7412000 f7441d80   ACPI       (deferred)             
f7442000 f7465180   fastfat    (deferred)             
f7487000 f7490180   isapnp     (deferred)             
f7497000 f74a1700   MountMgr   (deferred)             
f74a7000 f74b2000   PartMgr    (deferred)             
f74b7000 f74c3c80   VolSnap    (deferred)             
f74c7000 f74d3180   CLASSPNP   (deferred)             
f74d7000 f74e7000   Disk       (deferred)             
f7707000 f770f000   mvxxmm     (deferred)             
f770f000 f7715800   firadisk   (deferred)             
f7717000 f771f000   mv61xxmm   (deferred)             
f771f000 f7727000   mv64xxmm   (deferred)             
f7897000 f789a000   BOOTVID    (deferred)             
f7987000 f7988b80   kdcom      (deferred)             
f7989000 f798a100   WMILIB     (deferred)             
f798b000 f798c700   dmload     (deferred)
#8105skullteria
Zitat von ⇗ diderius6 im Beitrag ¶ #8103
@skullteria

You need to describe "to use freeldr with BCD" a little bit more.
Should this be a dual boot freeldr and BCD as in your Tutorial for BCD boot of XP, with MBR from Vista
Dietmar


BCD works with entries,like:
1. Entry for winload, natively on Vista+;
2: Pre-Vista entry, for ntldr

I want know if has entry for freeldr, maybe Pre-Vista entry works, but, i don't know
#8106Mov AX, 0xDEAD
Zitat von ⇗ diderius6 im Beitrag ¶ #8100

loc_5DDD46:
mov     al, [ebp+var_1]             (is here in Hex 8A 45 FF  as can be seen via IDA Pro)

MOD
loc_5DDD46:
mov     al, 1    ; B0 01
nop                ; 90


Yes, it is right, BOOLEAN fit to AL, no need set full EAX reg
#8107Mov AX, 0xDEAD
Zitat von ⇗ infuscomus im Beitrag ¶ #8094
@Mov AX, 0xDEAD
I think this final point can be reached.
@diderius6 showed that XP can boot with Vista RTM acpi.sys - I think it was just my hack was too sloppy to be reliable.
¶ XP/W2k3 x86 on Modern Hardware (438)

Oh, seems i missed this info
Why this vista's acpi.sys didn't become a substitute of previouis v6666/v5048 ?
#8108diderius6⇗ @Mov AX, 0xDEAD

"Why this vista's acpi.sys didn't become a substitute of previouis v6666/v5048 ?"

Because it was not stable. I think, the problem is "only" in loading the correct tables at the right time.
Nice work from ⇗ @infuscomus .
I got it 3 times to start and everything works for me under XP SP3 with this acpi.sys from Vista
Dietmar

PS: I read, that you think that it is not possible, to use the USB3 driver from Win8.1 .
Why? Because a really big step forward would be to mod drivers from Win8.1 for XP,
also acpi.sys better to have from Win8.1 .
#8109diderius6This happens,
when I start GUI Setup from XP via freeldr.sys and the WINDOWS\System32\config folder from Reactos 0.415 .
VERY similar to the boot of full XP GUI Setup via freeldr, may be just enough to change also ntoskrnl und hal
Dietmar

Breakpoint 0 hit
nt!KiThreadStartup+0x14:
804151a7 ffd0              call    eax
2: kd> p

*** Fatal System Error: 0x00000074
                                             (0x00000003,0x00000002,0x80068000,0xC000014C)

WARNING: This break is not a step/trace completion.
The last command has been cleared to prevent
accidental continuation of this unrelated event.
Check the event, location and thread before resuming.
Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target at (Fri Oct 29 19:07:36.437 2021 (UTC + 2:00)), ptr64 FALSE
Loading Kernel Symbols
.....................
Loading User Symbols

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 74, {3, 2, 80068000, c000014c}

Probably caused by : ntkrnlmp.exe ( nt!CmpInitializeSystemHive+130 )

Followup: MachineOwner
---------

nt!RtlpBreakWithStatusInstruction:
8040b9c2 cc              int     3
3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

BAD_SYSTEM_CONFIG_INFO (74)
Can indicate that the SYSTEM hive loaded by the osloader/NTLDR
was corrupt.  This is unlikely, since the osloader will check
a hive to make sure it isn't corrupt after loading it.
It can also indicate that some critical registry keys and values
are not present.  (i.e. somebody used regedt32 to delete something
that they shouldn't have)  Booting from LastKnownGood may fix
the problem, but if someone is persistent enough in mucking with
the registry they will need to reinstall or use the Emergency
Repair Disk.
Arguments:
Arg1: 00000003, (reserved)
Arg2: 00000002, (reserved)
Arg3: 80068000, (reserved)
Arg4: c000014c, usually the NT status code.

Debugging Details:
------------------


DEFAULT_BUCKET_ID:  DRIVER_FAULT

BUGCHECK_STR:  0x74

PROCESS_NAME:  System

LAST_CONTROL_TRANSFER:  from 8045f57f to 8040b9c2

STACK_TEXT:  
f789e37c 8045f57f 00000003 f789e6d8 00000000 nt!RtlpBreakWithStatusInstruction
f789e3c8 80460056 00000003 00000001 80069000 nt!KiBugCheckDebugBreak+0x19
f789e7a8 8046066a 00000074 00000003 00000002 nt!KeBugCheck2+0x574
f789e7c8 805fd06c 00000074 00000003 00000002 nt!KeBugCheckEx+0x1b
f789e7fc 805f3b98 80068000 00034000 c1064000 nt!CmpInitializeSystemHive+0x130
f789e838 805daf11 80068000 00000000 8e87cda0 nt!CmInitSystem1+0x274
f789edac 8049e828 80068000 00000000 00000000 nt!Phase1Initialization+0x84a
f789eddc 804151a9 805da7bf 80068000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!CmpInitializeSystemHive+130
805fd06c 32c0            xor     al,al

SYMBOL_STACK_INDEX:  4

SYMBOL_NAME:  nt!CmpInitializeSystemHive+130

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  5c34e27b

FAILURE_BUCKET_ID:  0x74_nt!CmpInitializeSystemHive+130

BUCKET_ID:  0x74_nt!CmpInitializeSystemHive+130

Followup: MachineOwner
---------

3: kd> lm
start    end        module name
80224000 80244d80   hal        (deferred)             
80400000 80629000   nt         (pdb symbols)          c:\symbols\ntkrnlmp.pdb\2070D15C611B40BDA93F5F7F12CAC76C2\ntkrnlmp.pdb
f735c000 f7388a80   ndis       (deferred)             
f7389000 f73ab700   ks         (deferred)             
f73ac000 f73c5e80   mup        (deferred)             
f73c6000 f73dcb80   ksecdd     (deferred)             
f73dd000 f73eda80   pci        (deferred)             
f73ee000 f7411300   USBPORT    (deferred)             
f7412000 f7441d80   acpi       (deferred)             
f7442000 f7465180   fastfat    (deferred)             
f7487000 f7490180   isapnp     (deferred)             
f7497000 f74a2000   partmgr    (deferred)             
f74a7000 f74b5880   usbhub     (deferred)             
f74b7000 f74c3180   CLASSPNP   (deferred)             
f74c7000 f74d1700   mountmgr   (deferred)             
f74d7000 f74e7000   disk       (deferred)             
f7707000 f770e700   usbehci    (deferred)             
f7897000 f789a000   BOOTVID    (deferred)             
f7987000 f7988b80   kdcom      (deferred)             
f7989000 f798a100   WMILIB     (deferred)             
f798b000 f798c500   USBD       (deferred)             
f798d000 f798e100   swenum     (deferred)    


Yepp, this Bsod 0x74 (3, 2, yyy, zzz) happens in ntkrnlpa.exe of XP SP3 at 

INIT:005E290C

INIT:005E290C loc_5E290C: ; CODE XREF: CmpInitializeSystemHive(x)+84 j
INIT:005E290C                 push    8               ; int
INIT:005E290E                 push    offset _CmpSystemFileName ; int
INIT:005E2913                 push    ebx             ; int
INIT:005E2914                 push    ebx             ; int
INIT:005E2915                 push    ebx             ; FileHandle
INIT:005E2916                 push    esi             ; int
INIT:005E2917                 push    edi             ; int
INIT:005E2918                 push    2               ; int
INIT:005E291A                 push    edi             ; int
INIT:005E291B                 push    eax             ; int
INIT:005E291C                 call    _CmpInitializeHive@40 ; CmpInitializeHive(x,x,x,x,x,x,x,x,x,x)
INIT:005E2921                 cmp     eax, ebx
INIT:005E2923                                                 jge     short loc_5E292D
INIT:005E2925                 push    eax
INIT:005E2926                 push    [ebp+Object]
INIT:005E2929                                                 push    2
INIT:005E292B                                                 jmp     short loc_5E2965
INIT:005E292D ; ---------------------------------------------------------------------------
INIT:005E292D

.
.
.

INIT:005E2965
INIT:005E2965 loc_5E2965:
; CODE XREF: CmpInitializeSystemHive(x)+53 j
INIT:005E2965 ;
CmpInitializeSystemHive(x)+C7 j
INIT:005E2965                 push    3               ; BugCheckParameter1
INIT:005E2967                 push    74h             ; BugCheckCode
INIT:005E2969                 call    _KeBugCheckEx@20 ; KeBugCheckEx(x,x,x,x,x)
INIT:005E296E ; ---------------------------------------------------------------------------
INIT:005E296E

#8110diderius6⇗ @skullteria

I install XP SP3 new on the Asus P8H77-M board on a FAT32 partition.
There I install BCD MBR via easybcd_1.7.2.exe and BOOTICEx86.exe for the PE entry after nice tip from ⇗ @George King .
BCD boot from Vista for XP is with your boot files.
Now I can boot XP via ntldr there or via bootmgr.
bootmgr with winload is a little bit faster than ntldr.
Now I try to integrate in the boot menu also freeldr
Dietmar

PS: Long time ago I wrote Tutorial, how to install Vista on a Fat32 partition. It is still avaible on MSFN.

#8111diderius6⇗ @skullteria

This was easy,
oh..
soso much fun. 3 bootloaders work for XP.
Dietmar

PS: Fastest boot of XP is via freeldr. Then comes BCD and then ntldr.

From feeling is the very best of them freeldr. It can find also crazy Arcpaths.

ntldr is generic.

BCD can boot some crazy compis with XP but has a lot of bad side effects, for example when you modd hal.dll it cries, that hal.dll is not valid. And from >=Skylake compis BCD boot works only for cpu <= Celeron.

#8112diderius6⇗ @infuscomus

I noticed, that from your nice hal.dll from SP1 you dont need the Timer hack,
because this hal always uses the System clock
Dietmar
#8113infuscomus⇗ @diderius6

I wonder what other differences there are between the XP SP1 and SP3 HAL?
#8114Mov AX, 0xDEAD
Zitat von ⇗ diderius6 im Beitrag ¶ #8108

PS: I read, that you think that it is not possible, to use the USB3 driver from Win8.1 .

i never wrote this. if someone will implement "new timer api" you'l get usb3
#8115diderius6⇗ @Mov AX, 0xDEAD

"if someone will implement "new timer api" you'l get usb3"

Until now, I have no idea how to make this.
But I can learn a lot, so.. if there is a chance to integrate more drivers from Win8.1 into XP..
Very much I am interested in Lan driver i219.
Because with this driver, all can work with coming z690 boards under XP

Dietmar

PS: XP is more than fun. How much time you can save in daily work with an rocksolid OS.
I remember October 2009, when Win7 was on the market: I simply compare Skype from Win7 with Skype from XP.
This experiance was the reason, why I never install Win7 for use.

 

Page 542

#8116infuscomus⇗ @diderius6

Attempting again with Vista RTM acpi.sys

This will give a 7E BSOD - is the point of failure still in ACPIFindLoadRSDT? or has it changed?



infuscomus has attached files to this post
#8117diderius6⇗ @infuscomus


Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows XP 2600 x86 compatible target at (Sat Oct 30 18:45:38.281 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
Windows XP Kernel Version 2600 MP (1 procs) Free x86 compatible
Built by: 2600.xpsp_sp3_qfe.190108-0655
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x805634c0
System Uptime: not available
MM: Loader/HAL memory block indicates large pages cannot be used for 81448000->828B8FFF
MM: Disabling large pages for all ranges due to overlap

*** Fatal System Error: 0x0000007e
                                             (0xC0000005,0x8A846F44,0xF789E0AC,0xF789DDA8)

Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target at (Sat Oct 30 18:45:44.718 2021 (UTC + 2:00)), ptr64 FALSE
Loading Kernel Symbols
..........................
Loading User Symbols

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 7E, {c0000005, 8a846f44, f789e0ac, f789dda8}

*** No owner thread found for resource 805614e0
*** No owner thread found for resource 805614e0
*** No owner thread found for resource 805614e0
*** No owner thread found for resource 805614e0
*** No owner thread found for resource 805614e0
*** No owner thread found for resource 805614e0
Probably caused by : ntkrnlmp.exe ( nt!IopQueryDeviceResources+79 )

Followup: MachineOwner
---------

nt!RtlpBreakWithStatusInstruction:
804e29c2 cc              int     3
3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 8a846f44, The address that the exception occurred at
Arg3: f789e0ac, Exception Record Address
Arg4: f789dda8, Context Record Address

Debugging Details:
------------------

*** No owner thread found for resource 805614e0
*** No owner thread found for resource 805614e0
*** No owner thread found for resource 805614e0
*** No owner thread found for resource 805614e0
*** No owner thread found for resource 805614e0
*** No owner thread found for resource 805614e0

EXCEPTION_CODE:
(NTSTATUS) 0xc0000005 - Die Anweisung "0x%08lx" verweist auf Speicher
bei "0x%08lx". Die Daten wurden wegen eines E/A-Fehlers in "0x%081x"
nicht in den Arbeitsspeicher  bertragen.

FAULTING_IP: 
+1782faf00c0dfc0
8a846f44 0000            add     byte ptr [eax],al

EXCEPTION_RECORD:  f789e0ac -- (.exr 0xfffffffff789e0ac)
ExceptionAddress: 8a846f44
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 00000001
   Parameter[1]: 08a846a9
Attempt to write to address 08a846a9

CONTEXT:  f789dda8 -- (.cxr 0xfffffffff789dda8)
eax=08a846a9 ebx=00000001 ecx=e1009780 edx=e1009758 esi=e13c7628 edi=00000000
eip=8a846f44 esp=f789e174 ebp=8a84aa38 iopl=0         nv up ei pl zr na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010246
8a846f44 0000            add     byte ptr [eax],al          ds:0023:08a846a9=??
Resetting default scope

DEFAULT_BUCKET_ID:  DRIVER_FAULT

PROCESS_NAME:  System

ERROR_CODE:
(NTSTATUS) 0xc0000005 - Die Anweisung "0x%08lx" verweist auf Speicher
bei "0x%08lx". Die Daten wurden wegen eines E/A-Fehlers in "0x%081x"
nicht in den Arbeitsspeicher  bertragen.

EXCEPTION_PARAMETER1:  00000001

EXCEPTION_PARAMETER2:  08a846a9

WRITE_ADDRESS:  08a846a9 

FOLLOWUP_IP: 
nt!IopQueryDeviceResources+79
805a734f 8bf8            mov     edi,eax

FAILED_INSTRUCTION_ADDRESS: 
+1782faf00c0dfc0
8a846f44 0000            add     byte ptr [eax],al

BUGCHECK_STR:  0x7E

LOCK_ADDRESS:  80561560 -- (!locks 80561560)

Resource @ nt!IopDeviceTreeLock (0x80561560)    Shared 1 owning threads
     Threads: 8a867780-01<*> 
1 total locks, 1 locks currently held

PNP_TRIAGE: 
	Lock address  : 0x80561560
	Thread Count  : 1
	Thread address: 0x8a867780
	Thread wait   : 0x4d

LAST_CONTROL_TRANSFER:  from 8053657f to 804e29c2

STACK_TEXT:  
WARNING: Frame IP not in any known module. Following frames may be wrong.
f789e178 80717f9d 8a846aa8 8a84aa54 8a84aacc 0x8a846f44
f789e1cc 805a734f 8a846aa8 f789e220 f789e278 hal!HalGetAdapter+0x1583
f789e248 805aa4f6 8a846aa8 00000000 f789e278 nt!IopQueryDeviceResources+0x79
f789e27c 805a8685 8a8843c8 80000048 8a849140 nt!PiQueryAndAllocateBootResources+0x34
f789e36c 805a9022 8a8843c8 8a849140 8a84a768 nt!PipProcessNewDeviceNode+0xab5
f789e5c0 805a4079 8a84a768 00000000 00000000 nt!PipProcessDevNodeTree+0x16b
f789e5f4 80505ed6 00000003 80561598 00000000 nt!PiProcessReenumeration+0x60
f789e61c 80510c13 00000000 80085000 00000000 nt!PipDeviceActionWorker+0x170
f789e634 806c1b58 8a84aca8 00000009 00000000 nt!PipRequestDeviceAction+0x118
f789e690 806b0f8c 80085001 8000003c 00034000 nt!IopInitializePlugPlayServices+0x647
f789e838 806b2012 80085000 00000000 8a867780 nt!IoInitSystem+0x6ea
f789edac 80575828 80085000 00000000 00000000 nt!Phase1Initialization+0xac7
f789eddc 804ec1a9 806b17bf 80085000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


SYMBOL_STACK_INDEX:  2

SYMBOL_NAME:  nt!IopQueryDeviceResources+79

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  5c34e27b

STACK_COMMAND:  .cxr 0xfffffffff789dda8 ; kb

FAILURE_BUCKET_ID:  0x7E_BAD_IP_nt!IopQueryDeviceResources+79

BUCKET_ID:  0x7E_BAD_IP_nt!IopQueryDeviceResources+79

Followup: MachineOwner
---------

3: kd> lm
start    end        module name
804d7000 80700000   nt         (pdb symbols)          c:\symbols\ntkrnlmp.pdb\2070D15C611B40BDA93F5F7F12CAC76C2\ntkrnlmp.pdb
80700000 8071fc00   hal        (export symbols)       halmacpi.dll
ba44e000 ba467e80   Mup        (deferred)             
ba468000 ba494a80   NDIS       (deferred)             
ba495000 ba4abb80   KSecDD     (deferred)             
ba4ac000 ba4cf180   Fastfat    (deferred)             
ba4d0000 ba4e1f00   sr         (deferred)             
ba4e2000 ba501b00   fltMgr     (deferred)             
ba502000 ba54b000   storport   (deferred)             
ba54b000 ba800000   iaStor     (deferred)             
f747a000 f749f700   dmio       (deferred)             
f74a0000 f74be880   ftdisk     (deferred)             
f755f000 f756fa80   pci        (deferred)             
f7570000 f7592700   ntoskrn8   (deferred)             
f7593000 f75d6000   ACPI       (deferred)             
f75f7000 f7600180   isapnp     (deferred)             
f7607000 f7611700   MountMgr   (deferred)             
f7617000 f7622000   PartMgr    (deferred)             
f7627000 f7633c80   VolSnap    (deferred)             
f7637000 f7645000   stornvme   (deferred)             
f7647000 f7657000   disk       (deferred)             
f7657000 f7663180   CLASSPNP   (deferred)             
f7707000 f770d800   firadisk   (deferred)             
f7897000 f789a000   BOOTVID    (deferred)             
f7987000 f7988b80   kdcom      (deferred)             
f7989000 f798a100   WMILIB     (deferred)             
f798b000 f798c700   dmload     (deferred)

#8118infuscomus⇗ @diderius6

so failure does not occur in acpi.sys but in ntkrnlmp.exe?
#8119diderius6⇗ @infuscomus

It looks like an address error, I test some more with Windbg,
what the register values are at 8a846f44
Dietmar
#8120diderius6⇗ @infuscomus

This Bsod before happens because of the now not working nvme driver with this modded ntkrnl8.
So, it means nothing. Here is new
Dietmar



Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows XP 2600 x86 compatible target at (Sat Oct 30 19:52:04.406 2021 (UTC + 2:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
Windows XP Kernel Version 2600 MP (1 procs) Checked x86 compatible
Built by: 2600.xpsp.080413-2133
Machine Name:
Kernel base = 0x80a02000 PsLoadedModuleList = 0x80b019e8
System Uptime: not available

*** Fatal System Error: 0x00000079
                                             (0x00000002,0x00000001,0x00000000,0x00000000)

Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target at (Sat Oct 30 19:52:06.703 2021 (UTC + 2:00)), ptr64 FALSE
Loading Kernel Symbols
........................
Loading User Symbols

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 79, {2, 1, 0, 0}

*** ERROR: Symbol file could not be found.  Defaulted to export symbols for halmacpi.dll - 
Probably caused by : ntkrpamp.exe ( nt!ExpInitializeExecutive+171 )

Followup: MachineOwner
---------

nt!RtlpBreakWithStatusInstruction:
80ac37ec cc              int     3
kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MISMATCHED_HAL (79)
The HAL revision level and HAL configuration type does not match that
of the kernel or the machine type.  This would probably happen if the
user has manually updated either ntoskrnl.exe or hal.dll and managed to
get a conflict.
You have an MP (multi-processor) Hal and a UP (uni-processor) Kernel,
or the reverse.
Arguments:
Arg1: 00000002, 
	The build types mismatch.
Arg2: 00000001, Build type of ntoskrnl.exe
Arg3: 00000000, Build type of hal.dll
	Build type
	0 = Free multiprocessor enabled build
	1 = Checked multiprocessor enabled build
	2 = Free uniprocessor build
	3 = checked uniprocessor build
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR:  0x79_2

DEFAULT_BUCKET_ID:  DRIVER_FAULT

LAST_CONTROL_TRANSFER:  from 80a30d7b to 80ac37ec

STACK_TEXT:  
80af1ef0 80a30d7b 00000003 80af224c 00000000 nt!RtlpBreakWithStatusInstruction
80af1f3c 80a319e6 00000003 000000ff ffdff120 nt!KiBugCheckDebugBreak+0x19
80af231c 80a31f77 00000079 00000002 00000001 nt!KeBugCheck2+0x574
80af233c 8007ea22 00000079 00000002 00000001 nt!KeBugCheckEx+0x1b
WARNING: Stack unwind information not available. Following frames may be wrong.
80af2368 80d2ff9f 00000000 80085000 80afe260 hal!HalInitSystem+0x64
80af24f8 80d41cd4 00000000 80085000 8003fc00 nt!ExpInitializeExecutive+0x171
80af254c 80d3f6ec 80afe4c0 80afe260 80af2810 nt!KiInitializeKernel+0x568
00000000 00000000 00000000 00000000 00000000 nt!KiSystemStartup+0x2c4


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExpInitializeExecutive+171
80d2ff9f 84c0            test    al,al

SYMBOL_STACK_INDEX:  5

SYMBOL_NAME:  nt!ExpInitializeExecutive+171

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4802b3ce

FAILURE_BUCKET_ID:  0x79_2_nt!ExpInitializeExecutive+171

BUCKET_ID:  0x79_2_nt!ExpInitializeExecutive+171

Followup: MachineOwner
---------

kd> lm
start    end        module name
80001000 80004000   BOOTVID    (deferred)             
80007000 80008100   WMILIB     (deferred)             
80009000 8000f800   firadisk   (deferred)             
80010000 80011b80   kdcom      (deferred)             
80012000 8001b180   isapnp     (deferred)             
8001c000 8001d700   dmload     (deferred)             
80062000 80081c00   hal        (export symbols)       halmacpi.dll
80124000 80167000   ACPI       (deferred)             
80167000 80189700   ntoskrn8   (deferred)             
8018a000 8019aa80   pci        (deferred)             
8019b000 801a5700   MountMgr   (deferred)             
801a6000 801c4880   ftdisk     (deferred)             
801c5000 801ea700   dmio       (deferred)             
801eb000 801f6000   PartMgr    (deferred)             
801f6000 80202c80   VolSnap    (deferred)             
80203000 80213000   disk       (deferred)             
80213000 8021f180   CLASSPNP   (deferred)             
80220000 8023fb00   fltMgr     (deferred)             
80240000 80251f00   sr         (deferred)             
80252000 80268b80   KSecDD     (deferred)             
80269000 802f5d00   Ntfs       (deferred)             
802f6000 80322a80   NDIS       (deferred)             
80323000 8033ce80   Mup        (deferred)             
804d7000 8078c000   iaStor     (deferred)             
80a02000 80da3000   nt         (pdb symbols)          c:\symbols\ntkrpamp.pdb\5B9E8A586D3D49D98927B5D5117577231\ntkrpamp.pdb

#8121infuscomus⇗ @diderius6

I see MISMATCHED_HAL (79)
I gave you a free build HAL, not a checked build.
#8122diderius6⇗ @infuscomus
yepp
#8123infuscomus⇗ @diderius6

OK, here is checked HAL.



infuscomus has attached files to this post
#8124diderius6⇗ @infuscomus 

nt!SwapContext+0x130:
80ae3c20 890b            mov     dword ptr [ebx],ecx
kd> p
nt!SwapContext+0x132:
80ae3c22 807e4900        cmp     byte ptr [esi+49h],0
kd> p
nt!SwapContext+0x136:
80ae3c26 7504            jne     nt!SwapContext+0x13c (80ae3c2c)
kd> p
nt!SwapContext+0x138:
80ae3c28 9d              popfd
kd> p
nt!SwapContext+0x139:
80ae3c29 33c0            xor     eax,eax
kd> p
nt!SwapContext+0x13b:
80ae3c2b c3              ret
kd> p
nt!KiThreadStartup:
80ae41fc 33db            xor     ebx,ebx
kd> p
nt!KiThreadStartup+0x2:
80ae41fe 33f6            xor     esi,esi
kd> p
nt!KiThreadStartup+0x4:
80ae4200 33ff            xor     edi,edi
kd> p
nt!KiThreadStartup+0x6:
80ae4202 33ed            xor     ebp,ebp
kd> p
nt!KiThreadStartup+0x8:
80ae4204 b901000000      mov     ecx,1
kd> p
nt!KiThreadStartup+0xd:
80ae4209 ff153030a080    call    dword ptr [nt!_imp_KfLowerIrql (80a03030)]
kd> p
nt!KiThreadStartup+0x13:
80ae420f 58              pop     eax
kd> p
nt!KiThreadStartup+0x14:
80ae4210 ffd0            call    eax
kd> p
PS: Unhandled Kernel Mode Exception Pointers = 0xBA4C2BD4
Code c0000005 Addr 8ABF7ED0 Info0 00000000 Info1 00000000 Info2 00000000 Info3 BA4C3118

*** Fatal System Error: 0x0000007e
                                             (0xC0000005,0x8ABF7ED0,0xBA4C3088,0xBA4C2D84)

WARNING: This break is not a step/trace completion.
The last command has been cleared to prevent
accidental continuation of this unrelated event.
Check the event, location and thread before resuming.
Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target at (Sat Oct 30 20:22:33.687 2021 (UTC + 2:00)), ptr64 FALSE
Loading Kernel Symbols
........................
Loading User Symbols

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 7E, {c0000005, 8abf7ed0, ba4c3088, ba4c2d84}

*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
Probably caused by : ntkrpamp.exe ( nt!IopSynchronousCall+f0 )

Followup: MachineOwner
---------

#8125infuscomus⇗ @diderius6

Maybe it is not possible to use ntoskrnl_extender at all for acpi.sys? I may have to try with a custom ntoskrnl too.
#8126infuscomus⇗ @diderius6

Do you remember how you found the error in ACPIFindLoadRSDT last time around? you're sure there is not still an error acpi.sys?
#8127diderius6⇗ @infuscomus

At the moment compi seems to hang at this

after I set Breakpoint

nt!RtlpBreakWithStatusInstruction:
80ac37ec cc              int     3
kd> g
Breakpoint 0 hit
nt!KiThreadStartup+0xd:
80ae4209 ff153030a080    call    dword ptr [nt!_imp_KfLowerIrql (80a03030)]
kd> p
nt!KiThreadStartup+0x13:
80ae420f 58              pop     eax
kd> p
nt!KiThreadStartup+0x14:
80ae4210 ffd0            call    eax
kd> t
nt!PspSystemThreadStartup:
80bd8178 6a08            push    8
kd> t
nt!PspSystemThreadStartup+0x2:
80bd817a 68d861a080      push    offset nt!`string'+0x30 (80a061d8)
kd> t
nt!PspSystemThreadStartup+0x7:
80bd817f e8ac04f0ff      call    nt!_SEH_prolog (80ad8630)
kd> t
nt!_SEH_prolog:
80ad8630 686065ad80      push    offset nt!_except_handler3 (80ad6560)
kd> t
nt!_SEH_prolog+0x5:
80ad8635 64a100000000    mov     eax,dword ptr fs:[00000000h]
kd> t
nt!_SEH_prolog+0xb:
80ad863b 50              push    eax
kd> t
nt!_SEH_prolog+0xc:
80ad863c 8b442410        mov     eax,dword ptr [esp+10h]
kd> t
nt!_SEH_prolog+0x10:
80ad8640 896c2410        mov     dword ptr [esp+10h],ebp
kd> t
nt!_SEH_prolog+0x14:
80ad8644 8d6c2410        lea     ebp,[esp+10h]
kd> t
nt!_SEH_prolog+0x18:
80ad8648 2be0            sub     esp,eax
kd> t
nt!_SEH_prolog+0x1a:
80ad864a 53              push    ebx
kd> t
nt!_SEH_prolog+0x1b:
80ad864b 56              push    esi
kd> t
nt!_SEH_prolog+0x1c:
80ad864c 57              push    edi
kd> t
nt!_SEH_prolog+0x1d:
80ad864d 8b45f8          mov     eax,dword ptr [ebp-8]
kd> t
nt!_SEH_prolog+0x20:
80ad8650 8965e8          mov     dword ptr [ebp-18h],esp
kd> t
nt!_SEH_prolog+0x23:
80ad8653 50              push    eax
kd> t
nt!_SEH_prolog+0x24:
80ad8654 8b45fc          mov     eax,dword ptr [ebp-4]
kd> t
nt!_SEH_prolog+0x27:
80ad8657 c745fcffffffff  mov     dword ptr [ebp-4],0FFFFFFFFh
kd> t
nt!_SEH_prolog+0x2e:
80ad865e 8945f8          mov     dword ptr [ebp-8],eax
kd> t
nt!_SEH_prolog+0x31:
80ad8661 8d45f0          lea     eax,[ebp-10h]
kd> t
nt!_SEH_prolog+0x34:
80ad8664 64a300000000    mov     dword ptr fs:[00000000h],eax
kd> t
nt!_SEH_prolog+0x3a:
80ad866a c3              ret
kd> t
nt!PspSystemThreadStartup+0xc:
80bd8184 e84964e9ff      call    nt!MmAllowWorkingSetExpansion (80a6e5d2)
kd> t
nt!MmAllowWorkingSetExpansion:
80a6e5d2 8bff            mov     edi,edi
.
.
.

kd> t
hal!HalStartNextProcessor+0x278e:
801189ee 7533            jne     hal!HalStartNextProcessor+0x27c3 (80118a23)
kd> t
hal!HalStartNextProcessor+0x27c3:
80118a23 43              inc     ebx
kd> t
hal!HalStartNextProcessor+0x27c4:
80118a24 83c704          add     edi,4
kd> t
hal!HalStartNextProcessor+0x27c7:
80118a27 6681fb0008      cmp     bx,800h
kd> t
hal!HalStartNextProcessor+0x27cc:
80118a2c 72b6            jb      hal!HalStartNextProcessor+0x2784 (801189e4)
kd> t
hal!HalStartNextProcessor+0x2784:
801189e4 8a07            mov     al,byte ptr [edi]
kd> t
hal!HalStartNextProcessor+0x2786:
801189e6 8ac8            mov     cl,al
kd> t
hal!HalStartNextProcessor+0x2788:
801189e8 80e10f          and     cl,0Fh
kd> t
hal!HalStartNextProcessor+0x278b:
801189eb 80f901          cmp     cl,1
kd> t
hal!HalStartNextProcessor+0x278e:
801189ee 7533            jne     hal!HalStartNextProcessor+0x27c3 (80118a23)
kd> t
hal!HalStartNextProcessor+0x27c3:
80118a23 43              inc     ebx
kd> t
hal!HalStartNextProcessor+0x27c4:
80118a24 83c704          add     edi,4
kd> t
hal!HalStartNextProcessor+0x27c7:
80118a27 6681fb0008      cmp     bx,800h
kd> t
hal!HalStartNextProcessor+0x27cc:
80118a2c 72b6            jb      hal!HalStartNextProcessor+0x2784 (801189e4)
kd> t
hal!HalStartNextProcessor+0x2784:
801189e4 8a07            mov     al,byte ptr [edi]
kd> t
hal!HalStartNextProcessor+0x2786:
801189e6 8ac8            mov     cl,al
kd> t
hal!HalStartNextProcessor+0x2788:
801189e8 80e10f          and     cl,0Fh

#8128diderius6
Breakpoint 0 hit
nt!KiThreadStartup+0xd:
80ae4209 ff153030a080    call    dword ptr [nt!_imp_KfLowerIrql (80a03030)]
3: kd> p
nt!KiThreadStartup+0x13:
80ae420f 58              pop     eax
3: kd> p
nt!KiThreadStartup+0x14:
80ae4210 ffd0            call    eax
3: kd> p
PS: Unhandled Kernel Mode Exception Pointers = 0xBA4C2BD4
Code c0000005 Addr 8ABF7ED0 Info0 00000000 Info1 00000000 Info2 00000000 Info3 BA4C3118

*** Fatal System Error: 0x0000007e
                                             (0xC0000005,0x8ABF7ED0,0xBA4C3088,0xBA4C2D84)

WARNING: This break is not a step/trace completion.
The last command has been cleared to prevent
accidental continuation of this unrelated event.
Check the event, location and thread before resuming.
Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target at (Sat Oct 30 21:01:29.625 2021 (UTC + 2:00)), ptr64 FALSE
Loading Kernel Symbols
........................
Loading User Symbols

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 7E, {c0000005, 8abf7ed0, ba4c3088, ba4c2d84}

*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
Probably caused by : ntkrpamp.exe ( nt!IopSynchronousCall+f0 )

Followup: MachineOwner
---------

nt!RtlpBreakWithStatusInstruction:
80ac37ec cc              int     3
3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 8abf7ed0, The address that the exception occurred at
Arg3: ba4c3088, Exception Record Address
Arg4: ba4c2d84, Context Record Address

Debugging Details:
------------------

*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640
*** No owner thread found for resource 80afd640

EXCEPTION_CODE:
(NTSTATUS) 0xc0000005 - Die Anweisung "0x%08lx" verweist auf Speicher
bei "0x%08lx". Die Daten wurden wegen eines E/A-Fehlers in "0x%081x"
nicht in den Arbeitsspeicher  bertragen.

FAULTING_IP: 
+1562faf00c0dfc0
8abf7ed0 1b0a            sbb     ecx,dword ptr [edx]

EXCEPTION_RECORD:  ba4c3088 -- (.exr 0xffffffffba4c3088)
ExceptionAddress: 8abf7ed0
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 00000000
   Parameter[1]: 00000000
Attempt to read from address 00000000

CONTEXT:  ba4c2d84 -- (.cxr 0xffffffffba4c2d84)
eax=08ac1cef ebx=00000000 ecx=00000001 edx=00000000 esi=e13a6288 edi=e13de148
eip=8abf7ed0 esp=ba4c3150 ebp=8ac1cf00 iopl=0         nv up ei ng nz ac po nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010292
8abf7ed0 1b0a            sbb     ecx,dword ptr [edx]  ds:0023:00000000=????????
Resetting default scope

PROCESS_NAME:  System

ERROR_CODE:
(NTSTATUS) 0xc0000005 - Die Anweisung "0x%08lx" verweist auf Speicher
bei "0x%08lx". Die Daten wurden wegen eines E/A-Fehlers in "0x%081x"
nicht in den Arbeitsspeicher  bertragen.

EXCEPTION_PARAMETER1:  00000000

EXCEPTION_PARAMETER2:  00000000

READ_ADDRESS:  00000000 

FOLLOWUP_IP: 
nt!IopSynchronousCall+f0
80b5e526 8bf0            mov     esi,eax

FAILED_INSTRUCTION_ADDRESS: 
+1562faf00c0dfc0
8abf7ed0 1b0a            sbb     ecx,dword ptr [edx]

BUGCHECK_STR:  0x7E

DEFAULT_BUCKET_ID:  NULL_DEREFERENCE

LOCK_ADDRESS:  80afd6c0 -- (!locks 80afd6c0)

Resource @ nt!IopDeviceTreeLock (0x80afd6c0)    Shared 1 owning threads
     Threads: 8abfe258-01<*> 
1 total locks, 1 locks currently held

PNP_TRIAGE: 
	Lock address  : 0x80afd6c0
	Thread Count  : 1
	Thread address: 0x8abfe258
	Thread wait   : 0x443

LAST_CONTROL_TRANSFER:  from 80a30d7b to 80ac37ec

STACK_TEXT:  
WARNING: Frame IP not in any known module. Following frames may be wrong.
ba4c3154 8011cfac 8ac1cf00 8abf7e7c 8ac1cf00 0x8abf7ed0
ba4c3170 80a21c8d 8ac1cf00 8abf7e60 8ac1cf00 hal!HalGetAdapter+0x2a0c
ba4c3188 80b5e526 8ac1c150 ba4c3264 00000000 nt!IopfCallDriver+0x51
ba4c31b4 80b602db 8ac1cf00 ba4c320c ba4c3264 nt!IopSynchronousCall+0xf0
ba4c3234 80b56451 8ac1cf00 00000000 ba4c3264 nt!IopQueryDeviceResources+0xdf
ba4c3268 80b5cb93 8ac1c150 80000368 00000001 nt!PiQueryAndAllocateBootResources+0x67
ba4c3358 80b5d26d 8ac1c150 8ac20008 8ac20190 nt!PipProcessNewDeviceNode+0xc9d
ba4c35b0 80b5db03 8ac20008 00000000 00000000 nt!PipProcessDevNodeTree+0x1bd
ba4c35e8 80a2d08e 8ac20190 80afd6f8 00000000 nt!PiProcessReenumeration+0xb1
ba4c3610 80a2d2fb 00000000 000f003f 00000000 nt!PipDeviceActionWorker+0x162
ba4c3628 80d37702 8abdfca0 00000009 00000000 nt!PipRequestDeviceAction+0x13b
ba4c3684 80d341c9 80085001 80000008 00034000 nt!IopInitializePlugPlayServices+0x702
ba4c3830 80d31940 80085000 00000000 8abfe258 nt!IoInitSystem+0x805
ba4c3dac 80bd81ac 80085000 00000000 00000000 nt!Phase1Initialization+0xb12
ba4c3ddc 80ae4212 80d30e2e 80085000 00000000 nt!PspSystemThreadStartup+0x34
00000000 00000000 00000000 00000000 00000000 nt!KiThreadStartup+0x16


SYMBOL_STACK_INDEX:  3

SYMBOL_NAME:  nt!IopSynchronousCall+f0

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4802b3ce

STACK_COMMAND:  .cxr 0xffffffffba4c2d84 ; kb

FAILURE_BUCKET_ID:  0x7E_BAD_IP_nt!IopSynchronousCall+f0

BUCKET_ID:  0x7E_BAD_IP_nt!IopSynchronousCall+f0

Followup: MachineOwner
---------

3: kd> lm
start    end        module name
80100000 80126a00   hal        (export symbols)       halmacpi.dll
80a02000 80da3000   nt         (pdb symbols)          c:\symbols\ntkrpamp.pdb\5B9E8A586D3D49D98927B5D5117577231\ntkrpamp.pdb
b9b19000 b9b32e80   Mup        (deferred)             
b9b33000 b9b5fa80   NDIS       (deferred)             
b9b60000 b9becd00   Ntfs       (deferred)             
b9bed000 b9c03b80   KSecDD     (deferred)             
b9c04000 b9c15f00   sr         (deferred)             
b9c16000 b9c35b00   fltMgr     (deferred)             
b9c36000 b9eeb000   iaStor     (deferred)             
b9eeb000 b9f10700   dmio       (deferred)             
b9f11000 b9f2f880   ftdisk     (deferred)             
b9f30000 b9f40a80   pci        (deferred)             
b9f41000 b9f63700   ntoskrn8   (deferred)             
b9f64000 b9fa7000   ACPI       (deferred)             
ba0a8000 ba0b1180   isapnp     (deferred)             
ba0b8000 ba0c2700   MountMgr   (deferred)             
ba0c8000 ba0d3000   PartMgr    (deferred)             
ba0d8000 ba0e4c80   VolSnap    (deferred)             
ba0e8000 ba0f8000   disk       (deferred)             
ba0f8000 ba104180   CLASSPNP   (deferred)             
ba328000 ba32e800   firadisk   (deferred)             
ba4b8000 ba4bb000   BOOTVID    (deferred)             
ba5a8000 ba5a9b80   kdcom      (deferred)             
ba5aa000 ba5ab100   WMILIB     (deferred)             
ba5ac000 ba5ad700   dmload     (deferred)

#8129infuscomus⇗ @diderius6

Tomorrow I'll try patching ntoskrnl with missing functions instead of using the extender and see if that works.
#8130diderius6⇗ @infuscomus

I am still looking, where exact in Debug XP SP3 ntkrnlpa.exe this BSOD with IopSynchronousCall
happens.
FOLLOWUP_IP: 
nt!IopSynchronousCall+f0
80b5e526 8bf0            mov     esi,eax

FAILED_INSTRUCTION_ADDRESS: 
+1562faf0094dfc0
8abf7ed0 040a            add     al,0Ah

BUGCHECK_STR:  0x7E

DEFAULT_BUCKET_ID:  NULL_DEREFERENCE


Dietmar

 

Page 543

#8131diderius6
nt!RtlpBreakWithStatusInstruction:
80ac37ec cc              int     3
kd> g
Breakpoint 0 hit
nt!IopSynchronousCall+0xf0:
80b5e526 8bf0            mov     esi,eax
3: kd> t
nt!IopSynchronousCall+0xf2:
80b5e528 8b450c          mov     eax,dword ptr [ebp+0Ch]
3: kd> t
nt!IopSynchronousCall+0xf5:
80b5e52b 0fb64801        movzx   ecx,byte ptr [eax+1]
3: kd> t
nt!IopSynchronousCall+0xf9:
80b5e52f 33c0            xor     eax,eax
3: kd> t
nt!IopSynchronousCall+0xfb:
80b5e531 40              inc     eax
3: kd> t
nt!IopSynchronousCall+0xfc:
80b5e532 d3e0            shl     eax,cl
3: kd> t
nt!IopSynchronousCall+0xfe:
80b5e534 bb03010000      mov     ebx,103h
3: kd> t
nt!IopSynchronousCall+0x103:
80b5e539 8505a8d9af80    test    dword ptr [nt!PnpIrpMask (80afd9a8)],eax
3: kd> t
nt!IopSynchronousCall+0x109:
80b5e53f 7424            je      nt!IopSynchronousCall+0x12f (80b5e565)
3: kd> t
nt!IopSynchronousCall+0x12f:
80b5e565 3bf3            cmp     esi,ebx
3: kd> t
nt!IopSynchronousCall+0x131:
80b5e567 7512            jne     nt!IopSynchronousCall+0x145 (80b5e57b)
3: kd> t
nt!IopSynchronousCall+0x145:
80b5e57b 8b4510          mov     eax,dword ptr [ebp+10h]
3: kd> t
nt!IopSynchronousCall+0x148:
80b5e57e 85c0            test    eax,eax
3: kd> t
nt!IopSynchronousCall+0x14a:
80b5e580 5f              pop     edi
3: kd> t
nt!IopSynchronousCall+0x14b:
80b5e581 7405            je      nt!IopSynchronousCall+0x152 (80b5e588)
3: kd> t
nt!IopSynchronousCall+0x152:
80b5e588 8bc6            mov     eax,esi
3: kd> t
nt!IopSynchronousCall+0x154:
80b5e58a 5e              pop     esi
3: kd> t
nt!IopSynchronousCall+0x155:
80b5e58b 5b              pop     ebx
3: kd> t
nt!IopSynchronousCall+0x156:
80b5e58c c9              leave
3: kd> t
nt!IopSynchronousCall+0x157:
80b5e58d c20c00          ret     0Ch
3: kd> t
nt!PipQueryDeviceCapabilities+0x57:
80b573fb 8bf0            mov     esi,eax

#8132infuscomus⇗ @diderius6

maybe point of failure is in ntoskrn8.sys? I'm sure I gave you the symbols for it.
#8133diderius6⇗ @infuscomus
Because I succeed to jmp behind the point of crash,
now it seems to boot to desktop,
with Windbg it can laaast an hour
Dietmar

EDIT: No, XP hangs during boot in an endless loop now with scrawling bar all the time.
#8134diderius6⇗ @infuscomus

I found the place of crash in ntoskrnl

.text:0041FC96 ; =============== S U B R O U T I N E =======================================
.text:0041FC96
.text:0041FC96
.text:0041FC96 ; __fastcall IofCallDriver(x, x)
.text:0041FC96                 public @IofCallDriver@8
.text:0041FC96 @IofCallDriver@8 proc near              ; CODE XREF: CcSetValidData(x,x)+A0↑p
.text:0041FC96                                         ; HalExamineMBR(x,x,x,x)+88↑p ...
.text:0041FC96                                                 jmp     _pIofCallDriver
.text:0041FC96 @IofCallDriver@8 endp
.text:0041FC96


Dietmar

PAGE:0055C436 ; __stdcall IopSynchronousCall(x, x, x)
PAGE:0055C436 _IopSynchronousCall@12 proc near        ; CODE XREF: IopQueryDeviceRelations(x,x,x,x)+40↑p
PAGE:0055C436                                         ; IoFreeDumpStack(x)+8E↑p ...
PAGE:0055C436
PAGE:0055C436 Object          = byte ptr -18h
PAGE:0055C436 var_16          = byte ptr -16h
PAGE:0055C436 var_14          = dword ptr -14h
PAGE:0055C436 var_10          = dword ptr -10h
PAGE:0055C436 var_C           = dword ptr -0Ch
PAGE:0055C436 var_8           = dword ptr -8
PAGE:0055C436 var_4           = dword ptr -4
PAGE:0055C436 arg_0           = dword ptr  8
PAGE:0055C436 arg_4           = dword ptr  0Ch
PAGE:0055C436 arg_8           = dword ptr  10h
PAGE:0055C436
PAGE:0055C436                 mov     edi, edi
PAGE:0055C438                 push    ebp
PAGE:0055C439                 mov     ebp, esp
PAGE:0055C43B                 sub     esp, 18h
PAGE:0055C43E                 push    ebx
PAGE:0055C43F                 push    esi
PAGE:0055C440                 mov     esi, ds:__imp__KeGetCurrentIrql@0 ; KeGetCurrentIrql()
PAGE:0055C446                 call    esi ; KeGetCurrentIrql() ; KeGetCurrentIrql()
PAGE:0055C448                 cmp     al, 1
PAGE:0055C44A                 jbe     short loc_55C477
PAGE:0055C44C                 call    esi ; KeGetCurrentIrql() ; KeGetCurrentIrql()
PAGE:0055C44E                 movzx   eax, al
PAGE:0055C451                 push    eax
PAGE:0055C452                 push    offset asc_55C3AE ; "EX: Pageable code called at IRQL %d\n"
PAGE:0055C457                 call    _DbgPrint
PAGE:0055C45C                 pop     ecx
PAGE:0055C45D                 pop     ecx
PAGE:0055C45E                 xor     esi, esi
PAGE:0055C460                 push    esi             ; Message
PAGE:0055C461                 push    12Dh            ; LineNumber
PAGE:0055C466                 push    offset asc_55C3D6 ; "d:\\xpsp\\base\\ntos\\io\\pnpmgr\\pnpirp.c"
PAGE:0055C46B                 push    offset asc_55C3FE ; "FALSE"
PAGE:0055C470                 call    _RtlAssert@16   ; RtlAssert(x,x,x,x)
PAGE:0055C475                 jmp     short loc_55C479
PAGE:0055C477 ; ---------------------------------------------------------------------------
PAGE:0055C477

PAGE:0055C477 loc_55C477: ; CODE XREF: IopSynchronousCall(x,x,x)+14 j
PAGE:0055C477                 xor     esi, esi
PAGE:0055C479

PAGE:0055C479 loc_55C479: ; CODE XREF: IopSynchronousCall(x,x,x)+3F j
PAGE:0055C479                 push    [ebp+arg_0]
PAGE:0055C47C                 call    _IoGetAttachedDevice@4 ; IoGetAttachedDevice(x)
PAGE:0055C481                 mov     [ebp+arg_0], eax
PAGE:0055C484                 movsx   eax, byte ptr [eax+30h]
PAGE:0055C488                 push    esi             ; ChargeQuota
PAGE:0055C489                 push    eax             ; StackSize
PAGE:0055C48A                 call    _IoAllocateIrp@8 ; IoAllocateIrp(x,x)
PAGE:0055C48F                 mov     ebx, eax
PAGE:0055C491                 cmp     ebx, esi
PAGE:0055C493                 jnz     short loc_55C49F
PAGE:0055C495                 mov     eax, 0C000009Ah
PAGE:0055C49A                 jmp     loc_55C58A
PAGE:0055C49F ; ---------------------------------------------------------------------------
PAGE:0055C49F

PAGE:0055C49F loc_55C49F: ; CODE XREF: IopSynchronousCall(x,x,x)+5D j
PAGE:0055C49F                 xor     edx, edx
PAGE:0055C4A1                 push    edi
PAGE:0055C4A2                 inc     edx
PAGE:0055C4A3                 mov     ecx, ebx
PAGE:0055C4A5                 call    @IovUtilWatermarkIrp@8 ; IovUtilWatermarkIrp(x,x)
PAGE:0055C4AA                 mov     eax, 0C00000BBh
PAGE:0055C4AF                 mov     [ebp+var_8], eax
PAGE:0055C4B2                 mov     [ebx+18h], eax
PAGE:0055C4B5                 mov     [ebp+var_4], esi
PAGE:0055C4B8                 mov     [ebx+1Ch], esi
PAGE:0055C4BB                 lea     eax, [ebp+var_10]
PAGE:0055C4BE                 mov     [ebp+var_C], eax
PAGE:0055C4C1                 mov     [ebp+var_10], eax
PAGE:0055C4C4                 lea     eax, [ebp+var_8]
PAGE:0055C4C7                 mov     [ebp+Object], 1
PAGE:0055C4CB                 mov     [ebp+var_16], 4
PAGE:0055C4CF                 mov     [ebp+var_14], esi
PAGE:0055C4D2                 mov     [ebx+28h], eax
PAGE:0055C4D5                 lea     eax, [ebp+Object]
PAGE:0055C4D8                 mov     [ebx+2Ch], eax
PAGE:0055C4DB                 mov     eax, large fs:124h
PAGE:0055C4E1                 mov     cl, 1
PAGE:0055C4E3                 mov     [ebx+50h], eax
PAGE:0055C4E6                 call    ds:__imp_@KfRaiseIrql@4 ; KfRaiseIrql(x)
PAGE:0055C4EC                 mov     edx, [ebx+50h]
PAGE:0055C4EF                 add     edx, 210h
PAGE:0055C4F5                 mov     edi, [edx]
PAGE:0055C4F7                 lea     esi, [ebx+10h]
PAGE:0055C4FA                 mov     [esi], edi
PAGE:0055C4FC                 mov     [esi+4], edx
PAGE:0055C4FF                 mov     [edi+4], esi
PAGE:0055C502                 mov     cl, al
PAGE:0055C504                 mov     [edx], esi
PAGE:0055C506                 call    ds:__imp_@KfLowerIrql@4 ; KfLowerIrql(x)
PAGE:0055C50C                 mov     edi, [ebx+60h]
PAGE:0055C50F                 mov     esi, [ebp+arg_4]
PAGE:0055C512                 push    9
PAGE:0055C514                 sub     edi, 24h
PAGE:0055C517                 pop     ecx
PAGE:0055C518                 rep movsd
PAGE:0055C51A                 mov     edi, [ebp+arg_0]
PAGE:0055C51D                 mov     edx, ebx
PAGE:0055C51F                 mov     ecx, edi
PAGE:0055C521                 call    @IofCallDriver@8 ; IofCallDriver(x,x)
PAGE:0055C526                 mov     esi, eax
PAGE:0055C528                 mov     eax, [ebp+arg_4]
PAGE:0055C52B                 movzx   ecx, byte ptr [eax+1]
PAGE:0055C52F                 xor     eax, eax
PAGE:0055C531                 inc     eax
PAGE:0055C532                 shl     eax, cl
PAGE:0055C534                 mov     ebx, 103h
PAGE:0055C539                 test    dword ptr _PnpIrpMask, eax
PAGE:0055C53F                 jz      short loc_55C565
PAGE:0055C541                 test    esi, esi
PAGE:0055C543                 jl      short loc_55C549
PAGE:0055C545                 cmp     esi, ebx
PAGE:0055C547                 jnz     short loc_55C57B
PAGE:0055C549

PAGE:0055C549 loc_55C549: ; CODE XREF: IopSynchronousCall(x,x,x)+10D j
PAGE:0055C549                 mov     eax, [edi+8]
PAGE:0055C54C                 push    esi
PAGE:0055C54D                 add     eax, 1Ch
PAGE:0055C550                 push    eax
PAGE:0055C551                 push    _IrpName[ecx*4]
PAGE:0055C558                 push    offset aSDriverWzRet_0 ; " ++ %s Driver ( %wZ ) return status %08"...
PAGE:0055C55D                 call    _DbgPrint
PAGE:0055C562                 add     esp, 10h
PAGE:0055C565

PAGE:0055C565 loc_55C565: ; CODE XREF: IopSynchronousCall(x,x,x)+109 j
PAGE:0055C565                 cmp     esi, ebx
PAGE:0055C567                 jnz     short loc_55C57B
PAGE:0055C569                 xor     eax, eax
PAGE:0055C56B                 push    eax             ; Timeout
PAGE:0055C56C                 push    eax             ; Alertable
PAGE:0055C56D                 push    eax             ; WaitMode
PAGE:0055C56E                 push    eax             ; WaitReason
PAGE:0055C56F                 lea     eax, [ebp+Object]
PAGE:0055C572                 push    eax             ; Object
PAGE:0055C573                 call    _KeWaitForSingleObject@20 ; KeWaitForSingleObject(x,x,x,x,x)
PAGE:0055C578                 mov     esi, [ebp+var_8]
PAGE:0055C57B

PAGE:0055C57B loc_55C57B: ; CODE XREF: IopSynchronousCall(x,x,x)+111 j

PAGE:0055C57B ; IopSynchronousCall(x,x,x)+131 j
PAGE:0055C57B                 mov     eax, [ebp+arg_8]
PAGE:0055C57E                 test    eax, eax
PAGE:0055C580                 pop     edi
PAGE:0055C581                 jz      short loc_55C588
PAGE:0055C583                 mov     ecx, [ebp+var_4]
PAGE:0055C586                 mov     [eax], ecx
PAGE:0055C588

PAGE:0055C588 loc_55C588: ; CODE XREF: IopSynchronousCall(x,x,x)+14B j
PAGE:0055C588                 mov     eax, esi
PAGE:0055C58A

PAGE:0055C58A loc_55C58A: ; CODE XREF: IopSynchronousCall(x,x,x)+64 j
PAGE:0055C58A                 pop     esi
PAGE:0055C58B                 pop     ebx
PAGE:0055C58C                 leave
PAGE:0055C58D                 retn    0Ch
PAGE:0055C58D _IopSynchronousCall@12 endp
PAGE:0055C58D

#8135diderius6It looks, as if a driver is hanging

NTSTATUS
FASTCALL
IofCallDriver(
  IN  PDEVICE_OBJECT DeviceObject,
  IN OUT PIRP Irp
   );

Routine Description:

    This routine is invoked to pass an I/O Request Packet (IRP) to another
    driver at its dispatch routine.

Arguments:

    DeviceObject - Pointer to device object to which the IRP should be passed.

    Irp - Pointer to IRP for request.

Return Value:

    Return status from driver's dispatch routine.
#8136diderius6This looks,
as if this hal.dll does not like my MBR?!

HalExamineMBR function (ntddk.h)

    2 minutes to read

The
HalExamineMBR routine reads the master boot record (MBR) of a disk and
returns data from the MBR if the MBR is of the type specified by the
caller.
Syntax

void HalExamineMBR(
  [in]  PDEVICE_OBJECT DeviceObject,
  [in]  ULONG          SectorSize,
  [in]  ULONG          MBRTypeIdentifier,
  [out] PVOID          *Buffer
);

Parameters

[in] DeviceObject

A pointer to the device object for the device being examined.

[in] SectorSize

The
minimum number of bytes that an I/O operation can fetch from the device
being examined. If this value is less than 512, HalExamineMBR reads 512
bytes to ensure that it reads an entire partition table.

[in] MBRTypeIdentifier

MBR
partition type identifier. This parameter specifies the type of MBR
that may be on the disk. For more information, see Remarks.

[out] Buffer

A
pointer to a location to which HalExamineMBR writes a pointer to a
buffer that contains data from the MBR. The layout of the buffer depends
on the MBR partition type. HalExamineMBR allocates the storage for this
buffer. The caller must deallocate this buffer as soon as possible by
calling the ExFreePool routine.

HalExamineMBR sets *Buffer =
NULL if the MBR partition type of the disk does not match that specified
by MBRTypeIdentifier or if there is an error.
Return value

None
Remarks

For
a list of system-defined MBR partition type identifiers, see the table
in PARTITION_INFORMATION. These identifiers are defined in the
Ntdddisk.h header file.
Requirements
  	 	 
Minimum supported client 	Available starting with Windows XP.
Target Platform 	Universal
Header 	ntddk.h (include Ntddk.h)
IRQL 	PASSIVE_LEVEL
DDI compliance rules 	PowerIrpDDis, HwStorPortProhibitedDDIs
#8137infuscomus⇗ @diderius6

I'm guessing no MBR because no ACPI?
#8138Mov AX, 0xDEAD
Zitat von ⇗ diderius6 im Beitrag ¶ #8128
*** Fatal System Error: 0x0000007e
                                             (0xC0000005,0x8ABF7ED0,0xBA4C3088,0xBA4C2D84)

CONTEXT:  ba4c2d84 -- (.cxr 0xffffffffba4c2d84)
eax=08ac1cef ebx=00000000 ecx=00000001 edx=00000000 esi=e13a6288 edi=e13de148

FAILED_INSTRUCTION_ADDRESS: 
+1562faf00c0dfc0
8abf7ed0 1b0a            sbb     ecx,dword ptr [edx]


STACK_TEXT:  
ba4c3154 8011cfac 8ac1cf00 8abf7e7c 8ac1cf00 0x8abf7ed0
ba4c3170 80a21c8d 8ac1cf00 8abf7e60 8ac1cf00 hal!HalGetAdapter+0x2a0c
ba4c3188 80b5e526 8ac1c150 ba4c3264 00000000 nt!IopfCallDriver+0x51

CPU was jumped/called to random address with non-code bytes
hal!HalGetAdapter - init DMA functions
0x8abf7ed0 - bad adress,  drivers loaded to 0xb9xxxxx, kernel loaded to 0x80xxxxxx
#8139Mov AX, 0xDEAD
Zitat von ⇗ diderius6 im Beitrag ¶ #8135
It looks, as if a driver is hanging
NTSTATUS
FASTCALL
IofCallDriver(
  IN  PDEVICE_OBJECT DeviceObject,
  IN OUT PIRP Irp
   );

IopfCallDriver is standart way to call driver functions from other driver
for example HAL can call ACPI and vice versa, Irp is buffer with many data: which function to call, arguments, custom data, etc
#8140Mov AX, 0xDEAD⇗ @diderius6

Zitat von ⇗ diderius6 im Beitrag ¶ #8115
@Mov AX, 0xDEAD
"if someone will implement "new timer api" you'l get usb3"

Until now, I have no idea how to make this.
But I can learn a lot, so.. if there is a chance to integrate more drivers from Win8.1 into XP..

Just missed Extended Timing functions from 8.1 kernel: ExAllocateTimer, ExDeleteTimer, ExCancelTimer, ExSetTimer
add to Emu Extender or patch manually as Gen1 usb3 driver
#8141diderius6⇗ @Mov AX, 0xDEAD

With Windbg I found the exact place, where hal.dll crashes.
First I thought, it is because ESI = C8h (this is the waiting time for the cpu in Microsec).
in hal.dll from XP SP3 is at this place ESI = 7D0h .

PAGELK:80028509 ; =============== S U B R O U T I N E =======================================
PAGELK:80028509
PAGELK:80028509 ; Attributes: bp-based frame
PAGELK:80028509
PAGELK:80028509 sub_80028509    proc near               ; CODE XREF: HalStartNextProcessor+CA↑p
PAGELK:80028509
PAGELK:80028509 arg_0           = dword ptr  8
PAGELK:80028509 arg_4           = dword ptr  0Ch
PAGELK:80028509
PAGELK:80028509                 push    ebp
PAGELK:8002850A                 mov     ebp, esp
PAGELK:8002850C                 push    ebx
PAGELK:8002850D                 mov     ebx, [ebp+arg_0]
PAGELK:80028510                 test    ebx, 0FFF00FFFh
PAGELK:80028516                 push    edi
PAGELK:80028517                 mov     edi, 0FFFE0300h
PAGELK:8002851C                 jz      short loc_80028535
PAGELK:8002851E                 push    0               ; Message
PAGELK:80028520                 push    306h            ; LineNumber
PAGELK:80028525                 push    offset aEXpsp1BaseH_61 ; "e:\\xpsp1\\base\\hals\\halmps\\i386\\mpsproc."...
PAGELK:8002852A                 push    offset aUlongInitcodep ; "(((ULONG) InitCodePhysAddr) & 0xfff00ff"...
PAGELK:8002852F                 call    ds:RtlAssert
PAGELK:80028535

PAGELK:80028535 loc_80028535: ; CODE XREF: sub_80028509+13 j
PAGELK:80028535                 mov     eax, [ebp+arg_4]
PAGELK:80028538                 cmp     eax, dword_80024644
PAGELK:8002853E                 jnb     short loc_8002854E
PAGELK:80028540                 lea     ecx, [ebp+arg_0+3]
PAGELK:80028543                 push    ecx
PAGELK:80028544                 push    eax
PAGELK:80028545                 call    sub_8001972E
PAGELK:8002854A                 test    eax, eax
PAGELK:8002854C                 jge     short loc_80028555
PAGELK:8002854E

PAGELK:8002854E loc_8002854E: ; CODE XREF: sub_80028509+35 j
PAGELK:8002854E                 xor     eax, eax
PAGELK:80028550                 jmp     loc_80028615
PAGELK:80028555 ; ---------------------------------------------------------------------------
PAGELK:80028555

PAGELK:80028555 loc_80028555: ; CODE XREF: sub_80028509+43 j
PAGELK:80028555                 cmp     dword_8001F9C4, 0
PAGELK:8002855C                 jz      short loc_80028568
PAGELK:8002855E                 movzx   eax, byte ptr [ebp+arg_0+3]
PAGELK:80028562                 inc     eax
PAGELK:80028563                 jmp     loc_80028615
PAGELK:80028568 ; ---------------------------------------------------------------------------
PAGELK:80028568

PAGELK:80028568 loc_80028568: ; CODE XREF: sub_80028509+53 j
PAGELK:80028568                 push    esi
PAGELK:80028569                 mov     esi, 0C8h  ===> 7D0h  in Hal.dll from SP3
PAGELK:8002856E                 push    esi             ; MicroSeconds
PAGELK:8002856F                 call    KeStallExecutionProcessor
PAGELK:80028574                 push    64h
PAGELK:80028576                 mov     edx, 0FFFE0300h
PAGELK:8002857B                 pop     ecx
PAGELK:8002857C                 call    sub_80011CF4
PAGELK:80028581                 test    eax, eax
PAGELK:80028583                 jnz     short loc_8002858C
PAGELK:80028585

PAGELK:80028585 loc_80028585: ; CODE XREF: sub_80028509+E7 j
PAGELK:80028585                 xor     eax, eax
PAGELK:80028587                 jmp     loc_80028614
PAGELK:8002858C ; ---------------------------------------------------------------------------
PAGELK:8002858C

PAGELK:8002858C loc_8002858C: ; CODE XREF: sub_80028509+7A j
PAGELK:8002858C                 movzx   ecx, byte ptr [ebp+arg_0+3]
PAGELK:80028590                 shl     ecx, 18h
PAGELK:80028593                 mov     eax, 0FFFE0310h
PAGELK:80028598                 mov     [eax], ecx
PAGELK:8002859A                 mov     dword ptr [edi], 0C500h
PAGELK:800285A0                 push    0Ah             ; MicroSeconds
PAGELK:800285A2                 call    KeStallExecutionProcessor
PAGELK:800285A7                 push    esi             ; MicroSeconds
PAGELK:800285A8                 mov     dword ptr [edi], 8500h
PAGELK:800285AE                 call    KeStallExecutionProcessor
PAGELK:800285B3                 cmp     dword_80024640, 0
PAGELK:800285BA                 jz      short loc_8002860F
PAGELK:800285BC                 movzx   ecx, byte ptr [ebp+arg_0+3]
PAGELK:800285C0                 and     ebx, 0FF000h
PAGELK:800285C6                 or      ebx, 600000h
PAGELK:800285CC                 shl     ecx, 18h
PAGELK:800285CF                 mov     eax, 0FFFE0310h
PAGELK:800285D4                 shr     ebx, 0Ch
PAGELK:800285D7                 mov     [eax], ecx
PAGELK:800285D9                 push    esi             ; MicroSeconds
PAGELK:800285DA                 mov     [edi], ebx
PAGELK:800285DC                 call    KeStallExecutionProcessor ===> Place of crash, compi restarts, no BSOD
PAGELK:800285E1                 push    64h
PAGELK:800285E3                 mov     edx, 0FFFE0300h
PAGELK:800285E8                 pop     ecx
PAGELK:800285E9                 call    sub_80011CF4
PAGELK:800285EE                 test    eax, eax
PAGELK:800285F0                 jz      short loc_80028585
PAGELK:800285F2                 push    64h             ; MicroSeconds
PAGELK:800285F4                 call    KeStallExecutionProcessor
PAGELK:800285F9                 movzx   ecx, byte ptr [ebp+arg_0+3]
PAGELK:800285FD                 shl     ecx, 18h
PAGELK:80028600                 mov     eax, 0FFFE0310h
PAGELK:80028605                 mov     [eax], ecx
PAGELK:80028607                 push    esi             ; MicroSeconds
PAGELK:80028608                 mov     [edi], ebx
PAGELK:8002860A                 call    KeStallExecutionProcessor
PAGELK:8002860F

PAGELK:8002860F loc_8002860F: ; CODE XREF: sub_80028509+B1 j
PAGELK:8002860F                 movzx   eax, byte ptr [ebp+arg_0+3]
PAGELK:80028613                 inc     eax
PAGELK:80028614

PAGELK:80028614 loc_80028614: ; CODE XREF: sub_80028509+7E j
PAGELK:80028614                 pop     esi
PAGELK:80028615

PAGELK:80028615 loc_80028615: ; CODE XREF: sub_80028509+47 j
PAGELK:80028615
; sub_80028509+5A j
PAGELK:80028615                 pop     edi
PAGELK:80028616                 pop     ebx
PAGELK:80028617                 pop     ebp
PAGELK:80028618                 retn    8
PAGELK:80028618 sub_80028509    endp
PAGELK:80028618
PAGELK:80028618 ; ---------------------------------------------------------------------------
PAGELK:8002861B                 align 4
PAGELK:8002861C
PAGELK:8002861C ; =============== S U B R O U T I N E =======================================


.text:80018930 KeStallExecutionProcessor proc near     ; CODE XREF: sub_80013DC8+7C↑p
.text:80018930                                         ; sub_80013E6E+7C↑p ...
.text:80018930
.text:80018930 MicroSeconds    = dword ptr  8
.text:80018930
.text:80018930                 push    ebp
.text:80018931                 mov     ebp, esp
.text:80018933                 pop     ebp
.text:80018934                 jmp     ds:off_8001F444
.text:80018934 KeStallExecutionProcessor endp
.text:80018934


#8142diderius6I change the time for wait in hal.dll to 7D0h as you can see on photo in ESI=7D0h.
But it does not help.

This error is reproducible,
compi always crash at 
*85DA                 mov     [edi], ebx
*85DC                 call    KeStallExecutionProcessor =====> crash and reboot without Bsod
*85E1                 push    64h
On photo you can see, that EBX = 60c .
Is this wrong address, so that  KeStallExecutionProcessor cant be found?


#8143diderius6⇗ @infuscomus

The Bsod comes from your new hal.dll.

I test your new hal.dll with original ntoskrnl and acpi.sys from XP SP3
and there it crashes also.
With the hal.dll, which you send me before build from Sources SP1 it boots to desktop with acpi.sys from XP SP3
Dietmar
#8144infuscomus⇗ @diderius6

Thanks for testing, appreciate it.
I think this is beyond my skills so I'm giving up for now.
#8145Bumpyif you have the source code you can change every asserts and such
to outputs in a text file all executed functions + parameters + data etc.

 

Page 544

#8146diderius6⇗ @infuscomus

How do you generate this hal.dll?
Did you change anything compared to the Hal.dll form Sources SP1,
that you send to me few days ago
Dietmar
#8147infuscomus⇗ @diderius6

I added some stub functions to this HAL for the Vista RTM acpi.sys to resolve missing dependencies that are missing from XP HAL.
#8148Mov AX, 0xDEAD
Zitat von ⇗ diderius6 im Beitrag ¶ #8142
*85DA                 mov     [edi], ebx
*85DC                 call    KeStallExecutionProcessor =====> crash and reboot without Bsod
*85E1                 push    64h

KeStallExecutionProcessor depends on timer counter, before first call to KeStallExecutionProcessor, hal determinate which timer counter to use (usually RDTSC counter). If it really hangs on first call to KeStallExecutionProcessor, it means execution path at HAL is wrong
In Vista+ loaders KeStallExecutionProcessor already inited by loader before loading kernel

if it is not first call, you have problem with this function, it write to APIC hardware to start up additional cores, it hangs at apic, not at Stall cycle
#8149diderius6⇗ @Mov AX, 0xDEAD

I make hack for to overcome all call KeStallExecutionProcessor

PAGELK:80028509 ; =============== S U B R O U T I N E =======================================
PAGELK:80028509
PAGELK:80028509 ; Attributes: bp-based frame
PAGELK:80028509
PAGELK:80028509 sub_80028509    proc near               ; CODE XREF: HalStartNextProcessor+CA↑p
PAGELK:80028509
PAGELK:80028509 arg_0           = dword ptr  8
PAGELK:80028509 arg_4           = dword ptr  0Ch
PAGELK:80028509
PAGELK:80028509                 push    ebp
PAGELK:8002850A                 mov     ebp, esp
PAGELK:8002850C                 push    ebx
PAGELK:8002850D                 mov     ebx, [ebp+arg_0]
PAGELK:80028510                 test    ebx, 0FFF00FFFh
PAGELK:80028516                 push    edi
PAGELK:80028517                 mov     edi, 0FFFE0300h
PAGELK:8002851C                 jz      short loc_80028535
PAGELK:8002851E                 push    0               ; Message
PAGELK:80028520                 push    306h            ; LineNumber
PAGELK:80028525                 push    offset aEXpsp1BaseH_61 ; "e:\\xpsp1\\base\\hals\\halmps\\i386\\mpsproc."...
PAGELK:8002852A                 push    offset aUlongInitcodep ; "(((ULONG) InitCodePhysAddr) & 0xfff00ff"...
PAGELK:8002852F                 call    ds:RtlAssert
PAGELK:80028535

PAGELK:80028535 loc_80028535: ; CODE XREF: sub_80028509+13 j
PAGELK:80028535                 mov     eax, [ebp+arg_4]
PAGELK:80028538                 cmp     eax, dword_80024644
PAGELK:8002853E                 jnb     short loc_8002854E
PAGELK:80028540                 lea     ecx, [ebp+arg_0+3]
PAGELK:80028543                 push    ecx
PAGELK:80028544                 push    eax
PAGELK:80028545                 call    sub_8001972E
PAGELK:8002854A                 test    eax, eax
PAGELK:8002854C                                                 jge     short loc_80028555  ==> Nop Nop (90 90)
PAGELK:8002854E

PAGELK:8002854E loc_8002854E: ; CODE XREF: sub_80028509+35 j
PAGELK:8002854E                 xor     eax, eax
PAGELK:80028550                                                 jmp     loc_80028615
PAGELK:80028555 ; ---------------------------------------------------------------------------
PAGELK:80028555

PAGELK:80028555 loc_80028555: ; CODE XREF: sub_80028509+43 j
PAGELK:80028555                 cmp     dword_8001F9C4, 0
PAGELK:8002855C                 jz      short loc_80028568
PAGELK:8002855E                 movzx   eax, byte ptr [ebp+arg_0+3]
PAGELK:80028562                 inc     eax
PAGELK:80028563                 jmp     loc_80028615
PAGELK:80028568 ; ---------------------------------------------------------------------------
PAGELK:80028568

PAGELK:80028568 loc_80028568: ; CODE XREF: sub_80028509+53 j
PAGELK:80028568                 push    esi
PAGELK:80028569                 mov     esi, 0C8h
PAGELK:8002856E                 push    esi             ; MicroSeconds
PAGELK:8002856F                 call    KeStallExecutionProcessor
PAGELK:80028574                 push    64h
PAGELK:80028576                 mov     edx, 0FFFE0300h
PAGELK:8002857B                 pop     ecx
PAGELK:8002857C                 call    sub_80011CF4
PAGELK:80028581                 test    eax, eax
PAGELK:80028583                 jnz     short loc_8002858C
PAGELK:80028585

PAGELK:80028585 loc_80028585: ; CODE XREF: sub_80028509+E7 j
PAGELK:80028585                 xor     eax, eax
PAGELK:80028587                 jmp     loc_80028614
PAGELK:8002858C ; ---------------------------------------------------------------------------
PAGELK:8002858C

PAGELK:8002858C loc_8002858C: ; CODE XREF: sub_80028509+7A j
PAGELK:8002858C                 movzx   ecx, byte ptr [ebp+arg_0+3]
PAGELK:80028590                 shl     ecx, 18h
PAGELK:80028593                 mov     eax, 0FFFE0310h
PAGELK:80028598                 mov     [eax], ecx
PAGELK:8002859A                 mov     dword ptr [edi], 0C500h
PAGELK:800285A0                 push    0Ah             ; MicroSeconds
PAGELK:800285A2                 call    KeStallExecutionProcessor
PAGELK:800285A7                 push    esi             ; MicroSeconds
PAGELK:800285A8                 mov     dword ptr [edi], 8500h
PAGELK:800285AE                 call    KeStallExecutionProcessor
PAGELK:800285B3                 cmp     dword_80024640, 0
PAGELK:800285BA                 jz      short loc_8002860F
PAGELK:800285BC                 movzx   ecx, byte ptr [ebp+arg_0+3]
PAGELK:800285C0                 and     ebx, 0FF000h
PAGELK:800285C6                 or      ebx, 600000h
PAGELK:800285CC                 shl     ecx, 18h
PAGELK:800285CF                 mov     eax, 0FFFE0310h
PAGELK:800285D4                 shr     ebx, 0Ch
PAGELK:800285D7                 mov     [eax], ecx
PAGELK:800285D9                 push    esi             ; MicroSeconds
PAGELK:800285DA                 mov     [edi], ebx
PAGELK:800285DC                 call    KeStallExecutionProcessor
PAGELK:800285E1                 push    64h
PAGELK:800285E3                 mov     edx, 0FFFE0300h
PAGELK:800285E8                 pop     ecx
PAGELK:800285E9                 call    sub_80011CF4
PAGELK:800285EE                 test    eax, eax
PAGELK:800285F0                 jz      short loc_80028585
PAGELK:800285F2                 push    64h             ; MicroSeconds
PAGELK:800285F4                 call    KeStallExecutionProcessor
PAGELK:800285F9                 movzx   ecx, byte ptr [ebp+arg_0+3]
PAGELK:800285FD                 shl     ecx, 18h
PAGELK:80028600                 mov     eax, 0FFFE0310h
PAGELK:80028605                 mov     [eax], ecx
PAGELK:80028607                 push    esi             ; MicroSeconds
PAGELK:80028608                 mov     [edi], ebx
PAGELK:8002860A                 call    KeStallExecutionProcessor
PAGELK:8002860F

PAGELK:8002860F loc_8002860F: ; CODE XREF: sub_80028509+B1 j
PAGELK:8002860F                 movzx   eax, byte ptr [ebp+arg_0+3]
PAGELK:80028613                 inc     eax
PAGELK:80028614

PAGELK:80028614 loc_80028614: ; CODE XREF: sub_80028509+7E j
PAGELK:80028614                 pop     esi
PAGELK:80028615
PAGELK:80028615 loc_80028615:                           
                         
                         
; CODE XREF: sub_80028509+47 j
PAGELK:80028615 ; sub_80028509+5A j
PAGELK:80028615                 pop     edi
PAGELK:80028616                 pop     ebx
PAGELK:80028617                 pop     ebp
PAGELK:80028618                 retn    8
PAGELK:80028618 sub_80028509    endp
PAGELK:80028618
PAGELK:80028618 ; ---------------------------------------------------------------------------
PAGELK:8002861B                 align 4
PAGELK:8002861C
PAGELK:8002861C ; =============== S U B R O U T I N E =======================================

#8150infuscomus⇗ @diderius6

I tried again - the free build of this one worked in a VM at least, hopefully this checked build also boots for you.



infuscomus has attached files to this post
#8151diderius6⇗ @infuscomus

The Bsod happens at exact the same place as before.
My Hack with 90 90 gives no Bsod but endless loop with HalStartNextProcessor
Dietmar

hal!HalStartNextProcessor+0x234e:
801185ae e87d03ffff      call    hal!KeStallExecutionProcessor (80108930)
kd> t
hal!KeStallExecutionProcessor:
80108930 55              push    ebp
kd> t
hal!KeStallExecutionProcessor+0x1:
80108931 8bec            mov     ebp,esp
kd> t
hal!KeStallExecutionProcessor+0x3:
80108933 5d              pop     ebp
kd> t
hal!KeStallExecutionProcessor+0x4:
80108934 ff2544f41080    jmp     dword ptr [hal!HalMakeBeep+0x59c4 (8010f444)]
kd> t
hal+0xd2c:
80100d2c 53              push    ebx
kd> t
hal+0xd2d:
80100d2d 57              push    edi
kd> t
hal+0xd2e:
80100d2e 33c0            xor     eax,eax
kd> t
hal+0xd30:
80100d30 0fa2            cpuid
kd> t
hal+0xd32:
80100d32 0f31            rdtsc
kd> t
hal+0xd34:
80100d34 8bd8            mov     ebx,eax
kd> t
hal+0xd36:
80100d36 8bfa            mov     edi,edx
kd> t
hal+0xd38:
80100d38 8b4c240c        mov     ecx,dword ptr [esp+0Ch]
kd> t
hal+0xd3c:
80100d3c 64a14c000000    mov     eax,dword ptr fs:[0000004Ch]
kd> t
hal+0xd42:
80100d42 f7e1            mul     eax,ecx
kd> t
hal+0xd44:
80100d44 03d8            add     ebx,eax
kd> t
hal+0xd46:
80100d46 13fa            adc     edi,edx
kd> t
hal+0xd48:
80100d48 0f31            rdtsc
kd> t
hal+0xd4a:
80100d4a 3bfa            cmp     edi,edx
kd> t
hal+0xd4c:
80100d4c 77fa            ja      hal+0xd48 (80100d48)
kd> t
hal+0xd4e:
80100d4e 7204            jb      hal+0xd54 (80100d54)
kd> t
hal+0xd54:
80100d54 5f              pop     edi
kd> t
hal+0xd55:
80100d55 5b              pop     ebx
kd> t
hal+0xd56:
80100d56 c20400          ret     4
kd> t
hal!HalStartNextProcessor+0x2353:
801185b3 833d4046118000  cmp     dword ptr [hal!KdComPortInUse+0x4e38 (80114640)],0
kd> t
hal!HalStartNextProcessor+0x235a:
801185ba 7453            je      hal!HalStartNextProcessor+0x23af (8011860f)
kd> t
hal!HalStartNextProcessor+0x235c:
801185bc 0fb64d0b        movzx   ecx,byte ptr [ebp+0Bh]
kd> t
hal!HalStartNextProcessor+0x2360:
801185c0 81e300f00f00    and     ebx,0FF000h
kd> t
hal!HalStartNextProcessor+0x2366:
801185c6 81cb00006000    or      ebx,600000h
kd> t
hal!HalStartNextProcessor+0x236c:
801185cc c1e118          shl     ecx,18h
kd> t
hal!HalStartNextProcessor+0x236f:
801185cf b81003feff      mov     eax,0FFFE0310h
kd> t
hal!HalStartNextProcessor+0x2374:
801185d4 c1eb0c          shr     ebx,0Ch
kd> t
hal!HalStartNextProcessor+0x2377:
801185d7 8908            mov     dword ptr [eax],ecx
kd> t
hal!HalStartNextProcessor+0x2379:
801185d9 56              push    esi
kd> t
hal!HalStartNextProcessor+0x237a:
801185da 891f            mov     dword ptr [edi],ebx
kd> t

Bsod, here comes in this step          call    KeStallExecutionProcessor

#8152infuscomus⇗ @diderius6

Strange.
I was able to boot with the free build, are you using outerspace acpi.sys or Vista acpi.sys? I used outerspace acpi.sys
#8153diderius6⇗ @infuscomus
I use the acpi.sys from Vista, because this is the aim.
Ok, I try with acpi.sys from outerspace ) also now
Dietmar
#8154diderius6Wit acpi.sys from outerspace )
Bsod at the exact same place,
so this comes only from hal.dll
Dietmar
kd> t
hal!HalStartNextProcessor+0x2379:
801185d9 56              push    esi
kd> t
hal!HalStartNextProcessor+0x237a:
801185da 891f            mov     dword ptr [edi],ebx
kd> t
#8155infuscomus⇗ @diderius6

I tested with outerspace acpi.sys to be sure that my modded HAL would boot XP with our known working ACPI driver.

If my HAL is working, then we can try Vista acpi.sys
#8156infuscomus⇗ @diderius6

Does it boot without the debugger connected?

edit:
checked HAL crashes VM, but free build works?

Why??
#8157diderius6⇗ @infuscomus

Always the exact same Bsod, independend from acpi.sys,
no matter if Debugger is connected or not
Dietmar
#8158infuscomus⇗ @diderius6

I'll look for the spot in the code that stops the free HAL from working with the debugger and I'll send you that. Hopefully that'll work.
#8159infuscomus⇗ @diderius6

I think I got rid of the debugger check for the free build.
try this.



infuscomus has attached files to this post
#8160diderius6⇗ @infuscomus

Waaooh, this checked hal.dll boots XP SP3 to desktop with acpi.sys from outerspace ) and the checked ntkrnlpa.exe from XP SP3
Dietmar

PS: Now I try acpi.sys from Vista.

 

Page 545

#8161infuscomus⇗ @diderius6

Sorry, it's a free HAL, something is wrong with the checked HAL, I'm not sure what's wrong with it.
#8162diderius6⇗ @infuscomus

With the debugger connected, this hal.dll gives "hardware error" during boot with ntldr.
And without debugger, acpi.sys from Vista restarts compi.
But with freeldr I can run Debugger with acpi.sys from Vista this gives


Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows XP 2600 x86 compatible target at (Sun Oct 31 21:49:36.218 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols
Executable search path is: C:\Symbols
Windows XP Kernel Version 2600 MP (1 procs) Free x86 compatible
Built by: 2600.xpsp_sp3_qfe.190108-0655
Machine Name:
Kernel base = 0x807e5000 PsLoadedModuleList = 0x808714c0
System Uptime: not available
MM: Loader/HAL memory block indicates large pages cannot be used for 85448000->868B8FFF
MM: Disabling large pages for all ranges due to overlap

*** Fatal System Error: 0x0000007e
                                             (0xC0000005,0x00000000,0xF789E168,0xF789DE64)

Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target at (Sun Oct 31 21:49:43.140 2021 (UTC + 1:00)), ptr64 FALSE
Loading Kernel Symbols
..............................
Loading User Symbols

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 7E, {c0000005, 0, f789e168, f789de64}

Probably caused by : Unknown_Image ( ANALYSIS_INCONCLUSIVE )

Followup: MachineOwner
---------

nt!RtlpBreakWithStatusInstruction:
807f09c2 cc              int     3
3: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

SYSTEM_THREAD_EXCEPTION_NOT_HANDLED (7e)
This is a very common bugcheck.  Usually the exception address pinpoints
the driver/function that caused the problem.  Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 00000000, The address that the exception occurred at
Arg3: f789e168, Exception Record Address
Arg4: f789de64, Context Record Address

Debugging Details:
------------------


EXCEPTION_CODE:
(NTSTATUS) 0xc0000005 - Die Anweisung "0x%08lx" verweist auf Speicher
bei "0x%08lx". Die Daten wurden wegen eines E/A-Fehlers in "0x%081x"
nicht in den Arbeitsspeicher  bertragen.

FAULTING_IP: 
+1b
00000000 ??              ???

EXCEPTION_RECORD:  f789e168 -- (.exr 0xfffffffff789e168)
ExceptionAddress: 00000000
   ExceptionCode: c0000005 (Access violation)
  ExceptionFlags: 00000000
NumberParameters: 2
   Parameter[0]: 00000000
   Parameter[1]: 00000000
Attempt to read from address 00000000

CONTEXT:  f789de64 -- (.cxr 0xfffffffff789de64)
eax=00000000 ebx=80a10780 ecx=54445358 edx=00000001 esi=f7597b20 edi=80a106b0
eip=00000000 esp=f789e230 ebp=f789e250 iopl=0         nv up ei pl zr na pe nc
cs=0008  ss=0010  ds=0023  es=0023  fs=0030  gs=0000             efl=00010246
00000000 ??              ???
Resetting default scope

DEFAULT_BUCKET_ID:  DRIVER_FAULT

PROCESS_NAME:  System

ERROR_CODE:
(NTSTATUS) 0xc0000005 - Die Anweisung "0x%08lx" verweist auf Speicher
bei "0x%08lx". Die Daten wurden wegen eines E/A-Fehlers in "0x%081x"
nicht in den Arbeitsspeicher  bertragen.

EXCEPTION_PARAMETER1:  00000000

EXCEPTION_PARAMETER2:  00000000

READ_ADDRESS:  00000000 

FOLLOWUP_IP: 
+1b
00000000 ??              ???

FAILED_INSTRUCTION_ADDRESS: 
+1b
00000000 ??              ???

BUGCHECK_STR:  0x7E

LAST_CONTROL_TRANSFER:  from 00000000 to 00000000

STACK_TEXT:  
f789e22c 00000000 00000000 00000000 f759c4fc 0x0


STACK_COMMAND:  kb

SYMBOL_NAME:  ANALYSIS_INCONCLUSIVE

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: Unknown_Module

IMAGE_NAME:  Unknown_Image

DEBUG_FLR_IMAGE_TIMESTAMP:  0

FAILURE_BUCKET_ID:  0x7E_NULL_IP_ANALYSIS_INCONCLUSIVE

BUCKET_ID:  0x7E_NULL_IP_ANALYSIS_INCONCLUSIVE

Followup: MachineOwner
---------

#8163infuscomus⇗ @diderius6

nice!
does loading up acpi.pdb reveal any more info about it?
#8164diderius6With freeldr, your free hal.dll and original Vista RTM acpi.sys I get this.
But now we have 2 places, hal.dll and acpi.sys from Vista,
which should be solved
Dietmar

nt!KeUpdateRunTime+0xb6:
807f0799 83b89009000000  cmp     dword ptr [eax+990h],0
kd> t
nt!KeUpdateRunTime+0xbd:
807f07a0 744e            je      nt!KeUpdateRunTime+0x10d (807f07f0)
kd> t
nt!KeUpdateRunTime+0x10d:
807f07f0 ff88dc050000    dec     dword ptr [eax+5DCh]
kd> t
nt!KeUpdateRunTime+0x113:
807f07f6 7522            jne     nt!KeUpdateRunTime+0x138 (807f081a)
kd> t
nt!KeUpdateRunTime+0x138:
807f081a 806b6f03        sub     byte ptr [ebx+6Fh],3
kd> t
nt!KeUpdateRunTime+0x13c:
807f081e 7f19            jg      nt!KeUpdateRunTime+0x157 (807f0839)
kd> t
nt!KeUpdateRunTime+0x157:
807f0839 5b              pop     ebx
kd> t
nt!KeUpdateRunTime+0x158:
807f083a c20400          ret     4
kd> t
nt!KeUpdateSystemTime+0x146:
807f069e fa              cli
kd> t
nt!KeUpdateSystemTime+0x147:
807f069f ff1594607e80    call    dword ptr [nt!_imp__HalEndSystemInterrupt (807e6094)]
kd> t
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for halmacpi.dll - 
hal!HalEndSystemInterrupt:
80a10d54 33c9            xor     ecx,ecx
kd> t
hal!HalEndSystemInterrupt+0x2:
80a10d56 8a4c2404        mov     cl,byte ptr [esp+4]
kd> t
hal!HalEndSystemInterrupt+0x6:
80a10d5a 8a895402a180    mov     cl,byte ptr hal!HalRequestIpi+0x4c0 (80a10254)[ecx]
kd> t
hal!HalEndSystemInterrupt+0xc:
80a10d60 c705b000feff00000000 mov dword ptr ds:[0FFFE00B0h],0
kd> t
hal!HalEndSystemInterrupt+0x16:
80a10d6a 80f941          cmp     cl,41h
kd> t
hal!HalEndSystemInterrupt+0x19:
80a10d6d 720f            jb      hal!HalEndSystemInterrupt+0x2a (80a10d7e)
kd> t
hal!HalEndSystemInterrupt+0x2a:
80a10d7e 64803d9600000000 cmp     byte ptr fs:[96h],0
kd> t
hal!HalEndSystemInterrupt+0x32:
80a10d86 64c6059500000000 mov     byte ptr fs:[95h],0
kd> t
hal!HalEndSystemInterrupt+0x3a:
80a10d8e 74df            je      hal!HalEndSystemInterrupt+0x1b (80a10d6f)
kd> t
hal!HalEndSystemInterrupt+0x1b:
80a10d6f 890d8000feff    mov     dword ptr ds:[0FFFE0080h],ecx
kd> t
hal!HalEndSystemInterrupt+0x21:
80a10d75 8b158000feff    mov     edx,dword ptr ds:[0FFFE0080h]
kd> t
hal!HalEndSystemInterrupt+0x27:
80a10d7b c20800          ret     8
kd> t
nt!KeUpdateSystemTime+0x14d:
807f06a5 e983bbffff      jmp     nt!Kei386EoiHelper (807ec22d)
kd> t
nt!Kei386EoiHelper:
807ec22d fa              cli
kd> t
nt!Kei386EoiHelper+0x1:
807ec22e f7457000000200  test    dword ptr [ebp+70h],20000h
kd> t
nt!Kei386EoiHelper+0x8:
807ec235 7506            jne     nt!Kei386EoiHelper+0x10 (807ec23d)
kd> t
nt!Kei386EoiHelper+0xa:
807ec237 f6456c01        test    byte ptr [ebp+6Ch],1
kd> t
nt!Kei386EoiHelper+0xe:
807ec23b 7434            je      nt!Kei386EoiHelper+0x44 (807ec271)
kd> t
nt!Kei386EoiHelper+0x44:
807ec271 8b54244c        mov     edx,dword ptr [esp+4Ch]
kd> t
nt!Kei386EoiHelper+0x48:
807ec275 648b1d50000000  mov     ebx,dword ptr fs:[50h]
kd> t
nt!Kei386EoiHelper+0x4f:
807ec27c 64891500000000  mov     dword ptr fs:[0],edx
kd> t
nt!Kei386EoiHelper+0x56:
807ec283 f7c3ff000000    test    ebx,0FFh
kd> t
nt!Kei386EoiHelper+0x5c:
807ec289 754e            jne     nt!Kei386EoiHelper+0xac (807ec2d9)
kd> t
nt!Kei386EoiHelper+0x5e:
807ec28b f744247000000200 test    dword ptr [esp+70h],20000h
kd> t
nt!Kei386EoiHelper+0x66:
807ec293 0f85c1000000    jne     nt!Kei386EoiHelper+0x12c (807ec35a)
kd> t
nt!Kei386EoiHelper+0x6c:
807ec299 66f744246cf9ff  test    word ptr [esp+6Ch],0FFF9h
kd> t
nt!Kei386EoiHelper+0x73:
807ec2a0 7477            je      nt!Kei386EoiHelper+0xec (807ec319)
kd> t
nt!Kei386EoiHelper+0x75:
807ec2a2 8b54243c        mov     edx,dword ptr [esp+3Ch]
kd> t
nt!Kei386EoiHelper+0x79:
807ec2a6 8b4c2440        mov     ecx,dword ptr [esp+40h]
kd> t
nt!Kei386EoiHelper+0x7d:
807ec2aa 8b442444        mov     eax,dword ptr [esp+44h]
kd> t
nt!Kei386EoiHelper+0x81:
807ec2ae 66837d6c08      cmp     word ptr [ebp+6Ch],8
kd> t
nt!Kei386EoiHelper+0x86:
807ec2b3 740c            je      nt!Kei386EoiHelper+0x94 (807ec2c1)
kd> t
nt!Kei386EoiHelper+0x94:
807ec2c1 8d6554          lea     esp,[ebp+54h]
kd> t
nt!Kei386EoiHelper+0x97:
807ec2c4 5f              pop     edi
kd> t
nt!Kei386EoiHelper+0x98:
807ec2c5 5e              pop     esi
kd> t
nt!Kei386EoiHelper+0x99:
807ec2c6 5b              pop     ebx
kd> t
nt!Kei386EoiHelper+0x9a:
807ec2c7 5d              pop     ebp
kd> t
nt!Kei386EoiHelper+0x9b:
807ec2c8 66817c24088000  cmp     word ptr [esp+8],80h
kd> t
nt!Kei386EoiHelper+0xa2:
807ec2cf 0f87a1000000    ja      nt!Kei386EoiHelper+0x148 (807ec376)
kd> t
nt!Kei386EoiHelper+0xa8:
807ec2d5 83c404          add     esp,4
kd> t
nt!Kei386EoiHelper+0xab:
807ec2d8 cf              iretd After this line Bsod, compi restarts
kd> t
Bsod

#8165infuscomus⇗ @diderius6

would a checked vista rtm acpi.sys help for this?
#8166diderius6⇗ @infuscomus

For to see, what is going on, the checked versions are better.
So, better to have acpi.sys from Vista as checked version
Dietmar

PS: Do you know, why the checked version from SP1 hal.dll from Sources does not boot XP SP3?
#8167infuscomus⇗ @diderius6

OK, I'll get you a checked version.

Zitat von ⇗ diderius6 im Beitrag ¶ #8166
PS: Do you know, why the checked version from SP1 hal.dll from Sources does not boot XP SP3?


No, sorry, If I knew why I would fix it.
#8168infuscomus⇗ @diderius6

Vista RTM checked acpi.sys



infuscomus has attached files to this post
#8169infuscomus⇗ @diderius6

any progress with the checked acpi.sys?
#8170diderius6⇗ @infuscomus
Today I have a lot of work at school. Corona is going like crazy in Germany again.
We have incidents 700 in parts, even with vaccine and a lot of new dead people.
Tomorrow I test checked acpi.sys from Vista
Dietmar
#8171George King
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #8140
@diderius6
Zitat von ⇗ diderius6 im Beitrag ¶ #8115
@Mov AX, 0xDEAD
"if someone will implement "new timer api" you'l get usb3"

Until now, I have no idea how to make this.
But I can learn a lot, so.. if there is a chance to integrate more drivers from Win8.1 into XP..

Just missed Extended Timing functions from 8.1 kernel: ExAllocateTimer, ExDeleteTimer, ExCancelTimer, ExSetTimer
add to Emu Extender or patch manually as Gen1 usb3 driver



Seems like we can get these functions here, but I have no idea how to add them to Extender as I'm not C/C++ developer. It's like 10 years after my last QT C++ exam..
 
https://github.com/tpn/winddk-8.1/blob/master/Include/km/wdm.h



It will be great if you can add new functions. I have looked into Vista / 7 Generic HDA driver and only few functions seems to be missing too. It woul be great if you can have a look on it a bring Generic Windows 7 HDA driver into XP. When I was inspecting files I found this:
hdaudio.sys / hdabus.sys / portcls.sys / usbaudio.sys 6.1.7601.17514 can be used with ntoskrn8.sys, but these 4 files have 4 missing import functions. Then I tried to figure out how to mod EMU_Extender source with these missing functions - PoCreatePowerRequest, PoSetPowerRequest, PoClearPowerRequest, PoDeletePowerRequest. They exist in ntifs_ddk.h, but thats all what can I find. I have no Idea how to add them as usable functions to ntoskrn8.sys. I hope driver can work with these added functions.

Here are used files, contains original and modded/combined files replaced ntoskrnl.exe = ntoskrn8.sys for missing imports and added some XP SYS files to see full depencies in Depency Walker. So only 4 mentioned functions are missing

 
https://www.mediafire.com/file/8ip4rjbwni5xgt4/Generic_HDA_from_Win7_for_XP_x86.7z/file



It would be nice to see updated EMU_Extender with new functions to get Windows 8.1 USB3.x driver and Windows 7 HDA under XP.

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8172George King
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #8047
Hi George King
Zitat von ⇗ George King im Beitrag ¶ #8038

Patch for VIA USB Mass Storage Device (UAS/UASP) to restore "Safe Remove":
- replace in vusbstor.sys (v6.1.7600.4002):
page:000209B4: mov [ebp+SurpriseRemovalOK], ebx -> NOPs
(89 9D 70 FF FF FF 89 9D 68 FF FF FF => 90 90 90 90 90 90 89 9D 68 FF FF FF)
vusbstor.sys_x64 6.1.7600.4002 :
89 AC 24 84 00 00 00 -> 90 90 90 90 90 90 90

Zitat von ⇗ George King im Beitrag ¶ #8038

And I would also like to request missing informations for WDF 1.11. I would like to use ported WDF 1.11 with original XP ones to avoid unhandled problems with other drivers.
In WdfLdr8.sys replace hex pattern F6 78 1B F6 to F6 EB 1B F6 (x32), ** ** to ** ** (x64)
wdfldr.sys_x64 1.11.9200.16384 :
85 FF 78 2A -> 85 FF EB 2A

i don't have any XP x64 installed now, hex patterns made by "copy&paste way", need to confirm working state


Many thanks for these informations! I have modded my drivers set and will see how it goes on real HW on friday. I can confirm now wdfldr8.sys work with USB3.x under XP x64 in VirtualBox [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8173Mov AX, 0xDEAD
Zitat von ⇗ George King im Beitrag ¶ #8171
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #8140

Just missed Extended Timing functions from 8.1 kernel: ExAllocateTimer, ExDeleteTimer, ExCancelTimer, ExSetTimer
add to Emu Extender or patch manually as Gen1 usb3 driver

Seems like we can get these functions here, but I have no idea how to add them to Extender as I'm not C/C++ developer. It's like 10 years after my last QT C++ exam.. It will be great if you can add new functions.

I'm not interested in it

Zitat von ⇗ George King im Beitrag ¶ #8171

I have looked into Vista / 7 Generic HDA driver and only few functions seems to be missing too. It woul be great if you can have a look on it a bring Generic Windows 7 HDA driver into XP. When I was inspecting files I found this:
hdaudio.sys / hdabus.sys / portcls.sys / usbaudio.sys 6.1.7601.17514 can be used with ntoskrn8.sys, but these 4 files have 4 missing import functions. Then I tried to figure out how to mod EMU_Extender source with these missing functions - PoCreatePowerRequest, PoSetPowerRequest, PoClearPowerRequest, PoDeletePowerRequest.

I've tried HDA driver from win7, driver/portcls.sys return  0xC00000BB after processing initial IRPs, so fixing import is not enough.
Some of HDA driver from longhorn betas loads without errors, but always there is no sound (in VirtualBOX VM, not tested on real hardware)
5012 - Early drivers with different sizes has this version, usually driver load with error due supporting only selected chipsets
5244, 5250- All Audio devices available, output tagged as Headphones
5285 - Show only "In" devices (Microphone)
5335 - No any devices
I heard that guys from shorthorn project run sucessfully driver 5048 beta, but i dont know details
#8174infuscomus⇗ @Mov AX, 0xDEAD

I'm trying to merge your ntoskrnl extender into the actual ntoskrnl source code but I keep hitting compilation errors.
Have you had any luck with achieving this?
#8175Mov AX, 0xDEAD⇗ @infuscomus

Zitat von ⇗ infuscomus im Beitrag ¶ #8174
@Mov AX, 0xDEAD
I'm trying to merge your ntoskrnl extender into the actual ntoskrnl source code but I keep hitting compilation errors.
Have you had any luck with achieving this?

I guess you have struct redeclaration/macro redefinition/xxx doubling
Extender written to take some existing code/headers if it was not exported normal way. common.h is tricky, it dynamicaly compiled depended on target Kernel/OS

 

Page 546

#8176gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #8156
Does it boot without the debugger connected?
⇗ @infuscomus ...just thought of something. Sometimes, when the OS is set to debug mode, it can act erratically in normal mode. Not sure if this applies.
#8177infuscomus⇗ @gordo999

There is a problem with the checked HAL that is making it crash, I'm not sure what it is. The free HAL seems to be working just fine though.
#8178Mov AX, 0xDEAD
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #8173

I've tried HDA driver from win7, driver/portcls.sys return  0xC00000BB after processing initial IRPs, so fixing import is not enough.
Some of HDA driver from longhorn betas loads without errors, but always there is no sound (in VirtualBOX VM, not tested on real hardware)
5012 - Early drivers with different sizes has this version, usually driver load with error due supporting only selected chipsets
5244, 5250- All Audio devices available, output tagged as Headphones
5285 - Show only "In" devices (Microphone)
5335 - No any devices
I heard that guys from shorthorn project run sucessfully driver 5048 beta, but i dont know details

Update:
5012(size 133120), 5244, 5250 - After reinstalling VirtualBox to last 6.1.28 i've got sound from VM, output is "headphones"
only HdAudio.sys was updated, portcls.sys(5512) & hdaudbus.sys(5013) is original SP3
5285 - broken, no Output devices

5250 = LongHorn build 5270
5244 = LongHorn build 5259
5012(size 133120) =  LongHorn build 5231
#8179George King
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #8178
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #8173

I've tried HDA driver from win7, driver/portcls.sys return  0xC00000BB after processing initial IRPs, so fixing import is not enough.
Some of HDA driver from longhorn betas loads without errors, but always there is no sound (in VirtualBOX VM, not tested on real hardware)
5012 - Early drivers with different sizes has this version, usually driver load with error due supporting only selected chipsets
5244, 5250- All Audio devices available, output tagged as Headphones
5285 - Show only "In" devices (Microphone)
5335 - No any devices
I heard that guys from shorthorn project run sucessfully driver 5048 beta, but i dont know details

Update:
5012(size 133120), 5244, 5250 - After reinstalling VirtualBox to last 6.1.28 i've got sound from VM, output is "headphones"
only HdAudio.sys(5250) was updated, portcls.sys(5512) & hdaudbus.sys(5013) is original SP3
5285 - broken, no Output devices


Have you tried portcls.sys from Windows 7 6801 too? This one have no missing imports using ntoskrn8.sys and other connected files seems good (no missing imports from portcls.sys). Maybe it's usable with 7601 driver as is mostly like "Vista post SP2 branch"?


⇗ @skullteria Have you created any working HDA drivers for XP / 2003? If have some noted, it could save some time during digging around Generic HDA drivers. I see you have some of them here, but some user on MDL tried them without success. I still haven't tried them myself
 
http://shorthornproject.com/allcategories.html?tab=drivers&item=item-drivers



I hope we can find working drivers combination from betas etc.

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8180skullteria
Zitat von ⇗ George King im Beitrag ¶ #8179
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #8178
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #8173

I've tried HDA driver from win7, driver/portcls.sys return  0xC00000BB after processing initial IRPs, so fixing import is not enough.
Some of HDA driver from longhorn betas loads without errors, but always there is no sound (in VirtualBOX VM, not tested on real hardware)
5012 - Early drivers with different sizes has this version, usually driver load with error due supporting only selected chipsets
5244, 5250- All Audio devices available, output tagged as Headphones
5285 - Show only "In" devices (Microphone)
5335 - No any devices
I heard that guys from shorthorn project run sucessfully driver 5048 beta, but i dont know details

Update:
5012(size 133120), 5244, 5250 - After reinstalling VirtualBox to last 6.1.28 i've got sound from VM, output is "headphones"
only HdAudio.sys(5250) was updated, portcls.sys(5512) & hdaudbus.sys(5013) is original SP3
5285 - broken, no Output devices


Have you tried portcls.sys from Windows 7 6801 too? This one have no missing imports using ntoskrn8.sys and other connected files seems good (no missing imports from portcls.sys). Maybe it's usable with 7601 driver as is mostly like "Vista post SP2 branch"?


@skullteria Have you created any working HDA drivers for XP / 2003? If have some noted, it could save some time during digging around Generic HDA drivers. I see you have some of them here, but some user on MDL tried them without success. I still haven't tried them myself
 
http://shorthornproject.com/allcategories.html?tab=drivers&item=item-drivers



I hope we can find working drivers combination from betas etc.



Yes, all drivers avaliable on these links works on XP/2003 without problem. Starting build 5308 (maybe previous version, linke 5285 works, but, i not tested) install and load, but, no sound.
#8181George King⇗ @skullteria Thanks for info, I will try 5231 in both architectures. Will see how it goes - seems like INFs need some touch to do everything automatically

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8182diderius6I just download the Bios F4 for the new Gigabyte Z690 UD board for new 12900k Intel CPU.
With UefiTool I see, that there is no CSMCORE in Bios, only Videocsm
Dietmar
#8183infuscomus⇗ @diderius6

a custom kernel and hal for you.

use all the files included, that includes the ntoskrn8.sys too since I had to link it to the custom library built from my kernel.

please debug Vista acpi.sys with it when you have time.



infuscomus has attached files to this post
#8184DogHas anyone tried using one of the newer 2020 DDR5 versions of the GT 710 as a physx card in Windows XP? If they aren't using 16 lanes, will they slow down the higher end Windows XP GPUs?
#8185infuscomus⇗ @Dog

I'm reasonably sure that a GT710 will slow down any higher end GPU.
#8186infuscomus⇗ @diderius6

I did a test
KMDF 1.11 won't load because these functions aren't exported from SP1 kernel.

ExAcquireRundownProtectionEx
ExReleaseRundownProtectionEx
ExfReleasePushLock

I'll fix this and reupload a new version.
#8187DogThinking about it a bit more I think I understand a bit better. PCIe 3.0 was released right at the end of XP support, so it probably wouldn't make sense for any of those cards. However consider a machine targeting SLI under Windows XP. My understanding is that the gtx 580 was the last officially supported SLI card. This card was not PCIe 3.0 (Like the Titan X Maxwell was). Its PCIe 2.0 and in SLI they would be running in x8/x8 in most cases.

Gigabyte has an iteration of the GT 710 that runs at PCIe 2.0 8x despite having a 16x connector, and is single slot (GV-N710D5-2GL). It seemed like it might be a formidable Physx card for an SLI build as someone that hardly knows what they are doing (954MHz vs 900MHz Base Clock, 2 vs 3 GDDR5, 5010 MHz vs 4212 MHz Memory Clock). I'm still curious if I'm missing something else, like misunderstanding how PCIe lanes are shared.
#8188infuscomus⇗ @diderius6

Exported now

ExAcquireRundownProtectionEx
ExReleaseRundownProtectionEx
ExfReleasePushLock

ignore wdf01000.sys - was just checking if exports were correct.

EDIT:
Damnit! I missed KeFlushQueuedDpcs
and ObIsDosDeviceLocallyMapped
and SeAuditingHardLinkEventsWithContext SeAuditingFileEventsWithContext


I'm tired :(



infuscomus has attached files to this post
#8189infuscomus⇗ @Dog

I think the GT 710 would still be a bottleneck even if running as a PhysX card. It's not exactly fast.
#8190infuscomus⇗ @Mov AX, 0xDEAD

I seem to have gotten stuck trying to reintegrate   SeAuditingHardLinkEventsWithContext and SeAuditingFileEventsWithContext into the SP1 kernel.

Using the code from the WRK doesn't seem to be working, any ideas?

 

Page 547

#8191infuscomus⇗ @diderius6 ⇗ @Mov AX, 0xDEAD

I've been trying to get the SP1 ntoskrnl source code to boot on XP SP3.

I've run into a BSOD I have not seen before - BSOD 71



can you help to trace the cause of this?
PDB symbols included.



infuscomus has attached files to this post
#8192diderius6⇗ @infuscomus

Waaoh,
with this hal.dll from you, modded from Sources SP1 hal.dll
it is possible to boot XP SP3 via BCD on an 8700k cpu on my Asrock k6 z370 Fatalty board
for the very first time
Dietmar

⇗ https://ufile.io/u6zqc89z
#8193infuscomusI successfully integrated SeAuditingHardLinkEventsWithContext and SeAuditingFileEventsWithContext into the SP1 kernel.

I still get BSOD 71 though

⇗ @diderius6

when you have time, can you please trace the cause of BSOD 71 in my kernel?



infuscomus has attached files to this post
#8194diderius6⇗ @infuscomus

I run Windbg with your files from BSOD71_2.7z.zip .

This is result, I test some more.

MISMATCHED_HAL (79) hal.dll is free version
and ntoskrnl is checked version

Dietmar


Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows XP 2600 x86 compatible target at (Sat Nov  6 13:11:35.140 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols;C:\symbolss
Executable search path is: C:\Symbols
Windows XP Kernel Version 2600 MP (1 procs) Checked x86 compatible
Built by: 2600.srckit
Machine Name:
Kernel base = 0x80a02000 PsLoadedModuleList = 0x80ae2398
System Uptime: not available

*** Fatal System Error: 0x00000079
                                             (0x00000002,0x00000001,0x00000000,0x00000000)

Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target at (Sat Nov  6 13:11:37.312 2021 (UTC + 1:00)), ptr64 FALSE
Loading Kernel Symbols
........................
Loading User Symbols

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 79, {2, 1, 0, 0}

Probably caused by : ntkrnlmp.exe ( nt!ExpInitializeExecutive+167 )

Followup: MachineOwner
---------

nt!RtlpBreakWithStatusInstruction:
80aa960c cc              int     3
kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

MISMATCHED_HAL (79)
The HAL revision level and HAL configuration type does not match that
of the kernel or the machine type.  This would probably happen if the
user has manually updated either ntoskrnl.exe or hal.dll and managed to
get a conflict.
You have an MP (multi-processor) Hal and a UP (uni-processor) Kernel,
or the reverse.
Arguments:
Arg1: 00000002, 
	The build types mismatch.
Arg2: 00000001, Build type of ntoskrnl.exe
Arg3: 00000000, Build type of hal.dll
	Build type
	0 = Free multiprocessor enabled build
	1 = Checked multiprocessor enabled build
	2 = Free uniprocessor build
	3 = checked uniprocessor build
Arg4: 00000000

Debugging Details:
------------------


BUGCHECK_STR:  0x79_2

DEFAULT_BUCKET_ID:  DRIVER_FAULT

LAST_CONTROL_TRANSFER:  from 80a2d6aa to 80aa960c

STACK_TEXT:  
80ad2f0c 80a2d6aa 00000003 80ad323c 00000002 nt!RtlpBreakWithStatusInstruction [E:\XPSP1\base\ntos\rtl\i386\debug2.asm @ 59]
80ad2f58 80a2e1b8 00000003 000000ff ffdff120 nt!KiBugCheckDebugBreak+0x19 [e:\xpsp1\base\ntos\ke\bugcheck.c @ 207]
80ad3324 80a2e79b 00000079 00000002 00000001 nt!KeBugCheck2+0x46d [e:\xpsp1\base\ntos\ke\bugcheck.c @ 913]
80ad3344 8007ea22 00000079 00000002 00000001 nt!KeBugCheckEx+0x19 [e:\xpsp1\base\ntos\ke\bugcheck.c @ 102]
80ad3370 80cf8d57 00000000 80084000 80aded20 hal!HalInitSystem+0x64 [e:\xpsp1\base\hals\halmps\i386\mphal.c @ 568]
80ad34f4 80d0978d 00000000 80084000 8003fc00 nt!ExpInitializeExecutive+0x167 [e:\xpsp1\base\ntos\init\init.c @ 795]
80ad354c 80d072e0 80adef80 80aded20 80ad3810 nt!KiInitializeKernel+0x42b [e:\xpsp1\base\ntos\ke\i386\kernlini.c @ 771]
00000000 00000000 00000000 00000000 00000000 nt!KiSystemStartup+0x2c4 [E:\XPSP1\base\ntos\ke\i386\newsysbg.asm @ 553]


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!ExpInitializeExecutive+167 [e:\xpsp1\base\ntos\init\init.c @ 795]
80cf8d57 84c0            test    al,al

FAULTING_SOURCE_CODE:  
No source found for 'e:\xpsp1\base\ntos\init\init.c'


SYMBOL_STACK_INDEX:  5

SYMBOL_NAME:  nt!ExpInitializeExecutive+167

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  61857a31

FAILURE_BUCKET_ID:  0x79_2_nt!ExpInitializeExecutive+167

BUCKET_ID:  0x79_2_nt!ExpInitializeExecutive+167

Followup: MachineOwner
---------

#8195infuscomus⇗ @diderius6

hmm, I thought I got rid of all of those, thanks.
#8196diderius6⇗ @infuscomus

May be most easy way, to build also a free ntoskrnl from SP1 sources
Dietmar
#8197infuscomus⇗ @diderius6

OK, hopefully I got all the mismatched hal checks.
please check for the cause of BSOD 71 SESSION5_INITIALIZATION_FAILED



infuscomus has attached files to this post
#8198diderius6⇗ @infuscomus

This one does not work at all
Dietmar


Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows XP 2600 x86 compatible target at (Sat Nov  6 16:32:04.078 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols;C:\symbolss
Executable search path is: C:\Symbols
Windows XP Kernel Version 2600 MP (1 procs) Checked x86 compatible
Built by: 2600.srckit
Machine Name:
Kernel base = 0x80a02000 PsLoadedModuleList = 0x80ae2398
System Uptime: not available
Break instruction exception - code 80000003 (first chance)
nt!KiExceptionExit+0x107:
80ac1eb3 cc              int     3
kd> g
Break instruction exception - code 80000003 (first chance)
nt!KiExceptionExit+0x107:
80ac1eb3 cc              int     3
kd> g
Break instruction exception - code 80000003 (first chance)
nt!KiExceptionExit+0x107:
80ac1eb3 cc              int     3
kd> g
Break instruction exception - code 80000003 (first chance)
nt!KiExceptionExit+0x107:
80ac1eb3 cc              int     3
kd> g
Break instruction exception - code 80000003 (first chance)
nt!KiExceptionExit+0x107:
80ac1eb3 cc              int     3
kd> !analyze -v
Connected to Windows XP 2600 x86 compatible target at (Sat Nov  6 16:32:47.796 2021 (UTC + 1:00)), ptr64 FALSE
Loading Kernel Symbols
........................
Loading User Symbols

*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Unknown bugcheck code (0)
Unknown bugcheck description
Arguments:
Arg1: 00000000
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


FAULTING_IP: 
nt!KiExceptionExit+107 [E:\XPSP1\base\ntos\ke\i386\trap.asm @ 1845]
80ac1eb3 cc              int     3

EXCEPTION_RECORD:  ffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 80ac1eb3 (nt!KiExceptionExit+0x00000107)
   ExceptionCode: 80000003 (Break instruction exception)
  ExceptionFlags: 00000000
NumberParameters: 3
   Parameter[0]: 00000000
   Parameter[1]: 00002710
   Parameter[2]: 00000046

ERROR_CODE: (NTSTATUS) 0x80000003 - {AUSNAHME}  Haltepunkt  Im Quellprogramm wurde ein Haltepunkt erreicht.

EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - Mindestens ein Argument ist ung ltig.

EXCEPTION_PARAMETER1:  00000000

EXCEPTION_PARAMETER2:  00002710

EXCEPTION_PARAMETER3:  00000046

DEFAULT_BUCKET_ID:  DRIVER_FAULT

BUGCHECK_STR:  0x0

LAST_CONTROL_TRANSFER:  from 80075727 to 80ac1eb3

STACK_TEXT:  
80ad32e8 80075727 00000046 80ac05b0 00000000 nt!KiExceptionExit+0x107 [E:\XPSP1\base\ntos\ke\i386\trap.asm @ 1845]
80ad3370 80cf8d57 00000000 80084000 80aded20 hal!HalpInitializeClock+0xe7 [E:\XPSP1\base\hals\halmps\i386\mpclock.asm @ 366]
80ad34f4 80d09795 00000000 80084000 8003fc00 nt!ExpInitializeExecutive+0x167 [e:\xpsp1\base\ntos\init\init.c @ 795]
80ad354c 80d072e8 80adef80 80aded20 80ad3810 nt!KiInitializeKernel+0x42b [e:\xpsp1\base\ntos\ke\i386\kernlini.c @ 771]
00000000 00000000 00000000 00000000 00000000 nt!KiSystemStartup+0x2c4 [E:\XPSP1\base\ntos\ke\i386\newsysbg.asm @ 553]


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!KiExceptionExit+107 [E:\XPSP1\base\ntos\ke\i386\trap.asm @ 1845]
80ac1eb3 cc              int     3

FAULTING_SOURCE_CODE:  
No source found for 'E:\XPSP1\base\ntos\ke\i386\trap.asm'


SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!KiExceptionExit+107

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrnlmp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  61869846

FAILURE_BUCKET_ID:  0x0_nt!KiExceptionExit+107

BUCKET_ID:  0x0_nt!KiExceptionExit+107

Followup: MachineOwner
---------

kd> lm
start    end        module name
80001000 80004000   BOOTVID    (deferred)             
80007000 80008100   WMILIB     (deferred)             
80009000 8000f800   firadisk   (deferred)             
80010000 80011b80   kdcom      (deferred)             
80012000 8001b180   isapnp     (deferred)             
8001c000 8001d700   dmload     (deferred)             
80062000 80081c00   hal        (private pdb symbols)  c:\symbolss\halmacpi.pdb
80124000 80153d80   ACPI       (deferred)             
80154000 80164a80   pci        (deferred)             
80165000 8016f700   MountMgr   (deferred)             
80170000 8018e880   ftdisk     (deferred)             
8018f000 801b4700   dmio       (deferred)             
801b5000 801c0000   PartMgr    (deferred)             
801c0000 801ccc80   VolSnap    (deferred)             
801cd000 801dd000   asahci32   (deferred)             
801dd000 801f4880   SCSIPORT   (deferred)             
801f5000 80205000   disk       (deferred)             
80205000 80211180   CLASSPNP   (deferred)             
80232000 80243f00   sr         (deferred)             
80244000 8025ab80   KSecDD     (deferred)             
8025b000 802e7d00   Ntfs       (deferred)             
802e8000 80314a80   NDIS       (deferred)             
80315000 8032ee80   Mup        (deferred)             
804d7000 8078c000   iaStor     (deferred)             
80a02000 80d69000   nt         (private pdb symbols)  c:\symbolss\ntkrnlmp.pdb

#8199infuscomus⇗ @diderius6

??????????
I have no idea why this is happening.

Well, Thanks for testing it anyway.
#8200diderius6XP SP3 works on z690 chipset with very laast acpi.sys from outerspace )

⇗ https://community.hwbot.org/topic/209655...#comment-599202

Dietmar
#8201diderius6And voila,
new world record for PiFast under XP SP3 on the ASUS ROG Maximus Z690 Apex  board
Dietmar

⇗ https://www.youtube.com/watch?v=rhdxPscpAIU&t=1831s

#8202infuscomus⇗ @Mov AX, 0xDEAD

Can you look at this code to see why this line is reached?

KeBugCheck(SESSION5_INITIALIZATION_FAILED);

and how to resolve this?

edit:
looking at my kernel compared to actual XP kernel, there is supposed to be a conditional jump after ZwWaitForSingleObject to go to ZwClose or the BSOD in the actual kernel.

mine has no conditional jump and just ends there - compiler error?



infuscomus has attached files to this post
#8203skullteria
Zitat von ⇗ infuscomus im Beitrag ¶ #8202
@Mov AX, 0xDEAD

Can you look at this code to see why this line is reached?

KeBugCheck(SESSION5_INITIALIZATION_FAILED);

and how to resolve this?

edit:
looking at my kernel compared to actual XP kernel, there is supposed to be a conditional jump after ZwWaitForSingleObject to go to ZwClose or the BSOD in the actual kernel.

mine has no conditional jump and just ends there - compiler error?


Are you trying XP SP1 kernel with ntdll from SP3? If yes, it will not work because syscall mechanism is changed between XP SP1 and XP SP2, like occourred betweeen Server 2003 RTM and SP1. See functions KIFastSyscall, KiFastSyscallEntry, etc. If you want test, download One-Core-API binaries and use ntdll from XP on Base Installer package.
#8204infuscomus⇗ @skullteria

So if I replace my XP SP3 ntdll.dll with the one from One-core-api my modified SP1 kernel will work?
#8205Mov AX, 0xDEAD
Zitat von ⇗ infuscomus im Beitrag ¶ #8202
@Mov AX, 0xDEAD

Can you look at this code to see why this line is reached?

KeBugCheck(SESSION5_INITIALIZATION_FAILED);

and how to resolve this?

edit:
looking at my kernel compared to actual XP kernel, there is supposed to be a conditional jump after ZwWaitForSingleObject to go to ZwClose or the BSOD in the actual kernel.

mine has no conditional jump and just ends there - compiler error?

 
       //
    // Wait five seconds for the session manager to get started or
    // terminate. If the wait times out, then the session manager
    // is assumed to be healthy and the zero page thread is called.
       //
 
    OldTime.QuadPart = Int32x32To64(5, -(10 * 1000 * 1000));
    Status = ZwWaitForSingleObject(
                               ProcessInformation.Process,
                               FALSE,
                &OldTime
                               );


kernel create smss.exe process (user-mode), wait for signal from it and faults if timeout occurs 5 secs to check if smss still alive (.Process field as trigger) and faults if not

 

Page 548

#8206imadam__hi, i posted in this thread a few months ago on how to install xp on my system. but i forgot what to do now. what would be a good guide to install xp on my specs?

ryzen 3 1200
8gb ddr4 ram
asus prime b450m-a
#8207skullteria
Zitat von ⇗ infuscomus im Beitrag ¶ #8204
@skullteria

So if I replace my XP SP3 ntdll.dll with the one from One-core-api my modified SP1 kernel will work?



Sorry, i said a mistake. Ntdll for XP from One-Core-API l already changed syscall mechanism. You need compile ntdll from source and add missing functions. In true, it will not work natively on XP SP3. I recommend you test with XP SP1.
#8208skullteria
Zitat von ⇗ Mov AX, 0xDEAD im Beitrag ¶ #8205
Zitat von ⇗ infuscomus im Beitrag ¶ #8202
@Mov AX, 0xDEAD

Can you look at this code to see why this line is reached?

KeBugCheck(SESSION5_INITIALIZATION_FAILED);

and how to resolve this?

edit:
looking at my kernel compared to actual XP kernel, there is supposed to be a conditional jump after ZwWaitForSingleObject to go to ZwClose or the BSOD in the actual kernel.

mine has no conditional jump and just ends there - compiler error?

 
       //
    // Wait five seconds for the session manager to get started or
    // terminate. If the wait times out, then the session manager
    // is assumed to be healthy and the zero page thread is called.
       //
 
    OldTime.QuadPart = Int32x32To64(5, -(10 * 1000 * 1000));
    Status = ZwWaitForSingleObject(
                               ProcessInformation.Process,
                               FALSE,
                &OldTime
                               );


kernel create smss.exe process (user-mode), wait for signal from it and faults if timeout occurs 5 secs to check if smss still alive (.Process field as trigger) and faults if not



It faults because smss calls syscall (nt functions) and ntdll can't not locate it on kernel. In true, the jump of user mode to kernel mode is different between ntdll and kernel.
#8209infuscomus⇗ @Mov AX, 0xDEAD ⇗ @skullteria

could smss.exe also be failing to start because my ntoskrnl.exe has additional exports that ntdll.dll doesn't have?

or that has nothing to do with the problem?
#8210galagunA small clue: "On reactos, each time you change some export in the kernel (server), you also have to rebuild the ntdll component (client)."

They have tables about some core component dependencies, so they know which set of components they have to overwrite or rebuild when doing cross-test for implementation accuracy or debugging (for example, Reactos NT Kernel with Windows userland, or MS Win32k on ReactOS). Probably this would be useful to you guys, who are doing cross-testing between components belonging to different ServicePack levels.
#8211windows2.0uefihow did you it please how did you run windows xp sp3 in uefi64
#8212juk777diderius6
"XP SP3 works on z690 chipset with very laast acpi.sys from outerspace"

Which one is it? Can I have a link?
#8213diderius6⇗ @juk777

Now this very laast acpi.sys from outerspace ) is the standard acpi.sys in the nice XP from Rasmsey
⇗ https://www.zone94.com/downloads/softwar...ntegral-edition

Dietmar
#8214imadam__Tried both XP Integral Edition and a custom XP edition. XP integral edition bluescreened at 0x0000007B and my custom xp edition just said "storahci.sys is missing" or something like that

ryzen 3 1200
asus prime b450m-a
8gb ram ddr4
#8215diderius6⇗ @imadam__

Use as AHCI driver only via option 4, I
from  Integrator v3.2.0.2b

Dietmar
#8216imadam__can you send download link to the intergrator? please
#8217imadam__i found it and tried to use that, but same 0x0000007B error ( i used intergral edition iso )
#8218George KingLink is 3 posts before yours

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8219imadam__i tried the amd sata driver with nlite and same issue still - 0x0000007B BSOD
#8220diderius6⇗ @imadam__

Only use  Integrator v3.2.0.2b

Dietmar

⇗ https://www.zone94.com/component/jlexcom...download&id=134

 

Page 549

#8221imadam__That is the one i was using. The AMD Sata driver from it and the 2021-08-2X acpi file from it,.
#8222diderius6⇗ @imadam__

Use it together with Ramsey XP
Dietmar
#8223imadam__Just to clarify - Ramsey XP is the XP intergral edition, right? I was using that when I got the amd_sata.sys is missing error
#8224imadam__also im using it with latest WinSetupFromUSB (version 1.10) and a 16GB usb stick formatted with NTFS
#8225diderius6⇗ @imadam__
Yes, use Ramsey XP is the XP intergral edition together with Integrator v3.2.0.2b, only Option settings 4, I .
Dont use USB because of one crazy USB controller from AMD.

Without USB driver this WinSetupFromUSB will not work.

Without USB driver you need install from burned CD via Sata connector or Firadisk via USB.
This will work to 100%, I tested

Dietmar
#8226infuscomus⇗ @imadam__

Since you lack USB you can use Easy2boot to bypass the need to burn a CD as it includes a RAMdisk driver for the installation phase which should get around that 7B BSOD you've been having. I've used this before and it works well.
#8227infuscomusMy modified ntoskrnl.exe works just fine when integrated into a SP1 install media. I did not need to modify ntdll.dll to get it to work.

So there is some other incompatibility between SP1 and SP3 that is causing the 71 BSOD.
#8228galagunBetween SP1 and SP2 there was a big change in system call tables, which need recompile on client module (NTDLL) and even other stuff. ReactOS tested, and that's the reason you can't really do easy crosstesting between SP1 XP or Win2003 RTM there, only from XP SP2 or Win2003 SP1 and onwards (in a small note, that's why magazines and articles on the day called SP2 a "new OS release" or an OSR rather than just an update).

Now, between XP SP2 and 3, or Win2003 SP1 and 2, there aren't many changes in that subject... Except maybe integrated HyperV paravirtual support in Kernel.
#8229diderius6⇗ @infuscomus

I do not see this 71 Bsod with Windbg on real compi
Dietmar
#8230imadam__I get this error when booting XP from the drive for the 1st time ⇗ https://i.imgur.com/Yc0jWwk.png
#8231diderius6⇗ @imadam__
Copy the folder OEM from the CD to your harddisk, may be whole content of XP install CD,
because all files on USB device are not recogniced because of missing USB driver.
This does not happen, if you use a burned CD on a SATA connector
Dietmar
#8232imadam__is there any way to use a stock windows xp installer with the drivers? or do you have to use the integral edition
#8233infuscomus⇗ @imadam__

you can run the optional patch integrator on a stock XP SP3 CD and it'll work.
#8234imadam__alright
#8235imadam__I installed windows XP integral edition from a burned cd and i get a blank screen after restarting from the installer booted from cd

 

Page 550

#8236diderius6⇗ @imadam__
With setting option only 4, I
this will not happen via boot XP CD on an CD-rom Sata device
Dietmar
#8237JakoDelhi guys, are there any uhd 630 (coffee lake igpu) modded drivers around? also, does anyone know if  it has a decent vesa compatibility (so that I can use vbemp)? if the answer is no to both, then I guess I'll have to buy a 980ti lol (I have a 1070 ti card with completely ducked up vbe 3.0 support, thanks nvidia)
#8238gordo999
Zitat von ⇗ diderius6 im Beitrag ¶ #7971
I can install at once on the Asus ROG STRIX B450-F GAMING II board.
⇗ @diderius6 ...thinking about getting a laptop with Rog Strix mobo or maybe Rog Zephyrus. Are you only running XP on the Rog Strix or are you dual-booting another OS? Is the B450 fairly new? Do you know of a limit on the model that will still run XP?

I notice that most of the newer models are running solid state drives, usually limited to 500 GB. Maybe that's because they are running RAID assemblies or because laptop drives are too small physically to run a terabyte drive.
#8239diderius6⇗ @gordo999

The Asus ROG STRIX B450-F GAMING II board comes into market one year ago.
As far as I know, it is the latest new motherboard, that supports XP SP3 in all.
It is a really modern and nice board, stable, fast and cheap.
Solid state drives are no problem, when you have at least win8.1 also on this compi
for Trim. The programs for Trim do not run correct until now on XP
Dietmar
#8240infuscomus
Zitat von ⇗ gordo999 im Beitrag ¶ #8238
...thinking about getting a laptop with Rog Strix mobo or maybe Rog Zephyrus.


If I'm not mistaken, laptops no longer have any CSM, so I would get a desktop board instead.
#8241Mov AX, 0xDEAD
Zitat von ⇗ JakoDel im Beitrag ¶ #8237
hi guys, are there any uhd 630 (coffee lake igpu) modded drivers around?

Drivers for coffee lake exist only for Windows 10 x64, but kabylake modded driver is usable for windows 7 x32/x64 too.
There's no any drivers for XP and it will never be due different video driver architecture since vista

Zitat von ⇗ JakoDel im Beitrag ¶ #8237
also, does anyone know if it has a decent vesa compatibility (so that I can use vbemp)

You will be first researcher :), formally coffee provides VESA 3.0, but i'm not satisfied with it in pure ms-dos, it always scale any resolution to 1024x768(i think because i use analog CRT with externel Display Port DAC on motherboard)
as i remember last releases of vbemp have special tools for intel chips like custom widescreen modes

Zitat
I guess I'll have to buy a 980ti


best option with native directdraw/overlay/3d acceleration

#8242Mov AX, 0xDEAD  
       //
    // Wait five seconds for the session manager to get started or
    // terminate. If the wait times out, then the session manager
    // is assumed to be healthy and the zero page thread is called.
       //
 
    OldTime.QuadPart = Int32x32To64(5, -(10 * 1000 * 1000));
    Status = ZwWaitForSingleObject(
                               ProcessInformation.Process,
                               FALSE,
                &OldTime
                               );


This code from kernel maybe very bad if executed in one(same) kernel thread, It just hang for 5 sec and do nothing :)
If this code is being executed in separate system thread, it is OK, just thread in waiting state.
EDIT: patching this waiting time don't change XP loading time, in VirtualBox XP always loads in 2.5 secs

#8243George KingAnybody know what must be patched to get rid of Unsupported State (6) on Windows XP Starter?

 
https://forums.mydigitallife.net/threads/windows-xp-starter-unsuported-state-6.84419/
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8244diderius6⇗ @George King

⇗ https://www.betaarchive.com/forum/viewto...=439371#p439371

Dietmar

PS: From this crazy XP Starter Edition exists also an SP3 version.
I think, hack will be not easy.
#8245George King⇗ @diderius6 Seems like only few files are added by STARTOC component. Other files from CAB seems irelevant.

 
duass.dll ediskeer.dll



There doesn't exist SP3 version, but it's possible to integrate SP3, but it must be done from 5.x environment, otherwise it doesn't accept product key

EDIT: Here is info it's driven by WPA\Starter key

 
https://www.betaarchive.com/forum/viewtopic.php?p=447974#p447974
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8246konsheynDon't mind me asking, you seems like person who may give me right adv. Trying to move system (don't ask why) by mowing hdd to another machine with J1900. The Windows (XP Embedded) start with finding bunch of devices and asks if drivers should be updated. But keyboard and mouse don't work. Found that ACPI.SYS have to be replaced with newer one, but there is no such driver on XP Embedded. Wondering if anything could be done to make keyboard/mouse work?
Thanks
#8247George King⇗ @diderius6 I created Windows 8 AHCI and Windows 7 NVMe driver addons for nLite. Can you try them on vanilla source and report back how it goes please?

 
https://www.mediafire.com/file/les8tj6jixsvqkr/Generic_AHCI_6.2.9200.16384_Addon_x86.7z/file
https://www.mediafire.com/file/z5977s5hj49cac3/Generic_NVMe_6.1.7601.23403_Addon_x86.7z/file
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8248George King⇗ @skullteria ACPI.sys x64 link doesn't work. Can you share your latest one please?

 
http://shorthornproject.com/allcategories.html?tab=drivers&item=item-drivers
[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8249diderius6⇗ @George King

I integrate those 2 drivers via nlite into setup CD XP SP3.
But on TXT Setup I get message,
that no harddisk can be found.
This happens for connected harddisk and also for connected nvme device
Dietmar

PS: Because the drivers are integrated not via TXTSETUP.OEM but via entries.ini
is there a special procedure needed for nlite?

EDIT: I integrate the drivers as drivers via (*.inf) and also as update pack via (entries.ini) with nlite and also copy them by hand into i386 folder of the XP Setup CD.
Now XP SP3 installs via them.

EDIT2: Install via Ahci or via nvme both hang at network install.
#8250skullteria
Zitat von ⇗ George King im Beitrag ¶ #8248
@skullteria ACPI.sys x64 link doesn't work. Can you share your latest one please?
 
http://shorthornproject.com/allcategories.html?tab=drivers&item=item-drivers


Hello friend, i need fix it on site. Thank you for notice to me.
Here is the link with x86 and x64 versions:
⇗ https://www.adrive.com/public/9MTJTm/ACPI.rar

 

Page 551

#8251infuscomus⇗ @konsheyn

I'm guessing you'll need some USB 3.0 drivers to get input working.
I know how to integrate USB drivers for a new XP installation, but not for a pre-existing one.
#8252konsheynAs I know USB in modern hardware work in XHCI mode. Windows XP can work only with EHCI controllers. XHCI require driver. But without correct ACPI USB XHCI will not install. So, as much as I know I need ACPI driver to be installed. But how to add it to system. that is the question. My existing system doesn't have ACPI.SYS in SYSTEM32.
#8253George King⇗ @diderius6 - integrate these 7z as is on Hotfixes / Addons page -> no need to have TXTSETUP.OEM

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8254gordo999
Zitat von ⇗ konsheyn im Beitrag ¶ #8252
As I know USB in modern hardware work in XHCI mode. Windows XP can work only with EHCI controllers. XHCI require driver. But without correct ACPI USB XHCI will not install. So, as much as I know I need ACPI driver to be installed. But how to add it to system. that is the question. My existing system doesn't have ACPI.SYS in SYSTEM32.
⇗ @konsheyn ...copy it to the system32/drivers directory and reboot.

I don't have my XP computer connected right now. I do remember an acpi.sys being in either the system32 or system32/drivers directory. I renamed it and copied the acpi.sys from outer space where that acpi.sys was located. System File Checker did not try to replace the acpi.sys I copied to the directory but it might on some versions of XP. If it does, find the store where the backups are stored and replace that acpi.sys in the store first with acpi.sys from outer space.

ps. you may have to replace the SATA storage driver signed by ⇗ @Fernando and there is another 'pair' of drivers for timing with a HAL.dll and an intelppm.sys. I could not play games without them.
#8255gordo999
Zitat von ⇗ infuscomus im Beitrag ¶ #8240
If I'm not mistaken, laptops no longer have any CSM, so I would get a desktop board instead.
⇗ @infuscomus ...good point, thanks. Worth checking out.
#8256diderius6⇗ @George King

Now install starts but still hangs at network install on
ASRock Fatal1ty Z370 Gaming K6 board.
On Asus P8H77-M network install works and whole install.
This behavior may be acpi related, because only the z370 board needs modded acpi.sys

Dietmar
#8257infuscomus⇗ @diderius6 ⇗ @daniel_k ⇗ @George King ⇗ @Mov AX, 0xDEAD

If this forum closes (at least according to the announcement)
what forum are we going to move to?
#8258diderius6⇗ @infuscomus

Until now, no forum like this exists.
May be, that we ask ⇗ @dencorso from MSFN

Dietmar
#8259diderius6⇗ @George King

I am just running a Windbg session of GUI Setup from original XP SP3 with your drivers on the ASRock Fatal1ty Z370 Gaming K6 board,
for to see, why it hangs at network install
Dietmar

EDIT: Also with Windbg it hangs at network install, at exact the same place as without Windbg.
But when I break with the Debugger and then continue with "g",
installation continues to full XP desktop.
So, not easy to understand, why it hangs.

EDIT2: With the checked ntoskrnl 5.1.2600.5512 and checked hal.dll 5.1.2600.5512 XP Gui Install it does not hang at installing network.
So may be it is enough, to use a newer ntoskrnl.exe from Posready.
Do you have an original German XP SP3 CD for testing your drivers, with nothing installed on it but with all updates, especially last ntoskrnl from Posready until May 2019
Dietmar
#8260diderius6This is output from Windbg,
when I hit "break" exact at the place, where XP GUI Setup hangs.
It looks, as if it hangs at nt!KeUpdateSystemTime+0x175 ,
which is the last step before network install
Dietmar


Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

Opened \\.\com1
Waiting to reconnect...
Connected to Windows XP 2600 x86 compatible target at (Sat Nov 13 18:57:53.812 2021 (UTC + 1:00)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is: C:\symbols;C:\symbolss
Executable search path is: C:\Symbols
Windows XP Kernel Version 2600 MP (1 procs) Free x86 compatible
Built by: 2600.xpsp.080413-2111
Machine Name:
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055d720
System Uptime: not available
<CSync:BeginUnload
<CSync:BeginUnload
watchdog!WdUpdateRecoveryState: Recovery enabled.
Break instruction exception - code 80000003 (first chance)
*******************************************************************************
*                                                                             *
*   You are seeing this message because you pressed either                    *
*       CTRL+C (if you run kd.exe) or,                                        *
*       CTRL+BREAK (if you run WinDBG),                                       *
*   on your debugger machine's keyboard.                                      *
*                                                                             *
*                   THIS IS NOT A BUG OR A SYSTEM CRASH                       *
*                                                                             *
* If you did not intend to break into the debugger, press the "g" key, then   *
* press the "Enter" key now.  This message might immediately reappear.  If it *
* does, press "g" and "Enter" again.                                          *
*                                                                             *
*******************************************************************************
nt!RtlpBreakWithStatusInstruction:
8052b5dc cc              int     3
0: kd> !analyze -v
Connected to Windows XP 2600 x86 compatible target at (Sat Nov 13 19:05:27.843 2021 (UTC + 1:00)), ptr64 FALSE
Loading Kernel Symbols
.........................................................
Loading User Symbols

Loading unloaded module list
......
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************

Unknown bugcheck code (0)
Unknown bugcheck description
Arguments:
Arg1: 00000000
Arg2: 00000000
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------


PROCESS_NAME:  Idle

FAULTING_IP: 
nt!RtlpBreakWithStatusInstruction+0
8052b5dc cc              int     3

EXCEPTION_RECORD:  ffffffff -- (.exr 0xffffffffffffffff)
ExceptionAddress: 8052b5dc (nt!RtlpBreakWithStatusInstruction)
   ExceptionCode: 80000003 (Break instruction exception)
  ExceptionFlags: 00000000
NumberParameters: 3
   Parameter[0]: 00000000
   Parameter[1]: 80553780
   Parameter[2]: 000003f8

ERROR_CODE: (NTSTATUS) 0x80000003 - {AUSNAHME}  Haltepunkt  Im Quellprogramm wurde ein Haltepunkt erreicht.

EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - Mindestens ein Argument ist ung ltig.

EXCEPTION_PARAMETER1:  00000000

EXCEPTION_PARAMETER2:  80553780

EXCEPTION_PARAMETER3:  000003f8

DEFAULT_BUCKET_ID:  DRIVER_FAULT

BUGCHECK_STR:  0x0

STACK_TEXT:  
805513d0 80545119 00000001 80551402 000000d1 nt!RtlpBreakWithStatusInstruction
805513d0 80545d40 00000001 80551402 000000d1 nt!KeUpdateSystemTime+0x175
80551454 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x14


STACK_COMMAND:  kb

FOLLOWUP_IP: 
nt!RtlpBreakWithStatusInstruction+0
8052b5dc cc              int     3

SYMBOL_STACK_INDEX:  0

SYMBOL_NAME:  nt!RtlpBreakWithStatusInstruction+0

FOLLOWUP_NAME:  MachineOwner

MODULE_NAME: nt

IMAGE_NAME:  ntkrpamp.exe

DEBUG_FLR_IMAGE_TIMESTAMP:  4802516a

BUCKET_ID:  MANUAL_BREAKIN

Followup: MachineOwner
---------

0: kd> lm
start    end        module name
804d7000 806e5000   nt         (pdb symbols)          c:\symbols\ntkrpamp.pdb\7D6290E03E32455BB0E035E38816124F1\ntkrpamp.pdb
806e5000 80705d00   hal        (pdb symbols)          c:\symbols\halmacpi.pdb\9875FD697ECA4BBB8A475825F6BF885E1\halmacpi.pdb
bf800000 bf9c2a00   win32k     (deferred)             
bf9c3000 bf9d4600   dxg        (deferred)             
bff70000 bff72480   framebuf   (deferred)             
f6a2c000 f6a89f00   update     (deferred)             
f6aa2000 f6aa4280   wmiacpi    (deferred)             
f6ac6000 f6ac9c80   mssmbios   (pdb symbols)          c:\symbols\mssmbios.pdb\9940673F3B9A4BD682DF9D96A12A355C1\mssmbios.pdb
f6e92000 f6eb4680   dump_ntoskrn8   (deferred)             
f6eb5000 f6efe000   dump_storport   (deferred)             
f6efe000 f6f11000   dump_storahci   (deferred)             
f6f39000 f6f5ab80   afd        (deferred)             
f6f7b000 f6f8ef00   VIDEOPRT   (deferred)             
f6fed000 f700f700   ks         (deferred)             
f7066000 f7068900   Dxapi      (deferred)             
f70d2000 f70ebb80   Mup        (deferred)             
f70ec000 f7118980   NDIS       (deferred)             
f7119000 f71a5600   Ntfs       (deferred)             
f71a6000 f71bc880   KSecDD     (deferred)             
f71bd000 f7280680   dmboot     (deferred)             
f7281000 f72ca000   storport   (deferred)             
f72ca000 f72ec680   ntoskrn8   (deferred)             
f72ed000 f7300000   storahci   (deferred)             
f7300000 f7325a00   dmio       (deferred)             
f7326000 f7344d80   Ftdisk     (deferred)             
f7345000 f7355a80   PCI        (deferred)             
f7356000 f7385d80   ACPI       (deferred)             
f7487000 f7490300   isapnp     (deferred)             
f7497000 f74a1580   MountMgr   (deferred)             
f74a7000 f74b4200   VolSnap    (deferred)             
f74b7000 f74bfe00   Disk       (deferred)             
f74c7000 f74d3180   CLASSPNP   (deferred)             
f74d7000 f74e3f00   i8042prt   (deferred)             
f74e7000 f74f6600   Cdrom      (deferred)             
f7507000 f7511e80   Fips       (deferred)             
f7527000 f7536900   Cdfs       (deferred)             
f75b7000 f75c0e00   intelppm   (deferred)             
f7707000 f770bd00   PartMgr    (deferred)             
f770f000 f7715800   firadisk   (deferred)             
f7717000 f771bc00   storpor8   (deferred)             
f7797000 f779d280   Kbdclass   (deferred)             
f77cf000 f77d4c00   Mouclass   (deferred)             
f77d7000 f77dc200   vga        (deferred)             
f77e7000 f77eba80   Msfs       (deferred)             
f77f7000 f77fe880   Npfs       (deferred)             
f7807000 f780ba80   TDI        (deferred)             
f7817000 f781bc00   dump_storpor8   (deferred)             
f782f000 f7833500   watchdog   (deferred)             
f7897000 f789a000   BOOTVID    (deferred)             
f7987000 f7988b80   kdcom      (deferred)             
f7989000 f798a100   WMILIB     (deferred)             
f798b000 f798c700   dmload     (deferred)             
f7993000 f7994100   swenum     (deferred)             
f7997000 f7998f00   Fs_Rec     (deferred)             
f799b000 f799c080   Beep       (deferred)             
f799f000 f79a0080   mnmdd      (deferred)             
f7b1f000 f7b1fd00   dxgthk     (deferred)             
f7bd7000 f7bd7b80   Null       (deferred)             

Unloaded modules:
f6f8f000 f6fed000   Update.SYS
f74f7000 f7502000   Imapi.SYS
f77c7000 f77cc000   Cdaudio.SYS
f70ae000 f70b1000   Sfloppy.SYS
f77b7000 f77bc000   Flpydisk.SYS
f77af000 f77b6000   Fdc.SYS 
0: kd> !devnode 0 1
Dumping IopRootDeviceNode (= 0x89da2008)
DevNode 0x89da2008 for PDO 0x89df38c0
  InstancePath is "HTREE\ROOT\0"
  State = DeviceNodeStarted (0x308)
  Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89da2ba8 for PDO 0x89da2cf0
    InstancePath is "Root\ACPI_HAL\0000"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
    DevNode 0x89da1190 for PDO 0x89da1de0
      InstancePath is "ACPI_HAL\PNP0C08\0"
      ServiceName is "acpi"
      State = DeviceNodeStarted (0x308)
      Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89cc7828 for PDO 0x89cc79b0
        InstancePath is "ACPI\PNP0A08\0"
        ServiceName is "pci"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
        DevNode 0x89b4b628 for PDO 0x89d9d208
          InstancePath is "PCI\VEN_8086&DEV_3EC2&SUBSYS_00000000&REV_07\3&11583659&0&00"
          State = DeviceNodeStarted (0x308)
          Previous State = DeviceNodeEnumerateCompletion (0x30d)
        DevNode 0x89b4b508 for PDO 0x89cc3030
          InstancePath is "PCI\VEN_8086&DEV_1901&SUBSYS_00000000&REV_07\3&11583659&0&08"
          ServiceName is "pci"
          State = DeviceNodeStarted (0x308)
          Previous State = DeviceNodeEnumerateCompletion (0x30d)
          DevNode 0x89cea440 for PDO 0x89ceabb0
            InstancePath is "PCI\VEN_10DE&DEV_1287&SUBSYS_730B19DA&REV_A1\4&17bc2637&0&0008"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
            Problem = CM_PROB_FAILED_INSTALL
          DevNode 0x89cea320 for PDO 0x89cea878
            InstancePath is "PCI\VEN_10DE&DEV_0E0F&SUBSYS_730B19DA&REV_A1\4&17bc2637&0&0108"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
            Problem = CM_PROB_FAILED_INSTALL
        DevNode 0x89b4b3e8 for PDO 0x89cc3e50
          InstancePath is "PCI\VEN_8086&DEV_A2AF&SUBSYS_A2AF1849&REV_00\3&11583659&0&A0"
          State = DeviceNodeInitialized (0x302)
          Previous State = DeviceNodeUninitialized (0x301)
          Problem = CM_PROB_FAILED_INSTALL
        DevNode 0x89b4b2c8 for PDO 0x89cc3c70
          InstancePath is "PCI\VEN_8086&DEV_A2B1&SUBSYS_A2B11849&REV_00\3&11583659&0&A2"
          State = DeviceNodeInitialized (0x302)
          Previous State = DeviceNodeUninitialized (0x301)
          Problem = CM_PROB_FAILED_INSTALL
        DevNode 0x89b4b1a8 for PDO 0x89cc3938
          InstancePath is "PCI\VEN_8086&DEV_A2BA&SUBSYS_A2BA1849&REV_00\3&11583659&0&B0"
          State = DeviceNodeInitialized (0x302)
          Previous State = DeviceNodeUninitialized (0x301)
          Problem = CM_PROB_FAILED_INSTALL
        DevNode 0x89cdd008 for PDO 0x89cc3600
          InstancePath is "PCI\VEN_8086&DEV_A282&SUBSYS_A2821849&REV_00\3&11583659&0&B8"
          ServiceName is "storahci"
          State = DeviceNodeStarted (0x308)
          Previous State = DeviceNodeEnumerateCompletion (0x30d)
          DevNode 0x89c63b58 for PDO 0x89df3bf0
            InstancePath is "SCSI\Disk&Ven_SAMSUNG&Prod_HD160JJ\4&3543605e&0&000000"
            ServiceName is "Disk"
            State = DeviceNodeStarted (0x308)
            Previous State = DeviceNodeEnumerateCompletion (0x30d)
        DevNode 0x89cddee8 for PDO 0x89cc32c8
          InstancePath is "PCI\VEN_8086&DEV_A2E7&SUBSYS_00000000&REV_F0\3&11583659&0&D8"
          ServiceName is "pci"
          State = DeviceNodeStarted (0x308)
          Previous State = DeviceNodeEnumerateCompletion (0x30d)
        DevNode 0x89cdddc8 for PDO 0x89cebe50
          InstancePath is "PCI\VEN_8086&DEV_A290&SUBSYS_00000000&REV_F0\3&11583659&0&E0"
          ServiceName is "pci"
          State = DeviceNodeStarted (0x308)
          Previous State = DeviceNodeEnumerateCompletion (0x30d)
        DevNode 0x89cddca8 for PDO 0x89cebb18
          InstancePath is "PCI\VEN_8086&DEV_A291&SUBSYS_00000000&REV_F0\3&11583659&0&E1"
          ServiceName is "pci"
          State = DeviceNodeStarted (0x308)
          Previous State = DeviceNodeEnumerateCompletion (0x30d)
          DevNode 0x89c63350 for PDO 0x89c63820
            InstancePath is "PCI\VEN_1B21&DEV_0612&SUBSYS_06121849&REV_02\4&12e73dd2&0&00E1"
            ServiceName is "storahci"
            State = DeviceNodeStarted (0x308)
            Previous State = DeviceNodeEnumerateCompletion (0x30d)
        DevNode 0x89cddb88 for PDO 0x89ceb7e0
          InstancePath is "PCI\VEN_8086&DEV_A292&SUBSYS_00000000&REV_F0\3&11583659&0&E2"
          ServiceName is "pci"
          State = DeviceNodeStarted (0x308)
          Previous State = DeviceNodeEnumerateCompletion (0x30d)
          DevNode 0x89c63c78 for PDO 0x89c63030
            InstancePath is "PCI\VEN_8086&DEV_1539&SUBSYS_15391849&REV_03\4&2880aa1&0&00E2"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
            Problem = CM_PROB_FAILED_INSTALL
        DevNode 0x89cdda68 for PDO 0x89ceb4a8
          InstancePath is "PCI\VEN_8086&DEV_A294&SUBSYS_00000000&REV_F0\3&11583659&0&E4"
          ServiceName is "pci"
          State = DeviceNodeStarted (0x308)
          Previous State = DeviceNodeEnumerateCompletion (0x30d)
          DevNode 0x89b19548 for PDO 0x89b19bb0
            InstancePath is "PCI\VEN_1B21&DEV_2142&SUBSYS_21421849&REV_00\4&1fc90664&0&00E4"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
            Problem = CM_PROB_FAILED_INSTALL
        DevNode 0x89cdd948 for PDO 0x89b1a030
          InstancePath is "PCI\VEN_8086&DEV_A298&SUBSYS_00000000&REV_F0\3&11583659&0&E8"
          ServiceName is "pci"
          State = DeviceNodeStarted (0x308)
          Previous State = DeviceNodeEnumerateCompletion (0x30d)
        DevNode 0x89cdd828 for PDO 0x89b1ae50
          InstancePath is "PCI\VEN_8086&DEV_A2C9&SUBSYS_00000000&REV_00\3&11583659&0&F8"
          ServiceName is "isapnp"
          State = DeviceNodeStarted (0x308)
          Previous State = DeviceNodeEnumerateCompletion (0x30d)
          DevNode 0x89b4a2e0 for PDO 0x89b4a030
            InstancePath is "ISAPNP\ReadDataPort\0"
            State = DeviceNodeStarted (0x308)
            Previous State = DeviceNodeEnumerateCompletion (0x30d)
          DevNode 0x89b4a1c0 for PDO 0x89b4af18
            InstancePath is "ACPI\PNP0C02\0"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
          DevNode 0x89cdc008 for PDO 0x89b4ae00
            InstancePath is "ACPI\PNP0303\0"
            ServiceName is "i8042prt"
            TargetDeviceNotify List - f 0xe10a5c10  b 0xe10a5c10
            State = DeviceNodeStarted (0x308)
            Previous State = DeviceNodeEnumerateCompletion (0x30d)
          DevNode 0x89cdcee8 for PDO 0x89b4ace8
            InstancePath is "ACPI\INT0800\4&e69c0be&0"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
          DevNode 0x89cdcdc8 for PDO 0x89b4abd0
            InstancePath is "ACPI\PNP0103\0"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
          DevNode 0x89cdcca8 for PDO 0x89b4aab8
            InstancePath is "ACPI\PNP0000\4&e69c0be&0"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
          DevNode 0x89cdcb88 for PDO 0x89b4a9a0
            InstancePath is "ACPI\PNP0C04\4&e69c0be&0"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
          DevNode 0x89cdca68 for PDO 0x89b4a888
            InstancePath is "ACPI\PNP0C02\2"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
          DevNode 0x89cdc948 for PDO 0x89b4a770
            InstancePath is "ACPI\PNP0C02\LPC_DEV"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
          DevNode 0x89cdc828 for PDO 0x89b4a658
            InstancePath is "ACPI\PNP0B00\4&e69c0be&0"
            State = DeviceNodeStarted (0x308)
            Previous State = DeviceNodeEnumerateCompletion (0x30d)
          DevNode 0x89cdc708 for PDO 0x89b4a540
            InstancePath is "ACPI\PNP0100\4&e69c0be&0"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
          DevNode 0x89cdc5e8 for PDO 0x89b4a428
            InstancePath is "ACPI\INT3F0D\4&e69c0be&0"
            State = DeviceNodeInitialized (0x302)
            Previous State = DeviceNodeUninitialized (0x301)
        DevNode 0x89cdd708 for PDO 0x89b1ac70
          InstancePath is "PCI\VEN_8086&DEV_A2A1&SUBSYS_A2A11849&REV_00\3&11583659&0&FA"
          State = DeviceNodeInitialized (0x302)
          Previous State = DeviceNodeUninitialized (0x301)
          Problem = CM_PROB_FAILED_INSTALL
        DevNode 0x89cdd5e8 for PDO 0x89b1a938
          InstancePath is "PCI\VEN_8086&DEV_A2F0&SUBSYS_12211849&REV_00\3&11583659&0&FB"
          State = DeviceNodeInitialized (0x302)
          Previous State = DeviceNodeUninitialized (0x301)
          Problem = CM_PROB_FAILED_INSTALL
        DevNode 0x89cdd4c8 for PDO 0x89b1a600
          InstancePath is "PCI\VEN_8086&DEV_A2A3&SUBSYS_A2A31849&REV_00\3&11583659&0&FC"
          State = DeviceNodeInitialized (0x302)
          Previous State = DeviceNodeUninitialized (0x301)
          Problem = CM_PROB_FAILED_INSTALL
        DevNode 0x89cdd3a8 for PDO 0x89b1a2c8
          InstancePath is "PCI\VEN_8086&DEV_15B8&SUBSYS_15B81849&REV_00\3&11583659&0&FE"
          State = DeviceNodeInitialized (0x302)
          Previous State = DeviceNodeUninitialized (0x301)
          Problem = CM_PROB_FAILED_INSTALL
        DevNode 0x89cdd288 for PDO 0x89c64f18
          InstancePath is "ACPI\PNP0C02\1"
          State = DeviceNodeInitialized (0x302)
          Previous State = DeviceNodeUninitialized (0x301)
        DevNode 0x89cdd168 for PDO 0x89c64e00
          InstancePath is "ACPI\PNP0C02\PCHRESV"
          State = DeviceNodeInitialized (0x302)
          Previous State = DeviceNodeUninitialized (0x301)
        DevNode 0x89c08008 for PDO 0x89c64ce8
          InstancePath is "ACPI\PNP0C02\IoTraps"
          State = DeviceNodeInitialized (0x302)
          Previous State = DeviceNodeUninitialized (0x301)
        DevNode 0x89c08ee8 for PDO 0x89c64bd0
          InstancePath is "ACPI\PNP0C02\5"
          State = DeviceNodeInitialized (0x302)
          Previous State = DeviceNodeUninitialized (0x301)
        DevNode 0x89c08dc8 for PDO 0x89c64ab8
          InstancePath is "ACPI\PNP0C14\MXM2"
          ServiceName is "WmiAcpi"
          State = DeviceNodeStarted (0x308)
          Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89cc7708 for PDO 0x89b6cbb8
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\_0"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89b6cee8 for PDO 0x89d111f8
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\_1"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89b6cdc8 for PDO 0x89cc7460
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\_2"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89c65240 for PDO 0x89dd8230
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\_3"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89c65120 for PDO 0x89da1790
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\_4"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89df36b8 for PDO 0x89cfd030
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\_5"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89df3598 for PDO 0x89cfdac0
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\_6"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89df3478 for PDO 0x89cc7bc0
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\_7"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89dd73d0 for PDO 0x89b6c9f0
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\_8"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89dd72b0 for PDO 0x89cfe4c8
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\_9"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89dd7190 for PDO 0x89cec8a8
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\10"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89b1bee8 for PDO 0x89cc71b8
        InstancePath is "ACPI\GenuineIntel_-_x86_Family_6_Model_158\11"
        ServiceName is "intelppm"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89b1bdc8 for PDO 0x89da0598
        InstancePath is "ACPI\PNP0C0E\2&daba3ff&0"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89b1bca8 for PDO 0x89cec680
        InstancePath is "ACPI\PNP0C14\TBFP"
        ServiceName is "WmiAcpi"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89cec360 for PDO 0x89cfd6a8
        InstancePath is "ACPI\PNP0C0C\2&daba3ff&0"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
      DevNode 0x89cec240 for PDO 0x89cfd590
        InstancePath is "ACPI\FixedButton\2&daba3ff&0"
        State = DeviceNodeStarted (0x308)
        Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89da28c8 for PDO 0x89da2a10
    InstancePath is "Root\dmio\0000"
    ServiceName is "dmio"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89da2688 for PDO 0x89da27d0
    InstancePath is "Root\firadisk\0000"
    ServiceName is "firadisk"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
    DevNode 0x89b5b270 for PDO 0x89b5b630
      InstancePath is "FIRADISK\CDROM\1&2b2f4947&0&1.1"
      ServiceName is "cdrom"
      TargetDeviceNotify List - f 0xe1000278  b 0xe10d7e28
      State = DeviceNodeStarted (0x308)
      Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89da2448 for PDO 0x89da2590
    InstancePath is "Root\ftdisk\0000"
    ServiceName is "ftdisk"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
    DevNode 0x89b5a920 for PDO 0x89b5aa68
      InstancePath is "STORAGE\Volume\1&30a96598&0&Signature444D0DD4Offset100000Length2542880000"
      TargetDeviceNotify List - f 0xe10c1690  b 0xe10c1690
      State = DeviceNodeStarted (0x308)
      Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89da21d0 for PDO 0x89da2318
    InstancePath is "Root\LEGACY_DMBOOT\0000"
    ServiceName is "dmboot"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89df2ee8 for PDO 0x89df2030
    InstancePath is "Root\LEGACY_DMLOAD\0000"
    ServiceName is "dmload"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89df2ca8 for PDO 0x89df2df0
    InstancePath is "Root\LEGACY_KSECDD\0000"
    ServiceName is "ksecdd"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89df2a68 for PDO 0x89df2bb0
    InstancePath is "Root\LEGACY_MOUNTMGR\0000"
    ServiceName is "mountmgr"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89df2828 for PDO 0x89df2970
    InstancePath is "Root\SYSTEM\0000"
    ServiceName is "swenum"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
    DevNode 0x89ca7908 for PDO 0x89b91dd0
      InstancePath is "SW\{eeab7790-c514-11d1-b42b-00805fc1270e}\asyncmac"
      State = DeviceNodeInitialized (0x302)
      Previous State = DeviceNodeUninitialized (0x301)
      Problem = CM_PROB_NOT_CONFIGURED
  DevNode 0x89df25e8 for PDO 0x89df2730
    InstancePath is "Root\SYSTEM\0001"
    ServiceName is "update"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89df23a8 for PDO 0x89df24f0
    InstancePath is "Root\SYSTEM\0002"
    ServiceName is "mssmbios"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89bc2c90 for PDO 0x89ba6a90
    InstancePath is "Root\LEGACY_AFD\0000"
    ServiceName is "AFD"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x899d9408 for PDO 0x89b81c08
    InstancePath is "Root\LEGACY_BEEP\0000"
    ServiceName is "Beep"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x899c04c8 for PDO 0x89c55d90
    InstancePath is "Root\LEGACY_FIPS\0000"
    ServiceName is "Fips"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x899bc5c0 for PDO 0x89ae0b48
    InstancePath is "Root\LEGACY_MNMDD\0000"
    ServiceName is "mnmdd"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89a5dbb8 for PDO 0x899c3858
    InstancePath is "Root\LEGACY_NDIS\0000"
    ServiceName is "NDIS"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89983db8 for PDO 0x89a5bee8
    InstancePath is "Root\LEGACY_NULL\0000"
    ServiceName is "Null"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x899d1700 for PDO 0x899d1e08
    InstancePath is "Root\LEGACY_PARTMGR\0000"
    ServiceName is "PartMgr"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x89bcf238 for PDO 0x89a6ff10
    InstancePath is "Root\LEGACY_PARVDM\0000"
    ServiceName is "ParVdm"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x8995b008 for PDO 0x89c23f10
    InstancePath is "Root\LEGACY_VGASAVE\0000"
    ServiceName is "VgaSave"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x898bf078 for PDO 0x8993b598
    InstancePath is "Root\LEGACY_VOLSNAP\0000"
    ServiceName is "VolSnap"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)
  DevNode 0x8987eb18 for PDO 0x89944310
    InstancePath is "ROOT\MEDIA\MS_MMMCI"
    State = DeviceNodeInitialized (0x302)
    Previous State = DeviceNodeUninitialized (0x301)
  DevNode 0x89923008 for PDO 0x898bda08
    InstancePath is "ROOT\MEDIA\MS_MMVID"
    State = DeviceNodeInitialized (0x302)
    Previous State = DeviceNodeUninitialized (0x301)
  DevNode 0x8997d268 for PDO 0x89894030
    InstancePath is "ROOT\MEDIA\MS_MMACM"
    State = DeviceNodeInitialized (0x302)
    Previous State = DeviceNodeUninitialized (0x301)
  DevNode 0x898c7680 for PDO 0x89923190
    InstancePath is "ROOT\MEDIA\MS_MMVCD"
    State = DeviceNodeInitialized (0x302)
    Previous State = DeviceNodeUninitialized (0x301)
  DevNode 0x89b899b0 for PDO 0x899ae608
    InstancePath is "ROOT\MEDIA\MS_MMDRV"
    State = DeviceNodeInitialized (0x302)
    Previous State = DeviceNodeUninitialized (0x301)
  DevNode 0x89b59960 for PDO 0x89b99d30
    InstancePath is "Root\LEGACY_SERIAL\0000"
    ServiceName is "Serial"
    State = DeviceNodeStarted (0x308)
    Previous State = DeviceNodeEnumerateCompletion (0x30d)

#8261diderius6When I continue with hitting "p" at Windbg it hangs still at network install
Dietmar

nt!KiIdleLoop+0xe:
80545d3a ff11            call    dword ptr [ecx]
6: kd> p
nt!KiIdleLoop+0x10:
80545d3c f390            pause
6: kd> p
nt!KiIdleLoop+0x12:
80545d3e fb              sti
6: kd> p
nt!KiIdleLoop+0x13:
80545d3f 90              nop
6: kd> p
nt!KiIdleLoop+0x14:
80545d40 90              nop
6: kd> p
nt!KiIdleLoop+0x15:
80545d41 fa              cli
6: kd> p
nt!KiIdleLoop+0x16:
80545d42 3b6d00          cmp     ebp,dword ptr [ebp]
6: kd> p
nt!KiIdleLoop+0x19:
80545d45 740d            je      nt!KiIdleLoop+0x28 (80545d54)
6: kd> p
nt!KiIdleLoop+0x28:
80545d54 83bb2801000000  cmp     dword ptr [ebx+128h],0
6: kd> p
nt!KiIdleLoop+0x2f:
80545d5b 74d7            je      nt!KiIdleLoop+0x8 (80545d34)
6: kd> p
nt!KiIdleLoop+0x8:
80545d34 8d8b500c0000    lea     ecx,[ebx+0C50h]
6: kd> p
nt!KiIdleLoop+0xe:
80545d3a ff11            call    dword ptr [ecx]
6: kd> p
nt!KiIdleLoop+0x10:
80545d3c f390            pause
6: kd> p
nt!KiIdleLoop+0x12:
80545d3e fb              sti
6: kd> p
nt!KiIdleLoop+0x13:
80545d3f 90              nop
6: kd> p
nt!KiIdleLoop+0x14:
80545d40 90              nop
6: kd> p
nt!KiIdleLoop+0x15:
80545d41 fa              cli
6: kd> p
nt!KiIdleLoop+0x16:
80545d42 3b6d00          cmp     ebp,dword ptr [ebp]
6: kd> p
nt!KiIdleLoop+0x19:
80545d45 740d            je      nt!KiIdleLoop+0x28 (80545d54)
6: kd> p
nt!KiIdleLoop+0x28:
80545d54 83bb2801000000  cmp     dword ptr [ebx+128h],0
6: kd> p
nt!KiIdleLoop+0x2f:
80545d5b 74d7            je      nt!KiIdleLoop+0x8 (80545d34)
6: kd> p
nt!KiIdleLoop+0x8:
80545d34 8d8b500c0000    lea     ecx,[ebx+0C50h]
6: kd> p
nt!KiIdleLoop+0xe:
80545d3a ff11            call    dword ptr [ecx]
6: kd> p
nt!KiIdleLoop+0x10:
80545d3c f390            pause
6: kd> p
nt!KiIdleLoop+0x12:
80545d3e fb              sti
6: kd> p
nt!KiIdleLoop+0x13:
80545d3f 90              nop
6: kd> p
nt!KiIdleLoop+0x14:
80545d40 90              nop

#8262George King⇗ @diderius6 Yes, I have all Windows XP SP3 ISO that exists in all languages. Same with UpdatePacks, thats also one of reasons to have XP2ESD project :)
Currently is for me enough to hear addons logic is correct (should be same method as original DriverPacks Base method). On XP2ESD will be always different method

⇗ @imadam__ I will upload you some testing image soon.
⇗ @infuscomus It will be great if you can test it too, this image will be mainly based on ported Generic drivers except Windows 8 AHCI, these images will have Windows 7 MSHACI driver instead

[TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8263diderius6I found the exact place, where XP GUI Setup hangs

 *** An Access Violation occurred in C:\WINDOWS\system32\svchost.exe -k netsvcs:

001b:7c802402 b8c0000000      mov     eax,0C0h
10: kd> p
The instruction at 7C9111E6 tried to read from 001b:7c802407 3945e0          cmp     dword ptr [ebp-20h],eax
10: kd> p
an invalid address, FFFFFFFF

001b:7c80240a 7402            je      7c80240e
10: kd> p
 *** enter .exr 042BFBE0 for the exception record
001b:7c80240c 33c0            xor     eax,eax
10: kd> p
 ***  enter .cxr 042BFBFC for the context
001b:7c80240e e8fe000000      call    7c802511
10: kd> p
 *** then kb to get the faulting stack

STACK_TEXT:  
805513ac 80545119 00000001 00000002 000000d1 nt!RtlpBreakWithStatusInstruction
805513ac f76f9162 00000001 00000002 000000d1 nt!KeUpdateSystemTime+0x175
80551450 80545d3c 00000000 0000000e 00000000 intelppm!AcpiC1Idle+0x12
80551454 00000000 0000000e 00000000 00000000 nt!KiIdleLoop+0x10
#8264diderius6Yesssa ,
I solve the problem with hanging XP SP3 setup after I see that it goes to the crazy timer with
modded XP SP3 5512 version files

acpi.sys laast outerspace )
hal.dll
intelppm.sys

Dietmar

EDIT: Direct setup to nvme device also works. But when you dont use an original XP SP3 CD, the message of allowing unsigned drivers is gone. So you get Bsod on 3. reboot 0x7B and you have to integrate the nvme driver by hand in registry (in System and also criticaldevicedatabase).



diderius6 has attached files to this post
#8265Mov AX, 0xDEAD
Zitat von ⇗ infuscomus im Beitrag ¶ #8257
@diderius6 @daniel_k @George King @Mov AX, 0xDEAD
If this forum closes (at least according to the announcement)
what forum are we going to move to?

MSFN -  similar sharing policy (i mean no direct links to copyrighted files)
MDL - allow links, but forum itself is unusable for non-registered readers

 

Page 552

#8266George King
Zitat von ⇗ infuscomus im Beitrag ¶ #8257
@diderius6 @daniel_k @George King @Mov AX, 0xDEAD

If this forum closes (at least according to the announcement)
what forum are we going to move to?



It sucks if it happends.

Then MDL, MSFN or maybe bring new life on WinCert? I asked N1K how is WinCert policy with modding files and drivers. [TOOL] POWIS - Powerful Windows Setup - Support Windows Vista, 7, 8.0, 8.1, 10, 11 and their Servers equivalent
⇗ https://forums.mydigitallife.net/threads...p-v1-0-1.83558/

[TOOL] XP2ESD - Create modern Windows XP installer
⇗ https://forums.mydigitallife.net/threads...nstaller.82935/
#8267konsheynDo you know how to implement driver if there is no DOSNET.INF. I'm trying to adopt XP Embedded, not  Integral edition
Thanks
#8268diderius6⇗ @George King

I make a try to overcome the crazy Signature Check for drivers on the XP SP3 install CD
for to enable direct install of XP SP3 on nvme device with the modded syssetup.dll from ⇗ @Mattiwatti

⇗ XP/W2k3 x64 on Modern Hardware (2)

But it does not help.
Still the stornvme.sys is not listed in path Windows\System32\drivers in Registry Services and also no entry in Criticaldevicedatabase. This gives Bsod 0x7B on 3. reboot.
I know, that this happens only because of missing driver signature in stornvme.sys .
May be, that someone here in the forum has an idea for to overcome the Signature Check on the XP SP3 CD
Dietmar

EDIT: I got it . The modded syssetup.dll from ⇗ @Mattiwatti works.
The problem was, that the Setup Routine of XP cant find stornvme.sy_
on the XP SP3 Install CD during GUI-Setup. This path you have to give by hand during this GUI-Setup.
With this modded syssetup.dll it is possible to give a path by hand.
Maybe it is possible, to do something more in the entries.ini file for stornvme.sys or in its stornvme.inf, so that this path is found automatically.
#8269diderius6I make a compare with Winhex,
what ⇗ @Mattiwatti changed in syssetup.dll , because I want to have German version of it.
Quite hard work via Ida Pro.
Here is the compare, left is original and right is modded version of syssetup.dll from
en_windows_xp_professional_with_service_pack_3_x86_cd_x14-80428.iso
Dietmar

1. F:\syssetupdllXPSP3moddd\syssetupORIengl\SYSSETUP\syssetup.dll: 990.208 Bytes
2. F:\syssetupdllXPSP3moddd\SYSSETUP\syssetup.dll: 990.208 Bytes
Offsets: hexadez.

  148:	DC	F8
  149:	27	F5
33BFE:	8B	31
33BFF:	F8	C0
33C00:	3B	31
33C01:	FE	FF
33C02:	75	90
33C03:	20	90
33DA6:	8B	31
33DA7:	F0	C0
33DA8:	85	31
33DAA:	75	90
33DAB:	17	90
35535:	0F	E9
35536:	84	A0
35537:	9F	00
3553A:	00	90
37F03:	3B	31
37F04:	C6	C0
37F0B:	75	90
37F0C:	3E	90

21 Abweichung(en) gefunden.


EDIT: Voila, here is modded german syssetup.dll XP SP3 via Ida Pro, nice idea goes to ⇗ @Mattiwatti

EDIT2: With my german modded syssetup.dll I cant choose the path for stornvme.sys and so again on 3. reboot
Bsod 0x7B.
I need to modd the syssetup.dll from a very last original german XP SP3 CD.


EDIT3: I take the syssetup.dll from
de_windows_xp_professional_with_service_pack_3_x86_cd_x14-80444.iso

Doing the same hacks, now I can choose the path for stornvme.sys
and it is complete German version (for example Programme instead of Program Files).

Now install of german XP SP3 direct to nvme device with the new driver from ⇗ @George King
is ultrafast and straight.



diderius6 has attached files to this post
#8270
#8271
#8272
#8273 plutomaniacThis thread has been deleted for continuous violation, even after warnings, of ⇗ Rule #17, among others.

Any modified driver must be clearly marked as such, include the source/modder and NOT involve any binary/signature components.

 

This thread has been closed.

Part 1    ◄   Part 2   ◄   Part 3   ◄   Part 4   ◄    Part 5