[windbg] Replacing Boot Start Drivers and NT kernel debug version for Windows 2012 r2 RRS feed

  • Question

  • Hi,

           I need to replace BOOT-START modules at boot-time,I guess for that i need to change the NT kernel of debug version in windows OS 2012 r2 by kdfiles replacement . So, I am trying to replace ntkrnlmp.exe debug version in windows 2012 r2 which is provided in WDK 8 . I am unable to find the path of ntkrnlmp.exe in installed os(System Reserved) and as well as in windows image.. Please help me out how to replace ntknrlmp.exe for windows 2012 r2.
     or Is there any other way to replace BOOT-START modules through .kdfiles.
    Please refer replacing boot start drivers link mentioned

      It will be more helpful even if you say if there is any other methods to enable kernel debugging for a boot_start driver.

       Thanks in advance.

    Tuesday, June 2, 2015 8:31 AM


All replies

  • you will also need the chk Hal....BUT even you get them both loaded, chances are it will not work and some features may start randomly failing. This is because there other components on the system services since the wdk has released that rely on a serviced kernel and your chk kernel doesn't have those updates

    d -- This posting is provided "AS IS" with no warranties, and confers no rights.

    Wednesday, June 3, 2015 1:21 AM
  • Thanks for your suggestion.  My ultimate aim is that i'm developing a bus driver with startup type as service_boot_start.So to do kernel debugging,i have done the following steps:

    1)bcdedit / debug on

    2)bcdedit /bootdebug on

    3)I have checked my serial cable connectivity,it is in good condition by using break command in Windbg,so the teat machine gets breaked.)

    4)So after i rebooted the target machine, the kd files were not replacing when the start type as BOOT_START in my .INF file.But when i changed this to DEMAND_START in my .INF file,the kd file replacement is happening as expected.


           So what i want to do so that i can kernel debug my boot_start driver over serial kd files are not replacing.

    Thanks in advance

    Wednesday, June 3, 2015 5:28 AM