Get Started with the Intel® Debug Extensions
- Intel® Debug Extensions for WinDbg* for IA JTAG debuggingIntel® Debug Extensions for WinDbg* for IA JTAG debugging (IA JTAG) enable the connection of WinDbg* to a target over the Joint Test Action Group (JTAG) interface. The server acts as a mediator and forwards the calls from WindDbg* to the IPC interface and back.
- Intel® Debug Extensions for WinDbg* for Intel® Processor TraceIntel® Debug Extensions for WinDbg* for Intel® Processor Trace (Intel® PT) are designed to help WinDbg* users by extending their debugging tool set with execution tracing. The extension allows for easy setup of Intel® PT by abstracting hardware configuration and then reconstructing and displaying execution flow from the collected trace data. It integrates with other WinDbg* features, such as symbolization and high-level source display. For more information on how to use this feature, see: Intel® Debug Extensions for WinDbg* for Intel® Processor Trace User and Reference Guide
- Intel® Debug Extensions for WinDbg* support for Microsoft* Hyper-VIntel® Debug Extensions for WinDbg* provide support for systems that have Microsoft* Hyper-V enabled. With this solution, you can use Intel® System Debugger JTAG functionality to debug target systems running under Virtualization-based Security (VBS). For more information on Microsoft Hyper-V, refer to the Microsoft documentation. For more information on the extension and virtual machine architecture, see the Intel® Debug Extensions for WinDbg* for Microsoft* Hyper-V Support - User Guide.
- Intel® Debug Extensions for WinDbg* support for debugging with WinDbg* Preview.Intel® Debug Extensions for WinDbg* provide support for debugging with WinDbg* Preview. With this solution, you can use Intel® System Debugger JTAG functionality to debug target systems withWinDbg* Preview. For more information on debugging using WinDbg* Preview, refer to the Microsoft* documentation.
- Intel® Debug Extensions for WinDbg* support for debugging Advanced Configuration and Power Interface (ACPI) Machine Language (AML) code.WinDbg* over the Intel® Direct Connect Interface (Intel® DCI) enables using the Microsoft* AMLI Debugger to debug Advanced Configuration and Power Interface (ACPI) Machine Language (AML) code. With WinDbg* over Intel® DCI, the Microsoft* AMLI Debugger is used as an extension to a native kernel debugger. For more information, refer to the corresponding User Guide
Using WinDbg* Themes
Using the Intel® Debug Extensions for
WinDbg* for IA JTAG debugging (IA JTAG)
- WinDbg* must have access to kernel symbols for the connection to succeed; therefore, you must set the symbol file path beforehand. Launch WinDbg* without using the batch script and set the symbol file path by selectingFile > Symbol File Path…and addingsrv*C:\Symbols*http://msdl.microsoft.com/download/symbolsto the path or by setting the_NT_symbol_pathglobal environment variable with a corresponding value. Save the workspace by selectingFile > Save Workspaceand close WinDbg*. You need to do this only once before the first use.
- Connect the host system to the target one with the Intel® In-Target Probe (Intel® ITP) or the Intel® Direct Connect Interface (Intel® DCI).
- Power one the probe and the target system.
- Chose the IPC provider to be used during the debugging session:
- OpenIPC. This is the default IPC provider.
- Intel® DFx Abstraction Layer (Intel® DAL).
- Depending on the provider selected, launch Intel® Debug Extensions for WinDbg* the following way:runwindbg_iajtag_console.batlocated at<the following way:install_dir>\system_debugger_<version>
- To use OpenIPC, choose any of the following options:
- Click the desktop icon or open theStart Menuand clickIntel® Debug Extensions for WinDbg*.
- Runwindbg_iajtag_console.batlocated at<install_dir>\system_debugger_<version>
- Launchiss_shell.batlocated in the root installation directory and runwindbg_dcito invoke WinDbg*.
- To use Intel® DAL, navigate to<, launch the command prompt, and run the following code line:install_dir>\system_debugger_<version>\windbg_iajtag_console.batDAL
- At this point, two Python* objects are available for debugging:
Executewindbg()to halt the target and run a WinDbg* session. After that, WinDbg* starts connecting to the target.You can halt the target any time afterwards by running thehalt()command.Connecting to the target can take several minutes. Do not enter any commands until the connection is fully established and the connection confirmation message is displayed (Target initialization succeeded).If the connection fails, you see an exception in the console. Check the network connection ifKDVersionBlockis not found. Run the target for a while if the kernel is not found.
- itp- Intel® ITP interface
- itpkd- wrapper over WinDbg* and kernel debug console
Collecting Stop Error Information
- List of loaded modules with offsets and symbols information
- Call stacks of all threads
- Output of the!analyze -v -fWinDbg* command.
Tracing Advanced Configuration and Power Interface (ACPI) BIOS
- Connect to your target
- Set a post-reset breakpoint by running the following command:forensic.set_init_breakpoint()
- Reset your target by running the following command:itp.resettarget()
- Remove the reset breakpoint with the following command:forensic.remove_init_breakpoint()
- Enable ACPI trace messages:acpi.amli_trace()
Using Intel® Debug Extensions for WinDbg*
with WinDbg* Preview
- Connect to the target.
- Launchiss_shell.batlocated in the installation root directory.
- Execute thewindbg_previewcommand to start WinDbg* Preview.
Using Intel® Debug Extensions for WinDbg*
for Microsoft* Hyper-V Support
- Power on the system and open the BIOS.
- Open theProcessorsubmenu. The processor settings menu may be located under any ofChipset,Advanced CPU configuration, orNorthbridgetabs.
- Enable Intel® Virtualization Technology (Intel® VT) for IA-32, Intel® 64 and Intel® Architecture. The settings might depend on the OEM and system BIOS.
- If the option is available, enable Intel® Virtualization Technology (Intel® VT) for Directed I/O (Intel® VT-d).
- ClickSaveand exit the BIOS.
- Windows* 10 Enterprise, Pro, or Education 64-bit Processor.
- CPU support for Virtual Machine Monitor Node Extension (Intel® Virtualization Technology (Intel® VT) for Connectivity (Intel® VT-c) on Intel CPUs).
- Minimum of 4 GB memory.
- Enable Microsoft Hyper-V using Windows* PowerShell:
- Launch the Windows PowerShell console as Administrator.
- Run the following command:Enable-WindowsOptionalFeature -Online -FeatureName Microsoft-Hyper-V -All
- When the installation is completed, reboot the system.
- Enable Microsoft Hyper-V through Settings:The Hyper-V role cannot be installed on Windows* 10 Home.
- Open Windows Settings and navigate toApps>Apps & features.
- On the right, clickPrograms and FeaturesunderRelated settings.
- SelectTurn Windows features on or off.
- Check theHyper-Vroot box:
- ClickOKand exit the settings.
- On the target system, execute the following commands from the command line:bcdedit /debug on bcdedit/sethypervisordebug on bcdedit/sethypervisorlaunchtype autoAdditionally, if you want to debug the process of loading the hypervisor, run the following command:bcdedit/setbootdebug on
- Reboot the target system.
Use Intel® Debug Extensions for WinDbg* over the Intel® Direct
Connect Interface (Intel® DCI)
- windbg_iajtag_console.batto launch the default Python*.
- windbg_iajtag_console.bat -rto launch IPython*.
- If the target is halted, the WinDbg* UI is launched into the currently halted context. If Microsoft* Hyper-V is active, WinDbg* will likely start within its context.
- If the target is not halted, the WinDbg* over Intel® DCI implementation breaks into NTOSKRNL (NT OS).
Run Control with Intel® Debug Extensions for WinDbg* over Intel®
- Break into the host kernel. From this point, WinDbg* is able to load symbols and KdBaseAddress found.
- Break into the probe mode after SMMENTRY event.
- Break into the probe mode after SMMEXIT event.
- Break into the probe mode after VMENTRY event
- Break into the probe mode after VMEXIT event
- To stop the execution of all general purpose cores, runhalt().
- To get information about all general purpose cores executing, runstatus()when the target is halted.
- To get information about the Microsoft* system application running in the halted debug context, runforensic.image_scans().
- To resume general purpose cores after stopping at a desired debug context, rungo().
Possible Root Causes
ERROR: Could not start kernel debugging using exdi: Unspecified error
ERROR: Could not start kernel debugging using exdi: Class not registered
ExdiIPC.dllfile was not registered correctly.
.dllfile as follows:
ERROR: Could not start kernel debugging using exdi: Specified module could not be found
ExdiIPC.dllfile was removed after the registration.
Reinstall the add-on and make sure that it is available at
ERROR: Could not start kernel debugging using exdi: Win32 error 0x87
The parameter is incorrect
dllhost.exeprocess froze after an abnormal termination of a debug session.
dllhost.exeprocess that has its Window Title set to
Consider using Sysinternals* Process Explorer software to view the Window Title of running processes.
The Intel® Debug Extensions for WinDbg* eXDI COM server was not registered with Windows* OS due to a faulty installation.
Register the eXDI COM server by running
The log file contains:
ERROR: No probe found. Please check probe connection and power.
Connection between the host and the probe is not correctly established. The probe is powered off or out of order.
Check the host connection to the probe and the probe power. Also, check if the probe drivers are correctly installed and working.
The log file contains:
ERROR: No active threads detected
WinDbg* is frozen.
WinDbg* is scanning memory to establish the connection. This can take several minutes. If the WinDbg* break was issued at the wrong time, the scanning process takes about 10 minutes.
Wait until the scanning is done.
ERROR: could not import runpy module
ModuleNotFoundError: No module named 'runpy'
The machine with Intel® System Debugger installed has not been cleaned.
Remove the folder
C:\Users\<username>\AppData\Local\Intel\windbg-ext-venvand restart WinDbg*.
Provides information about requirements and constraints and the commands of the Intel® Debug Extensions for WinDbg* for Intel® Processor Trace.
Provides information about the WinDbg* over Intel® DCI extension for Microsoft* Hyper-V support and describes architecture of virtual machines.
Provides information about using WinDbg* over Intel® DCI to enable the Microsoft* AMLI Debugger to debug ACPI Machine Language (AML) code.
Release Notes (available in the Intel® Registration Centre download page for Intel® System Debugger)
Contain the most up-to-date information about the Intel® System Debugger in general and Intel® Debug Extensions for WinDbg* in particular, including:
Intel® System Studio product page. See this page for support and instructions for obtaining the toolkit.
Intel® oneAPI product page. See this page for support and documentation for other toolkits.