Damnation

@George King @Dietmar @Dave-H So we're still getting a DDB error even when using our usual DDB fix, so we're gonna need to get windbg running to find the exact cause of this one. I left a post with debugging instructions here -

@Dave-H can you post a screenshot of the A5 BSOD please?

@Dave-H If you're willing to do a fresh install that would save a lot of hassle getting this working. If you must preserve some existing data for whatever reason, make sure you do a backup!

@Dave-H That's outdated. here - https://ufile.io/yuxh9ziz first try the one in 5.1.2600.7777.4\i386_free do an "ACPI Multiprocessor PC" install with this one. report any problems.

@Dave-H Try switching to "ACPI Multiprocessor PC" with the newer acpi.sys

@Dave-H Have you tried any of the acpi.sys that have been built on this thread to see if they work for you?

@Dietmar I think I might have found a way to implement it, TBD~ edit: even using precompiled trap.obj I can't resolve missing externals.

@Dietmar @George King I'm not sure how to implement the KiSystemService function for all the ZwAlpc functions that msrpc.sys depends on. KiSystemService depends on alot of functions and is very large~

@Dietmar @George King most of the missing imports for msrpc.sys I added are just stubs right now i.e just return STATUS_SUCCESS I'll work on them tomorrow.

@George King This one builds successfully https://ufile.io/itvzfprv It froze in my VM, I'll work on this tomorrow.

@George King I'm targeting NDIS 6.3 Windows 7

@Dietmar OK, I'll check dependencies there.

@Dietmar I use CFF explorer to modify the import tables. here I modded them for you - https://ufile.io/5cxo9w60

yeah, although not tested yet. storport is unchanged. yeah I haven't changed the import tables of these drivers yet.

This one builds successfully https://ufile.io/itvzfprv

OK, all needed functions added for ndis6, although most are stubbed right now. edit: forgot NtQuerySystemInformationEx

I've noticed that this part mov eax, 0x14 seems to increment upwords for each ZwAlpc function - I wonder why?

@LanXing link https://ufile.io/w7fej333 pass 123 kdnet and instructions thanks to Mov Ax 0xDEAD

@sookoop Can you double check in task manager if all of the CPU cores are showing up?

@Mov AX, 0xDEAD for functions like ZwAlpcCancelMessage and others NTSYSCALLAPI NTSTATUS NTAPI ZwAlpcCancelMessage(_In_ HANDLE PortHandle, _In_ ULONG Flags, _In_ PALPC_CONTEXT_ATTR MessageContext ); void __stdcall _ZwAlpcCancelMessage@12( int p1, int p2, int p3 ) { __asm.pushfd(); _KiSystemService(); } in asm void __stdcall _ZwAlpcCancelMessage@12( int p1, int p2, int p3 ) { mov eax, 0x14 lea edx, [p1] pushfd push 0x8 call _KiSystemService; void __cdecl( void ) ret 0xC } how should we implement this? should we take KiSystemService from trap.asm?

@sookoop maybe you were accidentally using 32bit acpi.sys on 64bit windows 7? not sure.

some more~ added the HashTable functions with psuedocode.

@George King @LanXing @sookoop I noticed in your DDB fix download that you've swapped around the x86/x64 versions by mistake, so they're more than likely running the wrong versions for their architecture. This would explain the 7B BSOD.

@LanXing 7B BSOD is inaccessible storage device. you can get this BSOD from both an AHCI controller and USB3. I recommend using the XP Integral Edition's Optional Patch Integrator Script using options 1,3,4,5,7 and doing a fresh XP install. Once you have XP installed and running we can start debugging from there.

I made a start on ndis6 code in ntoskrn8.c