Try reading through the kernel_debugging_tutorial.doc in the WinDBG
installation folder. You’ve already managed to get through the first portion
of the document, but it then goes on to talk about how you set breakpoints,
etc.
-scott
–
Scott Noone
Consulting Associate and Chief System Problem Analyst
OSR Open Systems Resources, Inc. http://www.osronline.com
“sneha alwani” wrote in message news:xxxxx@windbg… hello folks…
m a newbie in driver development… my team decided to start with driver debugging a mini filter driver before modifying one…
we have connect host n guest(VM) using windbg, both windows 7 but are not getting how to start debugging the driver code which is on the VM
To start we are using WDK sample -> Cdo minifilter Please if any1 cud help
hope you built it right and hope you installed the driver with the inf
thats comes with the sample
hope you have got your windbg setup and ready
i paste for xp-sp3 its same for win7 too just the utilities are
different bcdedit instead of boot.ini etc etc
C:\WinDDK\7600.16385.1\src\filesys\miniFilter\cdo>echo.& wmic process get Comman
dline /format:list | findstr cmd & wmic os get caption, csdversion /format:list
&build -ceZ
CommandLine=“C:\WINDOWS\system32\cmd.exe” /k C:\WinDDK\7600.16385.1\bin\setenv.b
at C:\WinDDK\7600.16385.1\ fre x86 WIN7
Caption=Microsoft Windows XP Professional
CSDVersion=Service Pack 3
BUILD: Compile and Link for x86
BUILD: Start time: Thu Feb 16 21:50:44 2012
BUILD: Examining c:\winddk\7600.16385.1\src\filesys\minifilter\cdo directory for
files to compile.
c:\winddk\7600.16385.1\src\filesys\minifilter\cdo Auto-cleaning queue for ‘W
DKSamples:x86fre’ (1 of 1 file(s) removed)
Invalidating OACR warning log for ‘WDKSamples:x86fre’
BUILD: Compiling and Linking c:\winddk\7600.16385.1\src\filesys\minifilter\cdo d
irectory
Configuring OACR for ‘WDKSamples:x86fre’ - Compiling resources - cdo.rc Compiling - cdoinit.c Compiling - cdooperations.c Compiling - generating code… Linking Executable - objfre_win7_x86\i386\cdo.sys BUILD: Finish time: Thu Feb 16 21:50:51 2012 BUILD: Done
kd> lm m cdo* start end module name f8d98000 f8da1000 cdo (deferred)
do a .reload /f to load the symbols to your module
kd> lm m cdo* start end module name f8d98000 f8da1000 cdo (private pdb symbols) c:\winddk\7600.16385.1\src\filesys\minifilter\cdo\objfre_win7_x86\i386\cdo.pdb
btw if you had # deined DBG then you can get the traces too
hope you have a lot of questions answered
btw net has a lot of info you only need to look i have never touched cdo before i started answering your question and i got all the info from net after i started typing the answer
On 2/16/12, Scott Noone wrote: > Hi, > > Try reading through the kernel_debugging_tutorial.doc in the WinDBG > installation folder. You’ve already managed to get through the first portion > of the document, but it then goes on to talk about how you set breakpoints, > etc. > > -scott > > – > Scott Noone > Consulting Associate and Chief System Problem Analyst > OSR Open Systems Resources, Inc. > http://www.osronline.com > > “sneha alwani” wrote in message news:xxxxx@windbg… > hello folks… > > m a newbie in driver development… > my team decided to start with driver debugging a mini filter driver before > modifying one… > > we have connect host n guest(VM) using windbg, both windows 7 > but are not getting how to start debugging the driver code which is on the > VM > > To start we are using WDK sample -> Cdo minifilter > Please if any1 cud help > > Thank you! > Regards > > > > > > — > WINDBG is sponsored by OSR > > For our schedule of WDF, WDM, debugging and other seminars visit: > http://www.osr.com/seminars > > To unsubscribe, visit the List Server section of OSR Online at > http://www.osronline.com/page.cfm?name=ListServer >
hey sorry i posted on the wrong thread
and thanks a lot for the solution!
I got wrong in one of the settings of Windbg, because of which Debugging
cud not proceed
Thanks raj and scott !!
On Thu, Feb 16, 2012 at 11:00 PM, raj_r wrote:
> some answers to your question in the thread system timer interrupt > > 1) start new thread for new questions > 2) hope you read the documentation > > http://msdn.microsoft.com/en-us/library/windows/hardware/ff539246(v=vs.85).aspx > > hope you built it right and hope you installed the driver with the inf > thats comes with the sample > > hope you have got your windbg setup and ready > > i paste for xp-sp3 its same for win7 too just the utilities are > different bcdedit instead of boot.ini etc etc > > > > C:\WinDDK\7600.16385.1\src\filesys\miniFilter\cdo>echo.& wmic process get > Comman > dline /format:list | findstr cmd & wmic os get caption, csdversion > /format:list > &build -ceZ > > CommandLine=“C:\WINDOWS\system32\cmd.exe” /k > C:\WinDDK\7600.16385.1\bin\setenv.b > at C:\WinDDK\7600.16385.1\ fre x86 WIN7 > > Caption=Microsoft Windows XP Professional > CSDVersion=Service Pack 3 > > BUILD: Compile and Link for x86 > BUILD: Start time: Thu Feb 16 21:50:44 2012 > BUILD: Examining c:\winddk\7600.16385.1\src\filesys\minifilter\cdo > directory for > files to compile. > c:\winddk\7600.16385.1\src\filesys\minifilter\cdo Auto-cleaning queue > for ‘W > DKSamples:x86fre’ (1 of 1 file(s) removed) > Invalidating OACR warning log for ‘WDKSamples:x86fre’ > BUILD: Compiling and Linking > c:\winddk\7600.16385.1\src\filesys\minifilter\cdo d > irectory > Configuring OACR for ‘WDKSamples:x86fre’ - > Compiling resources - cdo.rc > Compiling - cdoinit.c > Compiling - cdooperations.c > Compiling - generating code… > Linking Executable - objfre_win7_x86\i386\cdo.sys > BUILD: Finish time: Thu Feb 16 21:50:51 2012 > BUILD: Done > > 5 files compiled > 1 executable built > > C:\WinDDK\7600.16385.1\src\filesys\miniFilter\cdo> > > C:\WinDDK\7600.16385.1\src\filesys\miniFilter\cdo>copy cdo.inf > c:\sharedwithvm. > > 1 file(s) copied. > > C:\WinDDK\7600.16385.1\src\filesys\miniFilter\cdo>copy > .\objfre_win7_x86\i386\cd > o.sys c:\sharedwithvm. > 1 file(s) copied. > > C:\WinDDK\7600.16385.1\src\filesys\miniFilter\cdo> > > and in vm you have done > > > C:>md cdotest > > C:>cd cdotest > > C:\cdotest>copy y:*.* . > y:\cdo.inf > y:\cdo.sys > 2 file(s) copied. > > C:\cdotest>RUNDLL32.EXE SETUPAPI.DLL,InstallHinfSection DefaultInstall 128 > .\cdo > .inf > > C:\cdotest>fltmc load cdo > > > now you hit ctrl+break in windbg > > test your module with > > lm m cdo* > > kd> lm m cdo* > start end module name > f8d98000 f8da1000 cdo (deferred) > > do a .reload /f to load the symbols to your module > > kd> lm m cdo* > start end module name > f8d98000 f8da1000 cdo (private pdb symbols) > > c:\winddk\7600.16385.1\src\filesys\minifilter\cdo\objfre_win7_x86\i386\cdo.pdb > > check the functions you got to play with > > kd> x cdo!* > f8d9c074 cdo! __security_cookie_complement = 0x722832c > f8d9b030 cdo!KeTickCount = struct KSYSTEM_TIME > f8d9c000 cdo!CdoFastIoDispatch = struct FAST_IO_DISPATCH > f8d9c070 cdo! security_cookie = 0xf8dd7cd3 > f8d9c080 cdo!Globals = struct _CDO_GLOBAL_DATA > f8d9d112 cdo!CdoHandlePrivateClose (struct _IRP *) > f8d9d08e cdo!CdoHandlePrivateOpen (struct _IRP *) > > ----- > > f8d9b008 cdo!_imp _FltRegisterFilter = > f8d9b014 cdo!imp ExInitializeResourceLite = > f8d9b01c cdo!_imp__ExAcquireResourceExclusiveLite = > f8d9b044 cdo! ntoskrnl_NULL_THUNK_DATA = > f8d9902c cdo!FltStartFiltering = > f8d9e13c cdo!_NULL_IMPORT_DESCRIPTOR = > > set bps on your the function you want to play with > > since we already loaded it lets try unloading it > > lest set a bp at unload routine > > kd> bp cdo!Cdounload ; bl > 0 e f8d9d006 [c:\winddk\7600.16385.1\src\filesys\minifilter\cdo\cdoinit.c > @ 289] 0001 (0001) cdo!CdoUnload > > > and in vm lets do > > fltmc unload cdo > > and voila you hit it in windbg > > kd> bp cdo!Cdounload ; bl > 0 e f8d9d006 [c:\winddk\7600.16385.1\src\filesys\minifilter\cdo\cdoinit.c > @ 289] 0001 (0001) cdo!CdoUnload > > along side source too > > > { > > PAGED_CODE(); > > UNREFERENCED_PARAMETER( Flags ); > > DebugTrace( DEBUG_TRACE_LOAD_UNLOAD, > (“[Cdo]: Unloading driver\n”) ) > > btw if you had # deined DBG then you can get the traces too > > hope you have a lot of questions answered > > btw net has a lot of info you only need to look i have never touched > cdo before i started answering your question and i got all the info > from net after i started typing the answer > > > > > > > > > On 2/16/12, Scott Noone wrote: > > Hi, > > > > Try reading through the kernel_debugging_tutorial.doc in the WinDBG > > installation folder. You’ve already managed to get through the first > portion > > of the document, but it then goes on to talk about how you set > breakpoints, > > etc. > > > > -scott > > > > – > > Scott Noone > > Consulting Associate and Chief System Problem Analyst > > OSR Open Systems Resources, Inc. > > http://www.osronline.com > > > > “sneha alwani” wrote in message news:xxxxx@windbg. > … > > hello folks… > > > > m a newbie in driver development… > > my team decided to start with driver debugging a mini filter driver > before > > modifying one… > > > > we have connect host n guest(VM) using windbg, both windows 7 > > but are not getting how to start debugging the driver code which is on > the > > VM > > > > To start we are using WDK sample -> Cdo minifilter > > Please if any1 cud help > > > > Thank you! > > Regards > > > > > > > > > > > > — > > WINDBG is sponsored by OSR > > > > For our schedule of WDF, WDM, debugging and other seminars visit: > > http://www.osr.com/seminars > > > > To unsubscribe, visit the List Server section of OSR Online at > > http://www.osronline.com/page.cfm?name=ListServer > > > > — > WINDBG is sponsored by OSR > > For our schedule of WDF, WDM, debugging and other seminars visit: > http://www.osr.com/seminars > > To unsubscribe, visit the List Server section of OSR Online at > http://www.osronline.com/page.cfm?name=ListServer >
