Hi,
I would like to know is there any option to step in to the driver code while debugging?
Now am depending on the logs from the driver, which are getting through ‘windbg’. I am using Windbg.
In windbg, i can see the options for step into, step out…in the menu. is it usable on kernel mode driver?
Can anybody help me?
Thanks in advance!
Nisheedh
Did you try it? How did it work for you?
Peter
OSR
Hi,
I didn’t tried that. I doubt, whether i could do that or not, since the driver code is time dependent.
have you tried this anytime?
regards
Nisheedh
What do you mean the driver code is time dependant? Most driver code is not
and cannot be, and if you are putting in DbgPrint statements to get logs,
your overhead is pretty high messing up the timing.
–
Don Burn (MVP, Windows DDK)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
wrote in message news:xxxxx@ntdev…
> Hi,
>
> I didn’t tried that. I doubt, whether i could do that or not, since the
> driver code is time dependent.
>
> have you tried this anytime?
>
>
> regards
> Nisheedh
>
>
> Information from ESET NOD32 Antivirus, version of virus
> signature database 3945 (20090318)
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
Information from ESET NOD32 Antivirus, version of virus signature database 3945 (20090318)
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
>>I didn’t tried that. I doubt, whether i could do that or not,
you can; with a target machine (physical/virtual) with ur driver running and a host machine with windbg.
a message of urs from another thread indicates that u r already aware abt what I posted.
so only confusion should be:
>since the driver code is time dependent. have you tried this anytime?
What exactly you meant by this?
you just need to have exact symbols loaded for the corresponding binary. put a BP at place and run the target. just this.
Aditya
Hi,
I have the windbg debugger setup and am working on this.
I couldn’t even put the breakpoint in my driver source code.
once i tried to put the breakpoint, then it displayed the message:Detach the debuggee…
So am confused!
can anybody help me ?
Thanks in advance!
Nisheedh
>>I couldn’t even put the breakpoint in my driver source code.
can you explain further or what message you got from windbg, at this point only possible suggestion could be the symbols, make sure you load exact symbols for the binary loaded.
I had loaded the correct symbols.
But the problem is when i try to put break point in any of the driver source file in the host, the debugger was not allowing to do so.
it was displaying the message, debuggee is connected.please detach the debuggee
Nisheedh
Did you break in and stop the computer? You can only set breakpoints when
the system is stopped. Take a copy of the output and paste it in your next
query, this current approach does not give enough data.
–
Don Burn (MVP, Windows DDK)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
wrote in message news:xxxxx@ntdev…
>I had loaded the correct symbols.
>
> But the problem is when i try to put break point in any of the driver
> source file in the host, the debugger was not allowing to do so.
>
> it was displaying the message, debuggee is connected.please detach the
> debuggee
>
>
> Nisheedh
>
>
>
>
>
> Information from ESET NOD32 Antivirus, version of virus
> signature database 3945 (20090318)
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
Information from ESET NOD32 Antivirus, version of virus signature database 3945 (20090318)
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
Hi Don Burn,
According to your reply, i assume we can put the breakpoint in the driver and step through the driver code.Am i right?
I will try your suggestion to break in to the target and then put the breakpoint.
Thanks for reply!
Nisheedh
2009/3/18 :
> I had loaded the correct symbols.
>
> But the problem is when i try to put break point in any of the driver source file in the host, the debugger was not allowing to do so.
>
> it was displaying the message, debuggee is connected.please detach the debuggee
>
>
> Nisheedh
>
Hi,
Did you break the debuggee first before you trying to set the
breakpoint? You can’t do anything when you see the message “Debuggee
is running”.
–
WH Tan
>>I will try your suggestion to break in to the target and then put the breakpoint.
If you were not trying this previously than you must be getting a message like “Debuggee must be stopped to set breakpoint”.
Isn’t this message clear enough?
Yes! thanks for reply!
Would you believe 10s of thousands of times for the past 15 years of using
winDbg.?
Have you read the documentation? What kind of driver level experience do you
have? This is beyond even a newbie question, and reeks of some thing either
asked as a joke or by a pointy haired boss (PHB).
You MUST be connected to a target machine running your driver, but WinDbg
does quite well in breaking into, stepping into and out of code.
–
The personal opinion of
Gary G. Little
wrote in message news:xxxxx@ntdev…
> Hi,
>
> I didn’t tried that. I doubt, whether i could do that or not, since the
> driver code is time dependent.
>
> have you tried this anytime?
>
>
> regards
> Nisheedh
>
How about this rest of Don’s reply - post the output.
Please,
mm
xxxxx@yahoo.co.in wrote:
Hi Don Burn,
According to your reply, i assume we can put the breakpoint in the driver and step through the driver code.Am i right?
I will try your suggestion to break in to the target and then put the breakpoint.
Thanks for reply!
Nisheedh
Hi,
To debug drivers, one main thing is you need 2 systems.
1.Debuggee(where the driver is loaded and running) . In this system, the
debug option should be enabled. Otherwise, you can’t break into this system.
To do this, you need to edit the startup options in My Computer > Properties
Advanced Settings. You need to add "/debug=ON option at the end of the
line.
2.Debugger( where you have your WinDbg installed). This system should be
used to control the execution of drivers.
How to put a breakpoint?
To do this, you need to provide the path for appropriate symbols of drivers
in WinDbg. Open the file where you want to put the breakpoint. Take the
cursor to the line and press F9. But, if you have to do this, you need to
break into the target by pressing ctrl + break which provides kd> prompt. If
breakpoint is applied, that line is marked in red by Windbg. You can even
check the existing breakpoints by issuing bl command in kd> prompt. Then,
you release the target machine. When driver encounters the breakpoint line,
it stops and then you can continue stepwise using F10(Step Over) or F11(Step
Into) options.
Regards,
Sathya
On Wed, Mar 18, 2009 at 10:44 PM, Martin O’Brien
wrote:
> How about this rest of Don’s reply - post the output.
>
> Please,
>
> mm
>
>
> xxxxx@yahoo.co.in wrote:
>
>> Hi Don Burn,
>>
>> According to your reply, i assume we can put the breakpoint in the driver
>> and step through the driver code.Am i right?
>>
>> I will try your suggestion to break in to the target and then put the
>> breakpoint.
>> Thanks for reply!
>>
>> Nisheedh
>>
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
windbg skills is not what helps getting a driver job these days 
– pa
Gary G. Little wrote:
Would you believe 10s of thousands of times for the past 15 years of
using winDbg.?Have you read the documentation? What kind of driver level experience do
you have? This is beyond even a newbie question, and reeks of some thing
either asked as a joke or by a pointy haired boss (PHB).You MUST be connected to a target machine running your driver, but
WinDbg does quite well in breaking into, stepping into and out of code.