Using the “lm t n” command I can find a list of all modules loaded in
memory. But from this information, is there any way to find out where
in memory the driverobject, deviceobject and deviceextension is, and
what their data are?
–
- Developer
For much of this look at “Extensions for Debugging Plug and Play Drivers” in
the WinDBG doc’s.
–
Don Burn (MVP, Windows DDK)
Windows 2k/XP/2k3 Filesystem and Driver Consulting
Remove StopSpam from the email to reply
“Developer” wrote in message news:xxxxx@ntdev…
Using the “lm t n” command I can find a list of all modules loaded in
memory. But from this information, is there any way to find out where
in memory the driverobject, deviceobject and deviceextension is, and
what their data are?
–
- Developer
A few that I use all the time
!drvobj \driver<service name>
Or
!drvobj
(yes, it can take a string or a pointer value)
!devobj
!object \Device<br>(that will dump all the device objects on the machine)
!devnode 0 1 []
(will dump the entire pnp tree, if you specify the optional service
name, it will only show devices controlled by that service).
!devstack
(the pointer can be any devobj in the stack. This will give you each
devobj, their device extension and the devnode pointer value)
!devnode
(detailed info on the node itself, including state history)
d
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Developer
Sent: Monday, August 22, 2005 8:38 AM
To: Windows System Software Devs Interest List
Subject: [ntdev] finding devices through windbg
Using the “lm t n” command I can find a list of all modules loaded in
memory. But from this information, is there any way to find out where
in memory the driverobject, deviceobject and deviceextension is, and
what their data are?
–
- Developer
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
You are currently subscribed to ntdev as: unknown lmsubst tag argument:
‘’
To unsubscribe send a blank email to xxxxx@lists.osr.com
thanks a ton for your tips.
On 8/22/05, Doron Holan wrote:
> A few that I use all the time
>
> !drvobj \driver<service name>
> Or
> !drvobj
> (yes, it can take a string or a pointer value)
>
> !devobj
>
> !object \Device<br>> (that will dump all the device objects on the machine)
>
> !devnode 0 1 []
> (will dump the entire pnp tree, if you specify the optional service
> name, it will only show devices controlled by that service).
>
>
> !devstack
> (the pointer can be any devobj in the stack. This will give you each
> devobj, their device extension and the devnode pointer value)
>
> !devnode
> (detailed info on the node itself, including state history)
>
> d
>
>
>
>
> -----Original Message-----
> From: xxxxx@lists.osr.com
> [mailto:xxxxx@lists.osr.com] On Behalf Of Developer
> Sent: Monday, August 22, 2005 8:38 AM
> To: Windows System Software Devs Interest List
> Subject: [ntdev] finding devices through windbg
>
> Using the “lm t n” command I can find a list of all modules loaded in
> memory. But from this information, is there any way to find out where
> in memory the driverobject, deviceobject and deviceextension is, and
> what their data are?
>
>
> –
>
> - Developer
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: unknown lmsubst tag argument:
> ‘’
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
> —
> Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: unknown lmsubst tag argument: ‘’
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>
–
- Developer