Help me in setting the WinDbg for kernel debugging

WINDBG
1

Hi All,
I am trying to set up WinDbg for debugging kernel mode driver.I am
taking help from
http://www.osronline.com/article.cfm?article=314 this article. so far it
seems to me that i am successful in establising connection between host and
target.i am saying this because i am not getting message " Debugee not
connected " But i am getting error msg like
Executable search path is:
*** ERROR: Symbol file could not be found. Defaulted to export symbols for
ntoskrnl.exe -
and i have few confusion that i want to understand from u expert people.i
would really be very thankful for ur help.

1:)
First is while setting the symbol file path according to me we only need to
give the path of that pdb file that we want to debug but in the article
along with the pdb file path some extra path has been given
C:\Debug;srv*e:\websymbols*http:\msdl.microsoft.com\download\symbols
in this case i understand that in c:\Debug the pdb file will be there which
need to be debugged .but i am confused about srv*e:\websymbols why this has
been appended in this path what is importance of this how i can use this if
suppose the case is different with me.another is when we already have given
the path of the pdb file that i want to debug then what is the need to give
the server path for downloading the symbol files in the case of article it
is .http:\msdl.microsoft.com\download\symbol.

2:)
Another confusion is what need to be done for Setting the Source File
Path.acording to me here we should give the path of that source file by
which i need to debug .but in the article there are so many path and because
of which i am totally confused.

according to my understanding
say suppose in my case the source file is in c:\MyDriver\

when i will compile this source successfully the pdb file along with sys
file will be created .

so for Setting the Symbol File Path i should give the following path
c:\MyDriver\objfre_wnet_x86\i386\MyDriver.pdb

and for Setting the Source File Path i should give the following path
C:\MyDriver

i also want to know if there is no internet connection available but symbol
file has been downloaded and installed on the host in that case what need to
be changed in setting in order to use the WinDbg between target and host for
kernel debugging.

forgive me if this question appears stupid to you expert people. i am
completly puzzled.

Tried the new MSN Messenger? It’s cool! Download now.
http://messenger.msn.com/Download/Default.aspx?mkt=en-in

2

No matter what you do, your symbol path should almost certainly end with
*http://msdl.microsoft.com/download/symbols. It is the path to the
Microsoft Symbol Store, which will server all symbols for all version of
Windows which currently have symbols available. I don’t know if you
mistyped the path in your post, or the article had it wrong, or your
e-mail program did a number on it, but make sure that your path ends
with the above, and not the one you posted (http:.…). The first part
of your symbol path needs to begin with srv*, and is followed by a local
folder to use as a symbol cache. If you wish, you can have multiple
local caches, or multiple paths altogether, but generally, all you needs
is the following, assuming that you will use c:\sym as your local
cache:

.sympath srv*c:\sym*http://msdl.microsoft.com/download/symbols

If you do not have a internet connection, or just wish to use download
symbols (which is probably not the best idea), then it is just a simple
path:

.sympath c:\sym;c:\windows\symbols

or something like that.

As for the source path, read about .srcpath in the WinDbg
documentation. Personally I have found that as long as you copy the pdb
to same folder as your sys file, and the local driver on which you
compiled is still available, you don’t have to set it, because WinDbg
will work it out itself.

mm

>> xxxxx@hotmail.com 2007-03-22 06:07 >>>
Hi All,
I am trying to set up WinDbg for debugging kernel mode driver.I
am
taking help from
http://www.osronline.com/article.cfm?article=314 this article. so far
it
seems to me that i am successful in establising connection between host
and
target.i am saying this because i am not getting message " Debugee not

connected " But i am getting error msg like
Executable search path is:
*** ERROR: Symbol file could not be found. Defaulted to export symbols
for
ntoskrnl.exe -
and i have few confusion that i want to understand from u expert
people.i
would really be very thankful for ur help.

1:)
First is while setting the symbol file path according to me we only
need to
give the path of that pdb file that we want to debug but in the article

along with the pdb file path some extra path has been given
C:\Debug;srv*e:\websymbols*http:\msdl.microsoft.com\download\symbols
in this case i understand that in c:\Debug the pdb file will be there
which
need to be debugged .but i am confused about srv*e:\websymbols why this
has
been appended in this path what is importance of this how i can use
this if
suppose the case is different with me.another is when we already have
given
the path of the pdb file that i want to debug then what is the need to
give
the server path for downloading the symbol files in the case of article
it
is .http:\msdl.microsoft.com\download\symbol.

2:)
Another confusion is what need to be done for Setting the Source File
Path.acording to me here we should give the path of that source file by

which i need to debug .but in the article there are so many path and
because
of which i am totally confused.

according to my understanding
say suppose in my case the source file is in c:\MyDriver\

when i will compile this source successfully the pdb file along with
sys
file will be created .

so for Setting the Symbol File Path i should give the following path
c:\MyDriver\objfre_wnet_x86\i386\MyDriver.pdb

and for Setting the Source File Path i should give the following path
C:\MyDriver

i also want to know if there is no internet connection available but
symbol
file has been downloaded and installed on the host in that case what
need to
be changed in setting in order to use the WinDbg between target and
host for
kernel debugging.

forgive me if this question appears stupid to you expert people. i am
completly puzzled.

Tried the new MSN Messenger? It’s cool! Download now.
http://messenger.msn.com/Download/Default.aspx?mkt=en-in

You are currently subscribed to windbg as: xxxxx@evitechnology.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

3

> but in the article along with the pdb file path some extra path

has been given
C:\Debug;srv*e:\websymbols*http:\msdl.microsoft.com\download\symbols

You have a mal-formed URL in your symbol search path. “http:\msdl.microsoft.com\download\symbols” is not a valid HTTP URL. The correct URL is “http://msdl.microsoft.com/download/symbols”. Forward slashes, not back-slashes, and two slashes before the domain name, not one.

From: xxxxx@lists.osr.com [xxxxx@lists.osr.com] On Behalf Of nayan kumar [xxxxx@hotmail.com]
Sent: Thursday, March 22, 2007 3:07 AM
To: Kernel Debugging Interest List
Subject: [windbg] Help me in setting the WinDbg for kernel debugging

Hi All,
I am trying to set up WinDbg for debugging kernel mode driver.I am
taking help from
http://www.osronline.com/article.cfm?article=314 this article. so far it
seems to me that i am successful in establising connection between host and
target.i am saying this because i am not getting message " Debugee not
connected " But i am getting error msg like
Executable search path is:
*** ERROR: Symbol file could not be found. Defaulted to export symbols for
ntoskrnl.exe -
and i have few confusion that i want to understand from u expert people.i
would really be very thankful for ur help.

1:)
First is while setting the symbol file path according to me we only need to
give the path of that pdb file that we want to debug but in the article
along with the pdb file path some extra path has been given
C:\Debug;srv*e:\websymbols*http:\msdl.microsoft.com\download\symbols
in this case i understand that in c:\Debug the pdb file will be there which
need to be debugged .but i am confused about srv*e:\websymbols why this has
been appended in this path what is importance of this how i can use this if
suppose the case is different with me.another is when we already have given
the path of the pdb file that i want to debug then what is the need to give
the server path for downloading the symbol files in the case of article it
is .http:\msdl.microsoft.com\download\symbol.

2:)
Another confusion is what need to be done for Setting the Source File
Path.acording to me here we should give the path of that source file by
which i need to debug .but in the article there are so many path and because
of which i am totally confused.

according to my understanding
say suppose in my case the source file is in c:\MyDriver\

when i will compile this source successfully the pdb file along with sys
file will be created .

so for Setting the Symbol File Path i should give the following path
c:\MyDriver\objfre_wnet_x86\i386\MyDriver.pdb

and for Setting the Source File Path i should give the following path
C:\MyDriver

i also want to know if there is no internet connection available but symbol
file has been downloaded and installed on the host in that case what need to
be changed in setting in order to use the WinDbg between target and host for
kernel debugging.

forgive me if this question appears stupid to you expert people. i am
completly puzzled.

Tried the new MSN Messenger? It?s cool! Download now.
http://messenger.msn.com/Download/Default.aspx?mkt=en-in

You are currently subscribed to windbg as: xxxxx@microsoft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

4

Hi Martin And Davis,
Thank you very much for ur assitence.I followed
your instruction and given the path of the local folder in which sys and pdb
files are located and it worked fine but new problem that i am facing now is
as the connection gets established between host and traget it seems to me
target stops responding because neither i am able to move the mouse pointer
on target nor i am able to use keboard for giving input to the target
system.

plz help me to come out from this problem .i would be very much thankfult to
you.

Best Regards
Nayan

Palate teasers: Straight from Master Chef Sanjeev Kapoor
http://content.msn.co.in/Lifestyle/Moreonlifestyle/LifestylePT_101106_1530.htm

5

check the break state…is your target is is in break state or running… in
ur host put “g” command in windbg ( kd> g)it will run your target…:slight_smile:

On 3/25/07, nayan kumar wrote:
>
>
> Hi Martin And Davis,
> Thank you very much for ur assitence.I followed
> your instruction and given the path of the local folder in which sys and
> pdb
> files are located and it worked fine but new problem that i am facing now
> is
> as the connection gets established between host and traget it seems to me
> target stops responding because neither i am able to move the mouse
> pointer
> on target nor i am able to use keboard for giving input to the target
> system.
>
> plz help me to come out from this problem .i would be very much thankfult
> to
> you.
>
> Best Regards
> Nayan
>
> _________________________________________________________________
> Palate teasers: Straight from Master Chef Sanjeev Kapoor
>
> http://content.msn.co.in/Lifestyle/Moreonlifestyle/LifestylePT_101106_1530.htm
>
>
> —
> You are currently subscribed to windbg as: xxxxx@gmail.com
> To unsubscribe send a blank email to xxxxx@lists.osr.com
>