I’m new to windbg. I wanted to be able to single-step through a Macro instruction-by-instruction. However, even when I use the step-into approach in Windbg, the debugger seems to step over it. I tried opening the Disassembly Window with the idea that the new view would change how the step-into operation works, but no luck.
Is there a way to do an instruction step so that Windbg doesn’t step over macro definitions?
For it to step on the assembly level you need go to the Debug menu and
uncheck the Source Mode option (do it by selecting the option).
–
Don Burn (MVP, Windows DDK)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
Remove StopSpam to reply
wrote in message news:xxxxx@windbg…
> I’m new to windbg. I wanted to be able to single-step through a Macro
> instruction-by-instruction. However, even when I use the step-into
> approach in Windbg, the debugger seems to step over it. I tried opening
> the Disassembly Window with the idea that the new view would change how
> the step-into operation works, but no luck.
>
> Is there a way to do an instruction step so that Windbg doesn’t step over
> macro definitions?
>
>
> Information from ESET NOD32 Antivirus, version of virus
> signature database 4031 (20090423)
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
Information from ESET NOD32 Antivirus, version of virus signature database 4031 (20090423)
The message was checked by ESET NOD32 Antivirus.
http://www.eset.com
Try uncheck “Source Mode” from DEBUG menu.
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@intel.com
Sent: Thursday, April 23, 2009 02:07 PM
To: Kernel Debugging Interest List
Subject: [windbg] Stepping into a Macro in Windbg
I’m new to windbg. I wanted to be able to single-step through a Macro instruction-by-instruction. However, even when I use the step-into approach in Windbg, the debugger seems to step over it. I tried opening the Disassembly Window with the idea that the new view would change how the step-into operation works, but no luck.
Is there a way to do an instruction step so that Windbg doesn’t step over macro definitions?
WINDBG is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
On 4/24/09, xxxxx@intel.com wrote:
> I’m new to windbg. I wanted to be able to single-step through a Macro
> instruction-by-instruction. However, even when I use the step-into approach
> in Windbg, the debugger seems to step over it. I tried opening the
> Disassembly Window with the idea that the new view would change how the
> step-into operation works, but no luck.
>
> Is there a way to do an instruction step so that Windbg doesn’t step over
> macro definitions?
type l+t and l-t in windbg command line to toggle src mode and asm mode
in src mode it is one src line at a time
in asm mode its one execution at a time
0:000> g
Breakpoint 0 hit
eax=00260f40 ebx=00000000 ecx=004010e4 edx=7c90eb94 esi=000829e0
edi=7c80aa49
eip=00401c90 esp=0006ff7c ebp=0006ffc0 iopl=0 nv up ei pl zr na pe
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000246
ThanksPavel!main:
00401c90 8bff mov edi,edi
0:000> l+t
Source options are 1:
1/t - Step/trace by source line
0:000> p
eax=00260f40 ebx=00000000 ecx=004010e4 edx=7c90eb94 esi=000829e0
edi=7c80aa49
eip=00401c98 esp=0006ff6c ebp=0006ff78 iopl=0 nv up ei pl nz ac pe
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000216
ThanksPavel!main+0x8:
00401c98 c745f403000000 mov dword ptr [ebp-0Ch],3
ss:0023:0006ff6c=00401f95
0:000>
eax=00260f40 ebx=00000000 ecx=004010e4 edx=7c90eb94 esi=000829e0
edi=7c80aa49
eip=00401c9f esp=0006ff6c ebp=0006ff78 iopl=0 nv up ei pl nz ac pe
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000216
ThanksPavel!main+0xf:
00401c9f c745f808000000 mov dword ptr [ebp-8],8
ss:0023:0006ff70={ThanksPavel!__xi_z (004010f4)}
0:000>
eax=00260f40 ebx=00000000 ecx=004010e4 edx=7c90eb94 esi=000829e0
edi=7c80aa49
eip=00401ca6 esp=0006ff6c ebp=0006ff78 iopl=0 nv up ei pl nz ac pe
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000216
ThanksPavel!main+0x16:
00401ca6 c745fc10000000 mov dword ptr [ebp-4],10h
ss:0023:0006ff74=0006ffc0
0:000>
eax=00260f40 ebx=00000000 ecx=004010e4 edx=7c90eb94 esi=000829e0
edi=7c80aa49
eip=00401cad esp=0006ff6c ebp=0006ff78 iopl=0 nv up ei pl nz ac pe
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000216
ThanksPavel!main+0x1d:
00401cad 6838114000 push offset ThanksPavel!`string’ (00401138)
0:000>
eax=0000006d ebx=00000000 ecx=00407160 edx=00190608 esi=000829e0
edi=7c80aa49
eip=00401cba esp=0006ff6c ebp=0006ff78 iopl=0 nv up ei pl nz na pe
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000206
ThanksPavel!main+0x2a:
00401cba 8b45fc mov eax,dword ptr [ebp-4]
ss:0023:0006ff74=00000010
0:000> l-t
Source options are 0:
None
0:000> p
eax=00000010 ebx=00000000 ecx=00407160 edx=00190608 esi=000829e0
edi=7c80aa49
eip=00401cbd esp=0006ff6c ebp=0006ff78 iopl=0 nv up ei pl nz na pe
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000206
ThanksPavel!main+0x2d:
00401cbd 50 push eax
0:000>
eax=00000010 ebx=00000000 ecx=00407160 edx=00190608 esi=000829e0
edi=7c80aa49
eip=00401cbe esp=0006ff68 ebp=0006ff78 iopl=0 nv up ei pl nz na pe
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000206
ThanksPavel!main+0x2e:
00401cbe 8b4df8 mov ecx,dword ptr [ebp-8]
ss:0023:0006ff70=00000008
0:000>
eax=00000010 ebx=00000000 ecx=00000008 edx=00190608 esi=000829e0
edi=7c80aa49
eip=00401cc1 esp=0006ff68 ebp=0006ff78 iopl=0 nv up ei pl nz na pe
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000206
ThanksPavel!main+0x31:
00401cc1 51 push ecx
0:000> l+t
Source options are 1:
1/t - Step/trace by source line
0:000> p
eax=00000007 ebx=00000000 ecx=00407160 edx=7c90eb94 esi=000829e0
edi=7c80aa49
eip=00401cd3 esp=0006ff6c ebp=0006ff78 iopl=0 nv up ei pl nz na pe
nc
cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000
efl=00000206
ThanksPavel!main+0x43:
00401cd3 33c0 xor eax,eax
if you notice the instruction counter you will see the difference between
src mode and asm mode and single stepping effect
on both of them
the code in both case in above snippet is a simple printf();
regards
raj