Similarly, breakpoints set with a user mode debugger won’t fire if a kernel mode component performs the modification, such as a system call or an IOCTL to a driver.
From: xxxxx@lists.osr.com [xxxxx@lists.osr.com] on behalf of Pavel Lebedynskiy [xxxxx@microsoft.com]
Sent: Thursday, July 19, 2012 3:04 PM
To: Windows System Software Devs Interest List
Subject: RE: RE:[ntdev] why memory break point does not work
Memory contents could be changed through a different virtual mapping (for example, the calling user app could write to the buffer’s user address from another thread) or through DMA. In either case data breakpoints set on the MDL’s system mapping would not fire.
Dummy pages are one common scenario in which MDL page contents can appear to change spontaneously:
http://msdn.microsoft.com/en-us/library/windows/hardware/gg463193.aspx
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of ren.j@263.net
Sent: Thursday, July 19, 2012 1:46 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] why memory break point does not work
The driver is installed on host machine A. I’m using my laptop B connecting to A using serial port. And the test is to boot a guest os on host A in Hyper-v.
I get the buffer using MmGetSystemAddressForMdlSafe, and copy data from my cache to the buffer. Interesting thing is that if I do memcmp right after memcpy, the two content of the two buffers are different. That is why I want to set a memory break point to find who is changing the memory.
Raj, this should be in kernel and the case you said should not apply, is that correct? The host machine is a clean installed 2008 so should have no antidebugged program.
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer