Let’s say that I connected with WinDbg through serial port to debugee and want to see, what code is ececuted by specific driver. I cannot use breakpoint, since I have no idea what function can be executed. I need something like: get drivers list, select driver, get threads list, select thread, view thread stack.
Hello,
when you’re breaking-in in kd mode, you can view what individual processors do. To show if any of your drivers threads is ready, but not currently scheduled, you can use the !ready command. If a thread is ready, then you can set a breakpoint to a location in the stack-trace, and continue execution until you hit it.
GP
schrieb im Newsbeitrag news:…
> Let’s say that I connected with WinDbg through serial port to debugee and want to see, what code is ececuted by specific driver. I cannot use breakpoint, since I have no idea what function can be executed. I need something like: get drivers list, select driver, get threads list, select thread, view thread stack.
>
________________________________
This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the sender. This message contains confidential information and is intended only for the ricipient. If you are not the named addressee you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately by e-mail if you have received this e-mail by mistake and delete this e-mail from your system. If you are not the intended recipient you are notified that disclosing, copying, distributing or taking any action in reliance on the contents of this information is strictly prohibited.
Thanks. I managed to do this with !stacks command, and then running !thread command for the thread in RUNNING state.
Surprisingly, the process name in this thread is not one that I expect, but I see the thread stack and know where to set breakpoint.
>get drivers list,
lm or lmv
select driver,
No need in this ever.
get threads list,
some version of !process
select thread,
.thread
view thread stack.
kb
–
Maxim S. Shatskih
Windows DDK MVP
xxxxx@storagecraft.com
http://www.storagecraft.com
To get a list of modules/drivers
lmm*
To view functions and globals of a module:
x module_a!*
x module_a!*MyFunc* is the poor man’s " x module_a!* |grep MyFunc"
To set a bp on a function of a module (i.e break on function foo of module_a.sys):
bu module_a!foo
good luck,
Calvin