Neon Flash
Reputation: 3233
Limitations of Local Kernel Mode Debugging in Windbg?
Are there some limitations to the Local Kernel Mode Debugging option in Windbg?
I am running Win XP SP3 inside a VM using VMWare Workstation. The Host operating system is: Windows 7 SP1
I want to perform Kernel Debugging using Windbg inside the VM.
However, few commands are not working. For instance,
lkd> !process -0 0
PROCESS 82cd38b0 SessionId: 0 Cid: 0cd4 Peb: 7ffd6000 ParentCid: 0638
DirBase: 0e740300 ObjectTable: e2474a10 HandleCount: 43.
Image: notepad.exe
lkd> .process /i 82cd38b0
^ Operation not supported by current debuggee error in '.process /i 82cd38b0'
Image: notepad.exe
lkd> !lmu
No export lmu found
So, my guess is that these are limitations of the local kernel mode debugging option of windbg.
Upvotes: 1
Views: 3195
Answers (1)
Sergey Podobry
Reputation: 7199
Local kernel mode debugging is very limited, you can't even set a breakpoint. More about limitations here.
Set up a remote kernel debug via COM port on the guest system with redirection to a pipe on the host system. Then you can execute all debugging commands.
Upvotes: 2
Related Questions
- How to do hybrid user-mode/kernel-mode debugging?
- Windbg Local kernel debugging on a .sys file
- Kernel trace Windows 7 WinDbg
- Various debug modes of windbg
- Kernel-Mode driver debugging of a physical Machine
- Setting up remote kernel debugger with WinDbg
- Is there a hack/trick to enable local kernel debugging on Windows 7 x64
- Is it possible to use the threads/locals window when debugging a user process from kernel mode WinDBG?
- Kernel debugging?
- when and how to use windbg kernel debugging