2,640
社区成员
发帖
与我相关
我的任务
分享windbg不能进行本地内核调试
各位好,我是一个驱动开发的初学者,碰到了点问题。
我在c:\boot.ini添加“/debug”选项,重启计算机。启动windbg,配置符号路径为:srv*c:\symbols*http://msdl.microsoft.com/download/symbols,然后进行本地内核调试,但好像什么都干不了。
比如,我输入bu命令,此时的信息是:
Connected to Windows XP 2600 x86 compatible target, ptr64 FALSE
Symbol search path is: srv*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
*******************************************************************************
WARNING: Local kernel debugging requires booting with /debug to work optimally.
*******************************************************************************
Windows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp2_gdr.080814-1233
Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055d700
Debug session time: Fri Apr 24 11:45:59.273 2009 (GMT+8)
System Uptime: 0 days 3:15:35.281
lkd> bu
^ Operation not supported by current debuggee error in 'bu'
我再随便输入一些命令,都不能正常的进行,请问各位高手,这是为什么?我该如何做?
我在c:\boot.ini添加“/debug”选项,重启计算机。启动windbg,配置符号路径为:srv*c:\symbols*http://msdl.microsoft.com/download/symbols,然后进行本地内核调试,但好像什么都干不了。
比如,我输入bu命令,此时的信息是:
Connected to Windows XP 2600 x86 compatible target, ptr64 FALSE
Symbol search path is: srv*c:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
*******************************************************************************
WARNING: Local kernel debugging requires booting with /debug to work optimally.
*******************************************************************************
Windows XP Kernel Version 2600 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp2_gdr.080814-1233
Kernel base = 0x804d8000 PsLoadedModuleList = 0x8055d700
Debug session time: Fri Apr 24 11:45:59.273 2009 (GMT+8)
System Uptime: 0 days 3:15:35.281
lkd> bu
^ Operation not supported by current debuggee error in 'bu'
我再随便输入一些命令,都不能正常的进行,请问各位高手,这是为什么?我该如何做?
...全文
请发表友善的回复…
发表回复
Zeroins 2009-05-03
- 打赏
- 举报
较新版本的windbg有本地内核调试功能,楼主的操作系统xp sp2也支持,但很多命令用不了。许多命令只能在双机内核调试时使用。
会思考的草 2009-04-30
- 打赏
- 举报
[Quote=引用 8 楼 joshua0137 的回复:]
据我所知不可以。但可以用虚拟机,在同一台机器上调试
[/Quote]
xp开始往后的windows都支持本机内核调试
据我所知不可以。但可以用虚拟机,在同一台机器上调试
[/Quote]
xp开始往后的windows都支持本机内核调试
捕鲸叉 2009-04-30
- 打赏
- 举报
据我所知不可以。但可以用虚拟机,在同一台机器上调试
会思考的草 2009-04-30
- 打赏
- 举报
Commands That Are Not Available
Not all commands are available in a local kernel debugging session. Typically, you cannot use any command that causes the target computer to stop, even momentarily, because you cannot resume operation.
In particular, you cannot use the following commands:
Execution commands, such as g (Go), p (Step), t (Trace), wt (Trace and Watch Data), tb (Trace to Next Branch), gh (Go with Exception Handled), and gn (Go with Exception Not Handled)
Shutdown and dump file commands, such as .crash, .dump, and .reboot
Breakpoint commands, such as bp, bu, ba, bc, bd, be, and bl
Register display commands, such as r and variations
Stack trace commands, such as k and variations
If you are performing local kernel debugging with WinDbg, all of the equivalent menu commands and buttons are also unavailable.
Commands That Are Available
All memory input and output commands are available. You can freely read from user memory and kernel memory. You can also write to memory. Make sure that you do not write to the wrong part of kernel memory, because it can corrupt data structures and frequently causes the computer to stop responding (that is, crash).
Not all commands are available in a local kernel debugging session. Typically, you cannot use any command that causes the target computer to stop, even momentarily, because you cannot resume operation.
In particular, you cannot use the following commands:
Execution commands, such as g (Go), p (Step), t (Trace), wt (Trace and Watch Data), tb (Trace to Next Branch), gh (Go with Exception Handled), and gn (Go with Exception Not Handled)
Shutdown and dump file commands, such as .crash, .dump, and .reboot
Breakpoint commands, such as bp, bu, ba, bc, bd, be, and bl
Register display commands, such as r and variations
Stack trace commands, such as k and variations
If you are performing local kernel debugging with WinDbg, all of the equivalent menu commands and buttons are also unavailable.
Commands That Are Available
All memory input and output commands are available. You can freely read from user memory and kernel memory. You can also write to memory. Make sure that you do not write to the wrong part of kernel memory, because it can corrupt data structures and frequently causes the computer to stop responding (that is, crash).
会思考的草 2009-04-30
- 打赏
- 举报
本机内核调试时,有些命令是不支持的。一般来说,不能使用任何使得目标机停止的命令,因为不能恢复操作,如bu。
Windbg的原理和SoftICE差别很大,windbg主要是进行双机调试,类似于嵌入式开发中上位机/下位机的概念。
现在内存都海量了,在Virtual PC中装一个check build windows xp,windbg用起来会很爽的,尤其是可以一边调试一边对照ida,还可以听歌。
Windbg的原理和SoftICE差别很大,windbg主要是进行双机调试,类似于嵌入式开发中上位机/下位机的概念。
现在内存都海量了,在Virtual PC中装一个check build windows xp,windbg用起来会很爽的,尤其是可以一边调试一边对照ida,还可以听歌。
qgw_2000 2009-04-29
- 打赏
- 举报
恩,windbg是支持local kernel debugging的。
gyk120 2009-04-29
- 打赏
- 举报
WinDBG一般是虚拟机双机调试,楼主可以参考下《天书夜读》相关的内容……
mirrorlaker 2009-04-28
- 打赏
- 举报
我给你一些我的经验:一般做驱动的公司都是使用串口连接两台机器进行设备驱动程序调试,一台是Debug Machine,另一台是Host Machine。更高级的是使用IEEE1394线进行调试,优点是速度比串口快很多,而且稳定。
至于单机调试,推荐使用SoftICE.
至于单机调试,推荐使用SoftICE.
taianmonkey 2009-04-28
- 打赏
- 举报
在c:\boot.ini添加“/debug”选项 -- 是针对虚拟机的远程调试的,本地调试,只要下载了windows系统的符号文件,设定了加载符号文件的路径,就可以本地调试内核了!
wangk 2009-04-24
- 打赏
- 举报
对的,windbg不可以本地内核调试,你可以使用虚拟机进行windbg内核调试虚拟机。
另外可以本地内核调试的软件有Softice和syser。
google有更多信息。
另外可以本地内核调试的软件有Softice和syser。
google有更多信息。
