Defrag Tools
WinDbg - Configure Kernel Debugging (1x27)
: 11, 2013
In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.
This installment goes over the cables and configuration steps required to set up kernel mode debugging.
We use these BCDEdit commands:
bcdedit
bcdedit /dbgsettings
bcdedit /dbgsettings 1394 channel:42
bcdedit /dbgsettings net hostip:192.168.0.10 port:50000 key:a.b.c.d
bcdedit /debug on
bcdedit /debug off
In the debug session, we use these commands:
.crash
.dump /f
lm
!lmi
.reload /f
!drvobj
!drvobj <module> 2
bl
bc *
be <N>
bd <N>
bp <function>
bm <wildcard>
x <wildcard>
g
Make sure you watch Defrag Tools Episode #1 and Defrag Tools Episode #23 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbol and source code resolution.