Windbg 中本地内核模式调试的局限性? [英] Limitations of Local Kernel Mode Debugging in Windbg?

问题描述

Windbg 中的本地内核模式调试选项是否有一些限制?

我在使用 VMWare Workstation 的 VM 中运行 Win XP SP3.主机操作系统为:Windows 7 SP1

我想在虚拟机内使用 Windbg 执行内核调试.

但是，很少有命令不起作用.例如，

lkd>!process -0 0进程 82cd38b0 SessionId: 0 Cid: 0cd4 Peb: 7ffd6000 ParentCid: 0638DirBase:0e740300 ObjectTable:e2474a10 HandleCount:43.图片:记事本.exeld>.process/i 82cd38b0^ '.process/i 82cd38b0' 中的当前调试错误不支持操作图片:记事本.exeld>!lmu未找到导出 lmu

所以，我的猜测是这些是windbg的本地内核模式调试选项的限制.

解决方案

本地内核模式调试非常有限，你甚至不能设置断点.在此处详细了解限制.>

通过来宾系统上的 COM 端口设置远程内核调试，并重定向到主机系统上的管道.然后就可以执行所有调试命令了.

Are there some limitations to the Local Kernel Mode Debugging option in Windbg?

I am running Win XP SP3 inside a VM using VMWare Workstation. The Host operating system is: Windows 7 SP1

I want to perform Kernel Debugging using Windbg inside the VM.

However, few commands are not working. For instance,

lkd> !process -0 0

PROCESS 82cd38b0  SessionId: 0  Cid: 0cd4    Peb: 7ffd6000  ParentCid: 0638
    DirBase: 0e740300  ObjectTable: e2474a10  HandleCount:  43.
    Image: notepad.exe

lkd> .process /i 82cd38b0
              ^ Operation not supported by current debuggee error in '.process /i 82cd38b0'
    Image: notepad.exe

lkd> !lmu
No export lmu found

So, my guess is that these are limitations of the local kernel mode debugging option of windbg.

解决方案

Local kernel mode debugging is very limited, you can't even set a breakpoint. More about limitations here.

Set up a remote kernel debug via COM port on the guest system with redirection to a pipe on the host system. Then you can execute all debugging commands.

这篇关于Windbg 中本地内核模式调试的局限性?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！