在内核调试模式下连接到目标机时,我无法中断 [英] I can't break when attaching to target machine in kernel debug mode

查看:474
本文介绍了在内核调试模式下连接到目标机时,我无法中断的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在开始一个包含Windows minifilter的原型。
我设置了我的环境:

I am starting a prototype including a Windows minifilter. I have set up my environment:


  • 目标虚拟机(实际上是3:Windows 7,8和8.1) / li>
  • 一台主机开发机(托管Visual Studio 2013和HyperV VM)

我终于管理将测试的Minifilter部署到目标机器,但我的问题是:

I finally managed to deploy the test minifilter to the target machine, but my problem is:

我无法打破目标机器中的内核。

当我进行构建并从Visual Studio Debugger启动时,结果如下:

When I make a build and start from Visual Studio Debugger, here is the result:

    -----------------------------------------------------------------------
-----------------------------------------------------------------------
                  Starting New Debugger Session         
-----------------------------------------------------------------------
-----------------------------------------------------------------------

Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

MONTLUC\pascal (npipe WinIDE_01CED6303D19BD92) connected at Thu Oct 31 12:56:31 2013

Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

Waiting for pipe \\montlucw81x64\pipe\dbg
Waiting to reconnect...
[12:56:32:860]: Removing any existing files from the remote driver folder
[12:56:33:121]: Removing any existing files from test execution folder

te.exe "%SystemDrive%\DriverTest\Run\DriverTestTasks.dll" /select:"@Name='DriverTestTasks::_DriverRemoval'" /p:"InfFile=passThrough.inf" /p:"Debug=1" /p:"ImportDriver=1" /p:"RemoveDriver=1" /p:"CertificateFile=package.cer" /p:"PackageGuid={A23BA0FC-7265-4E3C-B99F-1E7A04AD970D}" /rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml /enableWttLogging /wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Driver_Removal_(x64)_(possible_reboot)_00060.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*" /runas:Elevated
[12:56:56:926]: Result Summary: Total=1, Passed=1, Failed=0, Blocked=0, Warned=0, Skipped=0
[12:56:57:457]: Removing any existing files from test execution folder

te.exe "%SystemDrive%\DriverTest\Run\DriverTestTasks.dll" /select:"@Name='DriverTestTasks::_DriverPreparation'" /p:"InfFile=passThrough.inf" /p:"Debug=1" /p:"ImportDriver=1" /p:"RemoveDriver=1" /p:"CertificateFile=package.cer" /p:"PackageGuid={A23BA0FC-7265-4E3C-B99F-1E7A04AD970D}" /rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml /enableWttLogging /wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Driver_Preparation_(x64)_(possible_reboot)_00060.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*" /runas:Elevated
[12:57:00:437]: Result Summary: Total=1, Passed=1, Failed=0, Blocked=0, Warned=0, Skipped=0
[12:57:00:893]: Removing any existing files from test execution folder

te.exe "%SystemDrive%\DriverTest\Run\DriverTestTasks.dll" /select:"@Name='DriverTestTasks::_RunProcess'" /p:"BinaryPath=rundll32" /p:"Arguments=setupapi,InstallHinfSection DefaultInstall 132 C:\DriverTest\Drivers\passthrough.inf" /p:"ExitCodes=0" /p:"WorkingFolder=%SystemDrive%\DriverTest\Drivers" /p:"LogOutput=1" /rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml /enableWttLogging /wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Driver_Install_(x64)_(possible_reboot)_00025.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*" /runas:Elevated
[12:57:03:916]: Result Summary: Total=1, Passed=1, Failed=0, Blocked=0, Warned=0, Skipped=0
[12:57:04:418]: Removing any existing files from test execution folder

te.exe "%SystemDrive%\DriverTest\Run\DriverTestTasks.dll" /select:"@Name='DriverTestTasks::_DriverPostInstall'" /rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml /enableWttLogging /wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Driver_Post_Install_Actions_(x64)_(possible_reboot)_00060.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*" /runas:Elevated
[12:57:06:139]: Result Summary: Total=1, Passed=1, Failed=0, Blocked=0, Warned=0, Skipped=0
[12:57:06:564]: Driver Installation summary:
[12:57:06:566]:   Driver Removal (x64) (possible reboot): Pass
[12:57:06:571]:   Driver Preparation (x64) (possible reboot): Pass
[12:57:06:578]:   Driver Install (x64) (possible reboot): Pass
[12:57:06:586]:   Driver Post Install Actions (x64) (possible reboot): Pass

当我尝试破解,没有什么发生。

And when I try to break, nothing happens.

当我坐ach直接到内核(使用VS菜单调试 - >附加到进程 - >内核调试 - >附加,我得到这样:

When I attach directly to the kernel (using VS menu "Debug" -> "Attach to process" -> "Kernel debugging" -> "Attach", I get this:

-----------------------------------------------------------------------
-----------------------------------------------------------------------
                  Starting New Debugger Session         
-----------------------------------------------------------------------
-----------------------------------------------------------------------

Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

MONTLUC\pascal (npipe WinIDE_01CED630A522D2F5) connected at Thu Oct 31 12:59:26 2013

Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

Waiting for pipe \\montlucw81x64\pipe\dbg
Waiting to reconnect...

但再一次,不可能打破。

But again, impossible to break.

我试过:


  • 所有目标主机(Windows 7,8和8.1),并得到相同的结果(是的,所有这些都正确配置为内核调试)

  • 使用网络而不是命名管道

  • 使用WinDBG而不是Visual Studio

但是我总是得到相同的结果:不可能打破这个!@#kernel!

But I always get the same result: impossible to break this !@# kernel!

Google不是我的朋友,我找不到任何类似的问题。

Google isn't my friend, I couldn't find any similar problem.

所以现在我想知道:


  • 我可以实际上没有连接到目标机器,尽管什么调试器说(但部署工作)?

  • HyperV和内核调试是否有问题?

任何想法欢迎!

编辑:我用一个真正的目标机器而不是一个虚拟的机器进行了测试,我也有同样的问题,所以这与Hyper-V无关。

Edit: I did a test with a real target machine instead of a virtual one, and I have the same problem, so this is not related to Hyper-V.

推荐答案

我解决了我的问题(我吮吸,因此我是)

I solved my problem (I suck, therefore I am)

简而言之,这两个机器必须配置用于内核调试。

In a nutshell, here is how the two machines must be configured for kernel debugging.

A。目标机器(Hyper-V VM)


  • 在串行COM1上配置内核调试(使用msconfig是最简单的方法) / li>
  • 配置Hyper-V计算机将COM1管道到命名管道(例如,\.\pipe\debug)

B。源计算机(Hyper-V主机托管目标)


  • 以管理模式运行WinDBG或VS(这是我的第一个错误)

  • 连接到命名管道与完全相同的名称(\.\pipe\debug)(这是我的第二个错误,我认为机器名称必须是实际的目标名称)

它工作得很好,在Visual Studio 2013下有一个很好的集成。
感谢所有回答的人)...和所有其他人阅读:)

It works just fine, with a nice integration under Visual Studio 2013. Thanks to all those who answered (nobody)... And all others who read :)

这篇关于在内核调试模式下连接到目标机时,我无法中断的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
开发方法最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆