Hi,
I found nothing about this topic, so I hope someone can help me.

I debug a remote machine via serial port (vmware with named pipe) in kernel mode to test my network driver. I have an application which communicates with my driver and I have to do some debugging of my application (it's a "simple" user mode .exe file). I know the .attach command of WinDbg but it only works in user mode.

Thanks for your help, Jojo

---
WINDBG is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:


To unsubscribe, visit the List Server section of OSR Online at 

Try using command: ".process" and ".thread". For example:
 1. for find process: !process 0 0 my_tool.exe
 2. for switch context: .process /r/p <_EPROCESS_ADDR>

> is it possible to debug the program step-by-step
Yes:
 * set break point (f.e. ba e 1 )
 * when it is triggered - you can debug code step-by-step

- 显示引用文字 -

Look for 'Controlling the user mode debugger from the kernel mode debugger'
in the windbg docs.


Good luck,

mm

The main two points in my opinion when debugging user mode from a kernel debug connection are:

1) Process context - You're not necessarily in the correct process context when you break in with the debugger, so you need to force the correct process context somehow

2) The user mode module list and symbols aren't loaded by default, but you can load them with .reload /user

You're better off using .process /i if your target is XP and later, that will actually force a switch into the target process context (you hit Go in the debugger and then the target breaks in when that process context gets swapped in). If I need to set a breakpoint in a user mode process I usually:

.process /i
g
* Debuggee runs, breaks in sometime later *
.reload /user
ba e1 foo!bar

And you should be set.

Martin gave you a link to an alternate option, where you actually run a user mode debugger on the target machine and control it via the kernel connection. Very nifty as it gives you access to the user mode debugger commands as opposed to the kernel mode debugger commands, though it requires action on the target.

-scott

-- 
Scott Noone
Consulting Associate
OSR Open Systems Resources, Inc.



<> wrote in message news:62588@windbg...

Hi,
I found nothing about this topic, so I hope someone can help me.

I debug a remote machine via serial port (vmware with named pipe) in kernel mode to test my network driver. I have an application which communicates with my driver and I have to do some debugging of my application (it's a "simple" user mode .exe file). I know the .attach command of WinDbg but it only works in user mode.

Thanks for your help, Jojo

---

- 显示引用文字 -