1

Are there some limitations to the Local Kernel Mode Debugging option in Windbg?

I am running Win XP SP3 inside a VM using VMWare Workstation. The Host operating system is: Windows 7 SP1

I want to perform Kernel Debugging using Windbg inside the VM.

However, few commands are not working. For instance,

lkd> !process -0 0

PROCESS 82cd38b0  SessionId: 0  Cid: 0cd4    Peb: 7ffd6000  ParentCid: 0638
    DirBase: 0e740300  ObjectTable: e2474a10  HandleCount:  43.
    Image: notepad.exe

lkd> .process /i 82cd38b0
              ^ Operation not supported by current debuggee error in '.process /i 82cd38b0'
    Image: notepad.exe

lkd> !lmu
No export lmu found

So, my guess is that these are limitations of the local kernel mode debugging option of windbg.

Damien_The_Unbeliever
  • 234,701
  • 27
  • 340
  • 448
Neon Flash
  • 3,113
  • 12
  • 58
  • 96

1 Answers1

2

Local kernel mode debugging is very limited, you can't even set a breakpoint. More about limitations here.

Set up a remote kernel debug via COM port on the guest system with redirection to a pipe on the host system. Then you can execute all debugging commands.

Sergey Podobry
  • 7,101
  • 1
  • 41
  • 51
  • Thank you and yes I have been trying to get that set up. But I believe the response speed is a concern while connecting through a virtual serial port. – Neon Flash Jan 05 '12 at 15:26
  • Virtual serial port works much faster than the real one. For superspeed you can try VirtualKD: http://virtualkd.sysprogs.org/ – Sergey Podobry Jan 05 '12 at 15:50