kernel debugging on virtual machine

Let Host to debug its virtual machine

1. configure virtual machine to add a com port. refer here

set up a COM port for a named pipe (in VPC settings COM1 you can select named pipe and give it a name like \\.\pipe\ThePipe)

2. configure virtual operation system (vista) to enable debug and sets its output port. refer here

bcdedit /debug on

dcdedit /dbgsettings serial debugport:1 baudrate:115200

3. config host machine to connect to virtual machine

configure WinDbg to kernel debug (specify the same \\.\pipe\ThePipe in File\Kernel Debug, COM tab, Port text box).

4. Replace OS with checked ndis.sys

To disable WRP on windows vista. Install TakeOwnership.zip refer

here

5. You can start debug now.

Use !ndiskd.dbglevel, !ndiskd.dbgsystems

Technorati 标签: debug,ndis,virtual machine,hyper-v

dbgview for vista

Under vista, dbgview default does not show debug messages printed out from KdPrint(). In this case, you need add a registry

1. add a registry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter

2. add a DWORD DEFAULT=0xF

For more information, please see msdn here.

Test unsigned driver for windows server 2008 R2 x64

Windows server 2008 R2 x64 version require every kernel driver digitally assigned. To remove this constraint, we need install Driver Signature Enforcement Overrider. The first step is to disable UAC.