Description from MSDN on how to setup your debugging session.
The setup procedure is :
- Setup 2 PCs, the first with your develop environment and the second which is the debug target. (Vista+Vista64 worked best for me)
- Setup a debugger connection by either using a Firewire cable or a Null-Modem cable. (Null-Modem works almost always, but Firewire is better from a performance standpoint. USB is expensive and didn't work out of the box for me ...)
- Setup the target computer to boot in 'debug' mode MSDN
- Having WinDbg running and waiting for a kernel connection, boot the target computer in debug mode.
- While boot up, WinDbg should print messages about the target system. Here you will see DbgPrint messages etc. (All DbgPrint is disabled per default in Vista (not in XP), and you must enable it link)
- You can set breakpoints in modules in WinDbg by defining breakpoints.
PS: bcdedit sometimes fails to setup the debug mode. I have no clue why. But there seems a certain order in which you must tell it the debug parameters. Trying different combination's does work wonders ... .
You can use commands in WinDbg when you break into the process. A couple of interesting ones :
- lm displays all modules currently loaded
- lm m pattern displays all modules satisfying the search condition (e.g. "lm m kernel32*"
- x module_name!function_name_pattern lists the symbols in the module (e.g. "kernel32!Create*")
- bl lists all currently set breakpoints
- bp module_name!function_name sets a breakpoint at the start of the function specified.
- bc * deletes all breakpoints
- .hh bp displays the help for "bp"
- .reload /u x.sys reloads the x.sys module debug settings. (this is helpful when you want to rebuild your project, and get a 'could not create x.pdb ...' message).
Enable all DbgPrint output under Vista :
enable_dbg_print_vista.reg
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter]
"DEFAULT"=dword:0000000f