Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

how to use windbg to kernel mode debug with livekd

518 views
Skip to first unread message

Johnliu

unread,
Jan 11, 2005, 5:00:16 PM1/11/05
to
I just downloaded the livekd.exe, the windbg needs to set up like comport
and buadrate fot taget machine. how to change it fot local debug?
thanks for your help!
John

Daniel Bucherer [MS]

unread,
Jan 12, 2005, 6:34:53 AM1/12/05
to
Hi John,

livekd.exe will deal with the connection itself and open up a kd.exe
text-mode debug window.

Are you having problems with that?

If yes, please elaborate so that we can look for a solution.

Cheers,

Daniel


Johnliu

unread,
Jan 12, 2005, 11:41:59 AM1/12/05
to
Thanks, Daniel
yes,livekd.exe opened up the kd.exe,but after this, it loaded
c:\windows\system32\livekd.dmp, I checked the file is 0kb. then it loaded
symbols,looks the kernel symbols is ok, load the user symbols fail. why
does it load user symbols? is it still ok? the information copy follows:

Loading Dump File [C:\WINDOWS\System32\livekd.dmp]
Kernel Dump File: Full address space is available

Comment: 'LiveKD live system view'
Symbol search path is:
C:\WINDOWS\Symbols\sp1free;srv*c:\windows\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is: C:\testdriver\test\toast
Windows XP Kernel Version 2600 (Service Pack 1) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp2.030422-1633
Kernel base = 0x804d4000 PsLoadedModuleList = 0x80543530
Debug session time: ***** Invalid
System Uptime: 0 days 3:41:17.776
WARNING: Process directory table base 1FC6C000 doesn't match CR3 1ABE9000
WARNING: Process directory table base 1FC6C000 doesn't match CR3 1ABE9000
Loading Kernel Symbols
..............................................................................................................................
Loading unloaded module list
.................
Loading User Symbols
.............................
*** ERROR: Module load completed but symbols could not be loaded for
LiveKdD.SYS
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 0, {0, 0, 0, 0}

Probably caused by : No_Image

Followup: MachineOwner
---------
*** Possible invalid call from 805344ff ( nt!ExFreePoolWithTag+0x3a7 )
*** Expected target 80531a1c ( nt!RtlpInterlockedPushEntrySList+0x0 )


Daniel Bucherer [MS]

unread,
Jan 13, 2005, 6:37:10 AM1/13/05
to
Hi John,

Johnliu wrote:
> Thanks, Daniel
> yes,livekd.exe opened up the kd.exe,but after this, it loaded
> c:\windows\system32\livekd.dmp, I checked the file is 0kb. then it
> loaded symbols,looks the kernel symbols is ok, load the user symbols
> fail. why does it load user symbols? is it still ok? the information
> copy follows:

All of this is fine - LiveKD creates a pseudo file and intercepts reads to
that file and translates them to memory access. Pretty smart construct, by
the way.

You can move around in that session like you would in a dump. That it
doesn't find symbols for livekd.sys shouldn't disturb you too much.

In other words, all is working as it should.

Are you missing anything? If yes, what?

Thanks,

Daniel


0 new messages