Windows Driver debugging

For Windows Driver Developers BSOD(Blue Screen Of Death) is really headache to solve.To solve issue with any device driver it’s always suggested to go with Debugging techniques.

WinDbg is really good tool for driver debugging.That is used for Windows user mode and kernel mode debugging.

There are different ways to debug kernel mode driver.One of them is given below:

Kernel Mode Driver debugging using two PC:

This method is useful when  you want to debug driver when driver is running.In this method two PC can be used.Both PC can be connected with serial cable(RS-232)/Cross cable.

Host computer: WinDbg runs

Target computer: Driver runs

Target computer setting 

  1. Press Windows button + R , write msconfig .This shows dialog as below.Select Advanced Options as given below:

msconfig_1

Select Check box “Debug”,it enables Global debug setting.Select “Debug Port” and select debug port which is visible in your pc’s Device manager.

msconfig_2

Here I’ve selected COM1 with Baud rate of 115200.

msconfig_3

  • After this setting,press OK in this box and in System Configuration window.It ask for Restart option.Restart PC.
  • After pc restart , check Port section of Device manager,COM1 is not visible.Now port COM1 is configured for debugging.

Host computer setting

Need to Configure WinDbg and registry setting for show debugging message.

1.Registry Settings:

  • In driver Debug version,many DbgPrint/KdPrint is written. The problem: Your DbgPrint or KdPrint messages don’t appear in WinDbg (or KD) when you run your driver Windows OS.
  • To enable debug message,open Registry Editor(Press Windows + R and write regedit.exe).
  • Goto HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\ , right click on Session Manager ,go to New->Key.Make new key as Debug Print Filter.
  • regedit_2
  • Under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter .Create DWORD string value with name DEFAULT and modify its value to 0xffffffff.
  • regedit_1
  • Now,debug message is enable.

 

2.Configure WinDbg:

  • Open WinDbg with Administrator rights(Run as Administrator).
  • Select File -> Symbol File Path. Set as below:windbg_3
  •  It downloads symbols from windows website.You can add PDB files with same folder.
  • Then select File->Kernel Debug.

windbg_1

  • In COM section set Baud Rate = 115200, Port = COM1 and Select Reconnect check box.After setting this.Press OK.

windbg_2

  • After pressing OK,in WinDbg it may possible that it shows that Debuggee is not connected.
  • Restart Target PC,now it’ll show Debuggee is running message for target pc boot and it shows boot log.
  • This technique is helpful when we are having BSOD at boot time of Target PC.
  • If there is problem  in booting/BSOD came,then WinDbg stops giving message(break  execution) and print log of function names with address which are responsible for driver crash.
  • With function names,it log message of WinDbg shows error code and arguments value related to driver crash.

Using this post you can able to configure windows pc for debugging using WinDbg.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s