Friday, November 13, 2009

vmware fusion and kernel debugging

Server (Vm Target to be kernel debugged)
========================================
serial0.present = "TRUE"
serial0.pipe.endPoint = "server"
serial0.fileType = "pipe"
serial0.yieldOnMsrRead = "TRUE"
serial0.startConnected = "TRUE"
serial0.fileName = "/tmp/kdpipe"


Client (Vm Where you run windbg)
=============================
serial0.present = "TRUE"
serial0.pipe.endPoint = "client"
serial0.fileType = "pipe"
serial0.yieldOnMsrRead = "TRUE"
serial0.startConnected = "TRUE"
serial0.fileName = "/tmp/kdpipe"


On the target to be debugged
=============================
bcdedit /copy {current} /d "Microsoft Windows Vista [debugger disabled]"
bcdedit /debug ON
bcdedit /set {current} debugtype SERIAL
bcdedit /set {current} debugport 1
bcdedit /set {current} baudrate 115200
reg add "HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter" /v DEFAULT /t REG_DWORD /d 0xffffffff


_NT_SYMBOL_PATH=srv*c:\symbols*http://msdl.microsoft.com/download/symbols
Posted by at

4 comments:

  1. AnonymousApril 29, 2010 at 5:41 AM

    Very helpful! Robots rule!

    ReplyDelete
  2. UnknownAugust 29, 2011 at 11:54 AM

    This is awesome. It has several components missing I didn't find at the vmware website. Thanks so much.

    ReplyDelete
  3. AnonymousSeptember 1, 2012 at 7:20 AM

    With Fusion 5.0.0, this didn't work without adding tryNoRxLoss to the debugee. Without it, the debugger couldn't generate breaks and trap into the debugger. Note: I'm running OS X 10.8. Here are my settings

    Debugee:
    serial0.present = "TRUE"
    serial0.pipe.endPoint = "server"
    serial0.fileType = "pipe"
    serial0.fileName = "/tmp/kdpipe"
    serial0.tryNoRxLoss = "TRUE"
    serial0.yieldOnMsrRead = "TRUE"
    serial0.startConnected = "TRUE"

    Debugger:
    serial0.present = "TRUE"
    serial0.pipe.endPoint = "client"
    serial0.fileType = "pipe"
    serial0.yieldOnMsrRead = "TRUE"
    serial0.startConnected = "TRUE"
    serial0.fileName = "/tmp/kdpipe"

    ReplyDelete

Subscribe to: Post Comments (Atom)