Debugger commands (stack frame navigation) that makes my life easier

One thing that I have always found clunky is stack frame navigation in windbg/kd. Previously, I thought you had only a couple of options. The first option, if you are using WinDBG, is that you can bring up the call stack window. I have found that this is not a great thing to do b/c…

9

How to debug missing imports at driver load time

Debugging when your driver fails to load can be exasperating, especially if it is due to a missing import.  Windows 2000 would put up a dialog box telling the user which import was missing, but the user can’t do anything about it (unless she is the driver developer), so that dialog was removed post Windows…

8

Beware the shiny light that is MmIsAddressValid

This came up on NTDEV today and has come up in the past (both in the community and internally on the KMDF team).  MmIsAddressValid appears to be a great function given its name.  You pass in a kernel virtual address (VA from now on) and it returns TRUE is the pointer is valid and FALSE…

8

How to break in at the call site that invokes the break point

I think everyone at some point in time wants to embed a break point in there code, whether it be for debugging purposes, path tracing, or detecting edge conditions that have not yet been tested. When I hit a break point, I would prefer that the debugger break in at the call frame which needs…

8

How do I know which device interface is being opened?

Let’s say your device supports two interfaces and you want to expose both of them on the same device object. Furthermore, let’s say that the I/O interface to each device interface is different. For instance, let’s say that one interface allows only one create (e.g. it is exlusive) while the other allows unlimited handles opened…

8

Why is there an Ex and Io work item in WDM?

Have you ever looked at the work item APIs and wondered why there are two different types of work items? Or for that matter, why are there so many work item APIs? As Paul wrote last week, the work item API set has grown for Vista. Today I will try to explain how we got…

8

How to create an exclusive device or debug why your device is exclusive

Certain devices are exclusive access, or in simpler terms, only one handle can be opened for a particular device. A serial port is an example of an exclusive device; it would make no sense for 2 applications to have the port open because each would expect exclusive state with device plugged into the port and…

8

How to return the number of bytes required for a subsequent operation

A very common pattern is to allow a caller to ask for the number bytes (or elements) required and then ask for the data, many user mode Win32 APIs (like RegQueryValueEx) and kernel mode (like IoGetDeviceProperty) implement it. You first ask for the number of bytes needed (passing NULL and a pointer to a size),…

7

Debugger command (!list) that makes my life easier

Yesterday I introduced the dl command and demonstrated some of its limitations. Today I will talk about !list. Let’s take yesterday’s data structure, MY_DATA. What if the LIST_ENTRY is at the end of the structure or there is more data in your structure that fits into two pointer sized fields so that dl cannot display…

7