![]() ![]() Along with these, Microsoft also introduced new logo certification requirements (WHQL Debug Capability) that required system integrators to pass a series of tests to demonstrate that the system was in fact kernel debuggable. With Windows 8 and it’s kernel cousin, Server 2012, Microsoft introduced to the public two more kernel debug transports – Network and USB 3.0. Microsoft needed a new efficient and effective means of supplying kernel debug transports to the IHVs and ISVs of the world. Serial ports and Firewire were disappearing from a significant portion of PCs (laptops, workstations, and servers alike) and there are significant issues with using the USB 2.0 kernel debug transport. Windows 8 Introduces Kernel Debugging over a Network Cable It’s biggest drawbacks are that it only supports virtual machines and you have to install a driver package (which may not amenable to the machine owner for various reasons). It’s by far the fastest kernel debugging transports in my experience and it’s a snap to install and configure. It has it’s quirks but it’s steadily improved over time. ![]() SysProg’s VirtualKD is an awesome framework. In practice, USB 2.0 kernel debugging is a gauntlet best avoided if at all possible. it may be wired internally to a webcam or card reader) and a relatively expensive (~$100 USD) USB 2.0 debug cable such as the NET20DC. It’s technically possible to do it, but it requires a specific port on the USB controller that may or may not be available (e.g. Debugging over USB 2.0 is a bit of a unicorn. ![]() Firewire virtualization isn’t possible with VMware (that I’m aware of anyways) and Firewire has steadily been dropped from a lot of OEM PCs in favor of USB 2.0 and more recently USB 3.0. Firewire brought to the table a huge increase in speed over serial while offering fairly straight forward hardware requirements. Serial bugging has been a bread and butter method forever, supporting both hardware and virtual machines (via virtualized serial ports) but it’s really really slow. Local debugging has serious limitations in that you can’t set breakpoints, view registers or stack traces, and are limited to debugging only those things that happen after the machine is fully booted and a user has logged in. Until Windows 8 there were only five ways to kernel debug a Windows machine: ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
March 2023
Categories |