在内核调试模式下连接到目标机器时我无法中断

Question

我正在开始包括Windows微过滤器的原型.我已经设置了我的环境:

• 目标虚拟机(实际上是3:Windows 7,8和8.1)
• 主机开发机器(托管Visual Studio 2013和HyperV VM)

我终于设法将测试minifilter部署到目标机器,但我的问题是:

我无法破坏目标机器中的内核.

当我进行构建并从Visual Studio Debugger启动时,结果如下:

    -----------------------------------------------------------------------
-----------------------------------------------------------------------
                  Starting New Debugger Session         
-----------------------------------------------------------------------
-----------------------------------------------------------------------

Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

MONTLUC\pascal (npipe WinIDE_01CED6303D19BD92) connected at Thu Oct 31 12:56:31 2013

Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

Waiting for pipe \\montlucw81x64\pipe\dbg
Waiting to reconnect...
[12:56:32:860]: Removing any existing files from the remote driver folder
[12:56:33:121]: Removing any existing files from test execution folder

te.exe "%SystemDrive%\DriverTest\Run\DriverTestTasks.dll" /select:"@Name='DriverTestTasks::_DriverRemoval'" /p:"InfFile=passThrough.inf" /p:"Debug=1" /p:"ImportDriver=1" /p:"RemoveDriver=1" /p:"CertificateFile=package.cer" /p:"PackageGuid={A23BA0FC-7265-4E3C-B99F-1E7A04AD970D}" /rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml /enableWttLogging /wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Driver_Removal_(x64)_(possible_reboot)_00060.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*" /runas:Elevated
[12:56:56:926]: Result Summary: Total=1, Passed=1, Failed=0, Blocked=0, Warned=0, Skipped=0
[12:56:57:457]: Removing any existing files from test execution folder

te.exe "%SystemDrive%\DriverTest\Run\DriverTestTasks.dll" /select:"@Name='DriverTestTasks::_DriverPreparation'" /p:"InfFile=passThrough.inf" /p:"Debug=1" /p:"ImportDriver=1" /p:"RemoveDriver=1" /p:"CertificateFile=package.cer" /p:"PackageGuid={A23BA0FC-7265-4E3C-B99F-1E7A04AD970D}" /rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml /enableWttLogging /wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Driver_Preparation_(x64)_(possible_reboot)_00060.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*" /runas:Elevated
[12:57:00:437]: Result Summary: Total=1, Passed=1, Failed=0, Blocked=0, Warned=0, Skipped=0
[12:57:00:893]: Removing any existing files from test execution folder

te.exe "%SystemDrive%\DriverTest\Run\DriverTestTasks.dll" /select:"@Name='DriverTestTasks::_RunProcess'" /p:"BinaryPath=rundll32" /p:"Arguments=setupapi,InstallHinfSection DefaultInstall 132 C:\DriverTest\Drivers\passthrough.inf" /p:"ExitCodes=0" /p:"WorkingFolder=%SystemDrive%\DriverTest\Drivers" /p:"LogOutput=1" /rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml /enableWttLogging /wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Driver_Install_(x64)_(possible_reboot)_00025.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*" /runas:Elevated
[12:57:03:916]: Result Summary: Total=1, Passed=1, Failed=0, Blocked=0, Warned=0, Skipped=0
[12:57:04:418]: Removing any existing files from test execution folder

te.exe "%SystemDrive%\DriverTest\Run\DriverTestTasks.dll" /select:"@Name='DriverTestTasks::_DriverPostInstall'" /rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml /enableWttLogging /wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Driver_Post_Install_Actions_(x64)_(possible_reboot)_00060.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*" /runas:Elevated
[12:57:06:139]: Result Summary: Total=1, Passed=1, Failed=0, Blocked=0, Warned=0, Skipped=0
[12:57:06:564]: Driver Installation summary:
[12:57:06:566]:   Driver Removal (x64) (possible reboot): Pass
[12:57:06:571]:   Driver Preparation (x64) (possible reboot): Pass
[12:57:06:578]:   Driver Install (x64) (possible reboot): Pass
[12:57:06:586]:   Driver Post Install Actions (x64) (possible reboot): Pass

当我试图打破时,没有任何反应.

当我直接连接到内核时(使用VS菜单"Debug" - >"Attach to process" - >"Kernel debugging" - >"Attach",我得到这个:

-----------------------------------------------------------------------
-----------------------------------------------------------------------
                  Starting New Debugger Session         
-----------------------------------------------------------------------
-----------------------------------------------------------------------

Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

MONTLUC\pascal (npipe WinIDE_01CED630A522D2F5) connected at Thu Oct 31 12:59:26 2013

Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

Waiting for pipe \\montlucw81x64\pipe\dbg
Waiting to reconnect...

但同样,不可能打破.

我试过了 :

• 所有目标主机(Windows 7,8和8.1)并得到相同的结果(是的,所有这些都正确配置用于内核调试)
• 使用网络而不是命名管道
• 使用WinDBG而不是Visual Studio

但我总是得到同样的结果:不可能打破这个!@#kernel!

谷歌不是我的朋友,我找不到任何类似的问题.

所以现在我想知道:

• 我可以实际上没有连接到目标机器,尽管调试器说(但部署工作)？
• HyperV和内核调试会出现问题吗？

欢迎任何想法!

---

编辑:我用真正的目标机器而不是虚拟机器进行了测试,我遇到了同样的问题,所以这与Hyper-V无关.

Answer 1

我解决了我的问题(我很糟糕,因此我是)

简而言之,以下是必须如何配置两台机器进行内核调试.

A.目标机器(Hyper-V VM)

• 在串行COM1上配置内核调试(使用msconfig是最简单的方法)
• 配置Hyper-V计算机将COM1通过管道传输到命名管道(例如\.\ pipe\debug)

B.源机器(托管目标的Hyper-V主机)

• 在管理模式下运行WinDBG或VS(这是我的第一个错误)
• 连接到名称完全相同的命名管道(\.\ pipe\debug)(这是我的第二个错误,我认为机器名称必须是实际的目标名称)

它运行得很好,在Visual Studio 2013下有一个很好的集成.感谢所有回答的人(没人)......以及所有阅读过的人:)