Local Kernel Debugging on Windows 7 - WinDBG and LiveKD both give errors

1

This error is on Windows 7 Home Premium on my laptop (x64). I am trying to learn more about Windows Internals by using local kernel debugging in WinDBG, followed by LiveKD. I have Windows Debugging Tools for Windows 7 installed.

I keep getting the following errors - what could be wrong (in the screenshot I use kd instead of windbg to capture the error message; the shell is run as administrator)? I tried running LiveKD because WinDBG was failing. I just wanted to look at internal data structures.

BTW, WinDBG asked me to run "bcdedit -debug on and reboot to enable it" - I ran it and rebooted the machine. There was no change in the boot sequence - the machine booted directly into Windows 7 as usual.

C:\Windows\system32>kd -kl

Microsoft (R) Windows Debugger Version 6.12.0002.633 X86
Copyright (c) Microsoft Corporation. All rights reserved.

The system does not support local kernel debugging.
Local kernel debugging requires Windows XP, Administrative privileges.
Local kernel debugging dose not support WOW64, please run local kernel debugging
 from 64-bit native debugger.
Only a single local kernel debugging session can run at a time.
Local kernel debugging is disabled by default since Windows Vista, you must run
"bcdedit -debug on" and reboot to enable it.
Debuggee initialization failed, HRESULT 0x80004001
    "Not implemented"

C:\Windows\system32>livekd

LiveKd v5.1 - Execute kd/windbg on a live system
Sysinternals - www.sysinternals.com
Copyright (C) 2000-2012 Mark Russinovich and Ken Johnson

LiveKd requires Dbghelp.dll. Download the Debugging Tools package from
www.microsoft.com/whdc/ddk/debugging.


Exiting LiveKd.


C:\Windows\system32>where dbghelp.dll
C:\Windows\System32\dbghelp.dll
C:\Program Files (x86)\Debugging Tools for Windows (x86)\dbghelp.dll

C:\Windows\system32>
windows-7
windbg
asked on Super User Feb 10, 2014 by ARV

2 Answers

1

I managed to fix it by re-installing debugging tools for windows. To do this, I first uninstalled it, and downloaded the x64 Windows 7 SDK ISO from this link (http://www.microsoft.com/en-us/download/details.aspx?id=8442). The file name is GRMSDKX_EN_DVD.iso. Be sure to check the SHA1 checksum of the downloaded ISO image - in my case, my first download was incomplete and the installation didn't go smoothly. I chose to install only the WinDBG tools the second time and now I can debug the kernel locally. After I downloaded the latest version of SysInternals suite, I am also able to run LiveKD without any issues.

answered on Super User Feb 10, 2014 by ARV
1

I run into the same situation once. Yet figure out what happened to me was that I forgot to run windbg as administrator. Basically to enable local kernel debugging on Windows 7, only few steps are needed.

  1. start cmd as Administrator, run 'bcdedit -debug on'
  2. reboot
  3. (optional) install symbols
  4. install windbg (x64 if you are using windows 7 64bit, otherwise install x86.)
  5. run windbg as Administrator
  6. set symbol path in windbg menu
  7. enjoy it, there should be no more errors.
answered on Super User May 3, 2015 by Alan Duan

User contributions licensed under CC BY-SA 3.0