Debugging Tools for Windows

Other Data Spaces

In kernel-mode debugging, it is possible to read and write data to a variety of data spaces in addition to the main memory and registers. The following data spaces can be accessed:

System Bus
The methods ReadBusData and WriteBusData read and write system bus data.
Control-Space Memory
The methods ReadControl and WriteControl read and write control-space memory.
I/O Memory.
The methods ReadIo and WriteIo read and write system and bus I/O memory.
Model Specific Register (MSR)
The methods ReadMsr and WriteMsr read and write MSRs, which are control registers that enable and disable features, and support debugging, for a particular model of CPU.

Handles

In user-mode debugging, information about system objects can be obtained using system handles owned by a target process. The method ReadHandleData can be used to read this information.

System handles for thread and process system objects can be obtained by using the GetCurrentThreadHandle and GetCurrentProcessHandle methods. These handles are also provided to the IDebugEventCallbacks::CreateThread and IDebugEventCallbacks::CreateProcess callback methods when create-thread and create-process debugging event occur.

Note  In kernel mode, the process and thread handles are artificial handles. They are not system handles.


© 2008 Microsoft Corporation
Send feedback on this topic
Debugging Tools for Windows
August 24, 2008
Build machine: CAPEBUILD