Major Description
This report is for remembering commits already done (I forgot to create it before).
- Deferred breakpoints implemented in r68841 (and fixes in r68842 and r68848).
- Debugger worker thread implemented in r68851+68854. The debugger worker thread is used whenever WinDBG wants to attach or kill a user-mode process from within live kernel-mode session, and/or page-in an address region, with the commands:
.process /i <addr> (where <addr> is the address of the EPROCESS block for this process).kill <addr> ( " " " " ).pagein <addr> (where <addr> is the address to page in)See "How Windows Debuggers Work" section "Switching the Current Process Context" (from the book "Inside Windows Debugging" by Tarik Soulami, pp.101-102) for more details.
NOTE: The names of the variables must be kept as they are, because WinDBG (more exactly, dbgeng.dll) searches for them within the kernel symbols and retrieves their addresses (since those variables are not publicly exported).