WinDbg : nt!Kd_DEFAULT_Mask Quick Hack To Enable KdPrint Traces
Most of us are familiar with enabling debug traces in windows vista and above. This microsoft article sums it up pretty neatly.
http://msdn.microsoft.com/en-us/library/windows/hardware/ff551519(v=vs.85).aspx
There is another way, a hack of getting traces enabled. NT exposes a kernel variable which stores the mask for the debug traces. Poking around it can also achieve the same outcome. Here is how:
kd> x nt!kd_default*
8274103c nt!Kd_DEFAULT_Mask = <no type information>
kd> ed nt!Kd_DEFAULT_Mask 0xf
This will enabled all DbgPrint traces.
Note: This can make the debugging extremely slow since the volume of messages is large.
Most of us are familiar with enabling debug traces in windows vista and above. This microsoft article sums it up pretty neatly.
http://msdn.microsoft.com/en-us/library/windows/hardware/ff551519(v=vs.85).aspx
There is another way, a hack of getting traces enabled. NT exposes a kernel variable which stores the mask for the debug traces. Poking around it can also achieve the same outcome. Here is how:
kd> x nt!kd_default*
8274103c nt!Kd_DEFAULT_Mask = <no type information>
kd> ed nt!Kd_DEFAULT_Mask 0xf
This will enabled all DbgPrint traces.
Note: This can make the debugging extremely slow since the volume of messages is large.
No comments:
Post a Comment