madhurjain/windows_kernel_debugging.md

## windows_kernel_debugging.md

      
    Raw
  

              windows_kernel_debugging.md
            
          
    Setting up Kernel Debug over USB 3.0


On the target computer, open a Command Prompt window as Administrator, and enter these commands:
TargetName can be any name like dbgmachine

bcdedit /debug on
bcdedit /bootdebug on                 // <-- Optional. Only required to debug boot related issues.
bcdedit /dbgsettings usb targetname:TargetName


If you have more than one USB host controller on the target computer, enter this command:

bcdedit /set "{dbgsettings}" busparams b.d.f


Example:
bcdedit /set "{dbgsettings}" busparams 48.0.0


On the host computer, open WinDbg. Chose USB Debug option and enter the TargetName specified above and connect.
Or use below command


windbg /k usb:targetname=TargetName


The target system USB 3.0 port should be Debug Capable so it can be used for Windows Kernel Debugging. This can be checked using some utility like USBView

Ref
Registry Settings


Kernel Debug Mask to allow all messages to be dumped to console

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter]
"DEFAULT"=dword:ffffffff


Enable Loader Flags (Show Loader Snaps?)

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager]
"GlobalFlag"=dword:00000002

Commands

Display information about the echo driver

lm m echo* v

Display detailed information about a module

!lmi echo

Display Header Information

!dh echo

Change Default Debug Mask for Kernel Debug Messages

ed nt!Kd_DEFAULT_MASK  0xFFFFFFFF

Add symbols and source

.symfix
.srcpath+ C:\DriverSamples\KMDF_Echo_Sample\driver\AutoSync
.sympath+ C:\DriverSamples\KMDF_Echo_Sample\driver\AutoSync
.reload /f

Other Commands

.reboot   <-- reboot target machine
.restart  <-- re-establish target connection

Ref