XP Debugging mode

Discussion in 'Windows 7 / 8 /10 Client Exams' started by salv236, Feb 18, 2010.

  1. salv236

    salv236 Nibble Poster

    57
    0
    23
    Hello,

    Wondering if anyone has had any experience using debug mode in the advanced boot options in XP. From what i understand of the process this is used by the kernel to disable some windows resources and gives detailed information. debugging software located on another machine connected via a serial cable to extract the information that it discovers.

    My question is does this can the debugging take place locally on a machine?
    If local debugging is possible edoes it dump a log file somewhere on the system partition?
     
    Certifications: none
    WIP: MCSE XP/2K3
  2. dmarsh
    Honorary Member 500 Likes Award

    dmarsh Petabyte Poster

    4,305
    503
    259
    Remote debugging provides more flexibility, this allows you to completely stop the remote machine and control it remotely.

    However you can interactively debug the local machine also, this is more limited as kernel state can change during debugging because programs like the debugger are still running.

    You can also examine a minidump or full dump using the debugger. However this is past machine state, so its not really interactive debugging.

    The dump files are written to the system partition, the swap file is also used to help produce the dump.

    Pick up the Windows Internals book to get the full information.
     
    Last edited: Feb 18, 2010
  3. supernova

    supernova Gigabyte Poster

    1,422
    21
    80
    You can also force crash dumps by configuring the "Crash on Control Scroll" via a registry key

    Code:
     
    a USB keyboard: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\kbdhid\Parameters
    
    a PS2 keyboard: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\i8042prt\Parameters
    
     Add Value and add the following registry entry:
    Name: CrashOnCtrlScroll
    Data Type: REG_DWORD
    Value: 1
    This will course windows to create a dump of the kernel memory space or full memory, depending on system settings, when you press Control + Scroll. you can then use tool such as MS windbg to debug through the information
     
    Certifications: Loads
    WIP: Lots

Share This Page

Loading...
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.