Modifying your KD Trap on the fly

  • Article

Contributed by Javier Flores Assad (AKA "MTTF Dude")

 

The normal (by default) KD trap mechanism is the part of the kernel that triggers a break into the debugger when an exception is thrown. Sometimes you are not interested in some exceptions and you don’t want your run to break and need your attention at those exceptions that you are not interested in. For this purpose a new way to ignore or trap exceptions is available.

Requirements:

PB 5.1 (tested on 5.01.1614)

Tested on Magneto 14290 and up 

Configuration:

  1. Load up your image in PB normally

  2. Wait until the boot sequence is over and you are in the home screen

  3. Break into the debugger

  4. At the toolbar go to the “Debug” item

  5. In such submenu you will see “Advanced commands” [This will bring up a small dialog with a command: combo box in it]

  6. type in the combo box fex ? and click “Execute” [This command fires the help info displayed at the debug output]

  7. type in the combo box fex on and click “Execute” [This will turn on the Exception filter in the trap mechanism]

  8. type in the combo box fex ap filesys.exe and click “Execute” [This tells the trap mechanism to break into the debugger if an exception is raised from filesys.exe

  9. Close the advance commands window and hit GO

  10. start your stress pass (hopper)

Examples:

If you want to ignore all exceptions except those inside filesys.exe and inside gwes.exe and inside shell32.exe then:

[Break into the debugger and go to Debug à Advanced commands]

(Each line is followed by clicking execute, you can see the reaction in the debug output)

fex on

fex ap filesys.exe

fex ap gwes.exe

fex ap shell32.exe

If you want to ignore all exceptions except those inside filesys.exe and myapp.exe and also you want to break if a stack overflow exception is thrown (at any process)

[Break into the debugger and go to Debug à Advanced commands]

fex on

fex ap filesys.exe

fex ap myapp.exe

fex ac 0xC00000FD

You can also turn of the modified trapping and jump into the normal mode (trapping everything) with the fex off command. Also you can remove exception types and applications with fex dp and fex dc

More Help

Filter Exceptions (Target Side Command):

            fex ? - Request help on Filter Exceptions commands

            fex on/off - Enable or disable Filter Exceptions functionality

            fex ap procname - Add 'procname' to list of processes whos exceptions are allowed

            fex dp procname - Delete 'procname' from list of processes

            fex ac code - Add 'code' to list of exception codes allowed

            fex dc code - Delete 'code' from list of exception codes

-Javier Flores Assad