Hi,
I have a driver that has some DbgPrintEx statements in it.
I am able to see the debug output in the SysInternals DbgView utility, but not in WinDbg.
When I enter !dbgprint I get DbgPrint buffer is empty.
I’m logging in to the 2012 R2 server as local administrator via remote desktop, and running the 64 bit version of WinDbg as admin.
I’m selecting local kernel debug (File/Kernel Debug/Local tab).
I’ve set “bcdedit /debug on” and “bcdedit /dbgsettings local” and rebooted.
I’ve created the following registry key (and rebooted afterwards):
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter]
“IHVDRIVER”=dword:ffffffff
I’ve also tried using just 0x0F for the value.
My debug print statements look like this:
DbgPrintEx(DPFLTR_IHVDRIVER_ID,DPFLTR_TRACE_LEVEL,“SCSITMD: IRP_MJ_CREATE\n”);
What am I missing? Are we just not allowed to see debug output when using local kernel debugging?
Thanks,
Erik D.
Correct, you need to use a two machine setup to see the trace statements.
-scott
OSR
@OSRDrivers
wrote in message news:xxxxx@ntdev…
Hi,
I have a driver that has some DbgPrintEx statements in it.
I am able to see the debug output in the SysInternals DbgView utility, but
not in WinDbg.
When I enter !dbgprint I get DbgPrint buffer is empty.
I’m logging in to the 2012 R2 server as local administrator via remote
desktop, and running the 64 bit version of WinDbg as admin.
I’m selecting local kernel debug (File/Kernel Debug/Local tab).
I’ve set “bcdedit /debug on” and “bcdedit /dbgsettings local” and rebooted.
I’ve created the following registry key (and rebooted afterwards):
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug
Print Filter]
“IHVDRIVER”=dword:ffffffff
I’ve also tried using just 0x0F for the value.
My debug print statements look like this:
DbgPrintEx(DPFLTR_IHVDRIVER_ID,DPFLTR_TRACE_LEVEL,“SCSITMD:
IRP_MJ_CREATE\n”);
What am I missing? Are we just not allowed to see debug output when using
local kernel debugging?
Thanks,
Erik D.
In DbgView, there is a menu command labelled “Enable verbose kernel output”. When choosen, you have debug output being displayed both in DbgView and WinDbg.
Actually, this option is required to have debug messages being displayed in DbgView. I noticed that recently but, with this option, a lot of messages are displayed and you may need to setup a filter to remove those you don’t want.
Before selecting the " log boot" option, you have to first move or rename the dbgv.sys binary located in \Sysroot\System32\Drivers\ so it can be replaced.
If you are not happy with DbgView, look at the following documentation:
https://msdn.microsoft.com/en-us/library/windows/hardware/ff551519(v=vs.85).aspx
PS: run DbgView with admin privileges.
Scott,
Thanks for the prompt reply.
“Correct, you need to use a two machine setup to see the trace statements.”
That’s unfortunate. Watching debug output is probably one of the few things that the local kernel debugger would be useful for.
I’ll send feedback to Microsoft asking them to update their documentation as that would have saved me some time.
Thanks,
Erik D.