Whenever I write a driver I always created a Debug .h file like below. It allows me with one simple #define to switch between WPP tracing and DebugPrint tracing. My tracing output uses a line as shown below.
OSRDRVTracePrint(TRACE_LEVEL_VERBOSE,PC3_DEBUG_FUNCTRACE,(FUNCTION": Entered.\n"));
And my sources file has the following:
Comment the below line to disable tracing. All the debug traces
will be sent to the kernel-debugger.
#ENABLE_EVENT_TRACING=1
!IFDEF ENABLE_EVENT_TRACING
C_DEFINES = $(C_DEFINES) -DEVENT_TRACING
Generate WPP tracing code
$(SOURCES) – run software preprocessor on files listed in SOURCES
-km – use kernel mode
-func – define function we’ll use for tracing
This would map all TraceEvents calls to
DoTraceMessage.
RUN_WPP= $(SOURCES) \
-km \
-dll \
-func:OSRDRVTracePrint(LEVEL,FLAGS,(MSG,…)) \
-gen:{km-WdfDefault.tpl}*.tmh
!ENDIF
This works whether or not you are using WDF or WDM. All you need in addition to this is the appropriate calls In your driver to enable/disable WPP tracing, if you are going to use it…
When WPP tracing is not enabled, all output is governed by the settings in the two global variables listed below:
extern ULONG OSRDRVTraceLevel;
extern ULONG OSRDRVDbgFlags;
-------------SaMPLE DEBUG.H FILE-------------------
#ifndef TRACE_LEVEL_INFORMATION
#define TRACE_LEVEL_NONE 0 // Tracing is not on
#define TRACE_LEVEL_FATAL 1 // Abnormal exit or termination
#define TRACE_LEVEL_ERROR 2 // Severe errors that need logging
#define TRACE_LEVEL_WARNING 3 // Warnings such as allocation failure
#define TRACE_LEVEL_INFORMATION 4 // Includes non-error cases(e.g.,Entry-Exit)
#define TRACE_LEVEL_VERBOSE 5 // Detailed traces from intermediate steps
#define TRACE_LEVEL_RESERVED6 6
#define TRACE_LEVEL_RESERVED7 7
#define TRACE_LEVEL_RESERVED8 8
#define TRACE_LEVEL_RESERVED9 9
#endif // TRACE_LEVEL_INFORMATION
#if EVENT_TRACING
//
// If software tracing is defined in the sources file…
// WPP_DEFINE_CONTROL_GUID specifies the GUID used for this driver.
// WPP_DEFINE_BIT allows setting debug bit masks to selectively print.
// The names defined in the WPP_DEFINE_BIT call define the actual names
// that are used to control the level of tracing for the control guid
// specified.
//
// NOTE: If you are adopting this sample for your driver, please generate
// a new guid, using tools\other\i386\guidgen.exe present in the
// DDK.
//
// Name of the logger is OSRUSBFX2 and the guid is
// // {D043E302-1615-4F20-92E2-537853BD81B2}
//
#define WPP_CHECK_FOR_NULL_STRING //to prevent exceptions due to NULL strings
// {D043E302-1615-4F20-92E2-537853BD81B2}
#define WPP_CONTROL_GUIDS \
WPP_DEFINE_CONTROL_GUID(OSRSPCGuid,(D043E302,1615,4F20,92E2,537853BD81B2), \
WPP_DEFINE_BIT(OSRDRV_DEBUG_ERROR) /* bit 0 = 0x00000001 */ \
WPP_DEFINE_BIT(OSRDRV_DEBUG_FUNCTRACE) /* bit 1 = 0x00000002 */ \
WPP_DEFINE_BIT(OSRDRV_DEBUG_PNP_INFO) /* bit 2 = 0x00000004 */ \
WPP_DEFINE_BIT(OSRDRV_DEBUG_IOCTL_INFO) /* bit 3 = 0x00000008 */ \
WPP_DEFINE_BIT(OSRDRV_DEBUG_POWER_INFO) /* bit 4 = 0x00000010 */ \
WPP_DEFINE_BIT(OSRDRV_DEBUG_WMI_INFO) /* bit 5 = 0x00000020 */ \
WPP_DEFINE_BIT(OSRDRV_DEBUG_1394) /* bit 6 = 0x00000040 */ \
WPP_DEFINE_BIT(OSRDRV_DEBUG_READ) /* bit 7 = 0x00000080 */ \
WPP_DEFINE_BIT(OSRDRV_DEBUG_ISOCH) /* bit 8 = 0x00000100 */ \
/* You can have up to 32 defines. If you want more than that,\
you have to provide another trace control GUID */\
)
#define WPP_LEVEL_FLAGS_LOGGER(lvl,flags) WPP_LEVEL_LOGGER(flags)
#define WPP_LEVEL_FLAGS_ENABLED(lvl, flags) (WPP_LEVEL_ENABLED(flags) && WPP_CONTROL(WPP_BIT_ ## flags).Level >= lvl)
#else EVENT_TRACING
#define OSRDRV_DEBUG_ERROR 0x00000001
#define OSRDRV_DEBUG_FUNCTRACE 0x00000002
#define OSRDRV_DEBUG_PNP_INFO 0x00000004
#define OSRDRV_DEBUG_IOCTL_INFO 0x00000008
#define OSRDRV_DEBUG_POWER_INFO 0x00000010
#define OSRDRV_DEBUG_WMI_INFO 0x00000020
#define OSRDRV_DEBUG_1394 0x00000040
#define OSRDRV_DEBUG_READ 0x00000080
#define OSRDRV_DEBUG_ISOCH 0x00000100
#define OSRDRV_DEBUG_ALL 0xFFFFFFFF
extern ULONG OSRDRVTraceLevel;
extern ULONG OSRDRVDbgFlags;
#endif EVENT_TRACING
#if EVENT_TRACING
#define OSRDRVIsDbgPrinting(Level,Flags) (FALSE)
#define OSRDRVBreakPoint()
#define OSRDRVASSERT(x) \
{ \
if(!(x)) {\
KeBugCheckEx(0x00010001,0,0,0,0); \
} \
}
#else //EVENT_TRACING
#if DBG
#define OSRDRVIsDbgPrinting(Level,Flags) \
((OSRDRVTraceLevel & Level) && (OSRDRVDbgFlags & Flags))
#define OSRDRVTracePrint(Level,Flags,X) \
{ \
if(Level <= OSRDRVTraceLevel && Flags & OSRDRVDbgFlags) { \
DbgPrint X; \
} \
}
#define OSRDRVBreakPoint() \
do { \
__try { \
DbgPrint(“BreakPoint %s %d\n”,FILE,LINE); \
__debugbreak(); \
} __except(_exception_code() == STATUS_BREAKPOINT ? EXCEPTION_CONTINUE_EXECUTION : EXCEPTION_CONTINUE_SEARCH) { (0); } \
} while (0)
#define OSRDRVASSERT(exp) \
do { \
_try{ \
if (!(exp)) {\
DbgPrint(“ASSERTION FAILED: %s (file %s, line %d)\n”, #exp, FILE, LINE); \
__debugbreak(); \
} \
} _except(EXCEPTION_EXECUTE_HANDLER) { \
KeBugCheckEx(0x00010001,0,0,0,0); \
} \
} while (0)
#else // DBG
#define OSRDRVIsDbgPrinting(Level,Flags) (FALSE)
#define OSRDRVTracePrint(Level,Flags,X)
#define OSRDRVBreakPoint()
#define OSRDRVASSERT(x) \
{ \
if(!(x)) {\
KeBugCheckEx(0x00010001,0,0,0,0); \
} \
}
#endif // DBG
#endif //EVENT_TRACING
–Mark Cariddi
OSR Open Systems Resources, Inc…
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Don Burn
Sent: Wednesday, November 03, 2010 9:22 AM
To: Windows System Software Devs Interest List
Subject: Re:[ntdev] Do you use DoTraceMessage?
+1
One of the biggest complaints I have with Microsoft is that they scream “It is the third party drivers” then mess up common diagnostic tools such as the checked build. While they have to a small degree with Win7 fixed the ASSERT’s in the checked build, they have not provided the magic decoder ring to get the useful messages that used to DbgPrint with the checked build.
We all need to tell Microsoft they need to ask the community what the problems are, they aren’t listening but we should still be trying.
Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
“Mark Roddy” wrote in message news:xxxxx@ntdev:
> Most of the ETW tracing of interest in the OS is buried inside decoder
> binaries that are not available outside of Redmond, at least in my
> experience. Your mileage may vary, but so far I have not solved one
> problem using ETW, and have encountered many examples of components I
> would like to have the trace output from that are blocked from access
> to mere mortals.
>
> The stuff I control logs to a ringbuffer I also control. The existing
> facility to hook debugprints makes implementation trvial and universal
> for any component that uses debugprint. Too bad msft didn’t go the
> DebugView route instead of ETW.
>
> Mark Roddy
>
>
>
> On Tue, Nov 2, 2010 at 11:05 PM, Alex Bendetov wrote:
> > The amount of instrumentation in the system is increasing with every release and most of it is ETW based, so by using your own DebugPrint style implementation you will miss out on the ability to correlate your data with other system events which can at times be quite useful for performance analysis, diagnosing problems and debugging.
> > Thanks,
> > Alex
> >
> >
> > -----Original Message-----
> > From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Mark Roddy
> > Sent: Tuesday, November 02, 2010 7:22 PM
> > To: Windows System Software Devs Interest List
> > Subject: Re: [ntdev] Do you use DoTraceMessage?
> >
> > No I don’t use the event tracing facility. I tried it but it is just too heavyweight for my needs, too complicated, and difficult to maintain.
> >
> > I use my own debugprint based logging facility instead.
> >
> > Mark Roddy
> >
> >
> >
> > On Tue, Nov 2, 2010 at 6:15 PM, ? wrote:
> >> Hi,
> >>
> >> I am new to kernel module programming and currently I am working on Windows Filtering Platform kernel module and so far I have been using DbgPrint() for debugging.
> >> I am about to finish up my kernel module and I am trying to see how I should log certain events.
> >> I read a couple of books that describes how to use EventLog for this job so I am planning to use that to log the events.
> >> However, I just saw some sample code from WDK that uses DoTraceMessage().
> >>
> >> It’s not quite clear to me what the exact usage of DoTraceMessage().
> >> Can anyone describe how and where I should use DoTraceMessage? Is this something I should consider instead of EventLogging?
> >>
> >> Thank you in advance.
> >>
> >> —
> >> NTDEV is sponsored by OSR
> >>
> >> For our schedule of WDF, WDM, debugging and other seminars visit:
> >> http://www.osr.com/seminars
> >>
> >> To unsubscribe, visit the List Server section of OSR Online at
> >> http://www.osronline.com/page.cfm?name=ListServer
> >>
> >
> > —
> > NTDEV is sponsored by OSR
> >
> > For our schedule of WDF, WDM, debugging and other seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
> >
> >
> > —
> > NTDEV is sponsored by OSR
> >
> > For our schedule of WDF, WDM, debugging and other seminars visit:
> > http://www.osr.com/seminars
> >
> > To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
> >
—
NTDEV is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer