ETW in a driver compiled for both W2K and W2K3

Robert_Stankey · May 12, 2004, 9:29pm

Okay…

I’m about to make my third attempt at getting ETW to work cleanly on a
personal driver project to learn some new things. After looking through
the newgroup I couldn’t find this topic (please don’t yell at me too much
if I overlooked it).

I want to compile my driver once (under W2K) and run it under both W2K and
W2K3. Has anyone had any experience in doing this? I know there are
different mechanisms for intializing WPP, but am I asking for more trouble
than I want to deal with.

Thanks,
Bob

OSR_Community_User · May 13, 2004, 8:38am

We hashed over lots of the ETW issues a few months ago. The archive should
certainly have these threads. A bunch of my postings were under the title
“Moron ETW”

=====================
Mark Roddy

-----Original Message-----
From: Robert Stankey [mailto:xxxxx@lsil.com]
Sent: Wednesday, May 12, 2004 9:28 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] ETW in a driver compiled for both W2K and W2K3

Okay…

I’m about to make my third attempt at getting ETW to work
cleanly on a personal driver project to learn some new
things. After looking through the newgroup I couldn’t find
this topic (please don’t yell at me too much if I overlooked it).

I want to compile my driver once (under W2K) and run it under
both W2K and W2K3. Has anyone had any experience in doing
this? I know there are different mechanisms for intializing
WPP, but am I asking for more trouble than I want to deal with.

Thanks,
Bob

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently subscribed to ntdev as:
xxxxx@stratus.com To unsubscribe send a blank email to
xxxxx@lists.osr.com

OSR_Community_User · May 13, 2004, 9:20am

Robert,

I just went through this process. Getting ETW working on a W2K
build is not documented as well as the simpler WXP path. The DDK Toaster
“func, featured 2” example may help you. The DDK 3790 has a bad pointer
dereference in the WPP macros for W2K. I used the “WinHEC03” version of the
DDK (3790.WinHEC03), which I got at WinHEC 2003.

If you search the archives, you will find the threads that Mark
Roddy mentioned. There will also be some more recent postings between
myself, Ian and Henry. If you then find that you have some specific
questions, I’ll be happy to share what I learned and maybe spare you a
bruise or two :-).

Chris Myers

-----Original Message-----
From: Robert Stankey [mailto:xxxxx@lsil.com]
Sent: Wednesday, May 12, 2004 9:28 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] ETW in a driver compiled for both W2K and W2K3

Okay…

I’m about to make my third attempt at getting ETW to work
cleanly on a personal driver project to learn some new things.
After looking through the newgroup I couldn’t find this topic
(please don’t yell at me too much if I overlooked it).

I want to compile my driver once (under W2K) and run it under
both W2K and W2K3. Has anyone had any experience in doing
this? I know there are different mechanisms for intializing
WPP, but am I asking for more trouble than I want to deal with.

Thanks,
Bob

Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256

You are currently
subscribed to ntdev as: xxxxx@quatech.com To unsubscribe
send a blank email to xxxxx@lists.osr.com

Robert_Stankey · May 13, 2004, 12:18pm

On Wed, 12 May 2004 20:28:19 -0500, Robert Stankey wrote:

Thanks!

I switched newsreaders recently and it apparently failed to pull down all
of the messages. Having corrected this I now see the ETW discussion thread
Mark mentions plus some others.

Bob

Okay…

I’m about to make my third attempt at getting ETW to work cleanly on a
personal driver project to learn some new things. After looking through
the newgroup I couldn’t find this topic (please don’t yell at me too much
if I overlooked it).

I want to compile my driver once (under W2K) and run it under both W2K and
W2K3. Has anyone had any experience in doing this? I know there are
different mechanisms for intializing WPP, but am I asking for more trouble
than I want to deal with.

Thanks,
Bob

OSR_Community_User · May 13, 2004, 12:44pm

Use the Windows Server 2003 DDK environment. This fixes a few issues in
the templates.

Add the following line to your SOURCES file:

this is the typical line

RUN_WPP=$(SOURCES)

this line tells to use the win2k-compatible templates

RUN_WPP=$(RUN_WPP) -gen:{km-w2k.tpl}*.tmh

When you use Win2k compatible mode, you cannot trace DriverEntry, as you
have no device objects yet, nor can you trace DriverUnload, as you again
have no device objects. Make sure you do not trace prior to calling the
init nor after calling the cleanup, and you should not have any
significant issues.

Win2k compatible mode requires that you call the WPP_INIT_TRACING()
macro once in each AddDevice() for each device object created, and
WPP_CLEANUP() just before you delete the device object (typically in
RemoveDevice()).

Because WPP_INIT_TRACING() macro requires the registry path, a common
solution is to have either a global variable or a DriverObjectExtension
which stores a copy of this during DriverEntry().

I hope this helps.

.

This posting is provided “AS IS” with no warranties, and confers no
rights. Use of included script samples are subject to the terms
specified at
http://www.microsoft.com/info/cpyright.htm

-----Original Message-----
From: Robert Stankey [mailto:xxxxx@lsil.com]
Sent: Wednesday, May 12, 2004 6:28 PM
Subject: ETW in a driver compiled for both W2K and W2K3

Okay…

I’m about to make my third attempt at getting ETW to work cleanly on a
personal driver project to learn some new things. After looking through
the newgroup I couldn’t find this topic (please don’t yell at me too
much
if I overlooked it).

I want to compile my driver once (under W2K) and run it under both W2K
and
W2K3. Has anyone had any experience in doing this? I know there are
different mechanisms for intializing WPP, but am I asking for more
trouble
than I want to deal with.

Thanks,
Bob