Michal, thanks for answering the below questions so well.
There is, indeed, a method to provide what you are asking below. This
is called using LEVEL and FLAG in ETW. The simple way is:
Add the following lines to a common include file:
// the next two lines enable tracing by level and flag
#define WPP_LEVEL_FLAGS_LOGGER(lvl,flags) WPP_LEVEL_LOGGER(flags)
#define WPP_LEVEL_FLAGS_ENABLED(lvl, flags) (WPP_LEVEL_ENABLED(flags) &&
WPP_CONTROL(WPP_BIT_ ## flags).Level >= lvl)
Then, change your SOURCES file’s RUN_WPP line from ‘-func:Dbg(NULL,
FLAG, MSG, …)’ to ‘-func:Dbg(LEVEL, FLAG, MSG, …)’. The LEVEL
applies to all FLAGs (global per-GUID setting), while you can use the
FLAG setting to separate your traces into logical groups. The LEVEL
argument is not munged, so you can use literals (1,2,etc), defines
(TRACE_LEVEL_NONE, TRACE_LEVEL_FATAL, etc.), or local variables.
Real-world experience: If a customer calls PSS with a CD burning
problem, often times a trace is generated as the customer repro’s the
problem. If the PSS folks can’t determine the problem, I get the trace
and review it. With this method, I’ve been able to resolve 99%+ of
issues without anything other than a trace.
How to start a trace in the below scenario? Many options. My favorite
is to use TraceView (in the DDK) and point it to the private symbol
file. Traceview auto-extracts the GUID(s) for tracing, and has a lot of
options and a decent UI.
For customer sites w/o symbols, you can use the cmd-line tool LOGMAN.EXE
that ships with XP Pro RTM. There has also been some discussion about
it going into a service pack (SP1? SP2?), but I am not sure what
happened there. Here’s a pointer to some docs on LOGMAN.EXE:
http://www.microsoft.com/windowsxp/home/using/productdoc/en/default.asp?
url=/WINDOWSXP/home/using/productdoc/en/ntcmds_new_tools.asp
I hope this answers some of your questions. LEVEL/FLAG use is something
I expect to go into in greater detail in a later post.
.
This posting is provided “AS IS” with no warranties, and confers no
rights.
Use of included code samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
-----Original Message-----
From: Michal Vodicka [mailto:xxxxx@veridicom.cz.nospam]
Sent: Monday, February 02, 2004 12:39 PM
Subject: RE: ETW?
I’d say the general idea is good. Tracing isn’t just simple KdPrint.
Within past years I started to use traces more and more for all
debugging for both PC and embedded development (hey, I even understand
why Linus doesn’t like debuggers :). Now I use debuggers mainly as trace
viewers and error catchers (asserts, BSOD etc). For these purposes we
developed trace library which resembles ETW in some aspects but is IMHO
much easier to use. It is set of macros enabled by compiler defines and
can be used in both debug and release builds. Every trace has assigned
an area which is logical unit as source file, class or functionality
(power management for example). Next, every trace has level (trace,
debug, warning…). If something has to be debugged, current level for
given area is changed in registry. That’s all in principle. We use
traces for both debugging on our machines and internal and field
testing. If there is a problem, QA or customer enables requested areas,
reproduces problem and send us captured traces. Usually, that’s enough.
Saves a lot of time and makes software more reliable.
The idea for separating traces from formatting is also good one.
Formatting is slow and some problems are dependent on timing. Most of
problems I had to debug in the past. Debug output can also cause
unwanted synchronization.
Later formatting also allows better filtering; sometimes it may be
necessary to see info about TID and PID, sometimes it is just useless
and wastes space. Not speaking about embedded apps where may not be
enough memory for formatted traces.
I wanted to see if ETW can be used instead of our library using the same
macros as we use now. It is important because we aren’t willing to
change thousands lines. After brief examination I don’t know. Whole
stuff seems overcomplicated and bloated. Maybe I’m lazy but I haven’t
found if above mentioned concept of areas and levels can be simulated
some reasonable way (having one GUID per area doesn’t seem reasonable).
I would spent time with converting if can presume better results that we
have with our library. From docs I read it is unclear. The only real
advantage I see are debug strings separated from binary. But I’m not
sure if the price isn’t loss of other important features (real time
output, extracting traces from crashdump etc.).
Maybe ETW is useful and maybe it is better than what we use now. Maybe.
Well, lets compare. If somebody here uses ETW for development, tell me,
please, exact way how to solve following real-life problem: I have a
testing application which communicates with a development board via USB.
Something went wrong and communication doesn’t work. Application is
built with traces so I go to registry, find key for the application
(easy) and change USB area from warning to trace. Then I start DbgView,
run app and examine traces. Now what I’d need to do when want to have
the same traces with ETW (presume application is built for ETW)?
Best regards,
Michal Vodicka
STMicroelectronics Design and Application s.r.o.
[michal.vodicka@st.com, http:://www.st.com]
From: xxxxx@storagecraft.com[SMTP:xxxxx@storagecraft.com]
Reply To: xxxxx@lists.osr.com
Sent: Monday, February 02, 2004 7:40 PM
To: xxxxx@lists.osr.com
Subject: Re: [ntdev] ETW?
IMHO ETW is absolutely useless.
After a brief look at its description, I have noticed that
learning this over-complicated stuff just to do KdPrint is really
amazing. I can spend time learning, but some real new technologies
which will add features to the product.
As about Event Log - I have 2-3 routines to print stuff to log,
and reuse them where I feel the need to do so.
Also I cannot catch the connection between debug traces and event
log.
Debug traces are to understand what is going wrong due to my bugs.
Event Log is to write some failures due to “interesting” behaviour of
the surrounding environment. How do they intersect?
Maxim Shatskih, Windows DDK MVP
StorageCraft Corporation
xxxxx@storagecraft.com
http://www.storagecraft.com
----- Original Message -----
From: “Henry Gabryjelski”
> To: “Windows System Software Devs Interest List”
> Sent: Monday, February 02, 2004 9:19 PM
> Subject: [ntdev] ETW?
>
>
> >
> > (NOTE: the first post had a small bug. Replace “LEVEL” with “FLAG”
> > in the sources file. I’ll be happy to describe level/flag
> > differences in a later post.)
> >
> > Is there interest in my posting more information about ETW? If so,
> > please respond directly to me (please - not to the list), with the
> > following:
> >
> > What would you like more info on:
> > A) how ETW works under the covers? (macros, WPP side, etc)?
> > B) how to convert to using ETW?
> > C) “best practices” using ETW?
> > D) Special format strings, etc.?
> > E) LEVEL, FLAG, and how to use both?
> > F) Tools usage? (traceview, logman, …)
> >
> > How often you’d like to see me toss something over the wall to you
guys:
> > G) Once a week
> > H) Once per two weeks
> > I) Once a month
> > J) Never. 
> >
> > I’m not claiming to be an expert in any of the above, but I’ve been
> > using it long enough to let you know the common problems I’ve seen,
> > common usage, and stuff that’s still not included (so you can
> > compain about it too). If there’s lots of interest, I may even bug
> > the trace guys to review my docs in the future.
> >
> > Thanks,
> > .
> >
> > —
> > Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
> >
> > You are currently subscribed to ntdev as: xxxxx@storagecraft.com To
> > unsubscribe send a blank email to xxxxx@lists.osr.com
> >
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> You are currently subscribed to ntdev as: michal.vodicka@st.com To
> unsubscribe send a blank email to xxxxx@lists.osr.com
>
