Dear all,
I am developing a NDIS lightweight filter driver. My setup is as follows:
Host: Windows 7 64bit, VS2013 IDE
Target: VM with Windows 7 32bit
Up to now, I use VS2013 as IDE and debugging environment (kd), i.e.:
kd> ed Kd_DEFAULT_Mask 8
After successfully deploying and installing my NDIS LWF driver, and issuing the above kd command, I get all DbgPrint() messages of my NDIS LWF driver.
Unfortunately, I do not get any of my DbgPrint() messages when I perform diagnostics with WPP as described here [“Diagnostics with WPP”, http://blogs.msdn.com/b/ndis/archive/2011/04/06/diagnostics-with-wpp.aspx]. The produced log files do not contain any of my DbgPrint() messages.
I tried various flags as well as creating a DWORD key under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter called DEFAULT with a value of 0x8 [http://stackoverflow.com/questions/4734335/kernel-trace-windows-7-windbg] without success.
What I am doing wrong? Any hints?
Thanks,
sk
xxxxx@siemens.com wrote:
I am developing a NDIS lightweight filter driver. My setup is as follows:
…
Up to now, I use VS2013 as IDE and debugging environment (kd), i.e.:
kd> ed Kd_DEFAULT_Mask 8
After successfully deploying and installing my NDIS LWF driver, and issuing the above kd command, I get all DbgPrint() messages of my NDIS LWF driver.
Unfortunately, I do not get any of my DbgPrint() messages when I perform diagnostics with WPP as described here [“Diagnostics with WPP”, http://blogs.msdn.com/b/ndis/archive/2011/04/06/diagnostics-with-wpp.aspx]. The produced log files do not contain any of my DbgPrint() messages.
Right. DbgPrint goes to the kernel debugger. If you want to use WPP
logging, then you have to use the WPP logging APIs.
Unfortunately, I do not get any of my DbgPrint() messages when I perform diagnostics with WPP as described here [“Diagnostics with WPP”, http://blogs.msdn.com/b/ndis/archive/2011/04/06/diagnostics-with-wpp.aspx]. The produced log files do not contain any of my DbgPrint() messages.
That web page doesn’t necessarily make it clear, but the facility
discussed there only gets you messages coming from NDIS itself. That
is, NDIS.SYS knows how to send its messages both to DbgPrint and to
WPP. Your driver is not sending to WPP, so your messages do not appear.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
>HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print
Filter called DEFAULT with a value of 0x8
Create it with the value 0xffffffff (aka -1)
–
Maxim S. Shatskih
Microsoft MVP on File System And Storage
xxxxx@storagecraft.com
http://www.storagecraft.com