WinDbg

nahc_little · March 23, 2011, 11:20am

Hi,

I was wondering what is the best way to debug an error and to see the entire process of a crashed driver. Usually in C I would write a log file but since I am working anything above passive level, I was wondering what might be the best solution. I was wondering if it would be contained in the crash dump. The error sometimes happens sometimes not, the code looks fine but I am still a beginner.

Thanks,

Mark_Roddy · March 23, 2011, 11:32am

There is a kernel logging facility available to drivers: ETW,
documented in the WDK and demonstrated in some of the sample drivers.
There is also kernel debug print - which outputs to the ‘console’, aka
windbg, or to the bitbucket if no debugger is attached.

I prefer my own logging subsystem, but that is just a personal
preference. For early stage debugging one common practice is to have
the debug version of your driver use the kernel debug print facility
while the release version uses ETW, this also at least used to be
demonstrated in the samples, but perhaps not so much anymore, but is
documented in this list’s archive.

Mark Roddy

On Wed, Mar 23, 2011 at 11:19 AM, wrote:
> Hi,
>
> I was wondering what is the best way to debug an error and to see the entire process of a crashed driver. Usually in C I would write a log file but since I am working anything above passive level, I was wondering what might be the best solution. I was wondering if it would be contained in the crash dump. The error sometimes happens sometimes not, the code looks fine but I am still a beginner.
>
> Thanks,
>
> —
> NTDEV is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
>

OSR_Community_User · March 23, 2011, 11:33am

I’m doing remote kernel debugging(cause of BSOD) using WinDbg. If you
define symbol and source files to WinDbg properly, you dont need any log
files like KdPrint or DbgPrint. You can see error line and values of
paramteres.

The error sometimes happens sometimes not,
I dont know anything how can you debug while system running without any
error.

Osman

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of
xxxxx@hotmail.com
Sent: Wednesday, March 23, 2011 5:19 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] WinDbg

Hi,

I was wondering what is the best way to debug an error and to see the
entire process of a crashed driver. Usually in C I would write a log
file but since I am working anything above passive level, I was
wondering what might be the best solution. I was wondering if it would
be contained in the crash dump. The error sometimes happens sometimes
not, the code looks fine but I am still a beginner.

Thanks,

NTDEV is sponsored by OSR

For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminars

To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer