How to see dbgprint message in WinDbg ?
Skybuck Flying
WinDbg is connected to Windows 7 RTM x64 Ultimate (running in debug mode).
WinDbg says to press g and enter and so forth.
Now I want to see the dbgprint messages of the netvmini driver ?!?
I tried to enter the following command in WinDbg:
"Break"
and
"!dbgprint"
It showed two blocks or so:
[][]:
And that was it ?!?
Is it possible to make some kind of recording ?
I understand there could be many many many of these messages ?
How do I proceed ?
Bye,
Skybuck.
Skybuck Flying
First I am gonna follow this tutorial to setup the pdb files hopefully that
gonna help.
If I need any more help after that tutorial I will let you people know ;) :)
http://blogs.msdn.com/iliast/archive/2006/12/10/windbg-tutorials.aspx
Bye,
Skybuck.
Skybuck Flying
Should I also add the folders to the application pdb's to the symbol path ?
For now I will do that too... But I am not sure if that's ok ?
Maybe only driver pdb's should be added ? hmm...
Bye,
Skybuck.
Skybuck Flying
"sys" folder...
Well I am out of luck...
Some tutorial website doing an update:
"
Welcome to the Code Project
Your place for free C++, C# and .NET articles, code snippets, discussions,
news and the best bunch of developers on the net.
The Code Project is currently getting a hardware upgrade. We will be back
online at 6AM US Eastern Time (11 AM GMT, 10PM Sydney).
"
Maybe I have some tutorial somewhere on my hd... I think I did something
like this before ;) But don't count on it ;)
Bye,
Skybuck.
Skybuck Flying
kind of remote debugger...
Maybe that's necessary ?
Me not sure...
Me going through this powerpoint presentation:
http://download.microsoft.com/download/f/0/5/f05a42ce-575b-4c60-82d6-208d3754b2d6/Adv-
Bye,
Skybuck.
Skybuck Flying
Right now I am trying:
ed netvmini_Mask 0x8
This seems to do something ;)
It's downloading/loading stuff.
I'll have to stop soon because it's bed time :P*
Bye,
Skybuck.
Skybuck Flying
I hope it's not downloading all this stuff for nothing.
I think these probably drivers it can't find the symbols for...
Looks like some vmware drivers in there ;)
1: kd> ed netvmini_Mask 0x8
*** ERROR: Module load completed but symbols could not be loaded for
amdxata.sys
*** ERROR: Module load completed but symbols could not be loaded for
vmrawdsk.sys
*** ERROR: Module load completed but symbols could not be loaded for
spldr.sys
*** ERROR: Module load completed but symbols could not be loaded for
vmmemctl.sys
*** ERROR: Module load completed but symbols could not be loaded for
peauth.sys
*** ERROR: Module load completed but symbols could not be loaded for
secdrv.SYS
*** ERROR: Symbol file could not be found. Defaulted to export symbols for
spsys.sys -
*** ERROR: Module load completed but symbols could not be loaded for
vmhgfs.sys
*** ERROR: Module load completed but symbols could not be loaded for
vmmouse.sys
*** ERROR: Symbol file could not be found. Defaulted to export symbols for
vmci.sys -
*** ERROR: Module load completed but symbols could not be loaded for
vmx_svga.sys
*** ERROR: Module load completed but symbols could not be loaded for
vmaudio.sys
*** ERROR: Symbol file could not be found. Defaulted to export symbols for
drmk.sys -
Bye,
Skybuck.
Skybuck Flying
Couldn't resolve error at 'netvmini_Mask 0x8'.
Anybody know the command for debugging netvmini.sys let me know ?!
Bye,
Skybuck.
tsperling
(Don't you think perhaps that driver needs to be 'signed'?)
Tony. . .
"Skybuck Flying" <Blood...@hotmail.com> wrote in message
news:98f61$4a7e3196$d53372a9$56...@cache2.tilbu1.nb.home.nl...
Skybuck Flying
A "so-called-expert" at a web forum mentions "debugview".
This is not an option of WinDbg... nooooo...
This is a special tool available from Microsoft.
And apperently it can capture all the DbgPrint stuff... and that's exactly
what I want for now ?!
And you don't even need to computers for it...
Maybe you don't even need WinDbg for it ?! ;)
http://technet.microsoft.com/en-us/sysinternals/bb896647.aspx
Well it's a bit late now... so I will have to try this tomorrow.
I got a stinky finger too and it needs a washing LOL. BAH LOL.
Bye,
Skybuck ;) =D
"Skybuck Flying" <Blood...@hotmail.com> wrote in message
news:6e806$4a7e322a$d53372a9$59...@cache2.tilbu1.nb.home.nl...
Skybuck Flying
I can't go to bed with false hope...
I must known for sure if it works or does not work...
Otherwise my magic brain would be deceived during it's sleep ! ;)
DONT LET ME DOWN DEBUGVIEW PLS OK ? ;)
Bye,
Skybuck ;) :)
"Skybuck Flying" <Blood...@hotmail.com> wrote in message
news:37741$4a7e350e$d53372a9$56...@cache2.tilbu1.nb.home.nl...
Skybuck Flying
It would be to good to be true.
I tried DebugView on X64 Pro which is in normal mode.
That didn't work.
I tried connect but network not yet properly configured to connect to
Windows 7.
So I decided to copy DebugView to Windows 7 to see if it would work there.
No word about windows 7 support for it but I tried anyway.
As soon as I click capture kernal it gives an error on Windows 7:
"Could not extract DebugView driver to:
C:\Windows\system32\Drivers\Dbgv.sys: Access is denied.
Kernel debug output capture will be unavailable.
"
So much for that.
I could try rebooting X64 pro in debug mode but I will definetly
do that tomorrow because rebooting gonna take ages.
I will try one more thing and that is the connect option.
But for that I first need to go wash my finger ! ;)
Otherwise my keyboard is gonna get stinky.
I can't configure my network with 1.8 hands...
I need 2.0 hands for it.
Bye,
Skybuck.
Skybuck Flying
Apperently DebugView cannot work over VM connections ?
I tried it it says it's on the local machine and that's it...
The only thing it does is make a nice error beep sound.
From the looks of it it's pretty ridicilous how much trouble I have to go
through to just get a few lines of text output ?!
Is this Microsoft's conspiracy of wasting my time ?
One must wonder about that.
Bye,
Skybuck.
Skybuck Flying
host and guest was working...
But at the same time I thought something weird was going on so I decided to
do a little connection test...
And indeed something weird is going on...
Only one side can connect with the other side not vice versa...
Gotta resolve this first before I dismiss DebugView's connect stuff ;)
Bye,
Skybuck.
Skybuck Flying
Trying DebugView from XP to Windows 7 doesn't work.
It doesn't connect. Why it doesn't work is hard to say.
The firewall is down (which was also a problem).
Maybe Windows 7 is protected.
However I did read something about DebugView and getting it working on
Windows 7:
Run it as Administrator... (special command from file menu).
Then it works and error is gone.
So if all goes well I should now be able to run DebugView on Windows 7 X64
Ultimate...
And get some debugging information from the driver...
But for this I have to now restart into debug mode... which it is already
in...
But now I need to disable the driver signing again...
And hopefully then "the magic happens" :)
Bye,
Skybuck =D
Skybuck Flying
Still nothing getting logged.
Nothing being displayed in DebugView ?!?
So it seems not to work...
What a big surprise.
I already wasted lik 8 hours trying to get a fucking logger going.
What's the big deal really ?
What's wrong with
WriteToFile( vFile, 'blablablabla' );
I would be done already !
HAHA what a joke !
Bye,
Skybuck.
Skybuck Flying
And exploring "Home groups"...
Not sure if that has anything to with it...
And then suddenly DebugView started recording something ?!?
Or maybe it was just some lag and it needed some time...
Now I saved the first log...
Now I try to convert it to text so I can copy paste it here so you guys can
look at it too ! ;) :)
Fortunately... not 8 hours completely wasted lol.
Bye,
Skybuck.
Don Burn
you did. To use Windbg to get the messages you need two things. First it
must be a remote debugger, using two machines connected by serial, 1394 or
(rarely USB). Second you have to enable the debug messages since they are
disabled by default. See http://www.osronline.com/article.cfm?id=295 for a
good explanation of how to do this.
Note: you need to do this for DebugView also which will work on a single
machine, but debugging a driver that way is really a poor idea, since you
will have no breakpoints nor the ability to look at variables, etc. Get two
machines and do it right.
--
Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
Remove StopSpam to reply
"Skybuck Flying" <Blood...@hotmail.com> wrote in message
news:b1383$4a7e2560$d53372a9$30...@cache2.tilbu1.nb.home.nl...
> __________ Information from ESET NOD32 Antivirus, version of virus
> signature database 4319 (20090809) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
__________ Information from ESET NOD32 Antivirus, version of virus signature database 4319 (20090809) __________
The message was checked by ESET NOD32 Antivirus.
Skybuck Flying
describe how to connect and set things up and that's it.
What I don't understand is that it appears there is some lag before the
messages arrive at the debugview ?
And sometimes it doesn't seem to work...
But that might be because of buggy driver or maybe not ?
Do you have any experience with it ?
What would be a better way to debug a driver ?
Can you give an example of how to look at a variable ?
Or how to set a breakpoint at some driver source line ?
I guess you mean source-debugging and this would require a correct source
setup with windbg ? ;)
Bye,
Skybuck.
"Don Burn" <bu...@stopspam.windrvr.com> wrote in message
news:OSxzgNOG...@TK2MSFTNGP05.phx.gbl...
Don Burn
there is lag by design. You should be debugging with 2 machines or 2
virtual machines and Windbg. If you use the WinDBG GUI interface it is
easy to view a variable, stop at a breakpoint and the locals window has all
the local vars, and you can look at globals from either the command window
or from the watch window.
--
Don Burn (MVP, Windows DKD)
Windows Filesystem and Driver Consulting
Website: http://www.windrvr.com
Blog: http://msmvps.com/blogs/WinDrvr
Remove StopSpam to reply
"Skybuck Flying" <Blood...@hotmail.com> wrote in message
news:c693b$4a7f61b8$d53372a9$11...@cache3.tilbu1.nb.home.nl...
> signature database 4320 (20090809) __________
>
> The message was checked by ESET NOD32 Antivirus.
>
> http://www.eset.com
>
>
>
__________ Information from ESET NOD32 Antivirus, version of virus signature database 4320 (20090809) __________