Debug logging on a driver durring bootup
-
Is there any way to capture the debug logging on a driver during bootup? I know it can be done if you’re connected via serial port to another machine, but I’m looking for a method that is standalone. The DebugView program from sysinternals only seems to work to capture bootup logging if you can successfully logon on open DebugView. If the machine crashes before then, it seems you loose the logging. I'm trying to debug a driver that gives me the blue screen of death as soon as I logon. Top ten member of C++ Expert Exchange. http://www.experts-exchange.com/Cplusplus
-
Is there any way to capture the debug logging on a driver during bootup? I know it can be done if you’re connected via serial port to another machine, but I’m looking for a method that is standalone. The DebugView program from sysinternals only seems to work to capture bootup logging if you can successfully logon on open DebugView. If the machine crashes before then, it seems you loose the logging. I'm trying to debug a driver that gives me the blue screen of death as soon as I logon. Top ten member of C++ Expert Exchange. http://www.experts-exchange.com/Cplusplus
I could think of few ways. But first I'd try to communicate with something existing: - DbgView - they have some new mode - something to do with bootup logging. - The event log service - softice Now, if u crash during logon, the machine is already up with all the services and stuff, so u can use lots of ways, it just depends on your kernel mode arsenal. Anyway, all the ways that don't include DbgView/event log/softice involves a bit of work in writing the logger service.. U could comunicate with your logger using sockets/pipes, like OutputDebugString - with shared mem and event, or, u could just log it to a file yourself.
-
I could think of few ways. But first I'd try to communicate with something existing: - DbgView - they have some new mode - something to do with bootup logging. - The event log service - softice Now, if u crash during logon, the machine is already up with all the services and stuff, so u can use lots of ways, it just depends on your kernel mode arsenal. Anyway, all the ways that don't include DbgView/event log/softice involves a bit of work in writing the logger service.. U could comunicate with your logger using sockets/pipes, like OutputDebugString - with shared mem and event, or, u could just log it to a file yourself.
Yes, depends on what services and crap is up such as you can't log to disk if the disk driver isn't loaded yet! However that's one place to go. You could also attempt to allocate a large chunk of memory and log to it and wait for services come up before dumping it to disk. You could also attempt to take over the screen yourself and dump your stuff to the screen. 8bc7c0ec02c0e404c0cc0680f7018827ebee
-
Yes, depends on what services and crap is up such as you can't log to disk if the disk driver isn't loaded yet! However that's one place to go. You could also attempt to allocate a large chunk of memory and log to it and wait for services come up before dumping it to disk. You could also attempt to take over the screen yourself and dump your stuff to the screen. 8bc7c0ec02c0e404c0cc0680f7018827ebee
-
That was just an example that any service you use you should ensure it comes up before your driver. In anycase, there are OS services which do come up before the disk driver, most likely very few and I haven't looked at the order of loading in a while. In anycase, the disk driver itself is on disk so how is it loaded if the disk driver isn't loaded? :) Most likely your driver comes up afterwards but it's just the point to ensure your driver is properly dependent on services it uses. 8bc7c0ec02c0e404c0cc0680f7018827ebee