My driver is deployed successfully on windows 10 target PC. But still i am not getting debug prints on windows debugger (WinDbgX64) session on my HOST PC.
I have also set HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Session Manager\Debug Print Filter key's "DEFAULT" DWORD to value 8. So that my DPFLTR_INFO_LEVEL will be able to send data to kernel buffer.
The installing and configuration of components for driver deployment and testing via visual studio is commenced successfully. Hence it has created a WDKRemoteUser account on my target machine to deploy the drivers.
My Host Environment:- Windows 10 (Build 10130) X64 and Visual studio 2015 RC with all required component installed.
My Target Environment:- Windows 10 (Build 10130) X64 and debugging & testing components installed.
My debug print statement inside driver entry routine is as follows.
DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_INFO_LEVEL, "KMDFHelloWorldDriver: DriverEntry\n");
Shouldn't you be setting IHVDRIVER's value to 8 instead of DEFAULT's value, if you are using DPFLTR_IHVDRIVER_ID in the DbgPrintEx?
Related
I have enabled the debugger with prodebugenable -enable-all as mentioned here: https://documentation.progress.com/output/ua/OpenEdge_latest/index.html#page/pdsoe%2Fenabling-debugging.html%23wwID0EBCZX
I have got the success message
Debugging is enabled for the Progress 4GL installed in ...
But I still get the error
The Progress 4GL is not enabled for debugging. Run proDebugEnable from
within a proenv session on Windows or from a UNIX shell to enable
debugging and set the debuggerEnabled property to 1 for any services
that you want to debug. (11724)
prodebugenable.bat runs the exe file _debugEnable.exe. What does this file do?
Why the debugger isn't enabled although I get a success message ?
My Version: OpenEdge 10.2B
All that prodebugenable does is create a registry entry at:
HKEY_LOCAL_MACHINE\SOFTWARE\PSC\PROGRESS\ProDbgCK\<DLC>.state
or when using a 32-bit version on a 64-bit Windows installation at:
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\PSC\PROGRESS\ProDbgCK\<DLC>.state
Containing the string value 'Debugging enabled'
In which <DLC> is the path to your Progress OpenEdge installation.
The DLC path was wrong in the ini-file. After I corrected it as in the registry the debugging worked.
I want test my storage driver using fuzzing techniques and I choosed Microsoft tool called IoAttack that is represent as test case in WDK 8.1 and not standalone application like in previous versions of WDK. This tool work with IoSpy tool that gather all IOCTLs and WMI command that are send to the driver. IoSpy attach to driver stack as filter driver and record all traffic. Problem occurs after I successfull attach IoSpy, record all data than remove IoSpy and run IoAttack. Because IoAttack do not see my device that is created by my storage driver I cannot fuzz my driver. Below are steps and configurations that I use.
Any tip or solution will be very welcome :)
[Setup steps for test machine:]
Install driver that created storage device
Install package "WDK Test Target Setup"
default location: C:\Program Files (x86)\Windows Kits\8.1\Remote\x64
default location on machine that has WDK 8.1 component installed
installation command: msiexec /i "WDK Test Target Setup x64-x64_en-us.msi"
2.1 If your target computer is running Windows Server, find the DriverTest folder that was just created by WDK Test Target Setup MSI. (Example: c:\DriverTest). Right click the DriverTest folder, and choose Properties. On the Security tab, give Modify permission to the Authenticated Users group.
Install package Test Authoring and Execution Framework (TAEF)"
default location: C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes
default location on machine that has WDK 8.1 component installed
installation command: msiexec /i "Test Authoring and Execution Framework x64-x64_en-us.msi"
Install package "WDTF runtime library"
default location: C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes
default location on machine that has WDK 8.1 component installed
installation command: msiexec /i "Windows Driver Testing Framework (WDTF) Runtime Libraries-x64_en-us.msi"
installation verification:
Open a Command Prompt window on the test computer.
Run %WDTFDir%\Tools\CheckWDTFInstall.cmd
default location: C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\WDTF
Open the log file CheckWDTFInstall.log and examine the results which contains information on all installed WDTF components
Setting mode "kernel debugging"
steps:
Open a Command Prompt window as Administrator. Enter bcdedit /debug on
If the computer is not already configured as the target of a debug transport, enter bcdedit /dbgsettings local
Reboot the computer.
[Test procedure that uses IoSpy and IoAttack:]
Enable IoSpy using WDK test "EnableIoSpy" and application "TAEF"
command:
Te.exe "%SystemDrive%\Tests\Additional
Tests\DeviceFundamentals\ERT\Basic\Devfund_IOSpy_EnableSupport_ERT_Basic.wsc"
/select:"#Name='Devfund::EnableIoSpy'"
/p:"DQ=INF::OriginalInfFileName='my_storage_driver.inf'"
/p:"DFD=%systemdrive%\DriverTest\IoSpy"
/rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml
/enableWttLogging
/wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Enable_I_O_Spy_(Quick)_(possible_reboot)_00000.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*"
/runas:Elevated
Reboot operating system
Use IOCTL commands for public and private IOCTLs
Verify that IoSpy data file that records the data sent throught IOCTL and WMI requests to drivers for devices enabled for fuzz tests is larger that initial 1 KB size (if not data acquiring failed for specific driver)
default location for IoSpy data file: %SystemDrive%\DriverTest\IoSpy
Disable IoSpy using WDK test "DisableIoSpy" and application "TAEF"
command:
te.exe "%SystemDrive%\Tests\Additional
Tests\DeviceFundamentals\ERT\Basic\Devfund_IOSpy_DisableSupport_ERT_Basic.wsc"
/select:"#Name='Devfund::DisableIoSpy'"
/rebootStateFile:%systemdrive%\DriverTest\Logs\DriverTestReboot.xml
/enableWttLogging
/wttDeviceString:$LogFile:file="%systemdrive%\DriverTest\Logs\Disable_I_O_Spy_(Quick)_(possible_reboot)_00000.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*"
/runas:Elevated
Reboot operating system
Run I/O Attack (Quick) fuzzer using WDK test "RunIoAttack" and application "TAEF"
command:
te.exe "%SystemDrive%\DATA\Tests\Additional
Tests\DeviceFundamentals\ERT\Basic\Devfund_IOAttack_ERT_Basic.wsc"
/select:"#Name='Devfund::RunIoAttack'"
/p:"DQ=DeviceID=’my_device_id_that_was_created_by_my_storage_driver"
/rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml
/enableWttLogging
/wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Run_I_O_Attack_(Quick)_00001.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*"
/runas:Elevated
[Issue:]
Microsoft fuzzer IoAttack that is ran as test from WDK does not see my_storage_driver. Test pass because no devices we found for testing. Output from test:
*
StartGroup: Devfund::RunIoAttack Property: TAEF: Description [Runs I/O
Attack. ] WDTF_TARGETS: - Query("IsDevice AND IoSpy::") WDTF_TEST: No
devices were found for testing EndGroup: Devfund::RunIoAttack [Passed]
Summary: Total=1, Passed=1, Failed=0, Blocked=0, Not Run=0, Skipped=0
*
Command that was used to run test using WDK application "TAEF" (te.exe)
te.exe "%SystemDrive%\Tests\Additional
Tests\DeviceFundamentals\ERT\Basic\Devfund_IOAttack_ERT_Basic.wsc"
/select:"#Name='Devfund::RunIoAttack'"
/p:"DQ=DeviceID=’my_device_id_that_was_created_by_my_storage_driver’"
/rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml
/enableWttLogging
/wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Run_I_O_Attack_(Quick)_00001.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*"
/runas:Elevated
[Additional information:]
I tried to address my driver / storage device for fuzzing test using DQ=DeviceID, DQ=INF::OriginalInfFileName (like in IoSpy case) but in the end doesn't work.
Procedure source for usage of IoSpy and IoAttack is from https://msdn.microsoft.com/en-us/library/windows/hardware/ff547271
[Test machine setup:]
- Windows Server 2012 R2 Standard Build 9600 (x64)
[Software setup:]
- WDK 8.1 installed on Windows 7 Professional (x64)
I have an application which is build and executed on 'A' machine. Application is c++ based made on vs 2013.
Now i want execute application's .exe on 'B' machine. The 'B' machine has also vs 2013 installed and along with .exe i am providing all the associated dll's but when i execute .exe it throws me error as:
"The application was unable to start correctly(0xc000007b).Click OK to close the application "
Both machines have same OS and are 64 bit. So, please help me how to resolve the error and make .exe to open on other machine.
I'm trying to set up kernel debugging with VS 2013. When I go to Drivers/Add to add a new target machine, it connects to the remote computer and runs through a lot of setup, but it there are always 2 commands that fail.
I looked up the command that is failing in the log and I pasted it into a batch file and ran it on the target machine. I runs just fine. But then when I try to rerun Add Computer from VS, I get the same failure.
RemoteExecute: Binary: $KitRoot$\Testing\Runtimes\TAEF\te.exe
RemoteExecution: Arguments:
"%SystemDrive%\DriverTest\Run\DriverTestTasks.dll"
/select:"#Name='DriverTestTasks::_ConfigureKernelDebugger'"
/p:"DebugTransport=NET" /p:"NetHost=192.168.1.109" /p:"NetPort=50015"
/p:"NetKey=8XD3HYLMVI0D.RKFEA2BPIXO.27JOLNYURED5.MV9OGRF4XR9V"
/p:"StartPolicy=Active" /p:"IgnoreUserModeExceptions=0"
/p:"SuppressReboot=1"
/rebootStateFile:%SystemDrive%\DriverTest\Logs\DriverTestReboot.xml
/enableWttLogging
/wttDeviceString:$LogFile:file="%SystemDrive%\DriverTest\Logs\Configure_debugger_settings_(x86)_(possible_reboot)_00007.wtl",writemode=append,encoding=unicode,nofscache=true,EnableLvl="WexStartTest|WexEndTest|WexXml|WexProperty|WexCreateContext|WexCloseContext|*"
/runas:Elevated RemoteExecute: Process creation return code: 0
RemoteExecute: Process exit code: 0 Initialize: Computer: w8x86wdk-hp
Result completed Test process exit code: -1
I have tried this both with a VMware VM target and against a physical PC target and I have tried adding the computer in the reverse direction and I always get the same failures. I can ping these machines from each other and all machines are Win8 x86. Network discovery and sharing are on. The Windows firewalls are off. These are virgin OS installations so there's nothing on the machines except the OS, VS2013, and WDK 8.1.
Any tips on how to resolve this?
Had same issue when used ws2012 for TARGET machine.
When installed WIN81 instead, turned off UAC and DID NOT install wdk on TARGET - everything started working. Read carefully how to PROVISION TARGET. (it says: dont' install WDK there:)
HOST and TARGET was in the same home workgroup with same passwords for Administrator and MyUserAcc.
also:
under HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System set EnableLUA=0
I am just testing it so I think you should first check your target computer security issue. Then set your port pipe connection and your network adapter setting in your virtual pc.
After that setting make your computer configuration then works perfectly.
I built the app using SQL Server CE 4.0 and it runs just fine in Windows 7.0 dev machine, but got the following error message running it in Windows 8 (x64 version, Lenovo All-In-One Horizon 27' HW platform):
Is not a valid Win 32 application (Exception from HRESULT: 0x800700C1)
In app directory I can clearly see the
System.Data.SqlServerCe.dll
and all other 7 DLLs:
Sqlceca40.dll Sqlcecompact40.dll Sqlceer40EN.dll
Sqlceme40.dll Sqlceoledb40.dll Sqlceqp40.dll Sqlcese40.dll
taken from C:\Program Files\Microsoft SQL Server Compact Edition\v4.0 root directory and included in the app dir as per recommendation at: http://msdn.microsoft.com/en-us/library/vstudio/aa983326%28v=vs.110%29.aspx .
Other settings:
Configuration Platform: Any CPU Target Platform: x86 Setup
TargetPlatform: x64
Any idea on what went wrong and how to fix it? Thx.