>>I do use kernel debuggers but only in the case of an emergency, there are
>faster ways of finding and resolving nearly all of the problems I am
>encountering doing driver development.
Most of us think very differently. You usually save time by working
with 2 systems as a kernel devloper , permanantly. You dont waste time
setting a debugging system up, you should always develope with 2
systems, dedicated for driver development use. I think your devlopment
strategy is flawed.
> but I am not understanding how this can help me build a driver which
> starts properly
Just debug and most likely youll be able to repsond your own question. It is
important to know the name of the failing export, then you can get an ideea
*why* this happens. By tracing the PE loader code , you can 100% determine
this.
It might be a bug, it might be not, user error, running driver linked for
XP code in 2000,
but untill you debug and pinpoint it, its just *speculation*. Most likely
with my devlopment
setup I would already find the reason in the time necessary for those
emails to be exchanged.
----- Original Message -----
From: “Daniel Terhell”
Newsgroups: ntdev
To: “Windows System Software Devs Interest List”
Sent: Monday, March 13, 2006 1:21 PM
Subject: Re:[ntdev] Re:ERROR_PROC_NOT_FOUND
> The issue is that my driver is using no symbols which are not exported by
> NTOSKRNL or NTDLL. Now I have to set up a remote debugging system to find
> the unresolved external. I can do this of course but I am not
> understanding how this can help me build a driver which starts properly,
> the only thing I am able to imagine is that there are bugs in the DDK
> linker which builds invalid system images. If I am wrong and somebody can
> speculate on something I could possibly be doing wrong I am very greatful
> to learn something. By not fooling around with multiple systems set up for
> remote debugging I am saving myself an incredible amount of time. I do use
> kernel debuggers but only in the case of an emergency, there are faster
> ways of finding and resolving nearly all of the problems I am encountering
> doing driver development.
>
> /Daniel
>
>
>
>
> “Dan Partelly” wrote in message
> news:xxxxx@ntdev…
>> Then use Softice, which works on a single machine. You are developing
>> system software, so you should already have a debugging system set up
>> and in place. Its just inaddmisble to think thata nyone writes driver
>> whithout having a setup for debugging them. Its almost hilarious.
>>
>> Or you develope drivers and debug by means of “DbgPrint” ? Very bad
>> if you do this.
>>
>> Dan
>>
>> ----- Original Message -----
>> From: “Daniel Terhell”
>> Newsgroups: ntdev
>> To: “Windows System Software Devs Interest List”
>> Sent: Monday, March 13, 2006 12:58 PM
>> Subject: Re:[ntdev] ERROR_PROC_NOT_FOUND
>>
>>
>>> For setting kernel breakpoints in Windbg I need multiple computers and
>>> cables which is a lot of hassle. The question is if I find the
>>> unresolved import how is that going to help me build a proper driver and
>>> what can I possibly do after to get rid of these problems which appear
>>> and disappear at random and do not seem at all related to my code. Did
>>> Depends not tell me already they were KeTickCount, _except_handler_3 and
>>> _chkstk, even though they are anyway exported by NTOSKRNL and NTDLL ?
>>>
>>> Thanks,
>>>
>>> /Daniel
>>>
>>>
>>>
>>> “Doron Holan” wrote in message
>>> news:xxxxx@ntdev…
>>> Put a breakpoint on MmLoadSystemImage and then try to load your driver.
>>> When the first bp hits, put a bp on MiResolveSystemImageImports (or
>>> something like that, eliyasy posted how to do this on the list in the
>>> past 2weeks or so and had the right name). when the 2nd bp hits, note
>>> the last 2 parameters via a ‘dv’ command (the pointers), and then go
>>> continue back to the caller. Then look at the pointers after the call
>>> returned. That will tell you the unresolved import. I will blog on how
>>> to do this this week so it will be easier to follow.
>>> D
>>>
>>>
>>> -----Original Message-----
>>> From: xxxxx@lists.osr.com
>>> [mailto:xxxxx@lists.osr.com] On Behalf Of Daniel Terhell
>>> Sent: Sunday, March 12, 2006 4:57 PM
>>> To: Windows System Software Devs Interest List
>>> Subject: Re:[ntdev] ERROR_PROC_NOT_FOUND
>>>
>>> But my kernel files do export the symbols that Depends complains about
>>> and
>>> the compiler shows no messages about unresolved externals and my code
>>> does
>>> not even use any of this stuff. It is so weird that this problem comes
>>> and
>>> goes at random when I add some code, like when I add a DbgPrint
>>> somewhere.
>>>
>>> /Daniel
>>>
>>>
>>> “Maxim S. Shatskih” wrote in message
>>> news:xxxxx@ntdev…
>>>> >ERROR_PROC_NOT_FOUND,
>>>>> which gives me the suggestion it cannot find the DriverEntry entry
>>> point.
>>>>
>>>> Maybe this is due to unresolved imports in the driver binary?
>>>>
>>>> Maxim Shatskih, Windows DDK MVP
>>>> StorageCraft Corporation
>>>> xxxxx@storagecraft.com
>>>> http://www.storagecraft.com
>>>>
>>>>
>>>>
>>>
>>>
>>>
>>> —
>>> Questions? First check the Kernel Driver FAQ at
>>> http://www.osronline.com/article.cfm?id=256
>>>
>>> To unsubscribe, visit the List Server section of OSR Online at
>>> http://www.osronline.com/page.cfm?name=ListServer
>>>
>>>
>>>
>>>
>>> —
>>> Questions? First check the Kernel Driver FAQ at
>>> http://www.osronline.com/article.cfm?id=256
>>>
>>> To unsubscribe, visit the List Server section of OSR Online at
>>> http://www.osronline.com/page.cfm?name=ListServer
>>
>>
>>
>
>
>
> —
> Questions? First check the Kernel Driver FAQ at
> http://www.osronline.com/article.cfm?id=256
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
