| Table of Contents |
|---|
Introduction
Build:
The driver will need to be built in debug mode so optimisations are off, ie, the code lines up with the binary, making debugging easier.
Install:
Secure boot need disabling, and the target putting into test mode, with
...
https://learn.microsoft.com/en-us/windows-hardware/drivers/install/introduction-to-test-signing
Enabling debug out:
By default Vista and later versions of Windows wont produce debug output.
To enable this, go to HKLM\Sys\CCS\Control\Session Manager\Debug Print Filter (or create the key)Create a DWORD called DEFAULT set to 0xffffffff to enable debug out for KdPrint
...
Test
...
Tools Available
Driver Verifier. Built into Windows
WinDbg
DbgView
WHQL (including Device Path Exerciser)
Driver Verifier:
Built into Windows, it is an administrators and developers tool, as it can help identify badly written third party drivers and find issues during development. https://learn.microsoft.com/en-us/windows-hardware/drivers/devtest/driver-verifier
...
These dump files can be opened with WinDbg...
WinDbg:
Windbg is available from a number of places, https://learn.microsoft.com/en-us/windows-hardware/drivers/debugger/debugger-download-tools and allows crash dumps to be opened.
...
WinDbg is very powerful, has a very good tutorial shipped with it, and a very good help file. It is one of Microsofts best products in fact.
DbgView:
Another really useful tool is DbgView from Sysinternals, now bought out by Microsoft, it allows debug messages to be picked up on the target machine, via a Kernel hook. So run it in Admin mode to install that hook the first time Kernel capture is enabled.
Traces are again dependant on the settings on the Target
WHQL:
WHQL is an immense subject, with a varied and complex setup involving Windows Server machines, and various clients in many configurations depending on the kind of driver being tested
...