I'm 'debuging' BSOD caused by driver on Win10 machine.
I've tried to use DbgPrint() or DbgPrintEx() to put messages in crash dump so they could be accessed by analysing that dump in 'windbg.exe' by calling !dbgprint.
I'm getting nothing all the time.
0: kd> !dbgprint
DbgPrint buffer is empty.
Examples of dump messages for references:
DbgPrint("## %s : %u\n", __FUNCTION__, __LINE__);
DbgPrintEx(DPFLTR_IHVDRIVER_ID, DPFLTR_ERROR_LEVEL, "## %s : %u\n", __FUNCTION__, __LINE__);
Please note that PC running the driver is different from development PC. I could not connect WinDbg to 'running' machine and watch it in real time. So I'm trying to get log before crash and get a values of some variables. Basically all I could count on is MEMORY.DMP file.
If there is other ways to archive same/similar logging, I'd appreciate advise.
Thanks.
Not sure if DbgPrint buffer is kept always, I think that You should use WPP and IFR (Inflight Trace Recorder) which always record your traces even with dump.