krish
Wed Feb 20 19:28:08 CST 2008
Hi Don, when I use IoGetRequestorProcessId () inside diskperf.c, I get
a linker error. So I include "ntifs.h" which contains the correct
declaration. But then I get a compilation error as ntifs.h redefines
PETHREAD and PEPROCESS which are already defined in "ntddk.h" already
included in the diskperf.c. How can get past this error now? Thanks.
On Feb 6, 3:25 pm, "Don Burn" <b...@stopspam.windrvr.com> wrote:
> IoGetRequestorProcessId will get you the PID directly, unfortunately there
> is no easy way to get process name. The simplest is to pass it up to a
> user space process, to look it up. The only other approach involves using
> an undocumented system call ZwQuerySystemInformation with class
> SystemProcessesAndThreadsInformation. Be aware that much of the data on the
> web is wrong, or missing information on this call.
>
> On the printouts try setting DiskPerfDebug to 0xffffffff
>
> --
> Don Burn (MVP, Windows DDK)
> Windows 2k/XP/2k3 Filesystem and Driver Consulting
> Website:
http://www.windrvr.com
> Blog:
http://msmvps.com/blogs/WinDrvr
> Remove StopSpam to reply
>
> "krish" <pradeep_bi...@yahoo.com> wrote in message
>
> news:c4548ede-6d9e-4041-8734-2458726a5fe9@j20g2000hsi.googlegroups.com...
>
> >> > For the IOCTL look at IoGetRequestorProcess in the WDK, it will do what
> >> > you
> >> > need.
>
> > It returns a PEPROCESS structure, using which I can get the process
> > id. Is there any function which can get me the process name (as it
> > appears in task manager or similar) from the id or PEPROCESS
> > structure. Thanks again.
>
> > On Feb 6, 2:43 pm, krish <pradeep_bi...@yahoo.com> wrote:
> >> Thanks Don. Yes the system being debugged is Vista while my debugger
> >> is running on XP. I ran this utility on my vista machine (machine to
> >> be debugged) and set the DEFAULT component name to 15 but no luck. I
> >> can see messages from other drivers (already present in the system. In
> >> fact I could see the messages from these drivers even before running
> >> the utility), but I cannot see any messages from diskperf. When I step
> >> throught the code by setting the breakpoint, I can see that DbgPrint
> >> () is being executed inside diskPerf code but nothing displays on the
> >> WinDbg console.
>
> >> On Feb 6, 2:10 pm, "Don Burn" <b...@stopspam.windrvr.com> wrote:
>
> >> > You didn't say which system but I suspect you are using Vista. You
> >> > need to
> >> > set the registry to enable debug print get the tool
> >> > from
http://www.osronline.com/article.cfm?article=506asasimple way to
> >> > do it.
>
> >> > For the IOCTL look at IoGetRequestorProcess in the WDK, it will do what
> >> > you
> >> > need.
>
> >> > --
> >> > Don Burn (MVP, Windows DDK)
> >> > Windows 2k/XP/2k3 Filesystem and Driver Consulting
> >> > Website:
http://www.windrvr.com
> >> > Blog:
http://msmvps.com/blogs/WinDrvr
> >> > Remove StopSpam to reply
>
> >> > "krish" <pradeep_bi...@yahoo.com> wrote in message
>
> >> >news:7cac7b85-2b93-4d61-bb91-4d8e16eb059e@q21g2000hsa.googlegroups.com...
>
> >> > > I'm using WDK diskperf sample to monitor the disk accesses. I have
> >> > > few
> >> > > questions:
>
> >> > > 1. How can I enable the output of DbgPrint on WinDbg console or to
> >> > > some other file? I see that DiskPerfDebug is always set to 0 and so
> >> > > the following condition will be satisfied only for DebugPrintLevel=0.
>
> >> > > if ((DebugPrintLevel <= (DiskPerfDebug & 0x0000ffff)) ||
> >> > > ((1 << (DebugPrintLevel + 15)) & DiskPerfDebug)) {
>
> >> > > DbgPrint(DebugMessage, ap);
> >> > > }
>
> >> > > Anyways I removed the above condition and call DbgPrint always. But
> >> > > still I do not see any output on WinDbg.
> >> > > Also I changed the: nt!kd_default_mask in winDbg to the following:
>
> >> > > dd nt!kd_default_mask
> >> > > 81cfbeb8 ffffffff 00000000 00000000 00000000
> >> > > 81cfbec8 00000000 00000000 00000000 00000000
> >> > > 81cfbed8 00000000 00000000 00000000 00000000
> >> > > 81cfbee8 00000000 00000000 00000000 00000000
> >> > > 81cfbef8 00000000 00000000 00000000 00000000
> >> > > 81cfbf08 00000000 00000000 00000000 00000000
> >> > > 81cfbf18 00000000 00000001 00000000 00000000
> >> > > 81cfbf28 00000000 00000000 00000000 00000000
>
> >> > > But no luck. Any help will be highly appreciated.
>
> >> > > 2. Also is there any way of determining the process whose request
> >> > > generated the corresponding IOCTL that I see inside the diskperf?
>
> >> > > Thanks.