Skip to content

How to Debug Dokan

Jump to bottom
Liryna edited this page Aug 11, 2022 · 16 revisions

MemFS

You can use /s options to enable debug output to stderr.

memfs.exe /d /l m

MirrorFS

You can use /d /s options to enable debug output to stderr.

mirror.exe /d /s /r C:\Users /l m

Dokan Driver

Logs on Release build

It is possible to have the driver logs forwarded to the Dokan library for print even in release build. Not all print will be available and it can slow down the library but it is a great solution when having an issue on an environment where a debug driver cannot be installed. The mount option DOKAN_OPTION_DISPATCH_DRIVER_LOGS has to be used to request the driver to forward logs during the time of the mount. Or for the mirror sample, this is accessible through the option /e:

mirror.exe /e /d /s /r C:\Users /l m

Logs on Debug build

Enable logs

Debug output are only enable in debug build. You will need to install the debug version of dokan.

After we will need to enable DbgPrint Output into Windows and dokan sys.

Windows Configuration

As explain on OSROnline, you will need to create the key Debug Print Filter (if it already does not exist) and the DWORD IHVDRIVER = 0x0d.

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Debug Print Filter]
"IHVDRIVER"=dword:0000000d

Then run this command to enable debug mode: bcdedit -debug on

Self sign build

If you want to use selfsigned certificats:

bcdedit -set loadoptions DDISABLE_INTEGRITY_CHECKS
bcdedit -set TESTSIGNING ON

You must reboot for these changes to take effect.

Dokan sys

You need to run this command at launch of Dokan (or Windows boot).

dokanctl.exe /d 7

Get logs

Download DbgView. Enable kernel output with CTRL + K.

You should now be able to see DokanFS output!

Crash Report (BSOD)

After a BSOD, a crash dump is going to be created. This file hold all the information of the crash and is very helpful for debugging the driver. To get the crash report, you need to open the report (C:\Windows\memory.dmp or C:\Windows\Minidump\LATEST.dmp) with WinDbg, add Dokan and Microsoft debug symbols File > Symbol File Path -> SRV*C:\PathToDokanDbg*http://msdl.microsoft.com/download/symbols and run the command !analyze -v.

Live Kernel Debugging

Live kernel debugging has numerous advantages but a second computer is recommended. Bellow the step for kernel debugging a Virtual Machine where Dokan is running.

On the Virtual Machine:

  • Run bcdedit /dbgsettings serial debugport:1 baudrate:115200. Shutdown the VM.
  • Add a Serial Port to the machine. For VirtualBox:
  • Go to Machine Settings => Serials Ports => Port 1
  • Check Enable Serial Port
  • Keep Port Number to COM1 and set Port Mode to Host Device.
  • Check Create Pipe
  • Enter the following Port Path: \\.\pipe\dokandbg.
  • Save changes and power on the VM.

On WinDbg:

  • Configure the symbols, File => Symbol File Path (CTRL + S) and enter the following value: srv*C:\symbols\ms*http://msdl.microsoft.com/download/symbols. Confirm. It is also recommended to use Checked versions of the operating system to have more information.
  • File => Kernel Debug (CTRL + K)
  • Select COM tab
  • Keep Baud Rate to 115200 and enter the following Port again: \\.\pipe\dokandbg
  • Check Pipe and Reconnect.
  • Confirm. After a while you should be connected to the VM and can now debug it remotely.

Dokan
Project Home | Wiki | Releases | Issues

Clone this wiki locally