Condividi tramite


USB Event Tracking (ETW log in USB Core Stack)

Background:
=========
Event Tracing for Windows (ETW)
In Windows 7, ETW provides an event logging mechanism that the USB driver stack can exploit to aid in investigating, diagnosing, and debugging USB-related issues.

USB Core Stack
The USB host controller driver layer includes the host controller port driver (usbport.sys) and the miniport drivers (usbehci.sys, usbohci.sys, and usbuhci.sys). The USB hub driver layer consists of the USB hub driver (usbhub.sys).

Using USB ETW
============
Capture a USB event trace: logman
1. In the command-prompt window, enter the following two commands to begin the trace:
Logman start Usbtrace -p Microsoft-Windows-USB-USBPORT -o usbtrace.etl -ets -nb 128 640 -bs 128

Logman update Usbtrace -p Microsoft-Windows-USB-USBHUB -ets

After each of these commands completes, Logman should display the following message:
“The command completed successfully.”
2. Perform the steps in your USB device usage scenario.
3. Stop USB hub and port event collection by running the following command:
Logman stop Usbtrace –ets

Analyze an event trace log to troubleshoot a failure: netmon
Capture a system event trace and analyze timing or performance issues: Xperf

Using Xperf with USB ETW
1. start
Xperf –on Diag
Logman start Usbtrace -p Microsoft-Windows-USB-USBPORT -o usbtrace.etl -ets -nb 128 640 -bs 128
Logman update Usbtrace -p Microsoft-Windows-USB-USBHUB –ets

2.stop
Logman stop Usbtrace -ets
Xperf –stop

3. merge
Xperf –merge usbtrace.etl C:\kernel.etl merged.etl

Reference:
=======
https://blogs.msdn.com/b/usbcoreblog/archive/2010/03/17/new-whitepaper-on-usb-event-tracing.aspx
https://www.microsoft.com/whdc/connect/usb/Event-Tracing.mspx