Alter.Org.UA
 << Back Home UK uk   Donate Donate

DbgPrint logger
for
NT3.51/NT4/NT4-TS/w2k/XP/2k3/2k3-r2/Vista and WinPE/BartPE/MobileOS

DbgPrint logger home

DbgPrint logger SDK

Download:
DbgPrnHk_v9c_sdk.rar/tgz (102.1 Kb/142.2 Kb) - SDK,
DbgPrnHk_v9c_all.rar/tgz (335.2 Kb/439.2 Kb) - all together

This SDK simplifies communications with DbgDump tools. You can use either Debug (PostDbgMesgD.lib) or Release (PostDbgMesg.lib) static library in you project to post debug messages directly to DbgPrnHk driver. Posted messages are stored in driver's internal buffer and can be later obtained by DbgPrintLog.exe either in service mode or console mode.

It is useful for capturing logs when Service Manager or Win32 subsystem is unavailable.

Include PostDbgMesg.h and PostDbgMesg.lib into your project. After that you will be able to use DbgDump_Printf(), DbgDump_Print() and DbgDump_Printn() API.

DbgPrint logger SDK API


DbgDump_Printf
BOOLEAN
_cdecl
DbgDump_Printf(
    PCHAR Format,
    ...
    );

DbgDump_Printf() is similar to standard printf(). It uses format string as first operand. Note, total length of final string is limited to 2047 characters.

Example:

DbgDump_Printf("Test print, Process ID = %d\n", GetCurrentProcessId());

DbgDump_Print
BOOLEAN
__stdcall
DbgDump_Print(
    PCHAR Msg
    );

DbgDump_Print() simply prints to log ASCIIZ string.

Example:

DbgDump_Print("Test print ASCIIZ\n\0 This will never be printed!!!\n");

DbgDump_Printn
BOOLEAN
__stdcall
DbgDump_Printn(
    PCHAR Msg,
    ULONG Length
    );

DbgDump_Printn() prints to log specified number of characters. NULL-character is NOT treated as terminator.

Example:

DbgDump_Printn("Test print CHARS\n\0 This will be printed!!!\n",
        sizeof("Test print CHARS\n\0 This will be printed!!!\n"));

DbgDump_Bin
BOOLEAN
__stdcall
DbgDump_Bin(
    PCHAR Msg,
    ULONG Length
    );

DbgDump_Bin() sends to log specified number of bytes. Such messages are displayed as HEX-dump/

Example:

DbgDump_Printn("0123456789",
        sizeof("0123456789"));

will display the following:

30 31 32 33 34 35 36 37 - 38 39 00


DbgDump_PostMsgEx
BOOLEAN
__stdcall
DbgDump_PostMsgEx(
    PDbgPrnHk_PostMessageEx_USER_IN pPutMsgBuf
    );

DbgDump_PostMsgEx() sends to log buffer completly filled packet (in internal format), containing along with debug message itself still timestamp, Process ID, Thread ID, CPU number, etc.

Example:

PDbgPrnHk_PostMessageEx_USER_IN pPutMsgBuf;

pPutMsgBuf = (PDbgPrnHk_PostMessageEx_USER_IN)
    GlobalAlloc(GMEM_FIXED, sizeof(DbgPrnHk_PostMessageEx_USER_IN)+2048);
memset(pPutMsgBuf, 0, sizeof(DbgPrnHk_PostMessageEx_USER_IN));
//pPutMsgBuf->TimeStamp.QuadPart = 0; // already 0, will be auto-assigned
pPutMsgBuf->ThreadId = (PVOID)(-1);   // unknown
//pPutMsgBuf->Irql = 0;               // already 0
pPutMsgBuf->CpuNumber = 0xff;         // unknown
pPutMsgBuf->CallerMode = 1;           // user mode
pPutMsgBuf->Length = (USHORT)length;
pPutMsgBuf->ProcessId = ProcessId;
memcpy(pPutMsgBuf->Msg, pmessage, length);

DbgDump_PostMsgEx(pPutMsgBuf);

You can also find sample in sdk\test\ directory.

Requirements

In order to use DbgPrint logger SDK you must install DbgPrnHk driver (see -drv switch in DbgPrintLog.exe manual). You shell also use DbgPrintLog.exe fo saving captured logs. I would recommend Boot, System or Automatic driver startup mode (acording to your needs). It is also reasonable to use DbgPrintLog.exe as service (see -svc switch in DbgPrintLog.exe manual)

Knowledge base

If you use VS.NET and your debug messages are captured with .NET debugger, try the solution look here on RSDN


Please, send your comments and propositions here: FB or mail alterX@alter.org.ua (remove X)   Share
<< Back designed by Alter aka Alexander A. Telyatnikov powered by Apache+PHP under FBSD © 2002-2025