A long time ago people like Christiaan Ghijselinck and/or Matteo said they have additional information in either pdf file or code sample on how to capture DBGPRINT output in a user-mode application, but I could not add any mail to these old questions.
Does somebody have the relevant information?
Thanks
This is what you are looking for :-
http://www.codeproject.com/csharp/DbMonNET.asp
Need to listen to the shared buffer DBWIN_BUFFER and use two events to get to know data is there
If you don’t want to capture in your app just use windbg or debug view .
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@enativ.com
Sent: Tuesday, April 10, 2007 8:03 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Capturing DBGPRINT output in a user-mode application
A long time ago people like Christiaan Ghijselinck and/or Matteo said they have additional information in either pdf file or code sample on how to capture DBGPRINT output in a user-mode application, but I could not add any mail to these old questions.
Does somebody have the relevant information?
Thanks
Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
The DBWIN support only captures Win32 OutputDebugString[A|W] data. It will
not catch user mode or kernel mode DbgPrint[Ex] calls.
–
Ken Johnson (Skywing)
Windows SDK MVP
http://www.nynaeve.net
“Anurag Sarin” wrote in message news:xxxxx@ntdev…
This is what you are looking for :-
http://www.codeproject.com/csharp/DbMonNET.asp
Need to listen to the shared buffer DBWIN_BUFFER and use two events to get
to know data is there
+ there is a sample app in Visual C++ 6.0 sample called “DbMon - Implements
a Debug Monitor”
If you don’t want to capture in your app just use windbg or debug view .
-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of xxxxx@enativ.com
Sent: Tuesday, April 10, 2007 8:03 PM
To: Windows System Software Devs Interest List
Subject: [ntdev] Capturing DBGPRINT output in a user-mode application
A long time ago people like Christiaan Ghijselinck and/or Matteo said they
have additional information in either pdf file or code sample on how to
capture DBGPRINT output in a user-mode application, but I could not add any
mail to these old questions.
Does somebody have the relevant information?
Thanks
—
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer
Thanks everybody. I want to have it in my User Mode application, and I indeed need to catch Kernel mode DbgPrint.
Somebody said that DbgPrint uses interrupt 0x2D, and a hook would be enough. Is that correct? are there some examples somewhere?
It is correct; at least it was the last time I looked at it which is several years. I’m not sure about x64 OSes and Vista. As for examples, use Google. There was an article about it somewhere.
Best regards,
Michal Vodicka
UPEK, Inc.
[xxxxx@upek.com, http://www.upek.com]
From: xxxxx@lists.osr.com[SMTP:xxxxx@lists.osr.com] on behalf of xxxxx@enativ.com[SMTP:xxxxx@enativ.com]
Reply To: Windows System Software Devs Interest List
Sent: Wednesday, April 11, 2007 9:42 PM
To: Windows System Software Devs Interest List
Subject: RE:[ntdev] Capturing DBGPRINT output in a user-mode applicationThanks everybody. I want to have it in my User Mode application, and I indeed need to catch Kernel mode DbgPrint.
Somebody said that DbgPrint uses interrupt 0x2D, and a hook would be enough. Is that correct? are there some examples somewhere?
Questions? First check the Kernel Driver FAQ at http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at http://www.osronline.com/page.cfm?name=ListServer
Yes, that works, at least pre-Vista. Works with all the caveats about
hooking, of course. Also, this is not a fun one to debug.
>> xxxxx@enativ.com 2007-04-11 15:42:20 >>>
Thanks everybody. I want to have it in my User Mode application, and I
indeed need to catch Kernel mode DbgPrint.
Somebody said that DbgPrint uses interrupt 0x2D, and a hook would be
enough. Is that correct? are there some examples somewhere?
Questions? First check the Kernel Driver FAQ at
http://www.osronline.com/article.cfm?id=256
To unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer