implemented monitoring kernel messages, rought version, verbose by default

Author: Jan Wilmans

application/DebugViewpp/version.h

@@ -1,2 +1,2 @@
-#define VERSION 1,9,0,56 
-#define VERSION_STR "1.9.0.56" 
+#define VERSION 1,9,0,58 
+#define VERSION_STR "1.9.0.58" 

application/DebugViewpp/version.wxi

@@ -3,6 +3,6 @@
     <?define ProductVersion.Major="1" ?> 
     <?define ProductVersion.Minor="9" ?> 
     <?define ProductVersion.Revision="0" ?> 
-    <?define ProductVersion.Build="56" ?> 
-    <?define ProductVersion="1.9.0.56" ?> 
+    <?define ProductVersion.Build="58" ?> 
+    <?define ProductVersion="1.9.0.58" ?> 
 </Include> 

application/DebugViewppLib/Debugview_kernel_client.cpp

@@ -3,144 +3,15 @@
 // (See accompanying file LICENSE_1_0.txt or copy at
 // http://www.boost.org/LICENSE_1_0.txt)
 
-#define WIN32_LEAN_AND_MEAN
-#include <windows.h>
-#include <tchar.h>
-#include <winioctl.h>
-#include <winsvc.h>
-
-#include <string>
-#include <iostream>
-
-#pragma warning(disable:4200)
-
-#define FILE_DEVICE_DBGV 0x8305
-
-#define DBGV_CAPTURE_KERNEL			CTL_CODE(FILE_DEVICE_DBGV, 0, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x00	//enable capture kernel
-#define DBGV_UNCAPTURE_KERNEL		CTL_CODE(FILE_DEVICE_DBGV, 1, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x04	//
-#define DBGV_CLEAR_DISPLAY			CTL_CODE(FILE_DEVICE_DBGV, 2, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x08	//clear display
-#define DBGV_READ_LOG				CTL_CODE(FILE_DEVICE_DBGV, 3, METHOD_NEITHER, FILE_ANY_ACCESS)		//0x0f	//read kernel log
-#define DBGV_SET_PASSTHROUGH		CTL_CODE(FILE_DEVICE_DBGV, 4, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x10	//enable passthrough
-#define DBGV_UNSET_PASSTHROUGH		CTL_CODE(FILE_DEVICE_DBGV, 5, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x14	//
-#define DBGV_IS_DRIVER_AVAILABLE	CTL_CODE(FILE_DEVICE_DBGV, 8, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x20	//test driver is valid or functional
-#define DBGV_GET_DRIVER_VERSION		CTL_CODE(FILE_DEVICE_DBGV, 9, METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x24	//driver version, 4.70 = 0x800
-#define DBGV_SET_CARRIAGE_RETURN	CTL_CODE(FILE_DEVICE_DBGV, 0x0d, METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x34	//force carriage return
-#define DBGV_UNSET_CARRIAGE_RETURN	CTL_CODE(FILE_DEVICE_DBGV, 0x0e, METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x38	//
-#define DBGV_ENABLE_FILTER_STATE	CTL_CODE(FILE_DEVICE_DBGV, 0x0f, METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x3C	//enable log verbose
-#define DBGV_SET_FILTER_STATE		CTL_CODE(FILE_DEVICE_DBGV, 0x10, METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x40	//reset log verbose
-
-#pragma pack(1)
-typedef struct
-{
-	DWORD dwIndex;
-	FILETIME liSystemTime;
-	LARGE_INTEGER liPerfCounter;
-	CHAR strData[0];
-}LOG_ITEM, *PLOG_ITEM;
-#pragma pack()
-
-int monitor_kernel()
-{
-	std::wstring strDeviceName = L"\\\\.\\dbgv";
-
-	HANDLE hFile = CreateFile(strDeviceName.c_str(),
-		GENERIC_READ,
-		FILE_SHARE_READ,
-		NULL,
-		OPEN_EXISTING,
-		FILE_ATTRIBUTE_NORMAL,
-		NULL);
-	DWORD dwErr = ::GetLastError();
-	if (hFile != INVALID_HANDLE_VALUE)
-	{
-		BOOL bRet = FALSE;
-
-		//enable capture
-		DWORD dwOut = 0;
-		DWORD dwReturned = 0;
-		bRet = DeviceIoControl(hFile, DBGV_CAPTURE_KERNEL, NULL, 0, &dwOut, sizeof(dwOut), &dwReturned, NULL);
-		if (!bRet)
-		{
-			printf("DBGV_CAPTURE_KERNEL failed, err=%d\n", ::GetLastError());
-			CloseHandle(hFile);
-			return -1;
-		}
-
-		//enable kernel verboase log
-		bRet = DeviceIoControl(hFile, DBGV_ENABLE_FILTER_STATE, NULL, 0, NULL, 0, NULL, NULL);
-		if (!bRet)
-		{
-			printf("DBGV_ENABLE_FILTER_STATE failed, err=%d\n", ::GetLastError());
-			CloseHandle(hFile);
-			return -2;
-		}
-
-		//try capture 1000 logs and exit
-		const DWORD dwBufLen = 0x10000;
-		PLOG_ITEM pBuf = (PLOG_ITEM)malloc(dwBufLen);
-		DWORD nCount = 0, nMaxCount = 1000;
-		while (1)
-		{
-			memset(pBuf, 0, dwBufLen);
-			dwOut = 0;
-			bRet = DeviceIoControl(hFile, DBGV_READ_LOG, NULL, 0, pBuf, dwBufLen, &dwOut, NULL);
-			if (dwOut > 0)
-			{
-				PLOG_ITEM pNextItem = pBuf;
-				while (pNextItem->dwIndex != 0)
-				{
-					SYSTEMTIME st = { 0 };
-					FILETIME lt = { 0 };
-					FileTimeToLocalFileTime(&pNextItem->liSystemTime, &lt);
-					FileTimeToSystemTime(&lt, &st);
-					printf("%d, Time:%04d-%02d-%02d %02d:%02d:%02d.%03d, %s\n",
-						pNextItem->dwIndex,
-						st.wYear,
-						st.wMonth,
-						st.wDay,
-						st.wHour,
-						st.wMinute,
-						st.wSecond,
-						st.wMilliseconds,
-						pNextItem->strData);
-					pNextItem = (PLOG_ITEM)((char*)pNextItem + sizeof(LOG_ITEM) + (strlen(pNextItem->strData) + 4) / 4 * 4);
-
-					nCount++;
-					if (nCount > nMaxCount)
-					{
-						break;
-					}
-				}
-			}
-
-			::Sleep(10);
-		}
-
-		::free(pBuf);
-
-		bRet = DeviceIoControl(hFile, DBGV_UNCAPTURE_KERNEL, NULL, 0, NULL, 0, NULL, NULL);
-		if (!bRet)
-		{
-			printf("DBGV_UNCAPTURE_KERNEL failed, err=%d\n", ::GetLastError());
-			CloseHandle(hFile);
-			return -1;
-		}
-
-		CloseHandle(hFile);
-	}
-
-	return 0;
-};
-
-/// Driver
+#include "DebugViewppLib/Debugview_kernel_client.h"
 
 constexpr const char* DRIVER_SERVICE_NAME = "debugviewdriver";
 constexpr const char* DRIVER_DISPLAY_NAME = "DebugViewPP Kernel Message Driver";
 const std::string driverPath = "dbgv.sys";
 
-void InstallDriver()
+void InstallKernelMessagesDriver()
 {
-    std::cout << "InstallDriver...\n";
+    UninstallKernelMessagesDriver();
     SC_HANDLE hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
     if (!hSCManager) {
         std::cout << "Failed to open Service Control Manager. Error: " << GetLastError() << std::endl;
@@ -166,15 +37,12 @@ void InstallDriver()
         std::cout << "Failed to create service. Error: " << GetLastError() << std::endl;
         CloseServiceHandle(hSCManager);
     }
-
     CloseServiceHandle(hService);
     CloseServiceHandle(hSCManager);
-    std::cout << "InstallDriver done...\n";
 }
 
-void UninstallDriver()
+void UninstallKernelMessagesDriver()
 {
-    std::cout << "UninstallDriver...\n";
     SC_HANDLE hSCManager = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
     if (!hSCManager) {
         std::cout << "Failed to open Service Control Manager. Error: " << GetLastError() << std::endl;
@@ -191,8 +59,6 @@ void UninstallDriver()
         CloseServiceHandle(hService);
         CloseServiceHandle(hSCManager);
     }
-
     CloseServiceHandle(hService);
     CloseServiceHandle(hSCManager);
-    std::cout << "UninstallDriver done...\n";
 }

application/DebugViewppLib/Debugview_kernel_client.h

@@ -7,20 +7,74 @@
 #include "DebugViewppLib/PolledLogSource.h"
 #include "DebugViewppLib/KernelReader.h"
 #include "DebugViewppLib/LineBuffer.h"
+#include "DebugViewppLib/Debugview_kernel_client.h"
 
 namespace fusion {
 namespace debugviewpp {
 
+void KernelReader::StartListening()
+{
+    Win32::Handle handle(::CreateFile(strDbgviewKernelDriverDeviceName,
+        GENERIC_READ,
+        FILE_SHARE_READ,
+        NULL,
+        OPEN_EXISTING,
+        FILE_ATTRIBUTE_NORMAL,
+        NULL));
+    if (handle.get() == INVALID_HANDLE_VALUE)
+    {
+        AddMessage(0, "internal", "Could not connected to kernel messages driver");
+        return;
+    }
+
+    // enable capture
+    DWORD dwOut = 0;
+    DWORD dwReturned = 0;
+    BOOL bRet = DeviceIoControl(handle.get(), DBGV_CAPTURE_KERNEL, NULL, 0, &dwOut, sizeof(dwOut), &dwReturned, NULL);
+    if (!bRet)
+    {
+        printf("DBGV_CAPTURE_KERNEL failed, err=%d\n", ::GetLastError());
+        return;
+    }
+
+    // enable verbose kernel messages
+    bRet = DeviceIoControl(handle.get(), DBGV_ENABLE_FILTER_STATE, NULL, 0, NULL, 0, NULL, NULL);
+    if (!bRet)
+    {
+        printf("DBGV_ENABLE_FILTER_STATE failed, err=%d\n", ::GetLastError());
+        return;
+    }
+    m_handle = std::move(handle);
+    m_pBuf = (PLOG_ITEM)malloc(dwBufLen);
+}
+
+void KernelReader::StopListening()
+{
+    BOOL bRet = DeviceIoControl(m_handle.get(), DBGV_UNCAPTURE_KERNEL, NULL, 0, NULL, 0, NULL, NULL);
+    if (!bRet)
+    {
+        printf("DBGV_UNCAPTURE_KERNEL failed, err=%d\n", ::GetLastError());
+    }
+    m_handle.reset();
+    ::free(m_pBuf);
+}
+
 KernelReader::KernelReader(Timer& timer, ILineBuffer& linebuffer) :
     PolledLogSource(timer, SourceType::Pipe, linebuffer, 1)
 {
     SetDescription(L"Kernel Message Reader");
+    InstallKernelMessagesDriver();
     AddMessage(0, "kernel", "Started capturing kernel messages");
     Signal();
+    StartListening();
     StartThread();
 }
 
-KernelReader::~KernelReader() = default;
+KernelReader::~KernelReader()
+{
+    StopListening();
+    UninstallKernelMessagesDriver();
+}
 
 void KernelReader::Abort()
 {
@@ -36,7 +90,34 @@ bool KernelReader::AtEnd() const
 
 void KernelReader::Poll()
 {
-    AddMessage(0, "kernel", "Test message...");
+    memset(m_pBuf, 0, dwBufLen);
+    DWORD dwOut = 0;
+    ::DeviceIoControl(m_handle.get(), DBGV_READ_LOG, NULL, 0, m_pBuf, dwBufLen, &dwOut, NULL);
+    if (dwOut == 0) return; // no messages to be read
+
+    PLOG_ITEM pNextItem = m_pBuf;
+    while (pNextItem->dwIndex != 0)
+    {
+        SYSTEMTIME st = { 0 };
+        FILETIME lt = { 0 };
+        FileTimeToLocalFileTime(&pNextItem->liSystemTime, &lt);
+        FileTimeToSystemTime(&lt, &st);
+
+        char message[4000];
+        sprintf(message, "%d, Time:%04d-%02d-%02d %02d:%02d:%02d.%03d, %s\n",
+            pNextItem->dwIndex,
+            st.wYear,
+            st.wMonth,
+            st.wDay,
+            st.wHour,
+            st.wMinute,
+            st.wSecond,
+            st.wMilliseconds,
+            pNextItem->strData);
+
+        AddMessage(0, "kernel", message);
+        pNextItem = (PLOG_ITEM)((char*)pNextItem + sizeof(LOG_ITEM) + (strlen(pNextItem->strData) + 4) / 4 * 4);
+    }
 }
 
 } // namespace debugviewpp

application/DebugViewppLib/KernelReader.cpp

@@ -0,0 +1,50 @@
+// (C) Copyright Gert-Jan de Vos and Jan Wilmans 2013.
+// Distributed under the Boost Software License, Version 1.0.
+// (See accompanying file LICENSE_1_0.txt or copy at
+// http://www.boost.org/LICENSE_1_0.txt)
+
+#pragma once
+
+void InstallKernelMessagesDriver();
+void UninstallKernelMessagesDriver();
+
+#include <windows.h>
+#include <tchar.h>
+#include <winioctl.h>
+#include <winsvc.h>
+
+#include <string>
+#include <iostream>
+
+// this is the dbgv.sys interface
+#define FILE_DEVICE_DBGV 0x8305
+
+#define DBGV_CAPTURE_KERNEL			CTL_CODE(FILE_DEVICE_DBGV, DWORD(0), METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x00	//enable capture kernel
+#define DBGV_UNCAPTURE_KERNEL		CTL_CODE(FILE_DEVICE_DBGV, DWORD(1), METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x04	//
+#define DBGV_CLEAR_DISPLAY			CTL_CODE(FILE_DEVICE_DBGV, DWORD(2), METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x08	//clear display
+#define DBGV_READ_LOG				CTL_CODE(FILE_DEVICE_DBGV, DWORD(3), METHOD_NEITHER, FILE_ANY_ACCESS)		//0x0f	//read kernel log
+#define DBGV_SET_PASSTHROUGH		CTL_CODE(FILE_DEVICE_DBGV, DWORD(4), METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x10	//enable passthrough
+#define DBGV_UNSET_PASSTHROUGH		CTL_CODE(FILE_DEVICE_DBGV, DWORD(5), METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x14	//
+#define DBGV_IS_DRIVER_AVAILABLE	CTL_CODE(FILE_DEVICE_DBGV, DWORD(8), METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x20	//test driver is valid or functional
+#define DBGV_GET_DRIVER_VERSION		CTL_CODE(FILE_DEVICE_DBGV, DWORD(9), METHOD_BUFFERED, FILE_ANY_ACCESS)		//0x24	//driver version, 4.70 = 0x800
+#define DBGV_SET_CARRIAGE_RETURN	CTL_CODE(FILE_DEVICE_DBGV, DWORD(0x0d), METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x34	//force carriage return
+#define DBGV_UNSET_CARRIAGE_RETURN	CTL_CODE(FILE_DEVICE_DBGV, DWORD(0x0e), METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x38	//
+#define DBGV_ENABLE_FILTER_STATE	CTL_CODE(FILE_DEVICE_DBGV, DWORD(0x0f), METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x3C	//enable log verbose
+#define DBGV_SET_FILTER_STATE		CTL_CODE(FILE_DEVICE_DBGV, DWORD(0x10), METHOD_BUFFERED, FILE_ANY_ACCESS)	//0x40	//reset log verbose
+
+// suppress the non-standard use of zero-sized array in struct/union
+#pragma warning(disable:4200)
+
+#pragma pack(1)
+typedef struct
+{
+	DWORD dwIndex;
+	FILETIME liSystemTime;
+	LARGE_INTEGER liPerfCounter;
+	CHAR strData[0];
+} LOG_ITEM, *PLOG_ITEM;
+#pragma pack()
+
+constexpr const wchar_t * strDbgviewKernelDriverDeviceName = L"\\\\.\\dbgv";
+constexpr const DWORD dwBufLen = 0x10000;
+

application/include/DebugViewppLib/Debugview_kernel_client.h

@@ -8,6 +8,10 @@
 #include "PipeReader.h"
 #include "PolledLogSource.h"
 
+#include "Win32/Win32Lib.h"
+
+#include "Debugview_kernel_client.h"
+
 namespace fusion {
 namespace debugviewpp {
 
@@ -23,6 +27,12 @@ class KernelReader : public PolledLogSource
 
 private:
     void Poll() override;
+
+    void StartListening();
+    void StopListening();
+
+    Win32::Handle m_handle;
+    PLOG_ITEM m_pBuf;
 };
 
 } // namespace debugviewpp