Stack Overflow
Stack Overflow

Questions tagged [dbgeng]

25 questions
1
vote
1 answer

DbgEng - get output of command not through callbacks

I make a standalone deubugger app using Microsoft's DbgEng. I want to open a 2nd thread that sends commands to an additional IDebugControl instance, and I want to get the specific output for this IDebugControl Execute method call (and send it…
liran63
  • 1,300
  • 2
  • 15
  • 17
1
vote
1 answer

WinDbg Extension stepping

I am trying to write an extension function that will run to the next call and then print out information about the next instruction. I am using IDebugControl::Execute to run tc. As noted in the documentation, this call returns before the tracing has…
SecsAndCyber
  • 137
  • 5
0
votes
1 answer

Can't get windbg to recognise my extension

Unfortunately, for some reason I cannot fathom, I haven't been able to get windbg to recognise my extension. #ifndef EXPT_API #define EXPT_API __declspec(dllexport) #endif extern "C" EXPT_API HRESULT CALLBACK help(PDEBUG_CLIENT Client, PCSTR…
niemiro
  • 1,778
  • 1
  • 20
  • 37
0
votes
1 answer

DbgHelp vs DbgEng vs DIA SDK in regards to thread safety

All these APIs (DbgHelp, DbgEng, DIA SDK) can be used to recover function name/source file location from function pointers, so are usable to decrypt stack traces. However, every DbgHelp function has the following remark: All DbgHelp functions, such…
Alex Guteniev
  • 12,039
  • 2
  • 34
  • 79
0
votes
0 answers

CMake'ifying a Boost Jam file: Windows library names

I'm trying to "De-boostify" one of the Boost libraries, which is more or less stand-alone anyway. (It is Antony Polukhin's wonderful [stacktrace library][1]; which gives you easy access to stacktraces, with names and line numbers and no hassle. But…
einpoklum
  • 118,144
  • 57
  • 340
  • 684
0
votes
1 answer

dbgeng - load extension dlls in c++?

I have written one application in which I load one system wide crash dump using dbgeng.dll. I want to use some of the WinDbg commands like (!vad) - for that I need other dll's like exts.dll, ext.dll, kext.dll, kexts.dll. I have all these dlls and…
arb
  • 71
  • 1
  • 4
0
votes
2 answers

Inline stack frames with IDebugControl5.GetContextStackTraceEx?

How can I resolve the symbols of a DEBUG_STACK_FRAME_EX with inline frames? I am aware of DEBUG_STACK_FRAME_EX and its ULONG InlineFrameContext, but I don't understand how to resolve the InlineFrameContext to the corresponding symbol. And what is…
Staffan Gustafsson
  • 354
  • 2
  • 9
0
votes
1 answer

IDebugControl::WaitForEvent works once then returns E_HANDLE

I'm trying to make a small tool that makes use of the Debugger Engine API, but I'm having very limited success. I can get my IDebugClient and IDebugControl instances, and from there I am able to attach into an already running user process. I then…
pauldoo
  • 18,087
  • 20
  • 94
  • 116
0
votes
2 answers

Get output of executed windbg command

IDebugControl::Execute method enables executing debugger commands. How can I get the output of the executed debugger command? My aim is to check if a driver is loaded, to accomplish that I use Execute to execute the "lm" windbg command and parse…
mikesoft
  • 1
  • 1
0
votes
1 answer

Remove address from instruction disassembled via dbgeng's DisassembleWide()

I am disassembling instructions by passing their offset to DisassembleWide() function while writing an extension for Windbg. However, with the disassembled instruction, it adds the address of the instruction + hex opcode for that instruction. I was…
user1831704
  • 245
  • 1
  • 10
1
2