Stack Overflow
Stack Overflow

Questions tagged [dbghelp]

dbghelp is the short name of the Microsoft Debug Help library.

dbghelp is Microsoft's Debug Help Library, which contains utilities for debugging applications. Three common uses for it are for writing minidump files using MinidumpWriteDump, producing a stack trace using StackWalk64 and loading symbols from PDB files, possibly from a symbol server.

108 questions
4
votes
2 answers

SymEnumSymbols returns ERROR_SUCCESS but gives no results

I'm attempting to enumerate symbols from a DLL that I have loaded. For those interested, this is part of the CPPCoverage project, and for some functionality I need symbol data. Breakdown of the problem When the process is started or a DLL is loaded,…
atlaste
  • 30,418
  • 3
  • 57
  • 87
4
votes
2 answers

Extracting structure information from pdbs of unloaded modules

I'm trying to write a WinDbg debugger extension that works on both live remote targets and crash dumps. This extension analyzes an opaque block of memory by walking down it via structure offsets and casting different regions of it to known…
David
  • 553
  • 1
  • 5
  • 12
4
votes
1 answer

Why isn't SymGetSymFromAddr64 working? It returns error code 126

I am trying to capture a stack trace on exceptions using the following code: #include "stdafx.h" #include #include #include #include "dbghelp.h" using namespace std; #define TRACE_MAX_FUNCTION_NAME_LENGTH…
Alexandru
  • 12,264
  • 17
  • 113
  • 208
3
votes
1 answer

How do you walk a mixed-mode (managed+native) stack with dbghelp!StackWalk64?

I'm trying to walk a callstack that contains both managed and native frames on a x64 process using StackWalk64. Everything works fine until the first or second managed frame, after which StackWalk64 can't figure out the return address of the frame…
Steve
  • 438
  • 3
  • 10
3
votes
2 answers

Viewing export table on an unmanaged dll in C#

I am currently trying to create a C# application that will allow me to view the export table from an unmanaged DLL. My problem is, once I have all the pointers I need, I have no idea how to loop through the information that the API has provided me.…
QuantumPhysGuy
  • 416
  • 5
  • 18
3
votes
1 answer

SymFromAddr does not match debugger symbol for given address

In my windows application, I have hooked malloc using MinHook (https://github.com/TsudaKageyu/minhook) and I'm using CaptureStackBacktrace and SymFromAddr to get symbols for memory leaks. SymFromAddr works reliably for addresses within my…
Falcon
  • 445
  • 3
  • 10
3
votes
1 answer

Getting handles data with MiniDump (DbgHelp.h)

I am struggling with getting handles information via Minidump (DbgHelp.h). I am getting a list of MINIDUMP_HANDLE_DESCRIPTOR_2 from mapped file stream.. Then I am getting for each descriptor a MINIDUMP_HANDLE_OBJECT_INFORMATION by using the…
Pavel Durov
  • 1,287
  • 2
  • 13
  • 28
3
votes
2 answers

How to get field names and offsets of a struct using dbghlp and pdb

I would like to dump the fields and offsets of structures in the same way as windbg's dt command. Let's say for example I would like to dump the _PEB structure which is in the Microsoft Public symbols (since windbg's DT command works). From MSDN…
Remko
  • 7,214
  • 2
  • 32
  • 52
3
votes
1 answer

StackWalk64 seems to work but SymFromAddr returns bogus names

I implemented the following function to get the current stack on windows: struct StackFrame { DWORD64 address; std::string name; std::string module; }; std::vector GetStackTrace() { DWORD machine =…
rioki
  • 5,988
  • 5
  • 32
  • 55
3
votes
2 answers

SymGetLineFromAddr not working properly

I have the following code: #include "stdafx.h" #include #include #include #include "dbghelp.h" using namespace std; int LogStackTrace() { void *stack[1024]; HANDLE process = GetCurrentProcess(); …
Alexandru
  • 12,264
  • 17
  • 113
  • 208
3
votes
1 answer

Find address of a symbols of a class method using dbghelp

I'm trying to use dbghelp in order to find the address of a class method. For example, a DirectX method (DXGI): dxgi!CDXGIFactory::CreateSwapChainImpl I've the correct symbols and _NT_SYMBOLS_PATH is defined. Using WinDBG, the following 'x' command…
Uri London
  • 10,631
  • 5
  • 51
  • 81
3
votes
1 answer

function address in .pdb is different from .exe,why?

i read the address of my main function from .pdb file by SymEnumSymbols,the value is 0x0100116e0 , BOOL CALLBACK SymEnumSymbolsProc(PSYMBOL_INFO pSymInfo, ULONG SymbolSize, PVOID UserContext ) { if( pSymInfo != NULL ) { //…
user1991149
  • 61
  • 5
3
votes
1 answer

Efficient way to get name/MT of ValueTypes not listed in !dumpheap -stat

I'm working my way around the SOS commands and their output, but I noticed there doesn't seem to be a way to get really all types that are currently in use somehow. The best way so far is !dumpheap -stat, but it only lists types for which there are…
Wormbo
  • 4,978
  • 2
  • 21
  • 41
2
votes
3 answers

StackWalk64() returns a single frame

When trying to obtain the call stack of a thread of some process, I always get a single same frame, although it is for sure has more (at least 5 frames). StackWalk64() always succeeds on the first call - return a frame with: AddrPC.Offset =…
Hagay Myr
  • 299
  • 2
  • 6
  • 16
2
votes
0 answers

PSRCCODEINFO obtained with SymEnumLine has Address with few extra bytes

I'm following this article on Windows Debugging and end up with something like this: #include #include #include #include #include #include std::string get_last_error_message() { …
Moonslate
  • 51
  • 5
1
2
3 4 5 6 7 8