5

I'd like to write a debugging/diagnostic tool which can call Windbg functions to examine a dump file, instead of writing a windbg extension. Is this possible and any references?

Thanks a lot.

awatto
  • 231
  • 5
  • 16

5 Answers5

7

Rather than WinDbg, you can use the Debugging API which is implemented in dbghelp.dll. It's documented on MSDN. That reference documentation is rather dry, but it should give you an idea of the capabilities of the API. For example, MiniDumpReadDumpStream is the gateway to examining dump files.

David Heffernan
  • 601,492
  • 42
  • 1,072
  • 1,490
3

In addition to the existing answers, WinDBG is a GUI front end for the DbgEng API. You can use this API to write either WinDBG extensions or other standalone applications. The WinDBG SDK ships with samples of both, an example standalone application can be found in the \sdk\samples\dumpstk subdirectory of your WinDBG install.

For more information, I wrote an article about DbgEng to write extensions here:

http://www.osronline.com/custom.cfm?name=articlePrint.cfm&id=559

Most of that will also apply for how you write a standalone application as it mostly focuses on the programming pattern of the DbgEng interface.

snoone
  • 5,409
  • 18
  • 19
  • This is another way too. Here is my findings from experiments. I'm able to write my own debugger with the ability to create dump files, and load debug engine extensions to execute some commands. First, write a debugger, an example is: http://www.codeproject.com/Articles/43682/Writing-a-basic-Windows-debugger . Second, use functions provided in DbgHelp.dll to create dump files with stack trace and/or other info, like exceptions. Third, write a debugger extension using DbgEng.dll, which has far more functionalities than DbgHelp.dll. My debugger then is able to load this extension. – awatto May 18 '12 at 13:17
3

here are some links that use dbgeng interfaces to make standalone executables.

a short summary of the process is to
call DebugCreate() to create a client call QueryInterFace() and call one of its methods

http://www.woodmann.com/forum/entry.php?252-Dbgeng-based-handles-(PART-2-) http://www.woodmann.com/forum/entry.php?246-A-Simple-Dbgeng-Based-User-Mode-Debugger http://www.woodmann.com/forum/entry.php?248-DbgEng-Based-Debugger-(PART2) http://www.woodmann.com/forum/entry.php?249-DbgEng-Based-Debugger-(PART2-Contd-) http://www.woodmann.com/forum/entry.php?250-DbgEng-based-Kernel-Debugger http://www.woodmann.com/forum/entry.php?251-Dbgeng-based-Handles

blabb
  • 8,674
  • 1
  • 18
  • 27
1

You could make commands using powershell or to the command line version of WinDbg which is cdb and then parse the output from cdb which you interpret.

This would be similar notion to piping the output from cdb to your app.

There is post about using powershell in this manner: http://rkeithhill.wordpress.com/2006/08/14/minidump-crash-analysis-with-powershell/

It should be straightforward to pump commands to cdb and interpret the output for specific commands.

EdChum
  • 376,765
  • 198
  • 813
  • 562
1

Python integrated with dbgeng: pykd.codeplex.com

This project may be use as a demo for such integration

Alexander
  • 71
  • 2