GetUnnamedArgU64() engextcpp extension framework, returns very large number

sarath_sl

EXT_COMMAND(name,
"something",
"{;e,o,d=0xa0854588;something;something}")
{
ULONG64 k = GetUnnamedArgU64(0);
ULONG64 t = 0xa0854588;
}
I do not supply an parameter while executing this command so the default value of a0854588 should be returned by GetUnnamedArgU64(0).
But k gets a value of 18446744072107672968 whereas t gets the correct value of 2693088648.

Tim_Roberts

On Nov 22, 2017, at 8:59 PM, [email protected] [email protected] wrote:
>
> EXT_COMMAND(name,
> "something",
> "{;e,o,d=0xa0854588;something;something}")
> {
> ULONG64 k = GetUnnamedArgU64(0);
> ULONG64 t = 0xa0854588;
> }
> I do not supply an parameter while executing this command so the default value of a0854588 should be returned by GetUnnamedArgU64(0).
> But k gets a value of 18446744072107672968 whereas t gets the correct value of 2693088648.

Did you do any checking at all on this, or did you just give up?

18446744072107672968 in hex is 0xFFFFFFFFA0854588. Thus, your input argument must have been sign-extended.
—
Tim Roberts, [email protected]
Providenza & Boekelheide, Inc.

sarath_sl

How can i prevent this sign extension?

sarath_sl

I got to know that "debugger extensions treat all addresses from the target as 64-bit values. Thus you?ll note that the DbgEng APIs express pointer addresses as ULONG64 values. Any 32-bit value used in your extension command must be sign extended out to a full 64-bit value."

So should i not worry about this sign extension?

raj_r

you can specify bitness with e32;d=32bitvalue in the command string

raj_r

**********************************************************************
** Visual Studio 2017 Developer Command Prompt v15.4.2
** Copyright (c) 2017 Microsoft Corporation
**********************************************************************
C:\>cd bittest
C:\bittest>ls -l

total 8
-rw-rw-rw- 1 HP 0 289 2017-11-24 23:33 bittest.cpp
-rwxrwxrwx 1 HP 0 162 2017-11-24 23:13 bld.bat

C:\bittest>cat bittest.cpp

#include <engextcpp.cpp>
class EXT_CLASS : public ExtExtension {
public:
EXT_COMMAND_METHOD(bittest);
};
EXT_DECLARE_GLOBALS();
EXT_COMMAND( bittest, "bittest", "{;e32,o,d=0xa0854588;!bittest;}" ) {
ULONG64 inaddr = GetUnnamedArgU64 (0);
Out("%I64x\n" ,inaddr );
}

C:\bittest>cat bld.bat

cl /LD /nologo /W4 /Ox /Zi /EHsc /IE:\windbg_16299\inc bittest.cpp /link
/EXPORT:DebugExtensionInitialize /Export:bittest /Export:help /RELEASE dbgeng.l
ib

C:\bittest>bld.bat

C:\bittest>cl /LD /nologo /W4 /Ox /Zi /EHsc /IE:\windjs\windbg_16299\inc bittes
t.cpp /link /EXPORT:DebugExtensionInitialize /Export:bittest /Export:help /RELEA
SE dbgeng.lib
bittest.cpp
Creating library bittest.lib and object bittest.exp

C:\bittest>copy bittest.dll e:\windbg_16299\x86\winext\.
1 file(s) copied.

C:\bittest>cdb calc

Microsoft (R) Windows Debugger Version 10.0.16299.15 X86

0:000> .load bittest

0:000> !help bittest
!bittest [<!bittest>]
<!bittest> - defaults to 0xa0854588, 32-bit max
bittest
0:000> !bittest
a0854588
0:000>

On 11/24/17, [email protected] <[email protected]> wrote:
> you can specify bitness with e32;d=32bitvalue in the command string
>
> ---
> WINDBG is sponsored by OSR
>
> OSR is hiring!! Info at http://www.osr.com/careers
>
>
> MONTHLY seminars on crash dump analysis, WDF, Windows internals and software
> drivers!
> Details at <http://www.osr.com/seminars&gt;
>
> To unsubscribe, visit the List Server section of OSR Online at
> <http://www.osronline.com/page.cfm?name=ListServer&gt;
>