Windows System Software -- Consulting, Training, Development -- Unique Expertise, Guaranteed Results
The free OSR Learning Library has more than 50 articles on a wide variety of topics about writing and debugging device drivers and Minifilters. From introductory level to advanced. All the articles have been recently reviewed and updated, and are written using the clear and definitive style you've come to expect from OSR over the years.
Check out The OSR Learning Library at: https://www.osr.com/osr-learning-library/
If a struct is defined like so:
typedef _S
{
Another_StructType Records[100];
} S;
is there a way in windbg to dump all the records in a loop just like we can if it was a LIST_ENTRY?
Upcoming OSR Seminars | ||
---|---|---|
OSR has suspended in-person seminars due to the Covid-19 outbreak. But, don't miss your training! Attend via the internet instead! | ||
Developing Minifilters | 24 May 2021 | Live, Online |
Writing WDF Drivers | 14 June 2021 | Live, Online |
Internals & Software Drivers | 2 August 2021 | Live, Online |
Kernel Debugging | 27 Sept 2021 | Live, Online |
Comments
That's very different from the LIST_ENTRY thing. There are no pointers to follow here. The "dt" command has a "-r" to go recursive and a "-a" that tells it how many array entries it should show.
Tim Roberts, [email protected]
Providenza & Boekelheide, Inc.
Using the following:
The old way to do this would be with a for loop:
.for (r @$t0 = 0; @$t0 < @@(#RTL_NUMBER_OF(localXyz.Records)); r @$t0 = @$t0 + 1) { ?? localXyz.Records[@$t0] }
That's ugly but you now have a way to execute a command for each entry.
The new way to do this would be with the Debugger Object Model (DOM) and dx command. You can get an attractive little table with this:
dx -r2 -g localXyz.Records
If you want to customize the output or do something else with each entry then you would use NatVIS:
https://www.osr.com/blog/2015/11/06/fun-windbg-natvis-support/
Enjoy!
-scott
OSR
Thanks a ton @Scott_Noone_(OSR) ! The first one was more than what I need, and the ability to execute additional commands is more helpful in my case.