Any one who knows how to build your own custom kernel
mode debugger( WinNT) like WinDbg or DebugView/EE
…Please help me I am desperate…
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/
Why would you want to rewrite the kernel debugger from scratch ? Seems
like a really big effort.
The new debugger Microsoft provides give you a large number of APIs that
let you write very powerful debugger extensions. It even provide APIs that
give you control over breakpoint handling and code execution, while
abstracting the difference in the processor architecture, differences
between system data structure, and changes in the wire protocol from NT 4
to NT 5.
I bet whatever you need to do, you can do it through a debugger extension.
Go take a look at the latest debugger on
http://www.microsoft.com/ddk/debugging
-Andre
what abt a UI to winbdg…
i remember a posting from Nathan Nesbitt(?) , that there will be an SDK for
the dll included with windbg, and we can write an UI and use the SDK API to
get the functionality of windbg.
chaitanya
----- Original Message -----
From:
To: NT Developers Interest List
Sent: Tuesday, September 05, 2000 6:48 PM
Subject: [ntdev] Re: IM_IBM Writing custom Kernel debugger
> Why would you want to rewrite the kernel debugger from scratch ? Seems
> like a really big effort.
>
> The new debugger Microsoft provides give you a large number of APIs that
> let you write very powerful debugger extensions. It even provide APIs
that
> give you control over breakpoint handling and code execution, while
> abstracting the difference in the processor architecture, differences
> between system data structure, and changes in the wire protocol from NT 4
> to NT 5.
>
> I bet whatever you need to do, you can do it through a debugger extension.
>
> Go take a look at the latest debugger on
> http://www.microsoft.com/ddk/debugging
>
> -Andre
>
> —
> You are currently subscribed to ntdev as: xxxxx@cmcltd.com
> To unsubscribe send a blank email to $subst(‘Email.Unsub’)
Hi
I only need to get a hook for capturing the calls
made to WinDbg. If you have any code snippet please
let me know . I have already come to know that writing
a kernel debugger from scratch is very tedious I only
need to capture Debug API calls to the WinDbg . If
there is any way to do it kindly send information or
code snippet.
Do You Yahoo!?
Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/
The final drop of the debugger will have the header file and lib for
dbgeng, which is the debug engine. It exports all the APIs that debugger
extensions, kd, ntsd and WinDBG use to debug the OS or applications.
WinDBG is just a bunch of dialog boxes, windows procs, message loop and
some fancy code to deal with a multithreaded app.
The final drop will also have samples for debugger extensions and a sample
for a trivial debugger (something that loads a dump file and prints out a
stack trace).
Most people can get a lot of bang for the buck by writing relatively simple
extensions. And if it’s still too hard, we can add more APIs or features
to make it even easier.
We have not written the docs for all these new APIs yet, but that will
come. If you do simple things in your extensions, most of the APIs are
self explanatory. The debugger docs have focused on the debugger commands
themselves, which is what most people use.
Using the debug engine, you could write your own debugger “UI” (MS ships 3
different debuggers based on this engine - WinDBG, kd and ntsd, and we have
a few more internally).
I personally don’t see the value in rewriting a new GUI for live kernel
debugging, unless you want to make that into a business, because it is a
fair amount of work. The kernel debugger, because the protocol is
synchronous, causes interesting limitations in how the UI can be written.
It might be easier for you to just ask for whatever feature is missing, and
we can add it to WinDBG.
I can see you wanting to write a different type of analysis tools (for dump
files), since that’s pretty easy to do.
If you are further issues on writing a debugger, just send me some mail.
-Andre
P.S. We now have a public newsgroup for windbg: microsoft.public.windbg
Hmmmmm, strange, but all I find is microsoft.public.ddk.win2000.debugging.
My news reader (OutLook) doesn’t find microsoft.public.windbg at all.