Skip to content
/ dk Public

dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.

License

MIT license
22 stars 6 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

long123king/dk

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

21 Commits
demos
demos
 
 
svg
svg
 
 
ttd
ttd
 
 
.gitignore
.gitignore
 
 
BitFieldAnalyzer.h
BitFieldAnalyzer.h
 
 
CmdExt.cpp
CmdExt.cpp
 
 
CmdExt.h
CmdExt.h
 
 
CmdInterface.h
CmdInterface.h
 
 
CmdList.cpp
CmdList.cpp
 
 
CmdList.h
CmdList.h
 
 
LICENSE
LICENSE
 
 
MemoryAnalyzer.cpp
MemoryAnalyzer.cpp
 
 
MemoryAnalyzer.h
MemoryAnalyzer.h
 
 
README.md
README.md
 
 
dbgdata.cpp
dbgdata.cpp
 
 
dbgdata.h
dbgdata.h
 
 
dk.def
dk.def
 
 
dk.sln
dk.sln
 
 
dk.vcxproj
dk.vcxproj
 
 
dk.vcxproj.filters
dk.vcxproj.filters
 
 
dk.vcxproj.user
dk.vcxproj.user
 
 
dml.cpp
dml.cpp
 
 
dml.h
dml.h
 
 
engextcpp.cpp
engextcpp.cpp
 
 
handle.cpp
handle.cpp
 
 
handle.h
handle.h
 
 
heap.cpp
heap.cpp
 
 
heap.h
heap.h
 
 
hexsvg.cpp
hexsvg.cpp
 
 
hexsvg.h
hexsvg.h
 
 
list.cpp
list.cpp
 
 
list.h
list.h
 
 
memory.cpp
memory.cpp
 
 
memory.h
memory.h
 
 
model.cpp
model.cpp
 
 
model.h
model.h
 
 
module.cpp
module.cpp
 
 
module.h
module.h
 
 
object.cpp
object.cpp
 
 
object.h
object.h
 
 
page.cpp
page.cpp
 
 
page.h
page.h
 
 
pe.cpp
pe.cpp
 
 
pe.h
pe.h
 
 
pool.cpp
pool.cpp
 
 
pool.h
pool.h
 
 
process.cpp
process.cpp
 
 
process.h
process.h
 
 
session.cpp
session.cpp
 
 
session.h
session.h
 
 
stack.cpp
stack.cpp
 
 
stack.h
stack.h
 
 
thread.cpp
thread.cpp
 
 
thread.h
thread.h
 
 
token.cpp
token.cpp
 
 
token.h
token.h
 
 
ttd_cmd.cpp
ttd_cmd.cpp
 
 
ttd_cmd.h
ttd_cmd.h
 
 
type.cpp
type.cpp
 
 
type.h
type.h
 
 
usermode.cpp
usermode.cpp
 
 
usermode.h
usermode.h
 
 

Repository files navigation

dk WinDbg extension

Summary

dk is the enhanced refactored version of tokenext. The goal is to improve the readability and extensibility, as well as to leverage the powerful Debugger Data Model and Time Travel Debugging. SVG document will be generated for an intuitive visualization in certain circumstances.

Run !dk help for supported command list.

Check page_2_svg demos:

  1. Initial version
  2. Add pointers to local buffer(in green), pointers to symbols(in red)
  3. Add pointers to heap allocations(in blue)
  4. Add heap allocation changing history, blue rects are clickable

Run following commands to generate callstack forest visualization in svg format(small projects only!), demos for helloworld project can be found here. (Click interaction on svg is blocked by browsers, try it locally)

0:001> !dk ldttd
0:001> !dk dump_ttd_events d:\helloworld_viz

Reference

  1. TTD.hpp from Bindings for Microsoft WinDBG TTD

How to start a new WinDbg C++ extension?

1. Add Windows Kits related folder to Visual Studio project setting:

<?xml version="1.0" encoding="utf-8"?>
<Project DefaultTargets="Build" xmlns="http://schemas.microsoft.com/developer/msbuild/2003">
    ......
<PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">
    <IncludePath>C:\Program Files (x86)\Windows Kits\10\Debuggers\inc;$(IncludePath)</IncludePath>
    <LibraryPath>C:\Program Files (x86)\Windows Kits\10\Debuggers\lib\x64;$(LibraryPath)</LibraryPath>
  </PropertyGroup>
  <PropertyGroup Condition="'$(Configuration)|$(Platform)'=='Release|x64'">
    <IncludePath>C:\Program Files (x86)\Windows Kits\10\Debuggers\inc;$(IncludePath)</IncludePath>
    <LibraryPath>C:\Program Files (x86)\Windows Kits\10\Debuggers\lib\x64;$(LibraryPath)</LibraryPath>
  </PropertyGroup>
    ......
</Project>

2. Include engextcpp.cpp from C:\Program Files (x86)\Windows Kits\10\Debuggers\inc to Visual Studio project, and make the following changes:

diff -r C:\Program Files (x86)\Windows Kits\10\Debuggers\inc\engextcpp.cpp C:\Users\dk\source\repos\dk\engextcpp.cpp
248c248
<     m_OptionChars = "/-";
---
>     m_OptionChars = const_cast<PSTR>("/-");
286c286
<     PSTR Value = "";
---
>     PSTR Value = const_cast<PSTR>("");
2673c2673
<              BufferChars > 0)
---
>              *BufferChars > 0)

3. Define exported symbols in dk.def file, and don't forget the 4 default exports:

DebugExtensionInitialize
DebugExtensionUninitialize
DebugExtensionNotify
help

About

dk is a WinDbg extenion for dumping memory data in meaningful and organized ways, it is an enhancement of my previous tokenext project.

Resources

Readme

License

MIT license
Activity

Stars

22 stars

Watchers

3 watching

Forks

6 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages