Welcome to MSDN Blogs Sign in | Join | Help

Debugging Toolbox

Windbg scripts, debugging and troubleshooting tools to help you isolate software problems.

Browse by Tags

All Tags » Magic Pointers   (RSS)
Special Command—Using Variables and Retrieving Information through Pseudo-Registers
WinDbg for 32 bits and 64 bits has a set of internal pseudo-registers that you can use as variables or as a means to get specific information. The pseudo-registers are, according to WinDbg documentation: Pseudo-register Description $ea The effective address Read More...
Posted: Monday, June 16, 2008 3:47 PM by Roberto Farah | 1 Comments
Filed under: , ,
Special Command—Extracting Class and Struct Fields Using dt
dt is another command used almost all the time whenever you want to get the fields and type for a structure or class. For example, you may have a this pointer and use dt to get its fields and type. It’s a simple command with interesting variations that Read More...
Posted: Tuesday, April 22, 2008 12:18 by Roberto Farah | 1 Comments
Filed under: , , ,
Special Command: Using ??, @@c++() and poi() with C/C++ Expressions
I really like using C/C++ expressions from WinDbg. It’s a natural way to extract information from C and C++ applications if you know these programming languages; therefore, I think it’s useful to share how to do this. First, let’s talk about poi(). poi() Read More...
Posted: Tuesday, March 04, 2008 8:26 by Roberto Farah | 3 Comments
Filed under: ,
Understanding "Magic" Pointers and Offsets
With this blog post I try to explain how "magic" pointers and offsets work. I just copied the term "magic" to refer to these kinds of pointers or offsets: dd poi(0x129514 + 0x18) + 0x8 L2 du poi(0x0007de95) du poi(poi(poi(0x129514 + 0x9c)) + 0x4) dd poi(0x129514 Read More...
Posted: Tuesday, August 07, 2007 6:40 PM by Roberto Farah | 8 Comments
Filed under: ,
Page view tracker