I'd like to write a debugging/diagnostic tool which can call Windbg functions to examine a dump file, instead of writing a windbg extension. Is this possible and any references?
Thanks a lot.
Rather than WinDbg, you can use the Debugging API which is implemented in dbghelp.dll. It's documented on MSDN. That reference documentation is rather dry, but it should give you an idea of the capabilities of the API. For example, MiniDumpReadDumpStream is the gateway to examining dump files.
In addition to the existing answers, WinDBG is a GUI front end for the DbgEng API. You can use this API to write either WinDBG extensions or other standalone applications. The WinDBG SDK ships with samples of both, an example standalone application can be found in the \sdk\samples\dumpstk subdirectory of your WinDBG install.
For more information, I wrote an article about DbgEng to write extensions here:
http://www.osronline.com/custom.cfm?name=articlePrint.cfm&id=559
Most of that will also apply for how you write a standalone application as it mostly focuses on the programming pattern of the DbgEng interface.
here are some links that use dbgeng interfaces to make standalone executables.
a short summary of the process is to
call DebugCreate() to create a client
call QueryInterFace()
and call one of its methods
http://www.woodmann.com/forum/entry.php?252-Dbgeng-based-handles-(PART-2-) http://www.woodmann.com/forum/entry.php?246-A-Simple-Dbgeng-Based-User-Mode-Debugger http://www.woodmann.com/forum/entry.php?248-DbgEng-Based-Debugger-(PART2) http://www.woodmann.com/forum/entry.php?249-DbgEng-Based-Debugger-(PART2-Contd-) http://www.woodmann.com/forum/entry.php?250-DbgEng-based-Kernel-Debugger http://www.woodmann.com/forum/entry.php?251-Dbgeng-based-Handles
You could make commands using powershell or to the command line version of WinDbg which is cdb and then parse the output from cdb which you interpret.
This would be similar notion to piping the output from cdb to your app.
There is post about using powershell in this manner: http://rkeithhill.wordpress.com/2006/08/14/minidump-crash-analysis-with-powershell/
It should be straightforward to pump commands to cdb and interpret the output for specific commands.
Python integrated with dbgeng: pykd.codeplex.com
This project may be use as a demo for such integration
来源:https://stackoverflow.com/questions/10589587/windbg-is-it-possible-to-embed-windgb-engine-in-my-own-program