DbgShell – A PowerShell Front-End For The Windows Debugger Engine

0
29
DbgShell - A PowerShell Front-End For The Windows Debugger Engine

A PowerShell entrance-finish for the Windows debugger engine.
Ready to tab your solution to glory? For a faster intro, check out Getting Started.

Disclaimers

  1. This challenge is just not produced, endorsed, or monitored by the Windows debugger staff. While the debugger staff welcomes suggestions about their API and entrance ends (windbg, kd, et al), they don’t have any reference to this challenge. Do not file bugs or suggestions to the debugger staff regarding this challenge.
  2. This is just not a funded challenge: it has no official assets allotted to it, and is barely labored on by volunteers. Do not take any manufacturing dependency on this challenge except you might be prepared to help it fully your self. Feel free to file Issues and submit Pull Requests, however perceive that with the restricted volunteer assets, it might be some time earlier than your submissions are dealt with.
  3. This is an experimental challenge: it isn’t totally baked, and you must anticipate breaking adjustments to be made usually.

Corollary of above disclaimers: I might keep away from attaching DbgShell to reside targets of excessive worth.

Binaries
https://aka.ms/dbgshell-latest

Motivation
Have you ever tried automating something within the debugger? (cdb/ntsd/kd/windbg) How did that go for you?
The predominant impetus for DbgShell is that it is simply waaaay too exhausting to automate something within the debugger. There are services as we speak to help in automating the debugger, in fact. But for my part they aren’t assembly individuals’s wants.

  • Using the constructed-in scripting language is arcane, restricted, troublesome to get proper, and troublesome to get assist with.
  • DScript is type of neat, however nearly unknown, and it lacks a REPL, and it is too low-degree.
  • Writing a full-blown debugger extension DLL could be very highly effective, but it surely’s a big funding—method too costly for fixing fast, “one-off” issues as you debug random, actual-world issues. Despite the price, there are a lot of debugger extensions in existence. I believe there shouldn’t be practically so many; I believe the one cause there are such a lot of is as a result of there aren’t viable options.
  • Existing makes an attempt at offering a greater interface (equivalent to PowerDbg) are primarily based on “scraping” and textual content parsing, which is vastly limiting (to not point out idealogically annoying) and thus are usually not capable of fulfill the promise of a very higher interface (they’re solely marginally higher, at greatest).
  • Existing makes an attempt to offer a better solution to write a debugger extension are merely a cease-hole addressing the ache of growing a debugger extension; they do not actually remedy the bigger downside. (as an example, two main shortcomings are: they’re nonetheless too low-degree (you must take care of the dbgeng COM API), and there isn’t any REPL)
  • The debugger staff has lately introduce Javascript scripting. Javascript is a a lot better (and extra properly-outlined) language than the previous windbg scripting language, however I believe that PowerShell has some benefits, the biggest of which is that no one actually makes use of a Javascript shell–PowerShell is a lot better as a mixed shell and scripting language.

The aim of the DbgShell challenge is to convey the goodness of the thing-primarily based PowerShell world to the debugging world. When you do ‘dt’ to dump an ‘object’, you must get an precise object. Scripting ought to be as straightforward as writing a PowerShell script.
The DbgShell challenge supplies a PowerShell entrance-finish for dbgeng.dll, together with:

  • a managed “object model” (usable from C# if you happen to wished), which is greater-degree than the dbgeng COM API,
  • a PowerShell “navigation provider”, which exposes elements of a debugging goal as a hierarchical namespace (so you possibly can “cd” to a selected thread, sort “dir” to see the stack, “cd” right into a body, do one other “dir” to see locals/registers/and many others.),
  • cmdlets for manipulating the goal,
  • a customized PowerShell host which permits higher management of the debugger CLI expertise, in addition to offering options not out there in the usual powershell.exe host (specifically, help for textual content colorization utilizing ANSI escape codes (a la ISO/IEC 6429))

The customized host continues to be a command-line (conhost.exe-primarily based) program (analogous to ntsd/cdb/kd), however it may be invoked from windbg (!DbgShell).
In addition to creating automation a lot simpler and extra highly effective, it’ll deal with different considerations as properly, equivalent to ease of use for individuals who haven’t got to make use of the debuggers so usually. (one criticism I’ve heard is that “when I end up needing to use windbg, I spend all my time in the .CHM”)
For seasoned windbg customers, then again, one other aim is to make the transition as seamless as attainable. So, as an example, the namespace supplier is just not the one solution to entry information; you possibly can nonetheless use conventional instructions like “~three s“, “ok“, and many others.

Screenshots

Notable Features

  • Color: help for textual content colorization utilizing ANSI escape codes (a la ISO/IEC 6429)
  • Custom formatting engine: Don’t like .ps1xml stuff? Me neither. In addition to straightforward desk, checklist, and customized views, you possibly can outline “single-line” views that are very useful for customizing image worth shows.
  • Custom symbol value conversion: For most variables, the default conversion and show are good. But typically, you’d just like the debugger to perform a little extra be just right for you. The image worth conversion function permits, as an example, STL assortment objects to be reworked into .NET assortment objects which can be a lot simpler to take care of.
  • Derived type detection: For when your variable is an IFoo, however the precise object is a FooImpl.
  • Rich type information: uncovered to your programmatic pleasure.
  • Q: Does it work in WinDbg? I’ll solely use WinDbg. A: Yes–load up the DbgShellExt.dll extension DLL, after which run “!dbgshell” to pop open a DbgShell console.

Other subjects
You can discover a quick (three minute) video introduction right here: https://youtu.be/ynbg2zZ1Igc

MoreTip.com

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.