Debugger Updates in the 16225 SDK Preview

Hey Everyone!

We've got a few updates for you in the 16225 SDK Preview, let's jump right in to the details!

Thread Description in Minidumps

The Windows 10 Creators updated added a SetThreadDescription API, WPA has support for showing the descriptions, but WinDbg didn't have support initially. We've added support for including the thread descriptions in user-mode minidumps and viewing the descriptions via 'dx'. Create a minidump with '.dump /ma' and the thread descriptions will be included. When you're viewing a dump with thread descriptions, you can view them through 'dx' with a command like 'dx -g @$curprocess.Threads' then finding the name column:

Right now we're only exposing this in dumps, we'll be looking at adding it to live sessions in the future.

Function Aliases in JavaScript

One piece of feedback we've been getting a lot about JavaScript is that running a script generally requires a really long 'dx' command to run. You can now declare what we're calling "Function Aliases" in your script and easily call that function by running "!MyAlias" or "dx @$MyAlias". We'll have deeper docs available soon, but as a quick example, if I have this in a loaded JavaScript script:

 
function __addFunc(x, y)
{
    return x + y;
}

function initializeScript()
{
    return [new host.functionAlias(__addFunc, "add")];
}

I can then run "!add 1 2" or "dx @$add(1,2)" to easily call into addFunc.

Our Documentation has Moved!

While not directly related to this SDK release, our documentation is now on docs.microsoft.com and GitHub! All the old MSDN links now redirect to the new location, but you can now open issues and even submit pull requests to make changes yourself!

• New homepage - https://docs.microsoft.com/windows-hardware/drivers/debugger/index
• Github location - https://github.com/MicrosoftDocs/windows-driver-docs/tree/staging/windows-driver-docs-pr/debugger

There is one more feature that I'll go into depth on in in my next post. There is now a ".scriptdebug" command to enable easier debugging of scripts, it's deeper than I can cover in this post, so be on the look out for my next post tomorrow. As always, there's some bug fixes and minor changes that I haven't called out here, and don't hesitate to comment or ask questions below or on Twitter.

-Andy
@aluhrs13

Comments

• Anonymous
  June 30, 2017
  Does SetThreadDescription set the same string as the old 0x406D1388 exception trick?
  • Anonymous
    June 30, 2017
    It seems like they are different names, GetThreadDescription does not seem to be able to read a name set with the exception (even when running the process in a debugger), it only reads the name set by SetThreadDescription and that name is set by ntdll calling into the kernel.