DumpType = 9

[0vercl0k]

In 0vercl0k/wtf#101, there is a dump file with a DumpType = 9 which isn't supported by kdmp-parser. Based on the investigation, this seems to be newish and only available in latest (?) WinDbgX.

[0vercl0k]

No symbols seem available for the dbgeng version yet...

0:000> lmvm dbgeng
Browse full module list
start             end                 module name
00000001`80000000 00000001`80889000   dbgeng     (no symbols)           
    Loaded symbol image file: dbgeng.dll
    Image name: dbgeng.dll
    Browse all global symbols  functions  data
    Image was built with /Brepro flag.
    Timestamp:        FEE5ACCF (This is a reproducible build file hash, not a timestamp)
    CheckSum:         0085D433
    ImageSize:        00889000
    File version:     10.0.25111.1000
    Product version:  10.0.25111.1000
    File flags:       0 (Mask 3F)
    File OS:          40004 NT Win32
    File type:        2.0 Dll
    File date:        00000000.00000000
    Translations:     0409.04b0
    Information from resource tables:
        CompanyName:      Microsoft Corporation
        ProductName:      Microsoft® Windows® Operating System
        InternalName:     DbgEng.Dll
        OriginalFilename: DbgEng.Dll
        ProductVersion:   10.0.25111.1000
        FileVersion:      10.0.25111.1000 (WinBuild.160101.0800)
        FileDescription:  Windows Symbolic Debugger Engine
        LegalCopyright:   © Microsoft Corporation. All rights reserved.

[hugsy]

Yo,

If was pissing me off so I added support for types 0x8 (.dump /k) and 0x9 (.dump /ka) are done (see https://github.com/hugsy/kdmp-parser/tree/new_type_support ).

I'll do type 0xa tomorrow if time permits (from issue #18 ), and hopefully PR it all by this weekend.
I'm sure you'll just love to review some more dirty code from me 😂

Cheers bud

[0vercl0k]

Oh my - this is awesome! I can't wait to try this out / merge it in. I'm going to have to send you a crate of beer or something.. 😅 Chers

…

On Fri, Nov 10, 2023 at 3:44 AM crazy hugsy ***@***.***> wrote: Yo, If was pissing me off so I added support for types 0x8 (.dump /k) and 0x9 (.dump /ka) are done (see https://github.com/hugsy/kdmp-parser/tree/new_type_support ). I'll do type 0xa tomorrow if time permits (from issue #18 <#18> ), and hopefully PR it all by this weekend. — Reply to this email directly, view it on GitHub <#17 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/AALIORMFP2YRBZ6MVRR5W6DYDWIJRAVCNFSM5XLI4NA2U5DIOJSWCZC7NNSXTN2JONZXKZKDN5WW2ZLOOQ5TCOBQGQ4TSMBYGA2Q> . You are receiving this because you authored the thread.Message ID: ***@***.***>

[hugsy]

Anytime, we'll drink those together 🍺🍻

[hugsy]

Done too, it's all the same format, just different offsets 😂

Will clean it up and PR that

[hugsy]

All good on my end, waiting for you now to come back 🙂