Menu
I am trying to utilize GetThreadContext to view what the current debug registers are set to. No matter what program I debug, it returns 0xCCCCCCCC. I am able to successfully set breakpoints ctx.Dr0 and then catch these breaks with a custom exception handler, but if I try to view the address stored at ctx.Dr0, it always appears as 0xCCCCCCCC. Why is that?
Thanks
CONTEXT ctx;
GetThreadContext(GetCurrentThread(),&ctx);
cout << hex << ctx.Eip << endl;
EDIT**
I think I did not ask my question well enough, because at the time I did not realize the error in my thinking. I actually was trying to call GetThreadContext from within the thread which I wanted to get it's context. This doesn't work for obvious reasons. Instead I think CONTEXT ctx = {CONTEXT_FULL} works. The answer that was most helpful was Hans Passant comment below.
568
asked Jun 07 '26 11:06
You cannot get a valid context for a running thread. You need to suspend the thread you want to get the context for. So, trying to do it in a current thread is not going to work. This is clearly stated in the GetThreadContext() documentation:
You cannot get a valid context for a running thread. Use the SuspendThread function to suspend the thread before calling GetThreadContext.
If you call GetThreadContext for the current thread, the function returns successfully; however, the context returned is not valid.
53
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
