diff options
| author | Andreas Baumann <abaumann@yahoo.com> | 2010-06-10 13:10:52 +0200 |
|---|---|---|
| committer | Andreas Baumann <abaumann@yahoo.com> | 2010-06-10 13:10:52 +0200 |
| commit | a494888aef21bc3cb38a29a22ff1d2494b233098 (patch) | |
| tree | 29d0d2509a77cfb01c4247312b3fe9b6ca4d08eb /docs | |
| parent | 95c3655dec6935ef7a486e97b4eb92a817944086 (diff) | |
| download | wolfbones-a494888aef21bc3cb38a29a22ff1d2494b233098.tar.gz wolfbones-a494888aef21bc3cb38a29a22ff1d2494b233098.tar.bz2 | |
added documentation about debugging on windows
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/debugging/LINKS | 1 | ||||
| -rw-r--r-- | docs/debugging/windbg.txt | 834 |
2 files changed, 835 insertions, 0 deletions
diff --git a/docs/debugging/LINKS b/docs/debugging/LINKS new file mode 100644 index 0000000..60d854e --- /dev/null +++ b/docs/debugging/LINKS @@ -0,0 +1 @@ +http://www.codeproject.com/KB/debug/windbg_part1.aspx diff --git a/docs/debugging/windbg.txt b/docs/debugging/windbg.txt new file mode 100644 index 0000000..b88d34c --- /dev/null +++ b/docs/debugging/windbg.txt @@ -0,0 +1,834 @@ + #[1]CodeProject Latest artic les - All topics [2]CodeProject Latest + artic les - MFC / C++ [3]CodeProject Latest artic les - C# + [4]CodeProject Latest artic les - ASP.NET [5]CodeProject Latest artic + les - .NET [6]CodeProject Latest artic les - VB.NET [7]CodeProject + Lounge Posti ngs [8]CodeProje ct + + [9]Click here to Skip to main content + + Email ____________________ Password ____________________ Sign in [_] + Remember me? [10]help Lost your password? + + * [11]Home + * [12]Articles + * [13]Quick Answers + * [14]Message Boards + * [15]Job Board + * [16]Catalog + * [17]Help! + * [18]Lounge [19]S oapbox + + * [20]Download source files - 3.09 Kb< /a> + +Table of contents + + * [21]Introduction + + [22]Overview of Debuggers + + [23]Comparison of Debuggers + + [24]WinDbg + + [25]PDB files + * [26]Debugging Scenarios + + [27]Remote Debugging + + [28]Just-in-time Debugging + + [29]64-bit Debugging + + [30]Managed Debugging + + [31]Debugging Services + + [32]Debugging Exceptions + * [33]WinDbg Features + + [34]Debugger Extension DLLs + + [35]Dump Files + + [36]Crash Dump Analysis + * [37]WinDbg Settings + + [38]Symbol Files and Directories + + [39]Source Code Directories + + [40]Breakpoints, Tracing + * [41]Commands + + [42]Basic Commands + + [43]More Commands + + [44]Handy Extension Commands + * [45]Example + + [46]Suggested Exercises + * [47]Epilogue + + [48]Points to Note + + [49]Q & A + * [50]References + +Introduction + + In my professional career, I have seen most of us use Visual Studio for + debug ging but not many of the other debuggers that come for free. You + may want such a debugger for many reasons, for example, on your home PC + which you do not use fo r development but on which a certain program + crashes from time to time. From the stack dump, you can figure out if + IE crashed because of a third party plug-in.< /p> + + I did not find any good quick starters for WinDbg. This article + discusses Win Dbg with examples. I assume you know the basic concepts + of debugging stepping in, stepping out, breakpoints and what it means + to do remote debugging. + + Note that this is meant to be a Getting Started document, which you can + read and start using WinDbg. To know more about specific commands, + consult the WinDbg documentation. You can use the commands presented in + this document with any deb ugger provided by Microsoft, e.g. from the + Command window of Visual Studio .NET. + + This article is based on WinDbg 6.3. + + This is the first of a series of articles on debugging. In my next + article, I shall explain how to write debugger extension DLLs. + + Overview of Debuggers< /h3> + + A brief overview of the Windows debuggers that you can download for + free from [51]here : + * KD Kernel debugger. You want to use this to remote debug OS + problems like blue screens. You want it if you develop device + drivers. + * CDB Command-line debugger. This is a console application. + * NTSD NT debugger. This is a user-mode debugger that you can use to + debug y our user-mode applications. Effectively, this is + Windows-style UI added to CDB. + * Windbg wraps KD and NTSD with a decent UI. WinDbg can function both + as a k ernel-mode and user-mode debugger. + * Visual Studio, Visual Studio .NET use the same debugging engine as + KD and NTSD and offer richer UI than WinDbg for debugging purposes. + + Comparison of Debuggers + + Feature KD NTSD WinDbg Visual Studio .NET + + Kernel-mode debugging Y N Y N + User-mode debugging Y Y Y + Unmanaged debugging Y Y Y Y + Managed debugging Y Y Y + Remote debugging Y Y Y Y + Attach to process Y Y Y Y + Detach from process in Win2K and XP Y Y Y Y + SQL debugging N N N Y + + WinDbg + + WinDbg is a debugger that wraps NTSD and KD with a better UI. It + provides com mand-line options like starting minimized (-m), attach to + a process by pid (-p) and auto-open crash files (-z). It supports three + types of commands: + * regular commands (e.g.: k). The regular commands are to debug proce + sses. + * dot commands (e.g.: .sympath). The dot commands are to control the + debugger. + * extension commands (e.g.: !handle) these are custom commands that + you can add to WinDbg; they are implemented as exported functions + in extension DLLs. + + PDB files + + PDB files are program database files generated by the linker. Private + PDB fil es contain information about private and public symbols, source + lines, types, lo cals and globals. Public PDB files do not contain + types, local and source line i nformation. + +Debugging Scenarios + + Remote Debugging + + Doing remote debugging using WinDbg is easy and can be done in one of a + numbe r of ways. In the following, debugging server is the debugger + running on the m achine where youd like to debug; debugging client is + the debugger controlling the session. + * Using the debugger: You need CDB, NTSD or WinDbg on the ser ver. A + WinDbg client can connect to any of CDB, NTSD and WinDbg, and vice + versa. The server and client have choices of TCP and named pipes + for communication pro tocol. + + To start a server: + o WinDbg server npipe:pipe=pipename (note: multiple clients + can conn ect), or + o from within WinDbg: .server npipe:pipe=pipename (note: + single clien t can connect) + You can start multiple server sessions using multiple + protocols. You can pass word-protect a session. + + To connect from a client: + o WinDbg -remote npipe:server=Server, + pipe=PipeName[,password=Passwo rd] + o from within WinDbg: File->Connect to Remote Session: for + connection strin g, enter npipe:server=Server, + pipe=PipeName [ ,password=Password] + * Using remote.exe: remote.exe uses named pipes for communicating. If + you use a console-based application like KD, CDB or NTSD, you could + use remote.exe to do remote debugging. Note: use @q (not q) to qu + it the client without quitting the server. + + To start a server: + o Remote.exe /s cdb p <pid> test1 + + To connect from a client: + o Remote.exe /c <machinename> test1 + test1 above is the arbitrary named pipe name we chose. + + Server will display who all are connected from which servers and + commands exe cuted. You can quit the server by issuing qq; or quit the + client using File-&g t;Exit. Youd need to belong to the Debugger Users + user group and the server h as to allow remote connectivity if you want + to remote-debug. + + Just-in-time Debugging + + The section Enabling Postmortem Debugging in the WinDbg documentation + discu sses this well. In short, you can set WinDbg as the default JIT + debugger by runn ing Windbg I. This sets the registry key + HKLM\Software\Microsoft \Windows NT\CurrentVersion\AeDebug to WinDbg. + To set WinDbg as the defaul t managed debugger, youd need to set these + registry keys explicitly: + * HKLM\Software\Microsoft\.NETFramework\DbgJITDebugLaunchSetting to 2 + * HKLM\Software\Microsoft\.NETFramework\DbgManagedDebugger to Win + dbg. + + With the JIT setting, WinDbg will be launched if an application throws + an exc eption while not being debugged and does not handle the + exception itself. + + 64-bit Debugging + + All these debuggers support 64-bit debugging on AMD64 and IA64. + + Managed Debugging + + WinDbg 6.3+ supports managed debugging, with the Whidbey .NET CLR. + There is a good discussion on managed debugging in the documentation. + Remember that there are no PDBs with managed code since managed code is + compiled to ILASM; the debug ger talks to the CLR to query extra + information. + + Points to note: + + You can set a breakpoint at a managed code function only after it has + been in voked at least once; because that is when it is JIT-compiled to + ASM code. Keep i n mind: + * Complications with function addresses and hence breakpoints: + + The CLR can discard compiled code, so function addresses may + change. + + The same code may be multiply compiled if multiple app domains + do not share the code. If you set a breakpoint, it gets set + for the app domain of the current thread. + + Specialization of generics can cause multiple addresses for + the same functio n. + * Complications with data layout and hence data inspection: + + The CLR may change data layout arbitrarily at runtime, so + field offsets in a structure may change over time. + + Type information is loaded only on first use, so you may not + be able to insp ect a data field if it has not been used yet. + * Complications with debugger commands: + + When tracing through managed code, you would pass through + chunks of runtime code like the JIT compiler code because you + stepped into a function for the firs t time, or, when + transitioning from managed to unmanaged code. + + Debugging Services + + You can debug a service just as any other application using WinDbg, + both afte r starting the service by attaching to the service process, + and, by using WinDbg as a JIT debugger and programmatically calling + DbgBreakPoint or DebugBreak + , or an ASM int 3 on x86. + + Debugging Exceptions + + A debugger gets notified of each exception twice it is notified the + first t ime before the application gets a chance to handle the + exception (first chance exception); if the application does not handle + the exception, the debugger is g iven a chance to handle the exception + ( second-chance exception). If the debug ger does not handle a + second-chance exception, the application quits. + + .lastevent, or, !analyze v will show you the exception rec ord and + stack trace of the function where the exception occurred. + + You can also use the .exr, .cxr and .ecxr commands to display the + exception and context records. Note also that you can change the + first-chance handling option for an exception using the sxe, sxd, sxn + and sxi commands. + +WinDbg Features + + Debugger Extension DLLs + + Debugger extensions are DLLs that you can hook up with a debugger to + execute custom commands from within the debugger. There are certain + functions that a DLL needs to implement and some requirements that a + DLL needs to meet in order to q ualify as an extension DLL. In the next + article, we shall learn how to write an extension DLL yourself. The + bang (!) commands are commands executed from your ex tension DLLs. Note + that extension DLLs are loaded in the process space of the de bugger. + + Dump Files + + You can take snapshot information of a process using the dump facility. + A min i-dump is usually small, unless you take a full-memory minidump + (.dump /mf). It is useful to dump handle information also, as + .dump/mfh. A min i-dump contains information about all threads + including their stacks and list of loaded modules. A full dump contains + more information, like that of the process heap. + + Crash Dump Analysis + + If your Windows OS crashes, it dumps the physical memory contents and + all pro cess information to a dump file, configured through + System->Control Panel-> ;Advanced->Startup and Recovery. It is also + possible to take dumps of any l ive process by breaking into it. You + can also take a dump of any process (.d ump) that terminates abnormally + by configuring WinDbg as a JIT debugger. No te that figuring out bugs + in the code from a crash dump could be an involved pro cess. + + To analyze a dump, follow these steps: + + Step 1: In WinDbg, File->Open Crash Dump, and point to the dump file + + Step 2: WinDbg will show you the instruction your app was executing + when it crashed. + + Step 3: Set your symbol path and source path properly. If you cannot + match symbols, you could have a hard time figuring out control flow. If + you can match the symbols to source code of the appropriate version, it + should be easy to figure out the bug at this point. Note that private + symbol files have line nu mber information and will blindly show the + line in your source code without furt her checks; if your source is not + version-matched properly, youd not see the co rrect source code + matching the assembly code. If you have public PDB files, you ll see + the last public function (on the call stack) that was invoked. + + Note that debugging drivers or managed code is much different. Refer to + [2] f or debugging techniques for device drivers. + +WinDbg Settings + + Symbol Files and Directories + + You need symbols in order to be able to do effective debugging. Symbol + files could be in an older COFF format or the PDB format. PDBs are + program database fi les and contain public symbols. These debuggers + allow you to mention a list of U RIs where they would look for symbols + for loaded binaries. + + OS symbols are usually installed in the %SYSTEMDIR%Symbols directory . + Driver symbols (.DBG or .PDB files) are usually in the same folder as + the driver (.sys file). Private symbol files contain informat ion about + functions, local and global variables, and line information to correla + te assembly code to source code; symbol files that are usually made + available to customers are public symbol files these files contain + information about publi c members only. + + You can set symbol directories through File->Symbol File Path, or using + .sympath + from the WinDbg command window. To add reference to a symbol ser ver on + the web, add: +SRV*downstream_store*http://msdl.microsoft.com +/download/symbols + + to your .sympath, thus: +.sympath+ SRV*c:\tmp*http://msdl.microsoft.com/downloa +d/symbols + + Where c:\tmp is the download_store where necessary symb ols will be + downloaded and stored. Note that this particular symbol server expos es + public symbols only. + + The debugger matches information like filename, timestamp and checksum + when m atching a PDB with a binary (DLL or exe). If you have symbol + information, youd be able to see function names and their arguments in + your call stack. If the bin aries and PDBs are from your application, + youd additionally have information ab out private functions, local + variables and type information. + + The sympath can consist of multiple URIs. Sympath i s initialized from + the _NT_SYMBOL_PATH system environment variable. + + Source Code Directories + + You can set source code directories through File->Source File Path, or + usi ng .srcpath from the WinDbg command window. If you set source code + dire ctories, the debugger will pull up matching source code based on + line number inf ormation from the PDB files during debugging. + + Breakpoints, Tracing + + * Set soft breakpoints using the bp commands or using the toolbar + breakpoint icon. + * Set hard breakpoints using code like DbgBreakPoint() or K + dBreakPoint(). + * Use tracing routines DbgPrint, KdPrint, Outp utDebugString to print + out to the WinDbg output window, from debugger ext ension DLLs. + +Commands + + Basic Commands + + The help file that comes with the WinDbg installation documents + commands well , but the following basic commands should get you + started: + + Feature Command What Does it Do Example / Comments See Also Related + Commands + + Stack trace K, KB x Displays stack trace of current thread (x frames). + Kb causes th e display to include the first three parameters passed to + each function. KP, Kp, or KV + Frame .frame X + Register watch R Displays register set. reax displays the eax register. + + Step t Trace = Step into (F11) + p Step over (F10) + Step out Shift + F11 + Disassemble u Unassemble next few instructions + u <start_address> Unassemble instructions at start_address + u <start_address> + + <end_address> + Unassemble instructions from start_address till end_addre ss + Breakpoints Bl List breakpoints. + be, bd, bc Enable / disable / clear breakpoint. + bp Set a breakpoint. + bu Set unresolved breakpoint. Breakpoint is resolved by symbolic + name, not abso lute address. Use this to set breakpoint at a function + whose containing module h as not yet been loaded. bu foo + + Comment * Ignores the command * Hello World + Continue G <address_X / symbol> Go. Resumes execution until address_X + + GH Go, exception handled + GN Go, exception not handled + Quit Q + Dumping data dv Display local variables. You need private symbols. + Dd <address> Display dword values at specified address. To see value + of an int, DD &l t;addr> L1 + Ds, da (ASCII), du (Unicode) Dump string + Dt [dt module!typedef adr] Dump type. Will dump the contents of the + memory using typedef as a template. + Change / Edit Values Eb (byte), ed (dword ), ea (ASCII), eu (Unicode) + Edit value of a variable + List modules lm List loaded modules Lmi, lml, !dlls + Threads ~ Lists all threads + Command on thread n ~n<command> Switch to a specific thread by + thread-id and execute a command on the thread . ~2kb (second threads + stack) + + Search for a symbol in a module X module!<pattern> X blah!*foo* + Dump .dump + Source line display .lines Turns on source code display + ln adr Will show the symbol nearest to that location. + + Note: + 1. There is no step out (Shift+F11). You have to find the return + address on t he stack manually and use g adr. You can find this + address by using k. If you know the function uses ebp frames you + can use g poi(ebp+4) to step out. + 2. To inspect local variables: + a. Use the dv command. + b. Then use the dt <variablename> command. + c. Note: you may not see correct values if values are stored in + registers or du e to FPO. + + More Commands + + Feature Command What Does it Do Example / Comments See Also Related + Commands + Vertarget Shows information about the system on which you are + debugging. + Data breakpoint (hardware bp) Ba + + [ba r/w/e size adr] + Sets a data breakpoint. You can break on read/ write/ execute attempt + of a m emory location. ba w4 adr + Exceptions .lastevent Displays last exception record + Exceptions Sx, Sxe, sxd, sxn, sxi exception_X Enable/ disable/ + notify-only/ ignore first chance exception /event exc eption_X. Example + of event: module unload/ thread creation. + Display type Dt Shows struct and field values . Dt x; // x: int + Dt myStruct; // struct myStruct + Dt myStruct myVar1; // shows myStruct.myVar1 + Reload symbols .reload Reloads symbols using the symbol path you would + have set. + Source lines l+l, l+o, l+s, l+t Source line options + .ecxr If you had an exception, switches context to faulting context. + + .quit_lock + ; Command separator + ? Evaluate expression + | Display process information + .chain Lists all loaded debugger extensions. + .echo <string> Echo/ print any string Echo xyz + .exr <address_x> Display exception record at x. + .cxr <address_x> Display context record at x. + .trap Dump a trap frame. + + Handy Extension Commands + + * !help help for WinDbg extension commands. + * !load, !unload to load and unload debugger extension DLLs. + * !handle displays information about handles owned by processes. + * !peb - shows the PEB (process environment block) including DLL + information. + +Example + + Attached is a sample application with these example functions: + 1. Example1: Program appears hung because a thread waits indefinitely + on a crit ical section that another thread acquired and then exited + without releasing. + 2. Example2: Exception: division by zero. + 3. Example3: Execute a command every time a breakpoint is hit. + 4. Example4: Exception: null pointer access + 5. Example5: Exception: double deletion + 6. Example6: Exception: stack overflow due to infinite recursion + + Suggested Exercises + + 1. Exception: Array out-of-bound access + 2. Exception: Deleted pointer access + 3. Exception: Stack underflow + +Epilogue + + Points to Note + + Please note that: + * when you run WinDbg, attach to a process and issue kb, youd be + seeing the s tack trace of the thread injected by the debugger. All + debugging commands are ex ecuted in the context of the injected + thread. + * Frame Pointer Omission (FPO): + Means that when your code is compiled, frame pointers (EBP) will + not be put o n the stack. This makes function calls faster and + makes the EBP register availab le as a scratch register. The + optimization option /Oy in the MSC++ compiler => ; FPO; /O2 or /Ox + (full optimization) => /Oy. + + Q & A + + 1. How can I list all symbols exported by a module? + x <module>!* + 2. How can I find help for a specific command? + .hh <command>, or <command> /? + 3. I want a certain application x.exe to run always under WinDbg. How + can I configure this? + Create a key named x.exe under HKLM\Software\Microsoft\Windows NT\c + urrentversion\image file execution options and add a new string + value Debugger to it; set its value to the path of windbg.exe. + 4. I want to do something every time a breakpoint is hit. How can I do + that? + The bp command accepts a list of commands as argument that you can + execute ev ery time a breakpoint is hit. Example: + bp WindbgEx1!Example3+0x3d "dd [ebp-0x14] L1; .echo hello + world;g&qu ot; + (ref. attached code) + prints the value of a local variable in each iteration of function + Example3.< /p> + 5. Can I put a breakpoint that is triggered only once? + Yes:bp /1 + 6. Can I set a breakpoint such that it will start hitting only after + k-1 passes ? + Yes, bp <address> k + +References + + 1. WinDbg documentation [from [52]Microsoft] + 2. The Windows 2000 Device Driver Book Art Baker, Jerry Lozano + + You must [53]Sign In to use this message board. + + ____________________ ____________________ + + Per page[25] + + + FirstPrev[54]Next + + + General blue screen analysis + rupeshkp728 7:08 24 May '10 + + + + What all information can we get from the windows blue screen + Is there any way to debug a crash without using windbg? + [55]Sign In·[56]View Thread·[57]PermaLin k + [t.gif] + Question Automate mini-dump creation with WinDBG configured as JIT + debugger + MorsCerta 4:53 9 Apr '10 + + + Hi, + I have configured WindDbg as JIT Debugger on a cu stomers PC. However + the crash occurs only once or twice a week. + I wou ld like WinDbg to automatically write a minidump for the crashing + process when i t is launched as the JIT debugger and then exit. + Is this possible? + Thanx + Kurt + [58]Sign In·[59]View Thread·[60]PermaLink + [t.gif] + General Very good article + Sandeep Aparajit 2:42 23 Jun '09 + + + Thanks for such a detailed article on Windbg.. + Sandeep Aparajit + Mark usefull posts as Helpful/Answers.[61]Technical articles on C#, + ASP.NET, Archi tecture and Security | [62]Photography + [63]Sign In·[64]View Thread·[65]PermaLink + [t.gif] + General How can I add the symbol without the internet? + bal ong001 6:36 17 Mar '09 + + + hi, now in my office, my computer can't connect the internet, ,t he way + you mentioned + "SRV*downstream_store*http://msdl.microsoft.com/downlo ad/symbols" may + be a big problem + to me.So, I want to know that, how can I s et the symbol without the + internet? Any suggestion? + Thank you! Smile + Thank you! + [66]Sign In·[67]View Thread·[68]PermaLink 2.00/5 + Answer [69]Re: How can I add the s ymbol without the internet? + sandeep naidu 5:18 30 Mar '09 + + + If you have the windows installation CD it will have the symbols in the + support folder. Once you install it from the CD the symbol path is + autom atically set. If not, just remember the path it extracted the + symbols to and set the path using .sympath command. + [70]Sign In·[71]View Thread·[72]PermaLink 5.00/5 + [t.gif] + General Use USB WinDbg on VISTA + flyball1230 17:05 24 Feb '09 + + + Dear Sir, + I have a Ajays USB debug cable, and I want to link two EeePCs(no 1394, + no COM Port) to do some debugging works. I have use bcdedit change the + boot entry, but I still can't link WinDbg(KD) sucessfully! Do you have + any experience or sollution about this issue? Thanks for your help! + Regards, + Steven + [73]Sign In·[74]View Thread·[75]Perma Link 2.00/5 < /span> + [t.gif] + General Compiling error in VS 2005 + conglover 15:40 26 Jan '09 + + + I am trying to run the example source in my VS 2005 to generate symbols + and images for Windbg. + But I get a lot of compiling errors. .vspro j file was not included in + the download. + All the errors are from wdbgexts.h / + My machine is Vista 64 and using VS 2005. + I created a new Windows console application. + [76]Sign In·[77]View Thread·[78]Pe rmaLink + [t.gif] + Question How to correct a message "Type information missing er ror for + changeto4p " when using WinDbg ? thanks! + cchmark1 21:17 29 Jun '08 + + + I got a message "Type information missing error for changeto4p " when + using WinDbg with "x CrashScreenShot!changeto4p" , could someone tell + me ho w to correct it , thanks in advance ! + [79]Sign In·[80]View Thread·[81]PermaLink 1.00/5 + [t.gif] + Question How can I get the value of the variable in dump file? + Daniel Xu 17:39 2 6 Nov '07 + + + Hi, + In Crash Dump Analysis, I set the right PDB file, and traced the right + source code. How can I get the value of the variable? + e.g. + I have a Unicode String named szMyValue, in MyModules!MyFunctio n. How + can I located this variable in memory and get it's value? + I ha ve an idea to use Unassemble code get the value. I'm not the + skilled guy to read assemble code. + The command of "dt" could only display data type, and the " dv" command + does not work at all. + Do you have any new idea about my q uestion? Need your help. + Thanks. + Daniel + A lucky fish. + [82]Sign In·[83]View Thread·[84]PermaLink + Answer [85]Re: How can I get the value of the variable in dump file? + flobadob1975 2:21 22 Oct '08 + + + I'm no expert but I think it depends on the type of minidump fil e + (there are several levels of detail). See the /m command for ntsd. By + default the heap is not dumped so you will not get stuff from there. + Try using the /ma s witch instead of the default /m + [86]Sign In·[87]View Thread·[88]PermaLink 5.00/5 + General [89]Re: How can I get t he value of the variable in dump file? + Sharath George 16:24 11 Jun '09 + + + also try compiling without optimization + as optimization rul es out viewing a lot of intermediate variables that + do not need to be stored + [90]Sign In·[91]View Thread·[92]PermaLink + [t.gif] + Question new to windbg.... help needed + suriiitm 5:54 11 Sep '07 + + + hi + I'm new to debugging softwares... I'm using windbg and couldn't + understand anything wht exactly is happening inside it..... can anyone + post some useful links or material regarding how to get started? + Tha nks + Surendra + [93]Sign In·[94]View Thread·[95]Per maLink + Answer [96]Re: new to windbg.... help needed + Saikat Sen 20:12 26 Sep '07 + + + Surendra, + If you have access to Visual Studio, VS UI would probably be more + intuitive and easy to use. + If you're just starting o ff, make sure you step through high-level + code rather than assembly code. + < br />If you have specific questions, feel free to ask. + - Saikat + [97]Sign In·[98]View Thread·[99] PermaLink 2.0 0/5 + [t.gif] + General is it possible to change the "value" in registers windo w to + ascii ?! + miki85 19:46 28 Aug '07 + + + Confused + the way it is i dont understand nothing about wha ts inside the reg + exept that it was changed when it turns red.. + there 's a way to change it to ascii like "da eax" ?! + [100]Sign In·[101]View Thread·[102]PermaLink + [t.gif] + General is there the windbg source code i can download + zja 601 23:42 12 Aug '07 &n bsp; + + + thanks + [103]Sign In·[104]View Thread·[105]PermaLink + General [106]Re: is there the win dbg source code i can download + Jeffrey Walton 6:26 30 Aug '07 + + + I don't believe WndDbg has ever been released in Source. However , othe + popular debuggers such as OllyDbg is available. See + [107]OllyDbg[[108]^] + Jeff + [109]Sign In·[110]View Thread· [111]PermaLink + [t.gif] + General Windbg + sidscrazy 4:10 30 Jul '07 + + + I found windbg very helpful. Indeed this is the tool I use for e + veryday debugging. + It can be used for both user mode and kernel mode debugg ing. + The only problem I feel is the inconvenient way in which it allows me + to access code. It is not as user friendly as visual studio debugger. + I w ould be happy to know the reason why we should use windbg and not + Visual Studio for user mode debugging. + Thanks + Sid + Happy secure coding + [112]Sign In·[113]View Thread·[114]PermaLink 3.25/5 + General [115]Re: Windbg + Jeffrey Walton 6:30 30 Aug '07 + + + Hi Sid, + + sidsc razy wrote: + + I would be happy to know the reason why we should use windbg .. . + + I imagine this is personal preference. In a perverted way, I know of a + few who prefer command line debuggers. For example those who came from + the early Unix and Linux who are masters at gdb. + A little known factiod: WinDbg is mainted by the Operating System team + at Microsoft, while Visual Studio is a product of the Development team. + So WinDbg is much more intimate with the OS and its structures. For + example, how does one view the PEB in Visual Studio?< br /> + Jeff + [116]Sign In·[117]View Thread·[118]PermaLink< td class="msg-footer" + align="right"> + [t.gif] + General How to debug debugger extensions? + STUART.R 19:53 1 Nov '06 + + + Hi, + can anybody tell me how to debug debugger extensi ons written for + drivers? + thanx + [119]Sign In·[120]View Thread·[121]PermaLink 1.00/5 + [t.gif] + Question Anyone having trouble setting the postmortem debugger ? + dmatsumoto 5:21 26 Oct '06 + + + I've tried pretty much everything I can think of. In the end, I decided + to just make windbg my default postmortem debugger by using "windbg -I" + , but even that doesn't seem to work. + I created a test app that simpl y throws an exception and doesn't + handle it. When I execute the app in debug an d release mode, I get an + application error, but windbg doesn't start. + Can someone tell me why this isn't working for me? Thanks! Confused + [122]Sign In·[123]View Thread·[124]PermaLink 1.33/5 + Answer [125]Re: Anyone having tro uble setting the postmortem debugger? + Saikat Sen 21:02 3 Dec '06 + + + Can you send the registry dump of the appropriate keys? + You can find in my article which reg keys are respected/ expected for + post-mortem d ebugging. + Thanks + - Saikat + [126]Sign In·[127]View Thread·[128]PermaLink + [t.gif] + General for_each_threads commad? + swamyv 12:06 13 Sep '06 + + + Does windbg has this command? I can't find it from help. + < /td> + [129]Sign In·[130]View Thread·[131]Perma Link < /td> + General [132]Re: for_each_threads commad? + Saika t Sen 17:03 27 Sep '06 + + + Not that I know of. What are you trying to accomplish? + - Saikat + [133]Sign In·[134]View Thread·[135]Pe rmaLink 2.00/ 5 + General [136]Re: for_each_threads commad? + Jonat han C Dickinson 22:57 1 4 Feb '10 + + + ~* e (command) + He who asks a question i s a fool for five minutes. He who does not ask + a question remains a fool forever . [Chineese Proverb] + Jonathan C Dickinson (C# Software Engineer)< /div> + [137]Sign In·[138]View Thread·[139]Pe rmaLink + [t.gif] + General windbg scripting to get stack trace of all threads? + swamyv 14:14 8 Sep '0 6 + + + Is it possible write a small script that can attach to run ning process + and run few commands like list of threads and get stack trace of all + threads and then detach without terminating the target process? + And then I would like to save the output in a file. + If you have any idea please let me know thanks. + Swamy + [140]Sign In·[141]View Thread·[142]PermaLink 1.67/5 + Last Visit: 2:09 10 Jun '10 L ast Update: 2:09 10 Jun '10 1[143]2< + /a>[144]3 [145]Next » + + Last Updated 23 Mar 2004 | [146]Advertise | [147]Privacy | [148]Terms + of Use | Copyright © [149]CodeProject, 199 9-2010 + |