Windows Debugging

Windows Debugging

About

  • The document describes how to debug applications in production.

 

Install

 

First and Second chance exceptions

When a user mode exception is thrown, it will follow like this.

  1. User mode debugger attached? Y:->2 N:5
  2. Debugger handled it? Y:->8 N:->3
  3. The process handled the exception in *catch*? Y:->7, N:->4
  4. Second chance exception thrown. Is it handled by the debugger? Y:->8, N:->4 (Loop)
  5. The process handled the exception in *catch*? Y:->7, N:->6
  6. Unhandled Exception Filter -> Process stops.
  7. The stack is unwinded. Unwinding is described here. -> 8
  8. Process continues to execute

 

Debuggers

In this document, we use windbg or cdb and managed extentions in most cases. All of ntsd/cdb/windbg use the same debugging engine and debugger commands are same.

Native Debuggers

  • ntsd: MicrosoftSupport NT Symbolic Debugger (user mode debugger). Identical to cdb except that it spawns a new text window.
  • cdb: MicrosoftSupport Console Debugger (user mode debugger)
  • windbg: MicrosoftSupport Windows Debugger (kernel/user mode debugger)
  • kd: MicrosoftSupport Kernel Debugger (kernel mode debugger)
    • KD can be used to debug kernel-mode programs and drivers, or to monitor the behaviour of the operating system itself. KD also supports multiprocessor debugging.
    • Debugging using KD and NTKD
  • Visual Studio Debugger

Managed Debuggers

  • ntsd/cdb/windbg + sos.dll / psscor2 / psscor4 / sosex.dll
  • Visual Studio Debugger

 

Next Steps

See the following topics

  • Windows Debugging Tips
    • How to debug handle / memory leak
    • How to debug heap corruption
    • How to debug a process which crashes as soon as it starts
    • How to get function arguments if it shows <nodata>
    • How to get a list of .Net objects with a specific .Net type
    • How to debug with memory dump taken on another machine
  • Common Debugging Scenarios
    • How to get running ASP.NET requests
    • How to get running classic ASP requests

 

[EOD]

Leave a Reply

Your email address will not be published. Required fields are marked *