Windows Debugging

Windows Debugging

About

• The document describes how to debug applications in production.

 

Install

• Debugging tools is a part of Windows SDK or DDK.
• Xperf is a part of Windows Assessment and Deployment Kit

 

First and Second chance exceptions

When a user mode exception is thrown, it will follow like this.

1. User mode debugger attached? Y:->2 N:5
2. Debugger handled it? Y:->8 N:->3
3. The process handled the exception in *catch*? Y:->7, N:->4
4. Second chance exception thrown. Is it handled by the debugger? Y:->8, N:->4 (Loop)
5. The process handled the exception in *catch*? Y:->7, N:->6
6. Unhandled Exception Filter -> Process stops.
7. The stack is unwinded. Unwinding is described here. -> 8
8. Process continues to execute

 

Debuggers

In this document, we use windbg or cdb and managed extentions in most cases. All of ntsd/cdb/windbg use the same debugging engine and debugger commands are same.

Native Debuggers

• ntsd: MicrosoftSupport NT Symbolic Debugger (user mode debugger). Identical to cdb except that it spawns a new text window.
  • Debugging using CDB and NTSD
• cdb: MicrosoftSupport Console Debugger (user mode debugger)
• windbg: MicrosoftSupport Windows Debugger (kernel/user mode debugger)
• kd: MicrosoftSupport Kernel Debugger (kernel mode debugger)
  • KD can be used to debug kernel-mode programs and drivers, or to monitor the behaviour of the operating system itself. KD also supports multiprocessor debugging.
  • Debugging using KD and NTKD
• Visual Studio Debugger

Managed Debuggers

• ntsd/cdb/windbg + sos.dll / psscor2 / psscor4 / sosex.dll
• Visual Studio Debugger

 

Next Steps

See the following topics

• Windows Debugging Tips
  • How to debug handle / memory leak
  • How to debug heap corruption
  • How to debug a process which crashes as soon as it starts
  • How to get function arguments if it shows <nodata>
  • How to get a list of .Net objects with a specific .Net type
  • How to debug with memory dump taken on another machine
  • …
• Common Debugging Scenarios
  • How to get running ASP.NET requests
  • How to get running classic ASP requests
  • …

 

[EOD]