|
WinDbg is a powerful debug tool which can help programmer to locate the issues in a short time, especially in case there is no development environment. If the software product has been deployed to the customers' workstation and an issue occurred, can you ask your customer to install a visual studio for you to diagnostic it? Ofcourse not. Thus, WinDbg can help you in this situation. This article is to introduce how to start your trip on WinDbg. Hope it is helpful for you, enjoy it!
1.Download andinstall Debugging Tools for Windows http://www.microsoft.com/whdc/DevTools/Debugging/default.mspx
2.Setup environmentvariables to point to Microsoft Symbol server _NT_SYMBOL_PATH = http://msdl.microsoft.com/download/symbols OR Specify it from[File]->[Symbol File Path...] in the menu of WinDbg UI
3.Start to debug theprogram you want to debug a. start the programfrom windbg :[File]->[Open Executable...] b. attach windbg toan existing process:[File]->[Attach to a process...] c. automaticallyattach a debugger to an application when it starts to run: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Image File Execution Options Create a newregistry key with the name of the process you want to debug, add an stringvalue "Debugger", set the data to the full path of ntsd.exe. It willuse ntsd.exe to debug the process you specified here.
4.Use command todebug the program
5.Example First of all, startthe process you want to debug:[File]->[Open Executable...]. Click [Call stack]icon in UI or Alt+6 to sett the call stack, Alt+2 to show the Watch window... Add breakpoint insource code, and F5 to run into the breakpoint, see the illustration below:
Now, it is the sameas the Visual Studio platform. F10 to step over, and F11 to step into. Press F5 to run intothe breakpoint, the variable is displayed in Locals window.
Press F5 to continuethe process, an exception raised anddisplayed in Command window: 0:000> g (1668.1920): Integerdivide-by-zero - code c0000094 (first chance) First chance exceptions arereported before any exception handling. This exception may be expectedand handled. WindbgEx1!Example2+0x2d: 00000001`3f27117d f7f9 idiv eax,ecx
We can display theregister using the "r" command: 0:000> r ecx ecx=0 0:000> r eax eax=47 From the assemblyand register value, we can find the reason of the exception.
Note: First chanceexceptions are thrown from the application, which gets a change to handle theexception, if the application does not handle the exception, the debugger willcatch it and has another change, we can it second change exception, to handle it.
|
|
|
