-
Recent Posts
Recent Comments
Archives
- April 2009
- February 2008
- January 2008
- November 2007
- October 2007
- September 2007
- June 2007
- May 2007
- April 2007
- March 2007
- February 2007
- January 2007
- December 2006
- November 2006
- October 2006
- September 2006
- August 2006
- July 2006
- June 2006
- May 2006
- April 2006
- January 2006
- November 2005
- August 2005
- July 2005
- May 2005
- April 2005
- March 2005
Categories
Meta
Category Archives: Debugging with windbg/cdb/ntsd
Figuring out what that crash was
So I was recently helping someone investigate a startup issue using windbg. Oftentimes it’s enough information to tell you some vital bit of information like "driver XYZ is crap – uninstall it and your life will be better" or "your … Continue reading
wt – a better retval test
Before, I mentioned using the z command as a way to figure out where an error HRESULT was occuring. (Really, the best way is to have some decent tracing so you can see the failures in a debugger). wt … Continue reading
Memory Access breakpoints
One of the things that I’ve been using a lot lately is memory access breakpoints. I’ve found them really helpful for tracking down some ref-counting bugs, but they’re also great for catching data corruption. The basic idea is this – … Continue reading
breaking at initial process creation
Windbg and friends has a default initial breakpoint that gets called after dependant dlls have been loaded so that you can get right to business debugging your app – but what if you want to debug the loading of those … Continue reading
finding where a bad HRESULT is returned
t ; z (@eax != 0x8007000EL) What does this cryptic command do for you? I was recently helping a friend debug a failure where an error hresult was returned but it was the kind of error that could have been coming … Continue reading
Adding trace statements to code you don’t own (or without recompiling)
I was debugging a race condition recently and found that I didn’t have the information that I needed and couldn’t just look at the data without disrupting the race condition that was causing the problem. Naturally, you’d generally do a … Continue reading
Talking about SYMSRV
Symbols are a necessary prerequisite to debugging (well, not really, but it’s so much nicer with them). One thing that I didn’t realize before coming to MSFT was that Microsoft made it’s (stripped) symbols available publicly. SET _NT_SYMBOL_PATH to:symsrv*symsrv.dll*c:\symbols*http://msdl.microsoft.com/download/symbols VS … Continue reading
Application debugging in a production environment
Here’s a good (but lengthy – 255 pages) primer on using windbg for production debugging. It’s well-written, but needs an editing pass. Quote Microsoft België & Luxemburg – MSDN – Application debugging in a production environment This posting is provided … Continue reading
Basic Debugger Commands
Basic Debugger commands Here’s a list of commands that are frequently used when debugging – a lot of these commands are very terse and can be hard to pick up. I’ve added a couple to a collection that I picked … Continue reading