1. debugging tools for Windows:
- Ntsd.exe: Console Based debugger with new console
Cdb.exe: Console Based debugger with existing Console
- Windbg.exe: GUI based Debugger
- Kd.exe: Console Based Kernel Mode Debugger
- Adplus.exe: Monitoring Tool
- Umdh.exe: Memory leak detection tool
- Remote.exe: remote debugging tool
Windbg cheat sheet: http://windbg.info/doc/1-common-cmds.html
2. Heap upload uption: tool-> application Verifier
3. Resource leaks
A. Tools for debuging handles
-
- Task Manager
- Process explorer shows handle count as well:
- Type of handle (file, mutant, section etc)
- Name of the handle
- Handle Value
- Comes in handy when figuring out what type of handle is being leaked
- Debugger extension commend :! Htrace
B. Tools for heap memory tracking
-
- Umdh
- Tracks heap based memory
- Requires OS instrumentation to be enabled (gflags)
- Debugdiag
- Powerful automated Debugger
- Extensible
- Debugger command :! Heap
4. Thread Synchronization
- Critical Section
- Per process (user mode), under the covers uses an event.
- Allows one thread access to shared data
- Represented by rtl_critical_section (lockcount, recursioncount, owningthread, spincount, debuginfo)
- ! CS <address>: displays information about critical section
- Events
- Mutex
- Kernal mode construct
- Be used within and distribute SS different processes
- Represented in user mode as a handle
- Use! Handle command to view information
- Semaphore
- Kernal mode construct
- Be used within and distribute SS different processes
- Employs resource couniting (X number of threads can access resource)
- Use! Handle command to view information
5. Power Tools
