Debugging Beyond Visual studio–windbg

Getting started with WINDBG:

1. Download the debugging Tools for Windows from the Microsoft website

We recommend you install WINDBG Preview as it offers more modern visuals, faster windows, a full-fledged scripting Experie NCE, built with extensible debugger data Model front and center.

2. When clicking Download from the Microsoft Store, a prompt would appear, select "Get"

3. Windows would start the download and installation process. A prompt'll confirm installation status.

4. Select to ' Pin to Start, ' Close windows by clicking ' X ' on the top right of window.

5. Set the Windows symbol Server path in File > Settings > Symbol path (see example below)

6. Go to your Start menu, select the WINDBG Preview to launch the application

7. The WINDBG initial view

8. What is the difference between User mode-debugging and Kernel-mode debugging?

In User mode debugging, the code normally delegates to the system API's to access hardware or memory. You typically was debugging a single executable, which was separated from other executables by the OS. Typical scenario is to isolate memory or application hang issues on Win32 desktop applications. In User mode, the debugger are running on the same system as the code being debugged.

In Kernel mode debugging, the code normally have unrestricted access to the hardware. Typical scenario is driver code developed for hardware devices. When the debugging in Kernel mode you typically use the different systems. One system runs the code that's being debugged, and another runs the debugger, usually connected with a cable. Click here for additional information on Kernel mode debugging.

9. Advantages of WINDBG:

• Extensive numbers of commands and extensions.
• A useful tool to help understand OS and software running on the system being debugged.
• Lightweight and can is used in production as it has no dependency, only require an executable (. exe) to run.
• A useful tool to help isolate User or Kernel mode code "s difficult to troubleshoot on Windows.

Common User mode Debugging commands:

. HH (Open WINDBG ' s help)

Vertaget (Get the version of the target computer)

Symbol Path (Display or Set symbol search path)

Version (Dump version info of debugger and loaded extension DLLs)

!ext.help (General extensions)

!analyze-v (Display information about the current exception or bug check; verbose)

Common Kernel mode Debugging commands:

!analyze

!error (plus error code, e.g. "!error c0000005)

Useful Links:

Debugging Using WINDBG Preview:

Https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/debugging-using-windbg-preview

Getting Started with WINDBG Microsoft Docs :

https://docs.microsoft.com/en-us/windows-hardware/drivers/debugger/getting-started-with-windbg

Common WINDBG Commands:

Http://windbg.info/doc/1-common-cmds.html

Elementary User-mode Debugging:

Https://microsoft.sharepoint.com/teams/bidpwiki/Pages1/Elementary%20User-Mode%20Debug.aspx

Debugging Beyond Visual studio–windbg