Start of windbg

Overview

Windbg is a powerful debugging tool based on the Windows platform. It can debug in kernel and user modes.

Windbg provides source code-level applications based on the Windows Kernel, kernel mode drivers, system services, and user mode.ProgramAnd driver debugging.

The source code-level debugging of windbg uses Microsoft Visual
Studio symbol format. It can access any symbol or variable in the PDB symbol file and the external function name in the coff symbol file module.

Windbg allows you to view source code, set breakpoints, view variable values (including c ++ target files), stack traces, and memory. Its command window can accept many commands.

For kernel-mode debugging, windbg requires two machines (host machine and target machine). This debugging mode only supports the NT-based Windows operating system.

Windbg also supports variable remote debugging on the target machine in user mode and kernel mode.

Install

Windbg is debugging
For a part of tools for Windows, visit the following link to obtain the installation file:

Http://msdn.microsoft.com/en-us/windows/hardware/gg463009.aspx

Configuration

Windbg itself does not automatically recognize the symbol file. We need to manually configure the location of the symbol file.

Symbol file path... Ctrl + S

Source file path... Ctrl + P

Image File Path... Ctrl + I

We can.

C: \ winnt \ symbols; SRV * c: \ winnt \ symbols * http://msdl.microsoft.com/download/symbols

Here, c: \ winnt \ symbols is the location where your symbol file is installed, so windbg will first find the symbol file from here, if not, it will go to http://msdl.microsoft.com/download/symbolssymbol file library to find and download.

Source file path and Image
File path is the path of the source and executable files.