• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Windows Debugging and Troubleshooting
 

Windows Debugging and Troubleshooting

on

  • 1,548 views

More info on http://www.techdays.be.

More info on http://www.techdays.be.

Statistics

Views

Total Views
1,548
Views on SlideShare
1,548
Embed Views
0

Actions

Likes
0
Downloads
70
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Windows Debugging and Troubleshooting Windows Debugging and Troubleshooting Presentation Transcript

    • Introduction to the Debugging Tools for WindowsUnderstanding Windows and x86/x64ArchitecturesUnderstanding Application CrashesIntroducing Application VerifierAdvanced Debugging Techniques
    • 7 years working at Microsoft3 years at Digital Equipment CorporationInstructor with David Solomon
    • The Debugging Tools install four debuggersSupport for all architectures supported byWindowsWinDbg is a Windows–based debugging tool
    • Several ways to select a debugging targetMust know the name or the identifier of the targetSupport for noninvasive debugging
    • WinDbg supports the use of workspacesSupport included for a command line interfaceAccess to symbols to perform debugging
    • A collection of symbols contained within a singlefile
    • Can be challenging to locate the requiredsymbolsSet the system wide environment variableTroubleshoot symbol loading errors with !symnoisy
    • The most useful information is the Help fileUse the .hh command from within the debuggerDiscovering commands with auto–complete
    • Demo
    • Registers, small areas of extremely fast storageUsually measured by the number of bits they holdx86 architecture provides 16 basic programregistersx64 adds an additional 8 general–purposeregisters
    • Accessible using the r debugger command
    • Windows provides support for aflat addressed virtualenvironmentLinear address space is dividedinto fixed–size pages
    • Windows provides support for aflat addressed virtualenvironmentLinear address space is dividedinto fixed–size pages
    • Accessible using the d debugger commands
    • Process, an instance of a programThread, a unit of execution within the systemA unique identifier is assigned to both
    • Using the !teb debugger commandUsing the !peb debugger commandUsing the inbuilt ~ command
    • A storage location used by threadsUseful to identify the flow of code in anapplicationA unique stack is allocated to each thread
    • Accessible using the k debugger commands
    • Demo
    • The result of an unhandled exceptionWindows uses structured exception handlingUnhandled exceptions are passed to a systemfilter
    • Dr Watson replaced with WerFault in WindowsVistaA central location is now provided for usersAdditional support for non–critical events
    • Default configuration is to not take a full dumpAbility to exclude reports on a per applicationbasisDoesn’t affect applications with their own support
    • Application not terminated until the filter returnsMust know the name or the PID of the applicationAllows a user to create a dump of the application
    • Demo
    • A runtime verification tool for native codeAvailable as a separate download from MicrosoftInjects verification DLLs into the application
    • Configurable using the Application Verifier toolCertain verification layers require a debuggerSupport for using a command line interface
    • Demo
    • Possible to force dump creation of an applicationUsing the built in Windows Task ManagerUsing the Debugging Tools for Windows
    • Support for redirection using a kernel debuggerThe system must be started in debugging modeUseful in several advanced scenarios
    • Demo
    • Windows Internals, 5th EditionAdvanced Windows DebuggingWindows via C/C++, 5th Edition
    • Memory Dump, SoftwareTrace, Debugging, Malware and IntelligenceAnalysis PortalAdvanced Windows Debugging andTroubleshooting