Presentation is loading. Please wait.

Presentation is loading. Please wait.

Windows ® 2000 Debugging André Vachon Development Lead Windows Debuggers Microsoft Corporation.

Published byOsborn Bennett Bradford Modified over 9 years ago

Similar presentations

Presentation on theme: "Windows ® 2000 Debugging André Vachon Development Lead Windows Debuggers Microsoft Corporation."— Presentation transcript:

1 Windows ® 2000 Debugging André Vachon Development Lead Windows Debuggers Microsoft Corporation

2

3 Agenda  Documentation  Symbols  Dump Files  Debugger changes  Debugger Extensions

4 Documentation  Debugging is a knowledge intensive task  The more you know, the more efficient you are  We have focused on providing much better debugger documentation  Ships as part of the debugger package  Will point you to debugger information all through the talk

5 Documentation  Focused on the reference sections  Documentation for all the parameters and commands  Unique command line interface for the debuggers  Future enhancements  More debugger extensions  More “How To” sections for common debugging scenarios

6 Symbols  Symbol support in Windows debuggers  exports .dbg files .pdb  Mix of any symbol type since NT 4  Diagnosing bad symbols  Symbol Server

7 What Are.dbg Files ?  Only exist when compiling with VC 4 or VC 5  Compiler and linker left extra debug information in the images .dbg created to remove this extra info  Generated by internal tool from the.exe or.dll  Contains basic debugging information  Contains pointer to the.pdb file

8 What Are.pdb Files ?  Generated by the compiler and linker  Binary file with multiple “streams”  Each streams contains a certain type of debugging information  Matched to the executable with unique identifiers  Age and signature

9 Full.pdb Files .pdb file as generated by the linker  Has all data streams  Types, locals, globals, statics, fpo, fixups, OMAP, source lines  Required to do full source level debugging  Files are very large  ntoskrnl.pdb is 8 MEG  Not shipped outside Microsoft

10 Public.pdb Files  Generated by a tool from the full.pdb  Certain data streams are removed  Types, locals, source lines  All function names and data required for stack traces are included  Globals, fpo  Files are much smaller  Ntoskrnl.pdb is 1 MEG  Public.pdb files are shipped on the support CD

11 Type Information  Type information is contained in one of the.pdb streams  Full encoding of every type definition used in a binary  Every field name of every structure  Debugger can query type definitions  Used for structure expansion in debugger

12 Other Symbols  Export Symbols  Debugger can use public exports as symbols  Used when no symbol file can be found  Map files  Only used on Win9x  Not supported by kd\ntsd\WinDBG

13 Diagnosing Bad Symbols  Debugger will give you a message when symbols are not found  !sym noisy  More verbose symbol load  !dh  !dh  Dumps image headers  Lm, lml, !drivers  More commands to look at images  Will add more documentation and debugger commands for this

14 Symbol Server  Symbol files can be indexed on a single machine  Use unique identifiers from the images and symbol files to find the symbols  New extension to the symbol handler  Point to one location which contains all your symbols  We will ship tools to build symbol servers  More documentation to come

15 Dump Files  What are dump files  Types of dump files  Kernel mode vs User mode  Full dumps vs. Mini dumps.  How to use dump files  32 bit vs 64 bit

16 Kernel Dump Files  Three types of dump files  Full (All NT versions)  Summary (win2k)  Mini (win2k)  Very useful to analyze software failures off-line  Can not be used to analyze hardware related problems

17 Full Kernel Dump File  In NT4, Win2k, Whistler  Stores all the physical memory in the machine  Dump is independent of virtual addresses or processes  Data saved to the page file  Dump fails if page file is not large enough  Page file must be on boot drive  Page file content is destroyed Can not restart OS from a kernel dump file Can not restart OS from a kernel dump file

18 Full Kernel Dump File  Advantages  Most complete dump available  When debugged, paged-in portions of user mode processes can be viewed  Disadvantages  Can be very time consuming to create

19 Summary Kernel Dump File  New in Windows 2000  Saves resident kernel pages only  Advantages  Quicker to generate at crash time  Provide enough information to analyze any kernel data structure  Disadvantages  Can not look at any user mode stack or data structures

20 Mini Kernel Dump Files  New in Windows 2000  64K in size  Contains minimum amount of information to analyze a fault  Context of the faulting thread  Stack of the faulting thread  Current thread and process data structures  Kernel module list  A few key MM data structures

21 Mini Kernel Dump Files  Advantages  Very quick to generate  Enabled by default by setup on Windows 2000 Professional  Enough to pin-point simple failures  Disadvantage  Not enough information to do full fault analysis  No Image sections Requires debugger to load images to get stack traces Requires debugger to load images to get stack traces

22 User Dump Files  Two types of dump files  Full (All NT version)  Mini (whistler)

23 Full User Dump File  Dump of the entire address space of the application  Generated automatically by Dr.Watson  Advantages  Lets you debug the fault off line  Disadvantages  Can be very large and long to generate

24 Mini User Dump File  Dump only contains basic information about the crash  All threads, with associated context and stack  List of modules  Advantages  Small and quick to create  Disadvantages  Can only debug simple failures (AVs)

25 Using Dump Files  Debugger can load ANY type of dump file  kd –z -y  kd –z -y  All debugger commands and extensions work identically to live debugging  Some limitations based on information available in the dump  Minidump files  Must specify –i  Must specify –i  Limited data in the dump file restricts which commands are valid

26 Using Dump Files  Advantages  Very simple to use with the debugger  Very useful for off-line analysis  Can get dump files from customers  Can send dump files to other developers  Disadvantages  No adapter hardware state is available  No access to live adapter registers  Cannot execute code  Minidumps don’t have much information

27 32 Bit Vs. 64 Bit Dump Files  Different file formats  Certain fields are extended to handle 64 bit addresses  64 bit dump files will get even bigger, as address space of machine gets bigger  The debugger just works with any dump file

28 Debugger Changes  Redesigned debugger internals  Simple Debugger UI Command line - kd, cdb, ntsd Command line - kd, cdb, ntsd Graphical - WinDBG Graphical - WinDBG  New debugger engine  Broader coverage of Windows OSes  Support for new transports  Much better testing  Windows group will use same debugger as external developers

29 Debugger Architecture The debuggers have been split into:  UI  Simple and replaceable front end that manages user input and output  Debugger engine  Handles all debugging activity  Exposes rich set of APIs to debugger UIs and extensions  Symbol Handler  Used by engine to get symbolic info

30 HOST, TARGET, REMOTE  HOST – Machine running the debugger directly connected to the TARGET  TARGET -- Machine being debugged  REMOTE – Machine remotely running the debugger, connecting to the HOST

31 HOST  The debugger binaries are run on the HOST  WinDBG, kd, ntsd, debugger engine  The debuggers binaries work and are tested on all versions of NT, starting with NT 4  Debugger could also run on Win9x  Not tested yet  We need to know if this is an issue

32 Kd.exe  Kernel debugger  Simple command line UI  Takes all commands and sends them to the debugger engine  Displays output from debugger engine  Merged i386kd, alphakd and ia64kd into one

33 Cdb.exe And Ntsd.exe  User mode debugger  Simple command line UI  Takes all commands and send them to the debugger engine  Displays output from debugger engine  Ntsd.exe is shipped in the OS  CDB.exe is only in the debugger package

34 WinDBG.exe  Simple Windows application  UI on top of the debugger engine  Collection of dialogs to get configuration information  A Set of windows to display information retrieved from the debugger engine

35 WinDBG.exe  WinDBG pre-release available  Download from our web site today  Debugger engine and command line 100% functional  Missing UI features  Workspace  More configuration options  UI polish

36 Debugger Engine  Single DLL, with built in support for:  All versions of NT, starting with NT 4  32 bit and 64 bit  User Mode and kernel mode  Live and Dump File debugging  Remoting  Exposes full symbolic information  All these features are transparent to the UI

37 User-Mode Debugging  For user-mode debugging:  HOST machine == TARGET machine  32 and 64 bit versions of debugger

38 User-Mode Debug Demo  Native IA64 debugging session

39 Kernel Debugging TARGETS  TARGET does not use any extra debugger binaries  Built-in to HAL and ntoskrnl  Multiple connection mediums  COM port  1394 (Whistler)  Local debugging (Whistler)

40 Kernel Debugging TARGETS  Support any TARGET OS from NT4 to Whistler  Detects version at runtime MP\UP, pro\svr\adv\dtc, NT4\Win2k\Whistler MP\UP, pro\svr\adv\dtc, NT4\Win2k\Whistler  Support any TARGET architecture  Detects at runtime IA64, X86, etc

41 Remote Debugging  Can connect remotely to a HOST debug session  REMOTE uses same binaries as the HOST  WinDBG, kd, ntsd  Support various protocols  Named pipes, sockets  Multiple REMOTE debuggers can connect to the host debugger  Must use the same protocol  Cannot remotely connect directly to TARGET

42 Remote Debugging Demo HOST: X86, Win2K, kd Serial cable TARGET: IA64 Whistler REMOTE: X86, Whistler WinDBG Named pipes

43 Remote Debugging Demo HOST: X86, Win2K, kd Serial cable TARGET: IA64 Whistler REMOTE: X86, Whistler WinDBG Named pipes

44 Type Information Support  Requires full.pdb  Will work with symbol files for your drivers or application  Debugger engine has built-in support for type information  New ‘dt’ debugger command  New debugger interface to expose type information to the UI

45 Debugger Extensions  Most important feature of the windows debugger  Lets you write specific code to analyze faults or dump data structures  Windows DEV team could not debug the OS without debugger extensions  We have written 100’s of these  We ship a subset of them with the debugger  !process, !thread, !vm, !pci, etc.

46 Old Debugger interfaces  Exposed a subset of the debugger functionality  Read and write memory Virtual, Physical, IO, MSR, PCI Virtual, Physical, IO, MSR, PCI  Expression evaluation  Symbol lookup  Incompatible between ntsd and WinDBG

47 New Debugger Interfaces  Debugger engine exposes the new debugger interface  Complete set of interfaces  Object based, yet still very simple to use  WinDBG is implemented using these new interfaces  Could easily rewrite a UI to replace WinDBG  Very simple extensions can be written to a subset of the interfaces

48 New Debugger Interfaces  Read and write memory  Breakpoint  Execution control  Expression evaluator  Full symbol and TYPE support  Source code support

49 Sample Debugger Extension  Tool to remotely connect to a debug session and retrieve the stack trace Main(pszConnectString) { DebugConnect(pszCS,IID_D, &gDbg); gDbg->QueryInterface(IID_C, &gControl); gDbg->SetOutputCallbacks(&gOutCallback); gControl->Execute(“k”); } OutputCallback::Output(Mask, Text) { // handle output appropriately }

50 32 bit vs. 64 bit extensions  All new interfaces use 64 bit addresses  Debugger extensions should always use 64 bit addresses  32 bit addresses are SIGN-EXTENDED  Must handle this correctly in extension DLLs

51 Writing Debugger Extensions  New interfaces are not provided in the current debugger package  Future release will have headers, libs, docs and samples  NT 4 and win2k extension interfaces can still be used today  Write debugger extensions – they will make debugging a lot more easy

52 Call To Action  Try the new debugger !  http://www.microsoft.com/ddk/debugging  Read the documentation. Learning more about the tools will make it easier to debug problems.  For feedback (report bugs or missing featrures) windbgfb@microsoft.com  For support or help with the debugger http://support.microsoft.com/support/ddk

53

Download ppt "Windows ® 2000 Debugging André Vachon Development Lead Windows Debuggers Microsoft Corporation."

Similar presentations

Microsoft Windows NT Embedded 4.0

Microsoft Windows NT Embedded 4.0
Building Embedded Systems With Windows® CE Platform Builder 3

Building Embedded Systems With Windows® CE Platform Builder 3
SYSTEM PROGRAMMING & SYSTEM ADMINISTRATION

SYSTEM PROGRAMMING & SYSTEM ADMINISTRATION
Mehmet Can Vuran, Instructor University of Nebraska-Lincoln Acknowledgement: Overheads adapted from those provided by the authors of the textbook.

Mehmet Can Vuran, Instructor University of Nebraska-Lincoln Acknowledgement: Overheads adapted from those provided by the authors of the textbook.
® IBM Software Group © 2010 IBM Corporation What’s New in Profiling & Code Coverage RAD V8 April 21, 2011 Kathy Chan

® IBM Software Group © 2010 IBM Corporation What’s New in Profiling & Code Coverage RAD V8 April 21, 2011 Kathy Chan
Chorus and other Microkernels Presented by: Jonathan Tanner and Brian Doyle Articles By: Jon Udell Peter D. Varhol Dick Pountain.

Chorus and other Microkernels Presented by: Jonathan Tanner and Brian Doyle Articles By: Jon Udell Peter D. Varhol Dick Pountain.
Operating-System Structures

Operating-System Structures
DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.

DEV392: Extending SharePoint Products And Technologies Through Web Parts And ASP.NET Clint Covington, Program Manager Data And Developer Services - Office.
Servlets and a little bit of Web Services Russell Beale.

Servlets and a little bit of Web Services Russell Beale.
11 INSTALLING WINDOWS XP Chapter 2. Chapter 2: Installing Windows XP2 INSTALLING WINDOWS XP  Prepare a computer for the installation of Microsoft Windows.

11 INSTALLING WINDOWS XP Chapter 2. Chapter 2: Installing Windows XP2 INSTALLING WINDOWS XP  Prepare a computer for the installation of Microsoft Windows.
DEV450 Visual Studio: Best Practices For Debugging Managed Applications Habib Heydarian Scott Nonnenberg Program Managers Microsoft Corporation.

DEV450 Visual Studio: Best Practices For Debugging Managed Applications Habib Heydarian Scott Nonnenberg Program Managers Microsoft Corporation.
Operating Systems.

Operating Systems.
1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.

1 Chapter Overview Introduction to Windows XP Professional Printing Setting Up Network Printers Connecting to Network Printers Configuring Network Printers.
Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:

Nikto LUCA ALEXANDRA ADELA. Nikto  Web server assessment tool  Written by Chris Solo and David Lodge  Released on December 27, 2001  Stable release:
Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.

Working with Applications Lesson 7. Objectives Administer Internet Explorer Secure Internet Explorer Configure Application Compatibility Configure Application.
Joe Chen Sr. Manager, Insyde Software

Joe Chen Sr. Manager, Insyde Software
Windows Debugging Demystified

Windows Debugging Demystified
Debugging techniques in Linux Debugging Techniques in Linux Chetan Kumar S Wipro Technologies.

Debugging techniques in Linux Debugging Techniques in Linux Chetan Kumar S Wipro Technologies.
Windows 2000 Memory Management Computing Department, Lancaster University, UK.

Windows 2000 Memory Management Computing Department, Lancaster University, UK.
INTRODUCTION TO WEB DATABASE PROGRAMMING

INTRODUCTION TO WEB DATABASE PROGRAMMING

Similar presentations

Ads by Google