Debuggers?

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Apparently debuggers are available free to download from the MS website, presumably they are designed to work with the downloadable SDK..? Where are these debuggers, has anyone got a link to them? And how does a debugger work that hasn't got an IDE?
 
Debuggers are deigned to work regardless of the SDK, against any PE
executable.
the SDK is, in few words, a set of includes, stub libraries and a compiler.
A debugger does not care how you create the PE executable.

You can download them from
http://www.microsoft.com/whdc/ddk/debugging/default.mspx

there are 3 (user-mode) debuggers, cdb.exe, ntsd.exe and windbg.exe.
2 of them have just a command line interface, one of them has a GUI.
Read the whole debugger.chm document, and you will find how to use them.

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm


Bonj said:
Apparently debuggers are available free to download from the MS website,
Click to expand...
presumably they are designed to work with the downloadable SDK..? Where are
these debuggers, has anyone got a link to them? And how does a debugger work
that hasn't got an IDE?
 
Right, I see. Would you specify a switch when compiling to include debugging
symbols in the .exe, in order for it to be easier to use the debugger/
better able to understand its output.?
Also you don't have to understand the machine code do you? Is this the
purpose of the debugging symbols?

Cheers
 
the latest version of the debugging enigne (DbgEng.dll)
can load symbols from almost anyplace,
including the public symbols server from Microsoft.
It's better if you keep the PDB out of the binaries,
but generate the entry in the PE header to contain
the name and the "signature" of the PDB file
(otherwise you will soon understand the meaning of the "unmathced PDB" error
message,
that you can diagnose with `!sym noisy'
before doing a `.reload /f' after
having set `.sympath you_path_to_symbols' ).

The dubugger can leverage the information in the PDB files
to help the human to understand what the code does,
but all the debugger does is to process the Debug Events from the OS,
implement the basic commands (read memory, write memory, trace and step).
With symbols you can type
0:001>g ntdll!RtlAllocateHeap
instead of
0:001>g 0x7f45612c
that is powerful, but it's really the same thing once the debugger knows
how to translate a string into an address in the given context.

--
This posting is provided "AS IS" with no warranties, and confers no rights.
Use of any included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
 
Back
Top