Cyberiafreak

"Fortunate are those who take the first steps.” ― Paulo Coelho

About Windows Debugging Tools (windbg,adplus)

There are four Microsoft debuggers availabe for debugging as part of Windows SDK download.
1)WinDbg (Windbg.exe) -A user-mode and kernel-mode debugger with a graphical interface.
2)KD (Kd.exe) -A kernel-mode debugger with a console interface.
3)CDB (Cdb.exe) -A user-mode debugger with a console interface.
4)NTSD (Ntsd.exe) -A user-mode debugger with a console interface. CDB and NTSD are virtually identical.

>Out of this, Windbg is often used by programmer to analyze dumps
Download it from here – http://msdn.microsoft.com/en-us/windows/hardware/gg463009.aspx
Easier Steps..
1) Instal Windows Debugging tools from web
2) Go the installed folder and invoke adplus tool to start capture the crash/hang
ex: C:\Program Files\Debugging Tools for Windows (x86)>adplus -crash -pn “LogViewer.exe” -o d:\dumps
3) Wait till it crash, so it will write the dumps after crash
4) Now launch Windbg from start menu,
4.1)Set the Symbol File path (where pdb’s available) in Windbg > file -symbol path specifies the directories where the symbol files are located.
4.2)Set the Source File path (where application pdb’s & .NET pdb’s available). You can specify more than one path with ‘;’ separator.
4.3)Set the Executale Image path -executable file path. These files typically have the .exe, .dll, or .sys file name extension
5) For better debugging & complete trace, download the whole .NET symbol path from net
http://referencesource.microsoft.com/downloadsetup.aspx – so you’ll get all pdb’s for all microsoft .net assemblies.
4) Last step in debugging a crashed target computer or application is to use the !analyze extension command (inside Windbg after loading dump)
ex: 0:000> !analyze -v
Now start investigating the stack trace from the dump file for understanding the issue.

About Adplus: ADPlus (adplus.vbs), also known as Autodump+, is a console-based Microsoft Visual Basic script. This tool automates the CDB debugger
to produce memory dumps and log files that contain debug output from one or more processes.
– using this we can trace user-mode process(.exe) or service such as IIS, or MTS, or Microsoft COM+ applications.
When Should You Use ADPlus? You should use ADPlus to capture debugging information if you are experiencing the following problems:
1) Processes that stop responding (that is, hang).
2) Processes that have 100 % CPU utilization on a single processor computer, 50 % utilization on a dual processor computer, 25 % utilization on a quad processor computer, and so on.
3) Processes that fail (that is, crash) or shut down unexpectedly.

Usefil ADPlus command line options:
ADPlus -hang -iis -pn myapp.exe -o c:\temp
ADPlus -crash -iis -pn myapp.exe -o c:\temp
ADPlus -quiet -crash -iis -notify RemoteComputer -o c:\temp
ADPlus -quiet -crash -iis -notify RemoteComputer -o c:\temp

Advertisements

February 14, 2012 - Posted by | windbg

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: