windows:debugging_windows
Differences
This shows you the differences between two versions of the page.
Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
windows:debugging_windows [2023/09/14 09:23] – removed - external edit (Unknown date) 127.0.0.1 | windows:debugging_windows [2023/09/14 09:26] (current) – dodger | ||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== [HOWTO] Windows debugging ====== | ||
+ | |||
+ | ====== Description ====== | ||
+ | Howto debug someting in this " | ||
+ | This document is intended mainly for linux sysadmins that hate m$ and want to help " | ||
+ | |||
+ | |||
+ | ====== Tools ====== | ||
+ | Diving into M$ documentation (tons of it, only a few important words). | ||
+ | I found that there are only a few tools available (free and without using hacking tools, which are the next step). | ||
+ | |||
+ | ===== Debug Diagnostic Tool ===== | ||
+ | * Sysinternals [[https:// | ||
+ | * Windows debugger [[https:// | ||
+ | * [[https:// | ||
+ | |||
+ | The most Useful thing of this tool is that you can " | ||
+ | It will attach while running but will show information from the process start till the moment you connect and will continue logging information. | ||
+ | |||
+ | Of course, you'll also be able to generate a dump (dump memory of the process), but I HADN'T been able to open this kind of dumps with WINDBG cause you'll have to provide all the libs (like gdb in linux) and don't know why, windows is not able to find by itself (like linux do)... I don't want to waste my time in this part so I go on with the next set of tools. | ||
+ | |||
+ | ===== SysInternals ===== | ||
+ | God save the king: ProcessMonitor (procmon.exe) | ||
+ | If you're looking for strace, you're looking for this tool. | ||
+ | Start it, add a filter rule (if you don't want to run crazy), for example: | ||
+ | ^Column^Relation^Value^Action^ | ||
+ | |Process Name|Contains|w3wp|Include| | ||
+ | GO! | ||
+ | You'll need to save it to a log file (I used CSV) to be able to filter all the noise. | ||
+ | |||
+ | |||
+ | ===== WinDbg ===== | ||
+ | [[https:// | ||
+ | As I told on the DebugDiag tools part, I hadn't been hable to make it work and open a User Dump of an application, | ||
+ | |||
+ | |||
+ | ===== CygWin ===== | ||
+ | I can't live with: | ||
+ | * grep/egrep | ||
+ | * less | ||
+ | * vim | ||
+ | * locate/find | ||
+ | |||
+ | I simply installed cygwin to have a shell. | ||
+ | |||