Installing Debugging Tools
Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2
If the source code for an application is available, and you want to resolve the underlying cause of compatibility problems by modifying the source code, use a debugging tool to investigate the problem. You can use your own debugging tools, or you can use Debugging Tools for Windows.
Debugging Tools for Windows is a collection of kernel-mode and user-mode debuggers provided by Microsoft. Applications run in one of two modes: kernel mode or user mode. Operating system services and some low-level programs, such as device drivers and antivirus applications, run in kernel mode. Kernel-mode applications can access any part of the system. User-mode applications are limited to their allocated area in memory and have restricted access to system interfaces and system data. Most end-user applications run in user mode.
Choose a tool based on the type of application that you need to debug (a kernel-mode or user-mode application) and whether you will use a local or remote computer for debugging. Most of the applications that you need to test for compatibility with Windows XP Professional are user-mode applications; however, you might need to test kernel-mode applications if you develop device drivers or other kernel-mode applications in-house. If you have kernel-mode applications that have been developed by third-party vendors, contact those vendors for upgrades.
Table 3.5 lists each debugger included in Debugging Tools for Windows, telling the processing mode for which it is designed and whether it must be used from the local computer or a remote computer.
Table 3.5 Debugging Tools for Windows
| Tool | Processing Mode | Debugging Computer |
|---|---|---|
Microsoft Console Debugger (CDB) |
User mode |
Local or remote |
Microsoft NT Symbolic Debugger (NTSD) |
User mode |
Local or remote |
Microsoft Windows Debugger (WinDbg) |
User mode and kernel mode |
Local or remote |
Microsoft Kernel Debugger (KD) |
Kernel mode |
Remote |
Important
- Debugging information for all system applications, drivers, and DLLs resides in separate files known as symbol files. By separating debugging information from the application, symbol files allow applications to be smaller and faster, but still permit them to be debugged if the symbol files are installed. If you use a Microsoft debugger on a third-party application that has no symbol file, the debugger tries to extract symbolic information from the executable file and indicates that the characters are export symbols. These are not actual symbols, and they should not be used for debugging analysis.
In addition to the debuggers, Debugging Tools for Windows provides some other tools that can help you during debugging. The Logger and LogViewer, in particular, can help you debug application compatibility problems. Logger and LogViewer can help you analyze the API calls made by an application. If an application worked on an earlier version of Windows, differences in API implementations probably are causing the incompatibilities. One of the most effective ways to debug a third-party application is to examine the Win32 APIs that it calls.
CDB and NTSD
Microsoft Console Debugger (CDB) and the Microsoft NT Symbolic Debugger (NTSD) are console debuggers that allow you to analyze user-mode memory and constructs on target applications that are either console or graphical Windows applications. CDB and NTSD have the same functionality, except that NTSD opens a second command window when it is started. When you use these tools to debug an application that has failed, they can obtain a stack trace or display invalid parameters. You also can use them to observe the behavior of an application that is functioning properly.
By using CDB or NTSD, you can display and execute program code, set breakpoints, and examine and change values in memory. CDB and NTSD can disassemble binary code and display assembly instructions. They also enable you to analyze source code directly.
Note
- A copy of NTSD is installed in the \Windows\system32 directory when Windows XP Professional or Windows Server 2003 is installed, but the version included with Debugging Tools for Windows is the most recent version. The version of NTSD installed with Windows XP Professional or Windows Server 2003 can be used only for local debugging.
WinDbg
WinDbg is a graphical interface debugger that supports full source-level debugging for the Windows kernel, kernel-mode drivers, and system services, as well as user-mode applications and drivers. WinDbg is the most versatile debugger in Debugging Tools for Windows. It can monitor variables, CPU registers, and parameters passed in function calls. You also can use it to review a crash dump file from Dr. Watson, which captures the state of the system when a failure occurs. By using WinDbg, you can view source code, set breakpoints, and view variables (including C++ objects), stack traces, and memory.
Logger and LogViewer
Logger monitors the actions of a user-mode application and records all of its API calls. You can display the resulting information in a debugger, save it as a text file, or display it in an interactive format in the LogViewer.
You can start Logger by using the stand-alone Logger.exe program, or by starting NTSD or WinDbg, and using the LogExts.dll debugger extensions. Both methods produce the same type of log output. By starting Logger with NTSD or WinDbg, however, you have access to all the functionality of both a debugger and Logger.
After logging the API calls, you can use LogViewer to view the log file. You can view the list of all the API calls in the order in which they were logged, filter the list, export the list to a text file, and view the values of parameters sent to or received from each API call.
Obtaining Debugging Tools for Windows
Debugging Tools for Windows are available for downloading. To use the tools, you should also install the appropriate symbol files for the version of Windows that is running the application that you need to debug. Symbol files contain a variety of information that is not required to run a program, but that is useful for debugging. This information is contained in a symbol file instead of in the executable file for performance purposes. To download the most recent version of Debugging Tools for Windows and the appropriate symbol files, see the Debugging Tools link on the Web Resources page at https://www.microsoft.com/windows/reskits/webresources. For more information about debugging, including information about debugging tools, see Using Debugging Tools for Windows, which is installed when you install the Debugging Tools for Windows. To open Using Debugging Tools for Windows on Windows XP Professional, click Start, click All Programs, click Debugging Tools for Windows, and then click Debugging Help. To open Using Debugging Tools for Windows on Windows Server 2003, click Start, click Programs, click Debugging Tools for Windows, and then click Debugging Help.