本文详细介绍了一系列Windows调试工具,包括Ntsd、Cdb、Windbg、Kd、Adplus、Umdh和Remote等,以及它们在解决内存泄漏、堆破坏、资源泄漏和线程同步等问题中的应用。此外,还介绍了如何使用Task Manager和Process Explorer来监测句柄计数,以及使用Application Verifier来检测堆破坏。
1. Debugging Tools For Windows:
- Ntsd.exe : Console based debugger with new console
Cdb.exe : Console based debugger with existing console
- Windbg.exe : GUI based debugger
- Kd.exe : Console based kernel mode debugger
- Adplus.exe : Monitoring tool
- Umdh.exe : Memory leak detection tool
- Remote.exe : Remote debugging tool
2. Heap Corruption: tool->Application Verifier
3. Resource Leaks
a. Tools for debuging handles
-
- Task Manager
- Shows handle count
- Process Explorer shows handle count as well as:
- Type of handle (file, mutant, section etc)
- Name of the handle
- Handle value
- Comes in handy when figuring out what type of handle is being leaked
- Debugger extension commend : !htrace
- Task Manager
b. Tools for heap memory tracking
-
- UMDH
- Tracks heap based memory
- Requires OS instrumentation to be enabled(gflags)
- DebugDiag
- Powerful automated debugger
- Extensible
- Debugger command : !heap
- UMDH
4. Thread Synchronization
- Critical Section
- Per process (user mode), Under the covers uses an Event.
- Allows one thread access to shared data
- Represented by RTL_CRITICAL_SECTION (LockCount, RecursionCount, OwningThread, SpinCount, DebugInfo)
- !cs <address>: Displays information about critical section
- Events
- Mutex
- Kernal mode construct
- be used within and across different processes
- Represented in user mode as a handle
- Use !handle command to view information
- Semaphore
- Kernal mode construct
- be used within and across different processes
- Employs resource couniting (x number of threads can access resource)
- Use !handle command to view information
5. Power Tools
- DebugDiag
- Procdump
扫一扫
6390
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
