List of Debuggers Supported with Windows NT

ID: Q121652

3.10 3.50
WINDOWS
kbtool
The information in this article applies to:

SUMMARY

Windows NT provides several debuggers that can be used to debug Kernel mode or user mode exceptions. There are three primary debuggers used with Windows NT: KD (i386KD, MIPSKD and AlphaKD), NTSD, and WinDbg.


MORE INFORMATION

KD

KD is the kernel debugger; it runs on a separate debug machine to find problems in the Kernel and Kernel mode drivers on a test machine.

NTSD

NTSD is a "software debugger" used to debug user mode processes on a test machine. It uses symbols in the %WINDIR%\SYMBOLS DIRECTORY. The DLL file and EXE file symbols are needed for debugging most user mode problems. One useful feature of NTSD (and WinDbg) is that it can be attached to a running process. Using TLIST or PVIEWER, you can get the process ID for an existing process and start "NTSD -p <pid>" to debug that process. The NTSD command line uses the following syntax 


   NTSD [[ options]] imagefile


where "imagefile" is the name of the image to be debugged and "options" is one of the following: 


   Option  Description
   ---------------------------------------------------------------------
   -2      Opens a new window for debugging character mode applications.
   -d      Redirects output to the debugging terminal.
   -g      Causes execution past the first breakpoint automatically.
   -G      Causes NTSD to exit immediately when the child terminates.
   -o      Enables debugging of multiple processes. The default is for
           one process directly spawned by the debugger.
   -p      Process-ID
           Specifies debugging of the process identified by process-id.
   -v      Produces verbose output.


WinDbg

WinDbg is a Windows-based debugger that can be used to debug either Kernel or user mode. It is larger and somewhat slower than its text counterparts, but it has additional features, including source-level debugging and being able to read crash dump files. When you run WinDbg from the command line, you can use the following options: 


   windbg [-a] [-g] [-h] [-i] [-k [platform port speed]] [-l[text]][-m]
          [-p id [-e event]] [-s[pipe]] [-v] [-w name] [-y path]
          [-z crashfile] [filename[.ext] [arguments]]

   Syntax     Description
   ------------------------------------------------------------------------
   -a         Ignore all bad symbols (but still print warning message).
   -g         Go now; start executing the process.
   -h         Causes child processes to inherit access to WinDbg's handles.
   -i         Ignore workspace; like running without any registry data.
   -k [platform port speed]

              Run as a kernel debugger with the specified options:
                 - platform is the target machine type (x86, MIPS, Alpha)
                 - port is the com port (com1 ... comn)
                 - speed is the com port speed (9600, 19200, 57600, etc.)

   -l [text]  Sets the window title for WinDbg.
   -m         Start WinDbg minimized.
   -p id      Attach to the process with the given id.
   -e event   Signal an event after process is attached. Used only for
              post-mortem debugging .
   -s [pipe]  Start a REMOTE.EXE server, using the named pipe.
   -v         Verbose option; WinDbg prints module load and unload
              messages.
   -w name    Load the named workspace.
   -y path    Search for symbols along the specified path. You can specify
              multiple paths by separating them with semicolons.
   -z crashfile
              Debug the specified crash dump file.

   filename[.ext]
              Program to debug or file to edit.
   arguments  Arguments to program being debugged.


Additional query words: Debug User-mode Kernel-mode debugref 


Keywords          : 
Version           : 
Platform          : 
Issue type        :

Last Reviewed: February 9, 1999