WinDBG#

A much more powerful debugger than Visual Studio but annoyingly must be downloaded as a Windows App Store

Command Cheatsheet#

Command	Desc
`k`	Display backtrace
`!locks`	Display all resource locks held by any thread
`!uniqstack`	Display all thread stacks excluding duplicates
`!findstack`	Find all stacks containing specified symbol/module

Command	Desc
`bp`	Set Breakpoint: new breakpoint using address
`bu`	Set Unresolved Breakpoint: new unresolved/deferred breakpoint using symbolic reference. Persists across module load/unload
`bm`	Set Symbol Breakpoint: new breakpoints on symbols using pattern match; defaults to unresolved but can associate to address with `/d` switch
`ba`	Break on Access: new data hardware breakpoint
`be`/`bd`/`bc`	Breakpoint Enable/Disable/Clear: enable/disable/clear breakpoints
`bl`	Breakpoint List: list breakpoints with current status
`.bpcmds`	Display Breakpoint Commands: list breakpoints with commands
`br`	Breakpoint Renumber: change breakpoint ID
`bs`	Update Breakpoint Command: change breakpoint command
`bsc`	Update Conditional Breakpoint: change breakpoint condition

BreakPoints
can specify the location of a breakpoint by virtual address, module and function offsets, or source file and line number (when in source mode)
- function breakpoint without offset is triggered on function entry
can be associated with a certain thread
can enable a fixed number of passes through an address before it is triggered
can automatically issue certain commands when it is triggered
can be set on non-executable memory and watch for that location to be read or written to
can include a command to execute on trigger
- Ex: breaks at MyFunction+0x47, writes a dump file, then resumes execution: bu MyFunction+0x47 ".dump c:\mydump.dmp; g"
each breakpoint has a decimal number called the breakpoint ID associated with it. This number identifies the breakpoint in various commands
Hardware Breakpoints
Complex DataAccess breakpoints