Chapter 3 continues the examination of the debuggers in greater detail. Coverage includes topics such as the inner workings of a debugger (miniature debugger implementation) and a detailed description of the exceptions dispatching mechanism.

Without proper symbols debugging is a very hard and sometimes impossible proposition. This chapter covers the important topic of symbol and source management. Topics such as creating private and public symbol packages, setting up a symbol and source server are covered in detail.

Corrupting the stack is a common programming mistake that can be extremely difficult to debug. Without the proper knowledge of how Windows manages thread stacks as well as the tools available to make debugging stack problems easier developers can spend countless hours navigating a stack corruption. The chapter begins with an overview of Windows stack management followed by a set of scenarios that illustrate common stack problems and how to debug them.

This chapter continues the study of memory corruptions and focuses on heap related corruptions. The chapter begins with a detailed discussion of the Windows Heap Manager and covers topics such as the front end allocator, back end allocator, look aside lists and free lists. Several scenarios are also included and serve to illustrate some of the most common forms of heap corruptions. A detailed root cause analysis using the debuggers and tools is also included for each scenario.

Every so often a developer is faced with an ACCESS DENIED error code without any clues as to why the error was returned. The task of navigating complex security and access denied problems is a covered in this chapter. The primary focus of this chapter is on the Windows native security model and covers the access control constructs available as well as how the debuggers can be used to maximize efficiency when analyzing security problems.

Processes typically don’t live in isolation rather rely on auxiliary processes to complete processing. This chapter details the intricacies of debugging across processes using RPC. Topics covered include identity tracking (who is calling what), RPC debugger commands and extensions as well as an explanation of a powerful freeware tool called Ethereal that can be used to track interprocess calls that cross machine boundaries.

Resource leaks are common programming mistakes that can wreak havoc in your application. This chapter studies the most common form of resource leaks (such as memory and handle leaks) and shows how the debuggers and associated tools can be utilized when tracking down resource leaks.

A multithreaded environment allows for a great amount of flexibility and efficiency. With this flexibility comes a lot of complexity in the form of thread management. Threads must be made to properly work in tandem without interfering with each other. This chapter introduces the synchronization primitives available in Windows and discusses how the debuggers and tools can be used to debug common thread synchronization problems. Scenarios such as deadlocks, lock contention (lock convoys), indirect deadlocks (such as loader lock) and management of critical sections are discussed in detail.

Even though the debuggers include a ton of powerful commands out of the box it is sometimes necessary to extend the core functionality. This can be achieved by writing your own debugger extensions. This provides an in depth discussion of how to develop a custom debugger extension. It will guide you through the overall extensibility mechanism and includes a step by step guide on how to implement a sample debugger extension.