|
阅读:1510回复:0
windbg vs softice
回应的第 1-10 项留言
后 Message 1 in thread 寄件者:Gaurav Sareen (albelakela@hotmail.com) 主旨:WinDbg vs Softice 新闻群组:comp.os.ms-windows.programmer.nt.kernel-mode View this article only 日期:2001-10-11 12:51:32 PST Sorry for the newbie question. What are the advantages of each, and is one definitely better? I would assume that softice is better, but is it so much better to be a significant advantage? I know that WinDbg is free, softice isnt. Softice can debug a live system, WinDbg ( without livekd from sysinternals) cant. Message 2 in thread 寄件者:Maxim S. Shatskih (maxim@storagecraft.com) 主旨:Re: WinDbg vs Softice 新闻群组:comp.os.ms-windows.programmer.nt.kernel-mode View this article only 日期:2001-10-11 13:21:05 PST > What are the advantages of each, and is one definitely better? I would > assume that softice is better, but is it so much better to be a significant > advantage? Looks like the only advantage of SoftICE is that it requires a single machine only. Looking inside your own kernel while working is a great thing sometimes. Its great feature is also transparent debugging of both user and kernel mode code. Yes, you steps into int 2eh and find yourself in the kernel. WinDbg has a bit more functions (all those under \"!\" and \".\" prefixes, for instance, it has memory leak detector - !poolused), has Windows GUI which is able of saving or copy/pasting the stack traces and debug prints to files/email messages. A very useful feature for team work. It also has absolutely no problems debugging Boot start type drivers, which is non-trivial with SI. It can also debug crash dumps - on single machine, without the null modem. It is also a good and very small (~5MB on disk) user-mode debugger which you can install on the test machine without bothering with full MSVC IDE. SI also sometimes have problems with newer kernel builds (never XP betas etc). > I know that WinDbg is free, softice isnt. Softice can debug a live system, > WinDbg ( without livekd from sysinternals) cant. What do you mean under \"live\"? WinDbg requires a second machine and null modem cable. Max Message 3 in thread 寄件者:Nathan Nesbit (nathann@microsoft.com) 主旨:Re: WinDbg vs Softice 新闻群组:comp.os.ms-windows.programmer.nt.kernel-mode View this article only 日期:2001-10-15 10:24:37 PST > What do you mean under \"live\"? WinDbg requires a second machine and null modem cable. Sysinternals has a tool called LiveKD. My guess at how it works is that it installs a driver. The driver creates a file on the HD and makes it look like a crash dump. One then launchs the debugger against the crash dump file. Reads to the file are redirected to become reads for the right RAM location. The end result is being able to use the debugger to view memory on the system. Now LiveKd fakes some stuff (like context record and stack) because the machine is still running and therefore the context and stack info are constantly changing. But it can be used to get some good information from the machine (query HW config & RAM). For WinXP we have enhanced the kernel to do something similar. We call it Local KD. Check out the Windbg docs for details. The biggest difference between it and LiveKD is that we don\'t bother to fake information like context & stack that is incorrect. The HW test guys here at MS love it to run their PCI debugging extenstions. \"Maxim S. Shatskih\" <maxim@storagecraft.com> wrote in message news:9q4uve$2dp5$1@gavrilo.mtu.ru... > > What are the advantages of each, and is one definitely better? I would > > assume that softice is better, but is it so much better to be a significant > > advantage? > > Looks like the only advantage of SoftICE is that it requires a single machine only. Looking inside your own kernel while working is > a great thing sometimes. > Its great feature is also transparent debugging of both user and kernel mode code. Yes, you steps into int 2eh and find yourself in > the kernel. > > WinDbg has a bit more functions (all those under \"!\" and \".\" prefixes, for instance, it has memory leak detector - !poolused), has > Windows GUI which is able of saving or copy/pasting the stack traces and debug prints to files/email messages. A very useful feature > for team work. > It also has absolutely no problems debugging Boot start type drivers, whic h is non-trivial with SI. > It can also debug crash dumps - on single machine, without the null modem. It is also a good and very small (~5MB on disk) user-mode > debugger which you can install on the test machine without bothering with full MSVC IDE. > SI also sometimes have problems with newer kernel builds (never XP betas etc). > > > I know that WinDbg is free, softice isnt. Softice can debug a live system, > > WinDbg ( without livekd from sysinternals) cant. > > What do you mean under \"live\"? WinDbg requires a second machine and null modem cable. > > Max > > > Message 4 in thread 寄件者:Sam Saeki (saekisam@hotmail.com) 主旨:Re: WinDbg vs Softice 新闻群组:comp.os.ms-windows.programmer.nt.kernel-mode View this article only 日期:2001-10-11 13:32:21 PST My Ideas on this subject: Major advantage of Soft-ICE: Single Machine. Major disadvantage of Soft-ICE: You must copy the symbols (.pdb) files in addition to the .sys you are debugging. If I were to choose one debugger: WinDbg. Reasons: * WinDbg is Free (softice costs about 300-400 per year if you want updates) * With WinDbg I can capture logging output easily. * WinDbg now supports Firewire! That will be great for logging massive quantities of trace data. * With WinDbg I can save debugging workspaces. * WinDbg has lots of extra commands. * WinDbg supports debugger extensions. * I don\'t need to copy symbols every time. * Same WinDbg works for NT4, 2000, XP. It seems to be always be backward compatible. Softice is notoriously version dependent. Don\'t get me wrong...There was a time when I preferred SoftIce. Machines were more expensive. WinDbg was harder to use. And SoftIce worked for 9X (same interface). Now that I don\'t do 9X much and WinDbg has been upgraded, I will use SoftIce less and less. And, I have not used Firewire yet, but, I can\'t wait to try it out. -- Posted from [12.44.37.253] via Mailgate.ORG Server - http://www.Mailgate.ORG Message 5 in thread 寄件者:Oleksandr Bublyk (sab@mastereye.kiev.ua) 主旨:Re: WinDbg vs Softice 新闻群组:comp.os.ms-windows.programmer.nt.kernel-mode View this article only 日期:2001-10-12 02:45:18 PST \"Sam Saeki\" <saekisam@hotmail.com> wrote in message news:c5a70b11a062c0afc18bc93012378876.29727@mygate.mailgate.org... > My Ideas on this subject: > > Major advantage of Soft-ICE: Single Machine. > > Major disadvantage of Soft-ICE: You must copy the symbols (.pdb) files in > addition to the .sys you are debugging. > No, you have to say \"Package source with symbol table\" and the life is not so bad :) -- Bye, SaB Message 6 in thread 寄件者:Tim Roberts (timr@probo.com) 主旨:Re: WinDbg vs Softice 新闻群组:comp.os.ms-windows.programmer.nt.kernel-mode View this article only 日期:2001-10-12 21:05:55 PST \"Oleksandr Bublyk\" <sab@mastereye.kiev.ua> wrote: >\"Sam Saeki\" <saekisam@hotmail.com> wrote in message >news:c5a70b11a062c0afc18bc93012378876.29727@mygate.mailgate.org... >> My Ideas on this subject: >> >> Major advantage of Soft-ICE: Single Machine. >> >> Major disadvantage of Soft-ICE: You must copy the symbols (.pdb) files in >> addition to the .sys you are debugging. >> > >No, you have to say > \"Package source with symbol table\" and the life is not so bad :) But you still have to copy the .NMS file to the target machine. I believe that\'s what Sam was referring to. -- - Tim Roberts, timr@probo.com Providenza & Boekelheide, Inc. Message 7 in thread 寄件者:Dejan Maksimovic (dejan@alfasp.com) 主旨:Re: WinDbg vs Softice 新闻群组:comp.os.ms-windows.programmer.nt.kernel-mode View this article only 日期:2001-10-15 12:41:43 PST What TARGET machine?:-) No, you don\'t have to copy it - you can just access it via network. Regards, Dejan. Tim Roberts wrote: > \"Oleksandr Bublyk\" <sab@mastereye.kiev.ua> wrote: > > >\"Sam Saeki\" <saekisam@hotmail.com> wrote in message > >news:c5a70b11a062c0afc18bc93012378876.29727@mygate.mailgate.org... > >> My Ideas on this subject: > >> > >> Major advantage of Soft-ICE: Single Machine. > >> > >> Major disadvantage of Soft-ICE: You must copy the symbols (.pdb) files in > >> addition to the .sys you are debugging. > >> > > > >No, you have to say > > \"Package source with symbol table\" and the life is not so bad :) > > But you still have to copy the .NMS file to the target machine. I believe > that\'s what Sam was referring to. > -- > - Tim Roberts, timr@probo.com > Providenza & Boekelheide, Inc. -- Kind regards, Dejan M. CEO Alfa Co. www.alfasp.com E-mail: dejan@alfasp.com ICQ#: 56570367 Alfa File Monitor - File monitoring system for Win32 developers. Alfa File Protector - File protection and hiding system for Win32 developers. Message 8 in thread 寄件者:Walter Oney (waltoney@oneysoft.com) 主旨:Re: WinDbg vs Softice 新闻群组:comp.os.ms-windows.programmer.nt.kernel-mode View this article only 日期:2001-10-12 05:50:03 PST Gaurav Sareen wrote: > What are the advantages of each, and is one definitely better? I would > assume that softice is better, but is it so much better to be a significant > advantage? I use Soft-Ice exclusively, and I teach my seminars students how to use it too. Here is the way I\'d stack the two up against each other: Soft-Ice runs on a single machine *or* over a null-modem cable to any Windows machine *or* over the Internet if you have the right kind of NIC in the target machine. WinDbg requires a NULL modem cable connected to a machine running either Win2K/Xp or Win/Me. I prefer the single-machine approach because it means I only have to carry *one* laptop with me and that I can more easily find suitable seminar classrooms all over the world. Soft-Ice never \"misses\" its connection with the target computer, whereas WinDbg sometimes does. It is very easy to understand which symbol files Soft-Ice will use because you must specify them explicitly. WinDbg uses so many default search rules that I\'ve never been able to predict where it would get symbols and source from. This is a huge problem unless your host and target machines are identical. Soft-Ice keeps separate namespaces for each thing you\'re debugging, wheareas WinDbg either didn\'t or still doesn\'t. Because of this limitation in WinDbg, people fell into the habit of writing drivers where every function has a globally unique name -- i.e., ToasterAddDevice, OvenAddDevice, etc., instead of just \"AddDevice\". This in turn makes it harder to move code from one project to another or to compare files between projects. Soft-Ice lets you imbed the source code in the symbol file, which greatly helps you debug problems in older versions of your code. I don\'t believe WinDbg could let you do something comparable unless you religiously maintain all your old source trees. Soft-Ice lets you set \"virtual\" breakpoints in code that hasn\'t been loaded into memory. The last time I was trying to use WinDbg, I couldn\'t figure out how to set a breakpoint in the DriverEntry for the driver I wanted to test. The newest versions of Soft-Ice will halt on an assertion failure, even in the free build of the OS. Ditto at the entry to KeBugCheckEx. I don\'t know whether WinDbg will do this. Soft-Ice runs in all versions of Windows. WinDbg runs only in NT/2K/Xp or Me. 观看文件全部内容 (仍有 51 行) Message 9 in thread 寄件者:Vijay P (vijay_p@hotmail.com) 主旨:Re: WinDbg vs Softice 新闻群组:comp.os.ms-windows.programmer.nt.kernel-mode View this article only 日期:2001-10-12 08:10:49 PST By the way, WinDBG supports debugging of 64-bit drivers. SoftIce do not have any support for debugging on 64 bit drivers as of today. To be precise, Windbg supports debugging on WinXP-32 bit and WinXP- 64 bit O.S unlike Softice, where you have support only for WinXP-32 bit. \"Walter Oney\" <waltoney@oneysoft.com> wrote in message news:3BC6E834.493084B2@oneysoft.com... > Gaurav Sareen wrote: > > What are the advantages of each, and is one definitely better? I would > > assume that softice is better, but is it so much better to be a significant > > advantage? > > I use Soft-Ice exclusively, and I teach my seminars students how to use > it too. Here is the way I\'d stack the two up against each other: > > Soft-Ice runs on a single machine *or* over a null-modem cable to any > Windows machine *or* over the Internet if you have the right kind of NIC > in the target machine. WinDbg requires a NULL modem cable connected to a > machine running either Win2K/Xp or Win/Me. I prefer the single-machine > approach because it means I only have to carry *one* laptop with me and > that I can more easily find suitable seminar classrooms all over the > world. > > Soft-Ice never \"misses\" its connection with the target computer, whereas > WinDbg sometimes does. > > It is very easy to understand which symbol files Soft-Ice will use > because you must specify them explicitly. WinDbg uses so many default > search rules that I\'ve never been able to predict where it would get > symbols and source from. This is a huge problem unless your host and > target machines are identical. > > Soft-Ice keeps separate namespaces for each thing you\'re debugging, > wheareas WinDbg either didn\'t or still doesn\'t. Because of this > limitation in WinDbg, people fell into the habit of writing drivers > where every function has a globally unique name -- i.e., > ToasterAddDevice, OvenAddDevice, etc., instead of just \"AddDevice\". This > in turn makes it harder to move code from one project to another or to > compare files between projects. > > Soft-Ice lets you imbed the source code in the symbol file, which > greatly helps you debug problems in older versions of your code. I don\'t > believe WinDbg could let you do something comparable unless you > religiously maintain all your old source trees. > > Soft-Ice lets you set \"virtual\" breakpoints in code that hasn\'t been > loaded into memory. The last time I was trying to use WinDbg, I couldn\'t 观看文件全部内容 (仍有 62 行) Message 10 in thread 寄件者:Dejan Maksimovic (dejan@alfasp.com) 主旨:Re: WinDbg vs Softice 新闻群组:comp.os.ms-windows.programmer.nt.kernel-mode View this article only 日期:2001-10-15 10:38:31 PST It does have Win64 support, IIRC - it\'s not released yet. During the beta test, whoever had 64-bit hardware could try it. Regards, Dejan. Vijay P wrote: > By the way, WinDBG supports debugging of 64-bit drivers. SoftIce do not have > any support for debugging > on 64 bit drivers as of today. > To be precise, Windbg supports debugging on WinXP-32 bit and WinXP- 64 bit > O.S unlike Softice, where you have support only for WinXP-32 bit. > > \"Walter Oney\" <waltoney@oneysoft.com> wrote in message > news:3BC6E834.493084B2@oneysoft.com... > > Gaurav Sareen wrote: > > > What are the advantages of each, and is one definitely better? I would > > > assume that softice is better, but is it so much better to be a significant > > > advantage? > > > > I use Soft-Ice exclusively, and I teach my seminars students how to use > > it too. Here is the way I\'d stack the two up against each other: > > > > Soft-Ice runs on a single machine *or* over a null-modem cable to any > > Windows machine *or* over the Internet if you have the right kind of NIC > > in the target machine. WinDbg requires a NULL modem cable connected to a > > machine running either Win2K/Xp or Win/Me. I prefer the single-machine > > approach because it means I only have to carry *one* laptop with me and > > that I can more easily find suitable seminar classrooms all over the > > world. > > > > Soft-Ice never \"misses\" its connection with the target computer, whereas > > WinDbg sometimes does. > > > > It is very easy to understand which symbol files Soft-Ice will use > > because you must specify them explicitly. WinDbg uses so many default > > search rules that I\'ve never been able to predict where it would get > > symbols and source from. This is a huge problem unless your host and > > target machines are identical. > > > > Soft-Ice keeps separate namespaces for each thing you\'re debugging, > > wheareas WinDbg either didn\'t or still doesn\'t. Because of this > > limitation in WinDbg, people fell into the habit of writing drivers > > where every function has a globally unique name -- i.e., > > ToasterAddDevice, OvenAddDevice, etc., instead of just \"AddDevice\". This > > in turn makes it harder to move code from one project to another or to > > compare files between projects. 观看文件全部内容 (仍有 77 行) 后 ?2002 Google |
|
最新喜欢: zackar...
|
