Use the WinDbg Engine in Visual Studio User-Mode Debugging

November 15, 2011


In our C++ Debugging course, there are several scenarios which require WinDbg and cannot be completed in Visual Studio. They all rely on advanced extension commands available in WinDbg. Some examples:

  • Tracing opened and closed handles with the !htrace command
  • Viewing native heap information with the !heap command
  • Loading and executing code in the debuggee process with the SDbgExt extension commands !loaddll, !remotecall
  • Inspecting handles to synchronization objects with the !handle command

The sheer power of WinDbg built-in commands and extensions makes it a viable replacement to Visual Studio when doing hard-core debugging. However, the user interface – the tool windows, the source editor, setting up breakpoints, stepping through source, inspecting variables – are no match to the rich Visual Studio environment.

The good news is that as of Visual Studio 11, we’ll be able to use the WinDbg debugging engine (“Windows Debugger”) inside Visual Studio, combining the powerful commands with the convenient interface. Just use the “Windows User Mode Debugger” transport in the Tools | Attach to Process dialog. This also applies to dumps – you can open dumps with the Visual Studio “Minidump Summary” dialog, or you can use the File | Open Crash Dump menu item, the same way as for kernel dumps.

(click the screenshot to enlarge)

That’s really all there’s to it – after attaching, you have the WinDbg shell inside Visual Studio, in the Debugger Immediate Window which we’ve already seen. The Call Stack, Threads, Locals debugger windows are fully functional, and you can combine visual analysis of the source code with running advanced extension commands in the shell.

For example, here’s a thread that is waiting for a mutex:

(click the screenshot to enlarge)

Which thread owns this mutex? The !handle command comes in handy:

(click the screenshot to enlarge)

…and we’ve got the owner information.

Visual Studio 11 is going to change the way we’re doing crash analysis and live debugging of advanced scenarios. I bet plenty of my past and future students are going to be very happy about being able to use Visual Studio instead of learning the ropes of another tool, which has quite the reputation for being user-unfriendly 🙂

If you’re doing any .NET debugging, you’re probably wondering if this means better integration for SOS in Visual Studio. Unfortunately, right now the answer is no. With some effort – going through the Visual Studio Tools | Attach to Process dialog – you can attach the WinDbg engine to a .NET process. However, the engine does not recognize .NET any better than standalone WinDbg, so you don’t have managed call stacks, local variables, and source code support within the IDE. But if all you wanted is to run a couple of SOS commands without leaving VS, you certainly can.

Another caveat is that currently you need to install the WDK on top of Visual Studio 11 to get the debugger integration. I’m guessing – or rather, hoping – that in the release version it will suffice to install Debugging Tools for Windows.

I have been recently posting short updates and links on Twitter as well as on this blog. You can follow me: @goldshtn

Add comment
facebook linkedin twitter email

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>



  1. PentNovember 15, 2011 ב 2:02 PM

    The debugging experience for x64 .net processes is still cumbersome, although it certainly is an improvement over using the windbg UI. While I understand that loading the 64-bit SOS dll in VS is impossible, I was hoping that this windbg integration could be used to bring the same powerful features to x64 .net debugging.

  2. Thomas WDecember 8, 2017 ב 10:19 AM

    Is this still possible in VS2017?