Search notes:

Debugging Tools for Windows

Microsoft's Debugging Tools for Windows include
cdb.exe Console debugger
ntsd.exe The NT symbolic debugger, which is identical to CDB except that it spawns a new text window when it is started.
kd.exe Kernel debugger
NTKD is identical to KD except that it spawns a new text window when it is started.
windbg.exe The Windows debugger, which is the GUI counterpart to CDB/NTSD and to KD and NTKD.
WinDbg Preview

Installation

These tools are included as part of the
They can also be installed without installing an entier Kit by selecting the corresponding feature from the SDK installer.
If Visual Studio is also installed on a computer, then there are 6 debugging environments in total.
The default installation directory is %WindowsSdkDir%\Debuggers

Command line options

Summary of CDB
CDB
-log{a|au|o|ou} LogFile Log output to a log file
-2 If target is a console application, it will run in a new console
-d Pass control to kernel debugger
-ddefer
-g Ignore initial breakpoint in target application
-G Ignore final breakpoint in target application. Same effect as command sxd epr.
-hd Don't use debug heap
-lines enable source line debugging. See also the .lines and l… commands.
-myob continue even if version mismatch with dbghelp.dll is detected
-bonc break into target as soon as session begins
-n Load symbols noisily
-o Also debug processes that are started by target
-s Disables lazy symbol loading
-v Verbose
-w Debug 16-bit applications in a separated VDM.
-cf "filename" path to a script file. Without -cf, ntds.ini, if present in current directory, is executed.
-cfr "filename" similar to -cf but execute script when target is started or restarted.
-c "command" Specify initial command. See also the $<, $><, $$<, $$>< and $$>a< commands that execute the content of a script.
-wake PID
-robp
-r lvl Only meaningful on checked builds of Windows (which were available until Windows 10, 1803). Set break error level. 0 = NONE, 1 = ERROR, 2 = ERROR + MINORERROR, 3 = WARNING, MINORERROR, and ERROR ERROR + MINORERROR.
-t lvl Set error level that causes the debugger to display an error message
-x{e|d|n|i} exception Set action for given exception (event). exception is either a exception number or an event code.
-x Disable first chance break on access violation exceptions. Same as -xd av.
-clines lines Set approximate number of commands in command history which can be accessed during remote debugging
-i imagePath Location of image that generated the fault.
-iae Install CDB as post mortem debugger. Can only be used as sole parameter and does not start CDB.
-iaec keyString Install CDB as post mortem debugger and sets keyString to the end of the HKLM\Software\Microsoft\Windows NT\CurrentVersionAeDebug registry key.
-I[S] windbg only: specify windbg as post mortem debugger
-iu keyString
-j windbg only(?): allow journaling
-y symbolPath Set symbol search paths, separated by a semicolon (;)
-srcpath path Set source file search paths, separated with a semicolon (;). See also the _NT_SOURCE_PATH environment variable and the .srcpath command.
-aExtension Set default extension DLL, the default-default extension DLL is userexts.
-failinc ignore questionable symbols
-noio
-noinh Processes that are created by the debugger won't inherit the debugger's handles.
-noshell Prohibits all .shell commands
-nosqm Disables collection and upload of telemetry data
-sdce Display file access error dialog boxes during symbol load.
-ses Perform a strict evaluation of all symbol files.
-sicv Cause symbol handler to ignore the CV record.
-sins Turn of C++ translation
-snc
-snul Disables automatic symbol loading for unqualified names
-zp pageFile Set name of modified page file
-sup Let symbol handler search public symbol table during every symbol search
-sflags 0xnnn Sets all symbol handler options.
-ee {masm|c++} Set default expression evaluator
-e Event Signal occurrence of Event, only used when starting debugger programmatically.
-- Debug csrss.exe
-p PID Attach to process with given Process ID (PID)
-pn name Attach to process with given name
-psn service Attach to given service.
-z dumpFile Set crash dump file to debug.
-pb
-pd
-pe
-pr start (suspended?) process if attaching to it.
-pt secs Break time-out, in seconds
-pv Attach non invasively
-pvr Like -pv, yet without suspending target
-QR Server
-cimp Start CDB/NTSD with a DbgSrv implicit command line
-isd Turn on CREATE_IGNORE_SYSTEM_DEFAULT flag for any newly created process
-kqm
-version print version string
-vf Enables default application verifier settings
-vf:<opts> Set given application verifier settings
-netsyms:{yes|no} (Dis-)allow loading symbols from a network path.

Assembly mode / source line mode

By default, cdb starts in assembly mode, WinDbg in source line mode.
l+t changes to source mode, l-t back to assembly mode.
See also the -lines command line option and the .lines command.

Symbolig Debugger Engine

All (? or only the non-Visual Studio ones?) of these environments use the same functionality that is provided by Windows Symbolic Debugger Engine, which is implemented in dbgeng.dll.

Attaching to a running process

It is possible to attach to a running process with the command line option -p (process id) or -pn (process name): 
C:\> cdb -pn notepad.exe
C:\> cdb -p 1245

Scripting the Debugger with JavaScript

The debugger can be scripted with JavaScript 
.load JsProvider.dll

Additional tools

The Debugging Tools for Windows include a few additional tools which are located under the installation directory.
TODO:
SymProxy Create a single HTTP symbol server on your network that all your debuggers can point to. This has the benefit of pointing to multiple symbol servers (both internal and external) with a single symbol path, handling all authentication, and increasing performance via symbol caching. Symproxy.dll is in the SymProxy folder in the installation directory.
SymChk Compare executable files to symbol files to verify that the correct symbols are available.

Differences to Visual Studio Debugging

Debugging Tools for Windows are different from the Visual Studio debugger.

See also

Extensions (DLLs) are located under %WindowsSdkDir%\Debuggers\_platform_\winext.
Using scripts to automate debugging.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Image File Execution Options\progName.exe allows to define a development/debugging[debugger] to be started when progName.exe is invoked.

Index

Fatal error: Uncaught PDOException: SQLSTATE[HY000]: General error: 8 attempt to write a readonly database in /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php:78 Stack trace: #0 /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php(78): PDOStatement->execute(Array) #1 /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php(30): insert_webrequest_('/notes/Windows/...', 1737227915, '18.116.88.132', 'Mozilla/5.0 App...', NULL) #2 /home/httpd/vhosts/renenyffenegger.ch/httpsdocs/notes/Windows/development/Debugging/tools/index(198): insert_webrequest() #3 {main} thrown in /home/httpd/vhosts/renenyffenegger.ch/php/web-request-database.php on line 78