Windows Debugging: Practical Foundations [Paperback]

Dmitry Vostokov (Author)

Book Description

Publication Date: February 1, 2009

Written by the founder of DumpAnalysis.org this book is not about bugs or debugging techniques but about background knowledge everyone needs to start experimenting with WinDbg, learn from practical experience and read other advanced debugging books. Solid understanding of fundamentals like pointers is needed to analyze stack traces beyond !analyze -v and lmv WinDbg commands. This is the book to help technical support and escalation engineers and Windows software testers without the knowledge of assembly language to master necessary prerequisites to understand and start debugging and crash dump analysis on Windows platforms. It doesn't require any specific knowledge, fills the gap and lowers the learning curve. The book is also useful for software engineers coming from managed code or Java background, engineers coming from non-Wintel environments, Windows C/C++ software engineers without assembly language background, security researchers and beginners learning Windows software disassembling and reverse engineering techniques. This book can also be used as Intel assembly language and Windows debugging supplement for relevant undergraduate level courses.

Product Details

• Paperback: 200 pages
• Publisher: Opentask (February 1, 2009)
• Language: English
• ISBN-10: 1906717109
• ISBN-13: 978-1906717100
• Product Dimensions: 9.4 x 5.6 x 0.5 inches
• Shipping Weight: 10.4 ounces (View shipping rates and policies)
• Average Customer Review: 3.2 out of 5 stars  See all reviews (5 customer reviews)
• Amazon Best Sellers Rank: #146,699 in Books (See Top 100 in Books)
  • #4 in Books > Computers & Technology > Programming > Languages & Tools > Assembly Language Programming

More About the Author

Before October 14, 2003 - Dmitry Vostokov was a software development consultant with over 15 years of experience in software engineering. Dmitry was involved in over 40 software development projects in variety of industries. He jointly designed and implemented software quality tools used by many companies worldwide. Dmitry was an architect of enterprise document publishing applications for Boeing Commercial Airplanes Group. He started his professional career as a designer and developer of the first pioneer Windows applications for voice recognition, verification and speech synthesis.

On October 14, 2003 - Dmitry joined Citrix as an Escalation Development Analysis Engineer and later became EMEA Development Analysis Team Lead before moving into management and becoming Technical Manager Dev Analysis EMEA. Recently Dmitry came back to engineering again and his current position is Principal Dev Analysis Engineer. He lives and works in Dublin, Ireland. He is the author of more than 10 books including the debugging bestseller: multi-volume Memory Dump Analysis Anthology.

Voracious reader, Dmitry maintains several blogs: Crash Dump Analysis and Debugging, Management Bits and Tips, Literate Scientist, Software Generalist, Software Astrology, Language Memory and Blog Topos.

Customer Reviews

Most Helpful Customer Reviews

8 of 8 people found the following review helpful:

4.0 out of 5 stars Only for NEWBIES on debugging. Concise. A nice jump-start on the subject., June 23, 2009

By 

magicmac2000 (Argentina) - See all my reviews

This review is from: Windows Debugging: Practical Foundations (Hardcover)

This book is clearly aimed to readers without ANY experience on debugging. In theory you don't even need to know C or ASM, but IMO, you should not buy this book if you don't have a biiiit of experience with C. To understand what you are debugging, most of the times you do the translation to C. Even if you don't write anything down, it's more likely that your mind will think in C than in 80x86 mnemonics.
So, you have to understand a bit of C to read this book. If you don't know what a pointer is, this book is not for you.

The good: it is very short and concise. It's exactly like a hands-on. No fluff here. No personal stories or things that you don't need to know. Just download the samples (compiled with and without symbols), and walk thru them using WinDBG. You will learn a bit of WinDBG, a bit of 80x86 mnemonics, and a bit of reverse engineering. That's what you will get from this book.

The bad: I'm not a native English speaker, but I can detect when something is poorly written. This is the case. The grammar of the book is not good. There are a few mistakes here and there but they won't prevent you to learn.
Sometimes the author assumes too much. It's obvious that he's very capable, so he forgets -sometimes- the very very basics. But don't be discouraged by that, all you need to do is stretch your mind a bit more.
Chapter 3 (Number Representations) is not explained well for my taste. I think it won't end up being very clear for a newbie. But you can learn that anywhere from the web, and you don't need to understand EVERYTHING to follow the samples.

My conclusion: if you are a total newbie and you never used a debugger before (for example, you don't know what a Stack Trace is), buy this book. You will not become an expert, but it is a very good start. After this one, you can try to read Advanced Windows Debugging [Hewardt/Pravat] and/or Reversing [Eliam]. If you don't know the basics presented in this book, you can't even think about reading more advanced ones.

Think like this: you can understand everything in this book on a weekend. You will go from being a total newbie to understand something and being able to read more advanced books. For a newbie, it's worth the money. It's a jump-start on this subject and the author does a good job on explaining these very basics.

5 of 5 people found the following review helpful:

5.0 out of 5 stars Nice Introduction, March 12, 2009

By 

Gary Mccormack (Bellevue, WA United States) - See all my reviews
(REAL NAME)   

This review is from: Windows Debugging: Practical Foundations (Paperback)

I almost deduced a 1/2 star from this title, mainly because some of the grammar is a little rough around the edges. However, putting that aside, I like the relevancy of the contents, and the educational value associated with the book. It will provide a solid foundation for your debugging efforts using WinDbg (An incredibly powerful debugger from Microsoft), and any other debugger for that matter. The book contains a nice overview and discussion of entities and abstraction which will help you tackle more advanced books on debugging, such as Frame Pointers, Function parameters, Pointers etc. In my opinion this is a well recieved addition to my collection of debugging resources. A 64bit flavour of the book is promised in the near future.

Thank you.

2 of 2 people found the following review helpful:

2.0 out of 5 stars Lost in translation..., July 31, 2009

By 

C. Jones - See all my reviews
(REAL NAME)   

Amazon Verified Purchase

This review is from: Windows Debugging: Practical Foundations (Hardcover)

I started reading this book and was quite lost with the information I was reading straight from the beginning. He starts off explaining registers and memory addresses yet, unless I skipped something, doesn't really explain how it translates to what we should be looking for as we use the WinDBg application for debugging. I am assuming it is me or was just over my head. I have studied C and C++ for years in school. I am a C# web developer and have been using Visual Studio for the past 8 years.

Learning to debug applications after they are deployed is pretty much what any developer needs to learn to really master their craft. Computer architecture and memory and even registers are not foreign concepts to me but I just couldn't figure out what the authors point was because he would just jump around without tying the concepts together or showing any relevance. It seems like he knows his subject yet doesn't know how to teach. He didn't even explain WinDBG which is the primary tool. Again, its a very difficult topic to present but I just couldn't follow the book. I hope I can find another book on the subject or everyone else has better luck than I did trying to figure it out because there is not much written other than the Microsoft websites.