ID Number: Q67711
3.00 3.10
WINDOWS
Summary:
CodeView for Windows (CVW) can view symbolic information in Windows's
core code and can set breakpoints inside Windows functions when the
debugging versions of USER.EXE, GDI.EXE, KRNL286.EXE, and KRNL386.EXE
are installed in your development environment.
For Windows 3.0, Section 7.3.2 of the "Microsoft Windows Software
Development Kit Tools" manual describes how to install the debugging
version of Windows. The "Microsoft Windows Software Development Kit:
Programming Tools" manual presents similar information for Windows 3.1
beginning on page 73.
This article discusses using Windows symbols to set breakpoints, list
module names and functions, and disassemble Windows code.
More Information:
For CVW to access Windows symbols, USER.EXE, GDI.EXE, and either
KRNL286.EXE or KRNL386.EXE must be loaded into CVW as dynamic-link
libraries (DLLs). This can be done with the /L command-line switch or
in response to the DLL prompt when CVW starts.
KRNL286.EXE should be used when debugging applications in standard
mode and KRNL386.EXE should be used when debugging in enhanced mode.
The symbolic information is available only while viewing assembly
language listings of Windows code. By default, the symbols are not
visible. To view the symbolic information, perform the following two
steps:
1. From the Options menu, choose Source Window.
2. In the Source Window dialog box under the heading Assembly Listing,
check the Show Symbolic Name box. If this box is not checked, no
symbols appear in any assembly display.
When the Source Window option has been set, you can step into Windows
code or break into the debugger with the CTRL+ALT+SYS RQ key
combination and see what function is currently being executed. Note
that you will probably break into a private function within Windows
for which no symbolic information is available.
When the symbols are loaded, you can set breakpoints at a particular
function name, disassemble a Windows function, list all the modules,
and list all functions contained in those modules.
Note that whenever you use the name of a Windows function that is
defined with the PASCAL calling convention, you must type the name in
uppercase letters. When the name of a Windows function begins with a
capital letter, such as the GetDC function, the function is defined
with the PASCAL calling convention. The name of a function defined
with the C calling convention, such as the wsprintf function, begins
with a lowercase letter.
To set a breakpoint, use the BP command or the Watch menu, and specify
the symbol for the function name.
To disassemble Windows code, use the command
U [<module>!]<function name>
where <module> is the name of the module you want to disassemble and
<function name> is the name of a function in that module. The
character "!" after the module name is required. Disassembly takes
place in the source window.
In CVW, the X* command lists all available modules. This command lists
the names of all modules in the application and in any loaded DLLs.
Once a module name is known, the following command lists all the
functions within that module:
X? [<module>!]*
Example
-------
KRNL386.EXE has a module named LDDEBUG. To list the functions in this
module, enter the following in the command window:
X? LDDEBUG!*
The output window displays many addresses with no symbols, but the
listing includes OUTPUTDEBUGSTRING. This shows that the
OutputDebugString function is implemented in the LDDEBUG module.
If [<module>!] is not specified, the functions in the current module
are displayed.
Using the X command by itself displays all public symbols available to
CVW.
Additional reference words: 3.00 3.10