Debugging Toolbox

Windbg scripts, debugging and troubleshooting tools and techniques to help you isolate software problems.

Browse by Tags

Tagged Content List
  • Blog Post: Tools for Your Debugging Toolbox

    This article was just updated to include an internal Microsoft tool that is now public. There are many free tools used to troubleshoot and debug software. Below I present a list of the tools that my peers and I use most of the time. Though most of the tools below are free Microsoft tools, not all...
  • Blog Post: D3v3l0p3r PF3s – 0bs3rv1ng Th3m in Th31r Natural Hab1tat

    PFE has engineers who specialize in areas which can contain one or more technologies. This species is universally known as D3v PF3 (Developer PFE). Not everyone really knows their habits and role and, as a consequence, sometimes it’s hard for customers to engage them. Their specialty is problem...
  • Blog Post: Top Things to Consider When Troubleshooting Complex Application Issues

    1- For reactive incidents: “Bring the engineer onsite because it is going to be easier to isolate the problem.” This is the most common misconception I’ve heard. Let me explain: most complex problems require deep debugging sessions. Collecting the necessary information is the easy...
  • Blog Post: [PowerShell Script] PowerDbg v6.0 – Using PowerShell to Control WinDbg

    Last October the latest version of the PowerDbg tool was released, version 6.0. This release has major changes. For example, it is now easier to write scripts or otherwise just hack around the debugger, and includes the PowerDbgConsole, a bootstrapper designed to make setting up an interactive PowerDbg...
  • Blog Post: PSSCOR2, the Superset of SOS.DLL is Now Public!!!

    Whenever I’m debugging with customers watching it’s inevitable: they always ask me what this PSSCOR2.dll extension is. The next question is always if PSSCOR2.DLL is going to be public. PSSCOR2.DLL is a superset of SOS.DLL and has much more commands and variations! The good news is that yes, now PSSCOR2...
  • Blog Post: XPerf Tool – Why Can’t You Live Without It?

    Israel Burman (Israel is one of the ADPlus creators and the guy who taught me the XPerf tool) and Mario Hewardt told me I should blog about the XPerf tool. Although I’m new to this tool I decided to follow their suggestions because I believe you’re going to wonder how you could live without using...
  • Blog Post: [PowerShell Script] PowerDbg v5.3—Using PowerShell to Control WinDbg

    This version has a fix in Parse-PowerDbgDSO . Thanks to Igor Dvorkin that found the bug and suggested the fix. DOWNLOAD POWERDBG Download PowerDbg POWERDBG FILES WinDbg.PSM1 ß Starting with this version this is the only file. INSTALLATION WinDbg.PSM1 Goes...
  • Blog Post: Special Command—Unassembling code with u, ub and uf

    When debugging sooner or later you will need to disassemble code to get a better understanding of that code. By disassembling the code, you get the mnemonics translated from the 0s and 1s that constitute the binary code. It is a low level view of the code, but a higher level than seeing just numbers...
  • Blog Post: Special Command—Using .dump/.dumpcab to Get Dumps and Symbols from Production Servers

    Using WinDbg you can create a dump file from an application running, for instance, in a production server. After collecting the dump file, you can load it in another machine and debug it. However, to be more effective during your debugging session you need symbols . Thus, thinking about it, here's the...
  • Blog Post: Special Command—CPU Time for Each Thread with !runaway

    This is one of my favorite commands! !runaway displays information about the CPU time consumed by each thread in User Mode and Kernel Mode. It is one of those commands you run when you think the application is hung with low or high CPU or has some kind of performance issue. Parameters: ...
  • Blog Post: [PowerShell Script] PowerDbg v5.2—Using PowerShell to Control WinDbg

    This version has two improvements and some scripts were changed to be compatible with this new version: - Starting on version 5.2 the log used to save the command output, enabling the communication between PowerShell and WinDbg is not used anymore. Now all communication uses memory so it’s faster...
  • Blog Post: [PowerShell Script] PowerDbg v5.1—Using PowerShell to Control WinDbg

    So, here we go again. This is a minor version with a few new cmdlets. These new cmdlets are those that we use most of the time. DOWNLOAD POWERDBG Download PowerDbg POWERDBG FILES WinDbg.PSM1 ß Contains cmdlets used to communicate with WinDbg . Microsoft.PowerShell_Profile...
  • Blog Post: Special Command—Peeking Memory Addresses Using !address

    Let’s say that you get a memory address and you want to know if it’s from the heap, the stack, or someplace else. Or yet, let’s say you have a .NET application consuming lots of memory, and you want to get a better understanding of this memory consumption. The !address command is helpful in both situations...
  • Blog Post: Special Command—Parsing Strings, Files, and Commands Output Using .foreach

    This is by far one of the most powerful WinDbg commands. Even if you don’t create scripts, you’ll benefit from this command. It’s powerful because it’s flexible. You can use it for a huge variety of operations. The .foreach token parses the output of one or more debugger commands and uses each...
  • Blog Post: [PowerShell Script] PowerDbg v5.0—Using PowerShell to Control WinDbg

    I’m very excited to present the new PowerDbg v5.0! There’s just one change, but it’s a HUGE change that makes PowerDbg extremely fast and easier to use. Let me explain: Send-PowerDbgCommand is the heart of PowerDbg . This is the cmdlet that sends information to WinDbg and retrieves information...
  • Blog Post: [WinDbg Script] Displaying Queries/Stored Procedures from Threads Running Managed Code

    There’s another script that gives you all queries/stored procedures from SQL Server or Oracle that are stored in the managed heap. This script is more specific because it gives you the query/stored procedure running in a specific thread. It has the option to scan all threads and to display the queries...
  • Blog Post: [PowerShell Script] Finding Out the Managed Objects that "Leaked"

    Here in PFE most of my teammates use the same approach to identify managed objects that “leak”. The idea is to run !DumpHeap –stat once, wait several minutes to allow the “leak” to make itself evident, then run the command a second time. After that you have to select those objects that appear in both...
  • Blog Post: [PowerShell Script] PowerDbg v4.0 - Using PowerShell to Control WinDbg

    Good news! Here’s the newest PowerDbg library. This version is more stable and has more features. Let me tell you about them and how to install it. New Features - Send-PowerDbgCTRL-BREAK / Send-PowerDbgResumeExecution If you’re wondering why do you need these cmdlets I can see at least...
  • Blog Post: Troubleshooting Software Problems: A Scientific Approach

    Years ago, when working for an Escalation Team, we decided to create a documentation to formalize the approach we use to isolate software problems, something I've been doing for years since the time I read a great book about the subject. Actually, it’s the same approach other people use in other fields...
  • Blog Post: Comparing RegEx.Replace, String.Replace and StringBuilder.Replace – Which has better performance?

    A few days ago I was with Frank Taglianetti (no links here, he doesn’t have a blog yet), a PFE from my team that I met for the first time at that day while doing a Lab for one of our customers. By Lab I mean stress testing and troubleshooting a customer’s application in our laboratory. At some...
Page 1 of 1 (20 items)