Debugging Toolbox

Windbg scripts, debugging and troubleshooting tools and techniques to help you isolate software problems.

Browse by Tags

Tagged Content List
  • Blog Post: Tools for Your Debugging Toolbox

    This article was just updated to include an internal Microsoft tool that is now public. There are many free tools used to troubleshoot and debug software. Below I present a list of the tools that my peers and I use most of the time. Though most of the tools below are free Microsoft tools, not all...
  • Blog Post: New Debugging Book – Windows Debugging Notebook: Essential User Space WinDbg Commands

    A reference book for technical support and escalation engineers troubleshooting and debugging complex software issues. The book is also invaluable for software maintenance and development engineers debugging Windows applications and services. Do you want to know more about this book? Check out...
  • Blog Post: PSSCOR2, the Superset of SOS.DLL is Now Public!!!

    Whenever I’m debugging with customers watching it’s inevitable: they always ask me what this PSSCOR2.dll extension is. The next question is always if PSSCOR2.DLL is going to be public. PSSCOR2.DLL is a superset of SOS.DLL and has much more commands and variations! The good news is that yes, now PSSCOR2...
  • Blog Post: Special Command—Using .dump/.dumpcab to Get Dumps and Symbols from Production Servers

    Using WinDbg you can create a dump file from an application running, for instance, in a production server. After collecting the dump file, you can load it in another machine and debug it. However, to be more effective during your debugging session you need symbols . Thus, thinking about it, here's the...
  • Blog Post: Special Command—Using !for_each_frame to Run Commands

    !for_each_frame is a favorite among debuggers. It's a very flexible and powerful command that enables you to run commands for each frame of the call stack. You can use basically any command. For instance, let’s say you want to see all local variables from each frame of a specific stack. Of course...
  • Blog Post: Special Command—CPU Time for Each Thread with !runaway

    This is one of my favorite commands! !runaway displays information about the CPU time consumed by each thread in User Mode and Kernel Mode. It is one of those commands you run when you think the application is hung with low or high CPU or has some kind of performance issue. Parameters: ...
  • Blog Post: [PowerShell Script] Statistics from .NET Applications

    This script is more a template to show you how to use PowerDbg. I must say the idea is from my teammate Aaron Barth! This script collects information from all threads running managed code and gives the user statistics by threads like: - CLR stack. - Managed objects from the stack. ...
  • Blog Post: Special Command—Parsing Strings, Files, and Commands Output Using .foreach

    This is by far one of the most powerful WinDbg commands. Even if you don’t create scripts, you’ll benefit from this command. It’s powerful because it’s flexible. You can use it for a huge variety of operations. The .foreach token parses the output of one or more debugger commands and uses each...
  • Blog Post: Special Command—Parsing Commands Using .shell

    Finally I’m writing about this command. I love it! It’s so powerful! .shell command launches a shell process and redirects its output to the debugger or to a specified file. Usage: .shell [ Options ] [ ShellCommand ] .shell -i InFile [ -o OutFile [ -e ErrFile ]] [ Options ] ShellCommand According...
  • Blog Post: [WinDbg Script] Displaying Queries/Stored Procedures from Threads Running Managed Code

    There’s another script that gives you all queries/stored procedures from SQL Server or Oracle that are stored in the managed heap. This script is more specific because it gives you the query/stored procedure running in a specific thread. It has the option to scan all threads and to display the queries...
  • Blog Post: Special Command: Using s to Explore The Memory

    Very often I found myself scanning the stack or the entire virtual memory for the process to find information that may help me. This information may be strings, DWORDS, bytes, chars, etc… To accomplish this you should use the s command. Here I exemplify how you can use it to scan the memory...
  • Blog Post: Special Command: Using ~, the Thread Identifier

    When debugging, most of the time, you have to see all stacks for all threads or to set the context for a specific thread in order to analyze it. To do that you use the ~ command. According to the WinDbg documentation we have: Thread identifier Description ~....
Page 1 of 1 (12 items)