Debugging Toolbox

Windbg scripts, debugging and troubleshooting tools and techniques to help you isolate software problems.

Browse by Tags

Tagged Content List
  • Blog Post: [WinDbg Script] Hacking Minesweeper for Windows 8

    <IMPORTANT UPDATE> Today two people told me the script was not working and they also said they did not have the minesweeper_ni.dll . It puzzled me because I tested the script and all the steps below countless times. So I started troubleshooting it (not debugging, troubleshooting :-)) and...
  • Blog Post: Tools for Your Debugging Toolbox

    This article was just updated to include an internal Microsoft tool that is now public. There are many free tools used to troubleshoot and debug software. Below I present a list of the tools that my peers and I use most of the time. Though most of the tools below are free Microsoft tools, not all...
  • Blog Post: [WinDbg Script] Displaying the COM object referenced by an RCW object

    Here we go again after a long time without blogging and an even longer time without blogging about WinDBG scripts. When debugging dump files from .NET applications sometimes we may encounter a situation where we want to get the COM object referenced by a System.__ComObject wrapper which references...
  • Blog Post: New Debugging Book – Windows Debugging Notebook: Essential User Space WinDbg Commands

    A reference book for technical support and escalation engineers troubleshooting and debugging complex software issues. The book is also invaluable for software maintenance and development engineers debugging Windows applications and services. Do you want to know more about this book? Check out...
  • Blog Post: [WinDbg Script] Displaying Parameters for Microsoft.ReportingServices.ReportProcessing

    Here is a new script from a PFE from Portugal, Marcio Parente. Marcio kindly shared his source code in this blog post, so here is the story behind the script followed by its source code. One report on a Reporting Server started to give this error: String: Syntax error converting the varchar...
  • Blog Post: [WinDbg Script] Displaying Queries/Stored Procedures from Threads Running Managed Code

    There’s another script that gives you all queries/stored procedures from SQL Server or Oracle that are stored in the managed heap. This script is more specific because it gives you the query/stored procedure running in a specific thread. It has the option to scan all threads and to display the queries...
  • Blog Post: Special Command—Advanced Programming Techniques for WinDbg Scripts

    It has been a long time since my last post, but I’m back on the blog. The article for today is about the black art of WinDbg scripting. When I first started creating my scripts, I learned by trial and error. It was tough; however, it gave me the basis to create the technique that has proven to be...
  • Blog Post: [Windbg Script] Disassembling Routines and Searching for Instructions

    Sometimes you cannot avoid reading the disassembled code to look for a specific assembly instruction. You may want to see if a particular function is doing some specific operation, using some specific register, or calling other functions. You can do that using the disassembling window or using a dead...
  • Blog Post: [Windbg Script] Saving a Module - Extracting Base Address and Image Name from a method call

    After creating this script, I have used it in almost every case that requires decompilation, and I guess you are going to use it, too. This script gives you the base address and module name, so you can use !SaveModule from SOS to save the module. Ok… maybe you are wondering what is so cool about...
  • Blog Post: [Recommended Books] How to Acquire or Improve Debugging Skills

    This article is my answer for this comment . First of all, this is just my opinion, not Microsoft’s opinion. Before talking about books, let me explain something that I see over and over again. Sometimes I’ve run across people who think they just need to know the debugger commands...
  • Blog Post: [Windbg Script] Serviced Components

    A few days ago a friend of mine, Fabrício Catae, a SQL Server Ranger here at Microsoft, gave me an idea: to create a script that shows if Serviced Components are or are not disposed. I thought it was a great idea, so I decided to create a script for it. During the development I added more features...
  • Blog Post: [Windbg Script] Disabling IsDebuggerPresent()

    Years ago I needed to debug an application that just had the binary code with no symbols or source code. To make things even more difficult, I found out the application had some kind of anti-debugger protection. After analyzing the dead listing of the application using DumpBin I discovered the trick...
  • Blog Post: [Windbg Script] Get Portable Executable Headers

    There are several tools you can use to read the image headers, like Dumpbin.exe and Link.exe, for instance. You can, however, also use Windbg for doing that! In other words, during your debugging session you can see the header from an image file without executing any other tool except this script. ...
  • Blog Post: [Windbg Script] Tracing MessageBox calls

    In the past I worked on a support case where I needed to find out if some MessageBox from a C++ application was displayed and, if positive, what the message was. I got inconsistent answers whenever I asked the user, so I didn’t know if the MessageBox appeared or what the message was. It sounded...
  • Blog Post: [Windbg Script] Extracting Performance Monitor counters from .NET application

    Have you ever had a situation where you find yourself debugging a dump from ASP.NET when suddenly you notice you forgot to get the Performance Monitor log? If sometimes you face this situation, I have great news for you: this script shows you some of the main .NET Performance Monitor counters....
  • Blog Post: [Windbg Script] Tracing API calls

    This is a very simple script, yet powerful script. You can use it to see the APIs an application is using from your Windbg screen without using another tool. If you need more details from the APIs, just execute LogViewer.exe and open the .lgv file that is automatically created when you use this script...
  • Blog Post: [Windbg Script] Playing with Notepad

    This is one of my “just for fun” scripts. It’s very simple and has some limitations, but it’s fun! What does it do? Open Notepad.exe then copy and paste a text on it or just write some stuff. After that, open the script and replace the StringsToFind and StringsToReplace with the strings you want to...
  • Blog Post: [Windbg Script] Retrieving queries/stored procedures from .NET application

    Ok, you are debugging a .NET application. You need to find out the queries and stored procedures being executed from the threads accessing the database, but you don’t know how. . . Good news! It’s not a problem anymore! This script shows you all the queries or stored procedures associated with a SQLCommand...
  • Blog Post: [Windbg Script] Connections from Pool

    If you are like me, you may forget the classes and namespaces you need to find out some specific information. Or maybe you forget the field names you need to look for. It happens to me when I need to take a peek at information from System.Data.SqlClient namespace, for example. This script retrieves...
  • Blog Post: [Windbg Script] Playing with Minesweeper

    First, this script is not really about cheating. It does that with Minesweeper, but there are several other possibilities using a bit more bytes that do a better job to fool the application. However, the point here is to show you how powerful the debugger is or, more precisely, the power you have...
  • Blog Post: [Windbg Script] Retrieving information from ASP

    Have you ever had this situation: You need to get ASP information from an IIS process? If yes, you can use the DebugDiag tool to analyze your dump file. Oh, I see… sometimes you use DebugDiag, but you need to manually debug the dump/application to get more information—for example, the ASP source...
  • Blog Post: [Windbg Script] Digging the Call Stack

    Windbg has a lot of commands and command variations, so sometimes you may forget some of them, like when you need to dig a call stack to extract more information. Or maybe you remember the commands to get the call stack details, but you need to make sure you get the entire stack. Or yet you may want...
  • Blog Post: Read Me

    The purpose of this blog is to provide you with information that will help you during debugging sessions. The debugging toolbox I provide is a collection of Windbg scripts I created to help me on a daily basis. The collection expands whenever I develop a script to replace manual debugging. The...
Page 1 of 1 (23 items)