Welcome to MSDN Blogs Sign in | Join | Help

Browse by Tags

All Tags » Jeff   (RSS)
Friday, August 08, 2008 8:58 PM

How to Access the User Mode Debugger from the Kernel Debugger

In certain cases you may want to use a user mode debugger to debug a process from within the kernel debugger. It could be that you have an application that loads a kernel mode driver, and you want to be able to debug the user mode aspect of the application
Posted by ntdebug | 3 Comments
Filed under: ,
Friday, July 25, 2008 8:44 PM

What Are the Odds?

Hi NTDebuggers, something rarely talked about are the odds of a problem being in one piece of code vs. another. From time to time we see some very strange debugs or symptoms reported by customers. The problems can be associated with anything from an internally
Posted by ntdebug | 2 Comments
Filed under: ,
Wednesday, June 11, 2008 6:32 PM

Designing the Perfect Breakpoint

Written by Jeff Dailey. When it comes to live debugging, the breakpoint is king. Oftentimes solving a very complex problem in a production environment involves doing a local, non-production debug one of my own test machines. I’ll typically debug the process
Posted by ntdebug | 2 Comments
Filed under: ,
Friday, June 06, 2008 2:25 PM

Windbg Tip: KN, .Frame , DV, and DT - It's so easy

Written by Jeff Dailey. Hello NTDebuggers, many of us take for granted some of the simple commands in the debugger that make life easy. I was thinking of several in particular that go great together. The first command would be kn . Kn will show the current
Posted by ntdebug | 3 Comments
Filed under: ,
Monday, May 19, 2008 7:59 PM

NTDebugging Puzzler 0x00000006: Invalid Handle - can you handle it?

Hi NTDebuggers, this week’s puzzler just so happens to match its number: 0x000000006 = ERROR_INVALID_HANDLE. That said, let me give you a scenario and the challenge will be to provide the best action plan to isolate the problem. This should include an
Posted by ntdebug | 5 Comments
Filed under: , ,
Friday, May 16, 2008 2:07 AM

How to track down High CPU in User Mode Applications - A live debug!

Written by Jeff Dailey. Hello NTDebuggers, I’d like to talk about a common issue we deal with on a regular basis. We are often tasked with finding what functions are using CPU within a user mode process / application. Typically a user will find an application
Posted by ntdebug | 5 Comments
Filed under: ,
Tuesday, May 06, 2008 6:00 PM

NTDebugging Puzzler 0x00000005 (Better late than never)

Hello NTDebuggers, from time to time we see the following problem. It’s another access violation, and the debug notes below are from a minidump. Here is what we need to know… · Generally speaking what happened to cause this AV? · What method you would
Posted by ntdebug | 10 Comments
Filed under: , ,
Friday, May 02, 2008 7:33 PM

How to have a colorful relationship with your dump files

Hello NTDebuggers… I look at a lot of dump files every day. This being the case I like to take full advantage of the customizable look and feel of windbg. I actually have an association setup between DMP files and a CMD file that loads my customized COLOR
Posted by ntdebug | 3 Comments
Filed under:
Tuesday, April 29, 2008 7:28 PM

Announcement: ODbgExt (Open Debugger Extension) on CodePlex

Hello NTDebuggers, I’d like to announce something new for our community to share. We have decided to host an Open Source Debugger Extension project called ODbgExt on codeplex.com Right now it’s just the basic framework. This will be something we can work
Posted by ntdebug | 3 Comments
Filed under: , ,
Monday, April 21, 2008 4:13 PM

NTDebugging Puzzler 0x00000003 (Matrix Edition) Some assembly required.

Hello NTdebuggers, I'm very impressed with the depth of the answers we are seeing from our readers. As I stated in last week's response, this week's puzzler is going to be harder. With that said let's take it up a notch. One of the things that is really
Posted by ntdebug | 37 Comments
Filed under: , ,
Thursday, April 17, 2008 8:25 PM

More dump forensics, understanding !locks, in this case a filter driver problem

Written by Jeff Dailey: Hello NTDebuggers, one of the most important things to understand in kernel debugging hung servers is the output of !locks. There can be a lot of data and it’s not always clear what is going on. One of the things I like to do in
Posted by ntdebug | 2 Comments
Filed under: , ,
Monday, April 14, 2008 9:09 PM

Debug puzzler 0x00000002 “Attack of the crazy stack”

Hi NTDebuggers, I have another puzzler for you. We started crash2.exe under windbg and it crashed. Go figure! Sometimes we have a very limited amount of data available to figure out what went wrong. That being said, this week’s puzzler only gives you
Posted by ntdebug | 17 Comments
Filed under: , ,
Monday, April 07, 2008 3:44 PM

NTDebuggers Debug Puzzler 0x00000001 "Where did my process go?"

Hello NTDebuggers, in the spirit of Click and Clack (The Tappet brothers), a favorite troubleshooting show of mine, we thought it would be fun to offer up some Debug puzzlers for our readers. That said, this week’s Debug Puzzler is in regard to Dr. Watson
Posted by ntdebug | 10 Comments
Filed under: , ,
Tuesday, April 01, 2008 1:50 PM

The case of the low hanging filter driver fruit

Written By Jeff Dailey: Not all our cases are crashes, leaks, or high CPU. Sometimes the problems we are faced with are purely a question of why a given application runs slow on a particular version of Windows versus another version of windows. I n other
Posted by ntdebug | 1 Comments
Filed under: , ,
Friday, March 21, 2008 1:47 AM

Wanted: Windows Internals subject matter experts

Microsoft is looking for five Windows Internals subject matter experts to come work on a very special five to eight day project on the Redmond campus during the month of May 2008. Candidates must have good communications skills, be non Microsoft employees,
Posted by ntdebug | 3 Comments
Filed under: , ,
More Posts Next page »
 
Page view tracker