Tools for Your Debugging Toolbox

This article was just updated to include an internal Microsoft tool that is now public. There are many free tools used to troubleshoot and debug software. Below I present a list of the tools that my peers and I use most of the time. Though most of the tools below are free Microsoft tools, not…


D3v3l0p3r PF3s – 0bs3rv1ng Th3m in Th31r Natural Hab1tat

PFE has engineers who specialize in areas which can contain one or more technologies.  This species is universally known as D3v PF3 (Developer PFE).  Not everyone really knows their habits and role and, as a consequence, sometimes it’s hard for customers to engage them. Their specialty is problem isolation, application debugging, knowledge transfer, code review,…


New Debugging Book – Windows Debugging Notebook: Essential User Space WinDbg Commands

A reference book for technical support and escalation engineers troubleshooting and debugging complex software issues. The book is also invaluable for software maintenance and development engineers debugging Windows applications and services.   Do you want to know more about this book? Check out here…


Special Command—Unassembling code with u, ub and uf

When debugging sooner or later you will need to disassemble code to get a better understanding of that code. By disassembling the code, you get the mnemonics translated from the 0s and 1s that constitute the binary code. It is a low level view of the code, but a higher level than seeing just numbers….


Special Command—Using .dump/.dumpcab to Get Dumps and Symbols from Production Servers

Using WinDbg you can create a dump file from an application running, for instance, in a production server. After collecting the dump file, you can load it in another machine and debug it. However, to be more effective during your debugging session you need symbols. Thus, thinking about it, here’s the trick to get both dump…


[PowerShell Script] PowerDbg v5.1—Using PowerShell to Control WinDbg

  So, here we go again. This is a minor version with a few new cmdlets. These new cmdlets are those that we use most of the time.   DOWNLOAD POWERDBG   Download PowerDbg   POWERDBG FILES   WinDbg.PSM1  ß Contains cmdlets used to communicate with WinDbg.   Microsoft.PowerShell_Profile.PS1 ß Contains cmdlets that parse command…


Special Command—Peeking Memory Addresses Using !address

Let’s say that you get a memory address and you want to know if it’s from the heap, the stack, or someplace else. Or yet, let’s say you have a .NET application consuming lots of memory, and you want to get a better understanding of this memory consumption. The !address command is helpful in both situations…


Special Command—Parsing Strings, Files, and Commands Output Using .foreach

  This is by far one of the most powerful WinDbg commands. Even if you don’t create scripts, you’ll benefit from this command.  It’s powerful because it’s flexible. You can use it for a huge variety of operations.   The .foreach token parses the output of one or more debugger commands and uses each value…


[PowerShell Script] PowerDbg v5.0—Using PowerShell to Control WinDbg

I’m very excited to present the new PowerDbg v5.0! There’s just one change, but it’s a HUGE change that makes PowerDbg extremely fast and easier to use.   Let me explain: Send-PowerDbgCommand is the heart of PowerDbg. This is the cmdlet that sends information to WinDbg and retrieves information from WinDbg. However, this cmdlet is…


Special Command—Listing the Nearest Symbols with ln

ln is a very useful command. It stands for list nearest. You provide an address as argument, and it gives you the closest symbol that matches the address. Of course, you have to be using the right symbols!   Here is the syntax:   ln [address]   Example:       Tip: You can see…